post

California Bar Exploring Opportunities To Deploy AI

The agency is examining how artificial intelligence could help it review misconduct complaints and administer the bar exam.


The State Bar of California has started wading into the artificial intelligence waters.

The agency is exploring ways AI could help bolster the efficiency of its attorney discipline system and assist with administering the bar exam.

The bar recently entered into a contract with the MITRE Corporation to help it develop and evaluate algorithmic processes for identifying whether aattorney misconduct complaint could be closed without investigation.

State Bar Executive Director Leah T. Wilson said if an AI tool can be crafted to help the bar more speedily review whether to close or investigate complaints, it would reduce the administrative burden on staff. That in turn would allow the bar to shift its “human resources to other parts of the case processing continuum,” Wilson said.

Freeing up staff to assist with serious allegations of lawyer misconduct could be beneficial in light of the state auditor’s recent recommendation that the State Bar not hire as many new employees for its discipline unit as desired.

Wilson said an AI tool could also assist in ensuring a level of consistency and standardization in the bar’s review of the roughly 16,000 attorney misconduct complaints it receives annuallyThe technology could be especially helpful amid a nearly 60 percent increase in complaints made to the bar in recent months, a bump that has come amid the agency starting to accept online complaints.  

It was the transition last fall to permitting online complaints that allowed the bar to even contemplate an AI tool for reviewing such filings, according to Wilson.

She stressed that the MITRE project is in the early stages, and the bar will closely examine the effectiveness of the tool developed.

“If it’s not reliable to a very high degree of statistical significance, we couldn’t implement it,” Wilson said.

The bar’s $90,000 contract with MITRE, which was signed last month, calls for the company to complete its work on the project by mid-October.

Meanwhile, the State Bar is planning to use AI to help it administer the First-Year Law Students’ Examination, known as the “Baby Bar.” Law students completing their first year of law study at an unaccredited law school or through the Law Office Study Program are among those who must take the test.

At two of the sites where the Baby Bar will be given next month, the bar will be piloting the use of AI proctors for the essay portion of the exam that is taken on computers, Wilson said.

Live proctors will be there as well to ensure things go smoothly and to respond if the AI software alerts them to any patterns of eye movement or gestures out of the norm for test takers.

“If all goes well, it is our intention to deploy AI proctoring for the July bar exam,” Wilson said.

The bar began exploring AI proctoring because it struggled last year to attract enough proctors to administer the exams it gives to prospective lawyers.

Wilson said there will still need to be some human proctors present at future exams for security purposes and to help with any issues that arise, according to Wilson. But she said a successful pilot of AI proctoring would reduce the overall need for human proctors moving forward. 

On both the bar exam and attorney discipline fronts, Wilson said the bar is seeking to strike the right balance between being forward-leaning while protecting against the risks that arise with the deployment of new technologies.

I think it is the responsibility of good government everywhere to figure out how we can take advantage of technology to improve the services that we provide to the public,” she said.

Separate from the initiatives mentioned above, a bar task force is actively working to identify regulatory changes that would provide members of the public with greater access to legal services through technology, such as AI. The next meeting of the Task Force on Access Through Innovation of Legal Services is Monday, May 13.


*This article first appeared on Evolve the Law. 

post

California Bar Task Force Weighs in on Utility of Legal Tech Tools

There are more than 320 digital legal tools designed for use by non-lawyers in the U.S., but access to justice expert Rebecca Sandefur says the potential for the technologies to assist Americans with their civil justice problems has largely gone unrealized.

“Most of the tools that exist right now are neither efficiently scalable nor legally empowering, but there’s no reason it has to stay that way,” Sandefur said this week.

The associate professor at the University of Illinois at Urbana-Champaign was speaking during a Monday meeting of the State Bar of California’s Task Force on Access Through Innovation of Legal Services.

The 23-member panel is charged with “identifying possible regulatory changes to enhance the delivery of, and access to, legal services through the use of technology, including artificial intelligence and online legal service delivery models.”

Sandefur told the group that one promising digital legal is JustFix, a free app that allows tenants in New York to notify their landlord of issues needing repair.

The app has a tenant go through a room-by-room checklist and upload photos, as well as other information, to document habitability problems. The tool then uses a lawyer-approved template to send a certified letter to the tenant’s landlord outlining the concerns that need to be addressed to comply with housing codes.

“There are very few things like this, but obviously there is a lot of potential here to work on specific problems in a focused way,” Sandefur said.

She said one reason there are not many effective tools was developers’ fears of facing unauthorized practice of law allegations.

