Professional

Swiftly evolving digital innovations have jettisoned global professional and financial services into the future. The UK is at the forefront of this transformation with the world’s fastest growing fintech sector. It is ahead of the pack in big data processing, with its sophisticated regulatory technology (regtech) offerings.

Today, the London insurance market is the largest global hub for commercial and speciality risk. The UK’s capital is also the only location in which all 20 of the world’s biggest insurers and reinsurers are active.

It’s been a decade since the global financial crisis, yet its reverberations continue to impact the industry through a raft of safeguarding regulations.

A subset of financial technology (fintech) known as regulatory technology (regtech) has emerged to address these complex needs, bringing together cutting-edge big data processing tools with high-level compliance expertise.

Kx Systems, a giant in this relatively new dynamic field, has clients and offices all over the world. But, in the last couple of years it has been heavily focused on its product offering in the European Union — which in January introduced MiFID II, the next chapter in sweeping pro-transparency regulation affecting capital markets’ businesses.

“MiFID II was without a doubt a big driver for us, both in terms of revenue, and innovation and R&D for our products,” says James Corcoran, SVP global head of client solutions for First Derivatives plc, Kx’s parent company.

This year, Kx, headquartered in Newry, Northern Ireland, is setting its sights State-side with the roll-out of a regtech product targeting the Consolidated Audit Trail, a revolutionary regulation which will impose new reporting mandates on broker-dealers trading in equities and options.

Meeting such obligations can potentially be costly for a financial business or institutions, and with vast volumes of data involved, onerous and time-consuming too. Kx’s regtech can facilitate swift and straightforward management of such requirements and their associated risks.

“We automate a lot of compliance officers’ work and bring their attention to places where they need to focus: the most critical cases,” says Corcoran.

Combining Strengths

Broadly, Kx is a real-time and historical data analytics company, which means it services a range of sectors, from space to manufacturing, and vanguard commercial areas like the Internet of Things.

However, its deep roots in finance have made it a natural frontrunner in regtech, a term coined by the UK’s Financial Conduct Authority in 2015.

Founded in Silicon Valley by an ex-Morgan Stanley technologist, Kx began as a high-precision database analytics company. First Derivatives, which was initially its sales and market partner, had already built a reputation as a consultancy to the world’s biggest investment banks, brokers and hedge funds, when it acquired a majority stake in this firm in 2014.

Kx work with Aston Martin/Red Bull racing to capture and analyse complex wind tunnel data, a critical element in the development of faster, more competitive F1 cars.

“Kx IS VERY WELL KNOWN AS HAVING THE FASTEST DATABASE AND ANALYTICS ENGINE IN THE WORLD. THAT PART OF THE TECHNOLOGY HAS BEEN DEPLOYED IN THE HIGH-FREQUENCY ELECTRONIC TRADING ENVIRONMENT, WHERE EVERY NANOSECOND COUNTS.”

The World’s Fastest Database and Analytics Engine

The database company’s success in the front office of trading analytics has been a key contributor to its regtech heft.

“Kx is very well known as having the fastest database and analytics engine in the world,” says Corcoran, “That part of the technology has been deployed in the high-frequency electronic trading environment, where every nanosecond counts.”

As such, the company’s flagship regtech product, the Market Abuse Regulation-compliant Kx for Surveillance, has been a favourite with tier one global investment banks.

‘Surveillance’ captures data in real time, then analyses it prior to the next trading day. The product checks for dozens of prohibited behaviours, such as insider dealing, which banks are required by law to monitor and report.

If the system detects an anomaly, it triggers an alert, which can then be investigated by bank compliance officers. Kx’s cross-functional team of experts, including First Derivatives’ regulatory and compliance practitioners, also works with clients to interpret regulations with individual business context in mind.

All of its regtech products are built out from the core KDB+ database technology. This powerful tool can capture massive platforms, such as all the data for the United States’ markets, a Herculean task which Kx performs for the Securities and Exchange Commission, one of its regulator clients. Another, the Australian Securities and Investment Commission, was an early adopter of its regtech, dating back nearly ten years.

The company also provides its technology to hedge funds (buy-side) and banks (sell-side).

“Kx IS VERY WELL KNOWN AS HAVING THE FASTEST DATABASE AND ANALYTICS ENGINE IN THE WORLD. THAT PART OF THE TECHNOLOGY HAS BEEN DEPLOYED IN THE HIGH-FREQUENCY ELECTRONIC TRADING ENVIRONMENT, WHERE EVERY NANOSECOND COUNTS.”

Ramping Up Regtech

While the ‘reg’ component of regtech, remains fluid and active, the ‘tech’ side is evolving at light speed.

Accordingly, Kx continues to augment its foundational KDB+ platform, and to ensure that the business keeps breaking ground in machine learning and through other emerging tech solutions.

