Regulating complex environments needn’t be cumbersome or expensive. New technologies and methods can help regulators operate efficiently and effectively, reducing compliance costs and improving the business experience.
You can hardly blame regulators for feeling overwhelmed these days. Technological advances such as artificial intelligence (AI), machine learning, big data analytics, distributed ledger technology (blockchain), and the Internet of Things (IoT) are forcing them to reexamine the basic principles of their work. New technologies keep emerging and evolving, disrupting traditional business models and posing fundamental challenges for regulatory agencies striving to protect consumers while allowing for innovation.
The emergence of what the World Economic Forum (WEF) has dubbed the “Fourth Industrial Revolution” is leading to the convergence and fusion of these technologies, in turn blurring the lines between the physical and digital world.1 In the wake of this technological revolution, Klaus Schwab, WEF founder and executive chairman, calls for government leaders to adopt more agile governance approaches. “We need much more agile legislation and rule setting because it is difficult for the political community to cope with the fast technological progress,” says Schwab.2
Explore the Future of Regulation collection
Read more from the Government and public services collection
Subscribe to receive related content
In this complex environment, regulators find themselves allocating increasing amounts of staff time and funding to understanding the business dynamics and regulatory implications of new markets and industries. At the same time, they still face a host of traditional challenges: identifying “bad actors,” monitoring compliance, and speeding up regulatory processes to better serve the public.
But help is on the way. The same technologies that challenge traditional regulation also offer many new opportunities to fundamentally reinvent rulemaking, oversight, inspections, and enforcement. Moreover, innovative problem-solving approaches that infuse design thinking and behavioral economics can help regulators find effective ways to address both old and new challenges.
In these pages, we will explore some of the technologies and strategies that are opening up new avenues for regulatory modernization, as well as the challenges their adoption poses.3
Regulators the world over typically face the same basic problem: They simply don’t have enough resources. Complex internal processes add to their workload, while external pressures create a sense of urgency to get the work done now. Among the challenges facing many regulators are:
Activities such as application processing, inspections, and liaison work with stakeholders can be very labor-intensive. And unfortunately, regulators often lack the human resources needed to meet this challenge.
This shortage is especially evident in the area of inspections. India’s capital Delhi has just 23 inspectors to inspect 25,000 drugstores.4 The United States has 2.7 million miles of pipeline carrying crude oil, natural gas, and hazardous chemicals, but only 553 pipeline inspectors. That amounts to nearly 5,000 miles of pipe per inspector.5
Charged with overseeing everything from schools and restaurants to pipelines and apartment buildings, many regulators simply find it impossible to inspect all the entities under their jurisdictions.
Processing applications and reviewing public comments require a lot of time, leading to growing backlogs.
The US Patent and Trademark Office (USPTO), for example, had 526,579 patent applications pending at the end of 2017.6 This backlog puts pressure on USPTO personnel and can harm fledgling businesses by potentially hampering their ability to attract funding and sell products. A USPTO study concluded that each year of delay in reviewing initial patent applications that ultimately receive approval reduces a company’s employment and sales growth by 21 percent and 28 percent, respectively, over five years.7
Licensing and permitting processes can be complicated and time-consuming. The US Government Accountability Office (GAO) found that government approvals for interstate pipelines require an average of 558 days.8
Obtaining licenses or permits, moreover, is often a confusing, unpredictable, and time-consuming experience for businesses. The World Bank’s 2018 Doing business study estimates that obtaining approval to build a warehouse in South Asia involves an average of 16 different procedures and requires nearly 194 days.9 Such processes and delays extend a business’s go-to-market time and can sabotage investment.
Any effort to modernize regulation and reduce its administrative burdens should begin with a review of existing regulations, looking for those that are outdated or duplicative or that might be blocking innovation. Given the large number of regulations on the books, however, the sheer immensity of the task is quite daunting. How should regulators go about determining which regulations cause unnecessary burdens, and which are valuable? And for those that create roadblocks, how can regulators reduce their burden?
New technologies, moreover, add to the difficulty by delivering traditional products or services in new ways. The original regulations may remain relevant to an extent, but need tailoring to address innovation.