“Right now, the reason most of these tools are terrible is because there are deep concerns in the community of developers that you are going to go after them if they create a tool like JustFix that does something useful because it’s nudging up against the edge of giving legal advice,” Sandefur said.

She said those fears were being driven by one of two things: either the developer community does not have a proper understanding of what constitutes legal advice, or the restrictions on unauthorized practice of law are too stringent.

If the bar task force determines California’s unauthorized practice of law regulations are too restrictive, Sandefur encouraged the panel to carefully consider ways to relax them so that tools helping consumers with their civil justice problems “can be useful, as well as used.”

Task force member Lori Gonzalez said she certainly would like to see the bar make it easier for non-attorneys to innovate in the legal tech space.

Gonzalez noted that lawyers “by personality are abnormally adverse to risk, which is the opposite of what you need to be an entrepreneur or to push innovation.”

The task force is charged with reviewing the consumer protection purposes of the prohibitions against unauthorized practice of law (UPL) and “the impact of those prohibitions on access to legal services with the goal of identifying potential changes that might increase access while also protecting the public.”

The panel is also examining alternative business structures, multidisciplinary practice models, lawyer advertising, and fee splitting. The task force is slated to submit its final recommendations to State Bar’s Board of Trustees by the end of 2019.

Sandefur said the discussion at the task force meeting left her encouraged about the group’s efforts, and she told the panel they had a terrific opportunity to make a nationwide impact in this arena.

“If California does something good, it helps a whole lot of people,” Sandefur said. “But it’s also a great model for the rest of the country, so I’m delighted that you are starting to work on this.”


*This article first appeared on Evolve the Law

post

Artificial Intelligence in Regulatory Technology (RegTech) – 5 Current Applications

Last year, Boston Consulting Group reported that banks were tracking three times as many individual global regulatory changes as compared to 2011. The report added that these institutions were averaging 200 regulatory revisions per day in 2017.

RegTech often refers to the use of cloud computing technology through software-as-a-service (SaaS) with the aim of helping businesses conform to regulations faster and less expensively. In this piece, we aim to explore current applications of artificial intelligence in the RegTech space and coax out the broad segments under which they can be classified.

Through our preliminary research, we identified the following three major application segments for AI in regulatory compliance:

  • Stress Testing for Financial Forecast Models
  • Automation for Tracking and Monitoring of Regulatory Changes
  • Machine Learning for Enterprise Email Filtering

Below, we will highlight five companies that offer AI services for regulatory compliance from each application segment. We will also go into more details about how AI vendors are helping financial enterprises manage their regulatory processes by looking at use-cases and examples.

We distill the applications for each company with the aim of exploring how AI is being used for RegTech today and how can enterprises augment the capabilities of their compliance teams.

Stress Testing for Financial Forecast Models

Ayasdi

California-based Ayasdi, founded in 2008, claims to offer big data analytics and artificial intelligence services. The 120 employee company was co-founded by Gunnar Carlsson, Professor Emeritus in the Department of Mathematics at Stanford University, and CEO Gurjeet Singh who previously earned a PhD from Stanford in computational and mathematical engineering.

Ayasdi claims that their artificial intelligence platform, Ayasdi’s Model Accelerator (AMA) can help enterprises in financial services to predict and model regulatory risk. The company also claims that their platform can achieve this by using machine learning to find hidden patterns in historical financial data or for forecasting revenue data. The company claims it could help banks in the following ways:

  • Establish and adhere to regulations for anti-money laundering (AML). The company claims this may be particularly challenging for banks and that non-compliance can potentially result in fines of over tens of billions of dollars.
  • Help banks to automatically monitor customer transaction data to identify anomalies and ensure that they are compliant with regulatory requirements..
  • Help global banking clients reduce false positive rates in fraud detection as compared to traditional rule-based methods used by most banks traditionally, while still identifying a similar number of suspicious activity reports.

Below is a video from Ayasdi where Senior Data Scientist Jesse Paquette demonstrates and explains how the platform might be used for fraud detection applications:

Ayasdi reports that it’s platform runs on a Topological Data Analysis (TDA), which was developed for a project funded by DARPA

Below is short 2-minute promotion from Ayasdi where its core team members explore how the platform might be beneficial to enterprises in different applications:

Our preliminary research led us to two case studies from which we discuss their collaboration with Citi Group in further detail. According to a 2017 case study from Ayasdi, the company was chosen by Citi to help create justifiable models of Citi’s revenue and capital reserve forecast to pass the Federal Reserve’s Comprehensive Capital Analysis and Review (CCAR) process (which was initiated after the 2008 financial recession to a bank’s financial foundation).

