Banking Royal Commission & Role of RegTech

By Samantha Carroll, Director Governance Compliance Regulation, Ash St.

As the Royal Commission (RC) continues its examination of the top executives of Australia’s largest banks, it is hard not to draw observations from some of the insights we have heard over the last couple of days. We share some of these observations in the following article to assist our clients in focusing on the key takeaways which they may want to consider for their own organisations.

On 26 November 2018, the AFR published an article titled “The drive for investment of open banking” concerning the importance technology will play in meeting compliance obligations and improving customer outcomes, is just one example of the many issues that are being uncovered in recent days. While the article notes that the issue was only mildly touched upon during inquisition of Brian Hartzer, CEO of Westpac, it has been an issue close to the heart of Ash St. and most recently highlighted during our own Director of Governance, Compliance and Regulation’s presentation summary of the Royal Commission Interim Report. Technology for compliance, more commonly referred to as ‘RegTech’, was highlighted by Samantha as being a critical element to enhancing compliance processes. The inquisition of NAB Chair Dr Ken Henry on 26 November 2018, Ms Orr referred to APRA correspondence to the NAB where APRA stated that it considered an effective compliance program is one which prevents and detects compliance breaches. In our view, due to the sheer size and complexity of compliance requirements an effective compliance program (as defined by APRA) can only be achieved in today’s world with the use of technology.

★ Ash St.’s Thoughts
Key Points For Compliance/Risk Functions To Consider

A clear strategy, dedicated resources and an agile governance framework need to be deployed to allow RegTech solutions to thrive in organisations. Further, the technology needs to be appropriately deployed, designed and implemented to ensure that it delivers the outcomes sought. In our experience, deep knowledge and understanding of compliance obligations and the operation of compliance processes are needed for the best results.

How Can Ash St. Assist?
• Identification of compliance obligations – To assist with prioritising where RegTech can be applied
• Review of RegTech solutions against compliance obligations – To ensure the RegTech solution will deliver the desired outcome of improving compliance
• Independent Review of implementation of a RegTech solution – To provide assurance that the solution has been appropriately implemented and embedded


This communication is intended to provide commentary and general information only. It is not intended to be a comprehensive review of all aspects of the matter referred to. It should not be relied upon as legal advice as to specific issues or transactions.

About the author

Samantha Carroll leads the Governance Compliance Regulation Team.

She is a legal and governance expert with over 15 years’ experience and is recognised as a leading expert in her field. Formerly Head of Compliance for a mid-tier bank and a Governance and Compliance expert for Clayton Utz, Samantha has significant experience advising public and private sector clients on the implementation, upgrading and review of their governance and compliance systems as well as advising organisations at an executive and board level.