The firm has entered into new innovation-boosting partnerships with top academics, as well as young fintech businesses in the United Kingdom — a top regtech destination and global leader in the growing sector.

“There’s a lot of innovation in the fintech space in London, in particular in regtech” Corcoran concludes, “Kx is staying closely involved in that.”

“THERE’S A LOT OF INNOVATION IN THE FINTECH SPACE IN LONDON, IN PARTICULAR IN REGTECH. Kx IS STAYING CLOSELY INVOLVED IN THAT.”

Over 300,000 computers were infected by the WannaCry worm in a 2017 worldwide cyber attack which released ransomware onto systems pertaining to the NHS, FedEx, Renault-Nissan and others.

“WannaCry hit on a Friday. All our retained clients were back up and running by Monday morning,” recalls Paul Vlissidis, technical director, senior adviser at top Manchester global assurance firm NCC Group plc.

WannaCry became a model for how NCC’s cyber security practice, through its pool of technical experts and dedicated incident responders, can quickly and effectively deal with mass-scale events.

With hacks targeting entertainment companies and law firms making headlines, from Sony Pictures to Paradise Papers, it’s no wonder the global cyber security market is expected to reach a size of $165.2 billion USD by 2023.

NCC was founded in 1999 as a division of the National Computing Centre, to educate the United Kingdom’s commercial sector on the effective use of information technology. It has been a future-focused forerunner in this space, enriching its skills base through the years by buying cyber security firms from Europe and the United States (now two of its main markets).

“We’ve gone from being a fairly general IT consulting organisation to specialising in cyber security,” says Vlissidis, who also led NCC’s team in tracking fugitives online on the Channel 4 series Hunted.

Businesses, Small and Large at Risk

High-profile attacks have a tendency to raise awareness in the C-suite, resulting in an uptick in business for the company. “You get a continuous growth of interest in this area as the market wakes up to the need for it,” says Vlissidis.

Some larger enterprises however have a blind spot, he notes: “They’re worrying about their own internal systems and networks but they’re not doing enough to check that their supply chains are capable of withstanding some kind of cyber event.”

One such example is Danish shipping company Maersk suffering significant supply chain disruption at ports from India to the US, prompted by a 2017 ransomware infiltration.

Such malicious software can also pose a danger to smaller enterprises. “For the vast majority of ordinary everyday commercial businesses, the biggest threats they face are things like ransomware, which can rip through their network, encrypt everything, and have a devastating effect on a business,” says Vlissidis.

In this vein, NCC has furnished the Federation of Small Businesses, a UK not for profit, with a cyber helpline – a type of support service for which demand has risen.

Other robust areas for the Manchester company are cyber security due diligence on international mergers and acquisitions, and cyber insurance incident response.

“FOR THE VAST MAJORITY OF ORDINARY EVERYDAY COMMERCIAL BUSINESSES, THE BIGGEST THREATS THEY FACE ARE THINGS LIKE RANSOMWARE, WHICH CAN RIP THROUGH THEIR NETWORK, ENCRYPT EVERYTHING, AND HAVE A DEVASTATING EFFECT ON A BUSINESS.”

Securing the Internet of Things

Along with the convenience and efficiency of the Internet of Things (IoT) — which is set to become a $267 billion market by 2020 — come huge risks. Home devices, which connect everything from toys to televisions, are vulnerable to cyber threats.

NCC is providing high-level IoT testing and support to a range of businesses. “In the last couple of years, we’ve started a full transportation assurance practice because we see so much work coming through that particular route,” says Vlissidis, citing the fast-expanding connectivity and related exposure of cars, rail networks and planes.

“More broadly the IoT is impacting a lot on companies now,” he says, explaining that integration of equipment into systems relatively unknown to stakeholders may add substantial cyber risk to their businesses.

The pioneering tech consultancy is accordingly applying its experience to the energy sector, namely smart meters. Weak spots in these networked devices could allow hackers to cut a home’s power or give them access to personal information, which might be used to commit fraud.

“We’re the largest provider of smart meter technology evaluation,” he says. As such, NCC reviews hardware and code, tests product security and advises on IoT design and architecture.

Building Cyber Resilience

Overall, the Cybersecurity 500 company offers a mix of managed network monitoring services along with crises response, from technical applications to public relations fallout.

Though the firm’s niche is commonly referred to as ‘cyber security,’ Vlissidis says the term ‘cyber resilience’ is more apropos.

He concludes, “Security tends to be about stopping an attack from happening, but resilience is all about coping if and when it does happen.”

“SECURITY TENDS TO BE ABOUT STOPPING AN ATTACK FROM HAPPENING, BUT RESILIENCE IS ALL ABOUT COPING IF AND WHEN IT DOES HAPPEN.”