The cost and effort of regulatory compliance continues to be one of the business community’s biggest concerns. According to a Deloitte survey, North American chief financial officers named burdensome regulation as the second most-serious threat to their businesses, behind only the possibility of a recession.10 In Australia, the economic cost of red tape is estimated at AU$176 billion (more than US$128 billion) per annum, or 11 percent of the nation’s GDP—a burden of AU$19,300 (US$14,060) for each household.11 And in Canada, the cost of government regulation is five times higher for smaller businesses than for larger ones.12
It’s no surprise, then, that regulators face significant pressure to reduce regulatory burdens and costs. In the last decade, the United States, the European Union, the United Kingdom, the Netherlands, Canada, Australia, New Zealand, and Denmark all have implemented programs to reduce administrative burdens on businesses. Yet reducing these regulatory burdens takes time and effort many regulators often can’t spare.
Despite these challenges, regulators are far from helpless. Technologies becoming more widely available can help regulators automate “grunt work” and make better, faster decisions (figure 1). And innovative approaches to problem-solving—business enablers—can help regulators reduce the amount of effort needed to maintain or improve outcomes. The aim is to lessen regulators’ operational and delivery burdens so they can speed up their processes and improve their effectiveness.
Efforts to improve and streamline regulatory processes should focus on the needs of citizens and businesses. The following tools can help regulators better understand and address these needs.
Many regulated industries are in the midst of a historic digital transformation, embedding analytics, AI, and other technologies into their operations, products, and services. Not only can regulators benefit from these technologies, but with the industry moving so fast, keeping up with the technological advances is critical to effectively executing their mission.
As the use of RPA evolves in the regulatory landscape, regulators can combine it with AI (cognitive automation) to tackle higher-value tasks. For example, an intelligent regulatory assistant could interact with a company seeking a permit by populating the authorization forms needed for approval.
Regulatory innovations and approaches have evolved over the last three decades. We summarize that evolution in figure 2 and attempt to give a glimpse into how this may evolve in the future.
Digital-age business models often use a combination of these technologies and business tools to create wholly new ways of delivering products and services. We see three areas in which regulators can use the same tools and technologies to achieve significant gains (figure 3):
Some of the toughest operational challenges facing regulators—resource constraints, backlogs, massive volumes of public comments—also offer some of the biggest opportunities for new technologies and techniques.
The challenge: As a regulator, we process large amounts of paperwork and perform other repetitive, labor-intensive tasks. How can we get them done quickly and efficiently, without going over budget?
Government entities have begun to use technologies such as RPA to shorten wait times and free up staff time for more complex cases. RPA can sift through large data backlogs and take appropriate action, leaving more difficult cases to human experts.
The Food and Drug Administration’s Center for Drug Evaluation and Research (CDER) uses RPA in its application intake process. When CDER automated a part of the drug application intake process, it was able to slash application processing time by 93 percent, eliminate 5,200 hours of manual labor, and save US$500,000 annually.16 Such accelerated reviews are also highly beneficial to industry.
Similarly, the UK’s Revenue and Customs agency has automated the most tedious aspect of its call center work, opening case numbers. The agency used RPA to create a dashboard for more than 7,500 contact center advisors that automatically opens relevant case files on screen when they answer the phone. The agency estimates this has reduced handling times by 40 percent and processing costs by 80 percent.17
Based on an extensive analysis of the US federal government workforce, we estimate that automating manual tasks through techniques such as RPA could free up millions of regulatory staff-hours. For example, up to 60 million hours a year of activities related to compliance and enforcement occupations could be eliminated by deploying AI and automation. Another 26 million hours annually of inspectors’ time could be freed up.18
The challenge: How can we predict those at highest risk of violating regulations, so we can deploy our inspection and enforcement resources more efficiently?
