AML/CFT Regtech: Case Studies and Insights

Perspectives from the banking and technology sectors on success factors and common hurdles to adoption.

It is one thing to recognize the transformational power of technology in how we fight financial crime, and another thing entirely to know how to wield it.

Back in 2019, when Deloitte and the HKMA carried out the first industry-wide regulatory technology (Regtech) survey in Hong Kong focused on AML/CFT applications, out of 196 respondents (N=201), the vast majority (c. 70%) identified as either adopters of Regtech or those that were interested in adoption.

Despite the high level of interest in AML/CFT Regtech, at the time, only 66 institutions in Hong Kong (or 34% of respondents) actually self-identified as “adopters” of Regtech.

Interestingly, we also learned from the data that adoption rates differed significantly between institutions with over 1 million customers (100%) and those with fewer than 1 million customers (c. 31%). Among “adopters” of AML/CFT Regtech, there was also a split between those that only adopted robotic process automation (RPA) and those that adopted a wider suite of technologies, including machine learning, network analytics and natural language processing / generation (NLP/NLG).1

These initial observations led us to ask two questions: how can we help make Regtech solutions more accessible to AML/CFT practitioners? And what can we do to help existing adopters of RPA begin to explore and consider solutions that involve more cognitive technologies, such as machine learning.

Following the survey, over the course of several months, we engaged around 40 institutions (both self-identified “adopters” and “non-adopters”) and spoke with representatives from FCC/FIU teams, as well as Data, Technology and Operations functions, to identify common barriers to adoption (be they real or perceived), as well as examples of what the AML/CFT Regtech adoption journey has looked like for institutions of varying size, scale and complexity.

The insights that were shared by these institutions, in addition to commentary from data and technology experts in the Regtech community, are now publicly available through our joint publication with the HKMA: AML/CFT Regtech: Case Studies and Insights.

The report profiles the approaches taken by six banks to adopt a number of Regtech solutions, from the use of network analytics to aid suspected fraud and money laundering investigations, to the application of RPA, machine learning and NLP/NLG on name screening and common data retrieval processes.

The report also contains a number of industry perspectives for those considering AML/CFT Regtech adoption organized around five themes: getting started; data and process readiness; third-party vendor relationships; people, talent and culture; and performance metrics and indicators.

The HKMA commits to keeping Regtech as a key focus of its 2021 AML/CFT supervisory programme. Through this report, the HKMA also sets out its expectation that “all banks should carefully assess how the changing technology landscape in financial services will impact their exposure to ML/TF risks, and whether AML/CFT Regtech applications…are right for them now or in future.”

To learn more about this report, or about how Deloitte has been working with the HKMA and its global peers to advance digital innovation in the area of AML/CFT, contact our programme leadership.


Key Contact

Tony Wood
Partner | Hong Kong SAR
+852 2852 6602 |

Anir Bhattacharyya
Director | Hong Kong SAR
+852 2109 5358 |

Yuichiro Mitsutomi
Associate Director | Hong Kong SAR
+852 2852 1620 |


1. For more information, see: Hong Kong Monetary Authority, HKMA AML/CFT RegTech Forum: Record of Discussion, December 2019.

Did you find this useful?