Due to their limited resources, regulatory agencies responsible for inspecting buildings, restaurants, schools, and other facilities typically can inspect only a fraction of the establishments under their charge, which can result in risks to public health and safety. Predictive analytics and machine learning, however, have proven effective in helping regulators prioritize which establishments to inspect.23
The UK’s Behavioural Insights Team is working with inspectors of schools and general practitioners’ offices to identify underperforming examples and prioritize them for inspection. Using machine learning technology, the team analyzes publicly available data, such as information on the types and amounts of drugs general practitioners prescribe and reviews posted by patients on the National Health Services website, to detect patterns indicating problems. Researchers from the team say inspectors can identify up to 95 percent of the country’s inadequate GP clinics by inspecting only the 20 percent of all clinics their algorithm identifies as posing the highest risk.24
Similarly, the New York City Fire Department (FDNY) can inspect only about 50,000 out of the city’s more than 300,000 buildings for fire risk each year. To help prioritize its inspections, FDNY built a system called FireCast to help identify the buildings most at risk. FireCast runs algorithms using data gathered during FDNY inspections as well as from the city’s planning, buildings, environmental protection, and finance departments.25 Officials report that the system has eased workloads while directing inspectors to some of the city’s most fire-prone buildings, some of which hadn’t been inspected in years.26 Thanks in no small part to FireCast, New York City suffered no fire-related deaths in 2015, for the first time since 1916.27
The challenge: Assimilating public comments about a new rule can take a long time. Can we automate some of this process?
As part of many nations’ rulemaking processes, government agencies must allow the public to comment on proposed regulations. Each year, millions of people comment on pending rules and regulations, and agencies must find what is relevant in such comments. But as technology is advancing, individuals and organizations are increasingly using bots to post “fake” comments to amplify their positions. According to researchers, bots were responsible for more than a million of the 22 million comments the US Federal Communications Commission (FCC) received on its call to consider repealing net neutrality protections.32
The FCC is using analytics and AI to identify and combat such activity. The agency contracted with FiscalNote, a government relationship management company, to analyze all 22 million net neutrality comments, using natural language processing techniques to cluster them into groups and identify similarities in structure and word usage. The analysts discovered hundreds of thousands of comments with identical sentence and paragraph structure.33
Analytics and AI can also be used to assess the relevance and sophistication of each comment. This calculation may draw on a number of factors, including comment length; the number of attachments submitted with the comment; the complexity (or coarseness) of the language; whether the claimed author is an entity, key person, or ordinary individual; the number of cogent arguments expressed; and other cues that together serve as a proxy for sophistication.
Regulators are well-positioned to build such tools because they often have historical information to validate the variables used to flag comments worth further consideration. Often, for instance, agencies will have records from past rulemaking processes in which certain comments were tagged as warranting a substantive response. These records can be used to build supervised machine-learning algorithms.34
Technologies such as machine learning and natural language processing, as well as crowdsourcing and other business tools, can help regulators “see” patterns in massive data sets, predict future developments, and identify potential problems before they occur.
The challenge: How can we make sure we’re not caught off-guard when new business models disrupt markets?
Innovative technologies and new business models can catch regulators by surprise. Without an ability to sense emerging trends, regulators risk being perpetually behind the curve, trying to catch up with innovative business models and technologies. Sensing and horizon-scanning capabilities can help them stay ahead of the game.
For example, to understand the longer-term impact of technology on government policies, the Joint Research Centre of the European Commission has launched a research program that attempts to anticipate the societal, environmental, and economic implications emerging from advanced technologies.37 The commission also has established the EU Policy Lab, a collaborative and experimental space that combines such foresight with behavioral science and design thinking to improve policymaking.38
The United Kingdom Cabinet Secretary’s Advisory Group has established a horizon-scanning program designed to better understand how possible future scenarios could affect policies set by the UK Civil Service. The program evaluates emerging technologies, shifting resource supply and demand, changing social attitudes, and projected demographics to understand how emerging trends might affect policymaking and regulation.39
Abilities such as these can help regulators better recognize future risks, allowing them to think proactively about what new regulations may be needed. “The digitization of information and the harnessing of data from multiple platforms has created the opportunity to use data analytics to understand the economy and the financial system with a depth that was not possible before,” explains Ravi Menon, managing director of the Monetary Authority of Singapore.40
Sensing disruption should not be a siloed activity, given how new business models often transcend traditional industry boundaries. Anticipating problems can help encourage regulators to collaborate with one other to understand the broader implications of different business models.
The challenge: How can we reduce fraud without hiring a large number of additional inspectors?
Many regulatory agencies already use analytics and AI to identify fraud. For example, the US Securities and Exchange Commission (SEC) uses machine learning to identify patterns in the text of SEC filings. These patterns can be compared to past examination outcomes to find red flags in investment manager filings. SEC staff says these techniques are five times more effective than random selection at finding language that merits referral to enforcement. For investment advisors, the SEC uses machine learning algorithms to predict the presence of idiosyncratic risks for each advisor.43
Similarly, the Danish Business Authority uses AI to identify fraud and highlight material errors in financial statements. Using machine learning, it conducts a comprehensive analysis of the more than 230,000 financial statement filings it receives each year. The Danish regulator hopes to identify financial statement and tax fraud much more accurately and rapidly with these tools.44
Estonia’s tax and customs board also uses big data and analytics to detect fraud, analyzing data from other government agencies such as the business register and tax declarations. Based on the data, it computes a risk coefficient that flags potential fraud cases.45
The challenge: How can we create a more constructive dialogue with business disruptors?
Startups that disrupt established industries, whether taxicabs, hotels, or banking, often enter markets with entirely new business models—and typically without asking for permission from government. The lack of dialogue between innovators and regulators often causes friction, and can lead to restrictions or outright prohibitions that may not be in the public interest.
Regulators can use a host of tools and strategies to facilitate more, better, and earlier dialogue and understanding. Digital tools, for example, give regulators additional channels to engage with citizens and stakeholders. New York Department of Financial Services Superintendent Benjamin Lawsky reached out to citizens about Bitcoin regulation by participating in a Reddit “Ask me anything” session, engendering a dialogue with hundreds of citizens on pending regulations. By using this site to communicate with the public, Lawsky could address specific issues raised by the Bitcoin community. CoinDesk reported that his Reddit session “provided more evidence to suggest that he intends to craft legislation that strikes a balance between the needs of law enforcement and Bitcoin entrepreneurs.”49
Another way to engage businesses using new technologies is through sandboxes, controlled environments in which innovators can test products, services, or business models without following all the standard regulations. The Canadian Securities Administrators (CSA), for example, maintains a sandbox that provides time-limited relaxation from certain regulatory requirements placed on startups.50 In the United Kingdom, the Financial Conduct Authority, in collaboration with 11 other financial regulators, has created a global fintech sandbox.51 Widely used in financial regulation, sandbox approaches also have been used by regulators for companies operating in fields such as autonomous vehicles, unmanned aerial systems, and digital health.52
Interactions with stakeholders at a large scale can be difficult. In response, the Taiwanese government created a consultation process that brings together government ministries, experts from diverse backgrounds, and relevant citizens on specific topics. It was used to build consensus on a ridesharing regulation agreement.53 The consultation was hosted on Pol.is, an open-source tool for mapping the opinions of a large audience. The tool asks participants to react to others’ opinions in a constructive way to find consensus. The ridesharing consultation attracted 1,737 participants who submitted 196 ideas. Citizens cast a total of 47,539 votes on these ideas.54
The challenge: How can we encourage compliance without further regulatory action?
To encourage citizens and businesses to comply with certain regulations such as license renewal, some regulatory agencies use “nudges,” incorporating analytics, email alerts, and text messaging into strategically designed communications.
In the Canadian province of Ontario, employers are required to file and pay an annual Employer Health Tax (EHT), a payroll tax on health services provided to both current and former employees. In 2014, more than 7,000 employers filed their EHT returns late.57 The provincial government turned to the behavioral sciences for help.
To assist employers that tended to file late, Ontario tested new messaging that focused on where employers could file a return, directing them to websites and service center mailing addresses. The employers also received detailed instructions on how to file the EHT return and a deadline for when the return was needed.58
Compared to a control group that received the standard delinquent message, the timely filing rate among employers that received enhanced messaging was 13 percent higher (53 percent versus 46.9 percent). With a single nudge, Ontario significantly increased compliance.
As long as government requires businesses to get licenses and permits, pass inspections, pay fees, and comply with other rules, it is in its interest to make those transactions as painless as possible. While many businesses would welcome fewer regulations, what they mostly want is to spend less time and effort on compliance. Fortunately, regulators can work toward this goal in a number of ways.
The challenge: How can we identify obsolete or duplicative regulations?
Advanced analytics can help regulators examine regulations with an eye to increasing efficiency, reducing waste, and deploying limited resources more effectively. One promising application is the use of text mining—software-aided analysis of large amounts of text to identify topics, concepts, and keywords—and machine learning to identify outdated regulations.
Deloitte’s Center for Government Insights used text mining and machine learning to analyze more than 217,000 sections of the 2017 US Code of Federal Regulations.62 This analysis found nearly 18,000 sections containing text that was extremely similar to passages in other sections. Agency leaders could examine these sections of the code for opportunities to streamline the rules, eliminate redundancies, and provide common definitions. This approach could not only help reduce the volume of regulations, but also help regulators avoid unintentionally setting different standards in different regulations.
The challenge: How can we make better use of data to improve regulatory outcomes and reduce the reporting burden?
Unfortunately, current regulatory data is collected largely without common standards. By implementing data standards and integrating systems across agencies, regulators can use the data they already have to reduce businesses’ reporting burden. Taking advantage of data collected by external aggregators also can help ease reporting burdens.
Austria’s central bank, Oesterreichische Nationalbank, is working with the country’s banking community to create a common software platform for a new regulatory reporting model. The initiative calls for greater data integration within banks and the bridging of government IT systems with those of the banking industry. The common platform is housed in a separate entity called Austrian Reporting Services (AuRep), which is jointly owned by seven large Austrian banking groups representing 87 percent of the market.66
This collaboration allows banks to share the cost of compliance while standardizing data collection. Using AuRep, Austrian banks can deliver single contracts, loans, or deposits to a common platform in a standardized format known as “basic cubes.” These cubes then can be enriched with additional attributes, allowing supervisors to aggregate and analyze the data without increasing the administrative burden on banks and other data providers. This approach has reduced the cost of Austrian bank regulatory reporting by more than 30 percent.67
The challenge: How can we reduce compliance costs for businesses without compromising consumer safety?
By adopting a customer experience (CX) mindset, governments can make business compliance easier, boosting voluntary compliance rates.
New Zealand spent several years applying CX tools to reduce business compliance costs and improve the G-to-B experience. Previous surveys had found that many businesses appreciated the service of individual agencies, but the system often required them to start from scratch repeatedly with other agencies.72 Reformers used design thinking principles to address these problems. The project’s ultimate goal is to reduce the business costs of dealing with government by a quarter and match the level of customer satisfaction performance indicators of private sector firms by 2020.
The project began with a series of interviews and surveys to identify pain points for businesses. These included tax compliance and tax filing; inadequate transparency in the patent filing process; difficulties in interacting with multiple agencies; and requirements to provide the same information multiple times. This effort led to more than 80 individual initiatives intended to simplify business interactions with government.
While the effort is still in progress, impressive results have been achieved already. The median annual time businesses spend meeting their tax obligations has fallen by 25 percent.73 Construction agents reported a 30 percent reduction in time spent on taxes.74 In all, the compliance costs of dealing with government in New Zealand have fallen by 7 percent since the initiative began.75
In another effort to improve customer experience, the Australian Taxation Office created a chatbot named Alex that uses natural language processing and conversational dialogue to answer tax-related questions from website visitors. Launched in 2016, Alex has answered more than a million inquiries with a resolution rate of 80 percent—significantly higher than the industry benchmark of 65 percent.76
Another way to accelerate business approvals is to adopt a risk-weighted approach to regulation. This reduces the burden of compliance on entities that demonstrate a low risk of noncompliance. In exchange for providing access to more data, certain firms go through a more streamlined process. For example, the FDA’s “pre-cert” program for digital health accelerates time to market for lower-risk health products and focuses its resources on those posing greater potential risks to patients.77
As technology continues to advance, regulators will face growing challenges in developing and enforcing rules aimed at protecting citizens and ensuring fair markets. By using business and technology tools such as those we’ve discussed here, they can transform their work processes and encourage innovation.
But realizing this vision won’t happen overnight. It will require sustained investment of financial resources and political capital to develop these capabilities, reengineer processes, and transform cultures to make the best use of them. The key is to develop a strategy for moving to technology-enabled regulatory modernization, and then to launch pilots, experiment, learn, and then scale what works throughout the organization.81