Before working with Ayasdi to improve it’s capital planning process, Citi had failed the first two out of three annual CCAR stress tests. Ayasdi’s first steps with the company involved using subject matter expertise from the leaders of the bank’s business units regarding to review some of the banks macro-economic variables like revenue and capital reserves as stipulated Federal Reserve.

Ayasdi claims the machine learning platform was then used to correlate the impact of these variables on each business unit’s monthly revenue performance over a six-month period and models were developed to predict the future performance of these business units. Lastly, Ayasdi claims that the business unit heads were once again roped in to evaluate the predictive model final performance.

According to Ayasdi, streamlined Citi’s nine-month process requiring hundreds of employees to a three-month process, utilizing less than 100 employees.

Along with Citi, the company has also worked with HSBC for an anti-money laundering application. An Ayasdi brochure also claims that one of the Top 3 Nordic Banks used the AMA platform to predict the probability of default models for mortgages, identified strong and weak fit areas, and adjust their models with targeted fixes. The brochure did not go into further detail about this client’s use of the program.

Automation for Tracking and Monitoring Regulatory Changes

CUBE

London-based CUBE, was founded in 2011 and claims to offer a RegTech platform that can help businesses cut regulatory costs and minimize risk of non-compliance. The 94-employee company claims their platform can assist in predicting compliance risk, automating AML, Know Your Customer (KYC) and Cyber/information security processes.

CUBE states that the platform uses machine learning to help enterprises to automatically keep track of global regulatory data and prompt alerts by detecting regulatory changes that pose a compliance risk. The company claims it has created a regulatory ‘data lake’ that covers the regulations for financial services organizations across the globe. We, however, could find no evidence of how extensive their database is.

Below is a four-minute interview from the International Compliance Association where CUBE Founder and CEO Ben Richmond explores the role of AI in managing regulatory risks and details how CUBE is applying AI to this problem:

According to CUBE’s website, some ways in which enterprises might benefit from CUBE’s regtech platform include:

  • Helping Identify global regulations and compliance requirements and automatically keep track of any changes to these regulations.
  • Enterprises might identify in real-time internal regulatory gaps in policies and procedures
  • Businesses engaging in cross-border selling might use the CUBE platform to gain an understanding of the rules and regulations for business across borders and build controls into internal company procedures.

During the 2nd annual DIT UK trade mission to Empire FinTech Week in April 2018, the Department of International Trade (DIT) in the United Kingdom chose CUBE as one of the 15 “UK-based FinTech startups” for actively entering the US market as part of the official delegation from UK to engage with US regulators to reduce barriers to doing business.

CUBE’s current CEO Ben Richmond is a 20 year veteran in the technology sector, specializing in better leveraging unstructured data. Richmond is also the Chief Executive of the International RegTech Association (IRTA).

We could not find any details on how CUBE’s RegTech platform analysed regulatory information from their data lake to prompt compliance actions to their clients or any evidence of robust case studies.

Compliance.ai

Compliance.ai is a Silicon Valley startup founded in 2016 with around 26 employees. The company has launched a platform that they claim uses machine learning to improve search, monitoring and tracking of regulatory content relevant to financial organizations.

Compliance.ai states that the platform’s Team Edition might enable banks and other financial institutions to automate research, as well as track financial regulatory content and regulatory updates in one place. Compliance.ai also says its platform curates financial regulatory content from sources like federal and state-level regulatory agencies, executive orders, whitepapers and news media.

Leadership level executives at banks might work alongside a team from compliance.ai to help them understand their global and individual jurisdictional presence, according to the company. The platform can then be integrated with the banks existing systems and can potentially prompt compliance officers at the bank with alerts for compliance risks after cross-checking its curated database.

Below is a one-minute video from Compliance.ai giving an overview of how their platform claims it can help financial institutions:

According to the company, financial institutions might apply Compliance AI’s platform in these ways:

  • To keep up with regulatory changes by using “expert-in-the-loop” machine learning models to comb through regulatory content. The company claims Compliance.ei can automatically classify this content to find high-risk compliances and then send a suggested action to the bank’s compliance officers.
  • Compliance officers at an enterprise might choose integrate the Compliance.ai platform within an existing compliance team’s digital infrastructure to automatically collect and curate financial regulatory data. The company claims that this could insure that no new regulatory rules are being infringed upon.

In a testimonial, Illeana Falticeti, VP of Compliance at Cloud Lending Solutions said, “Managing and optimizing  time, resources and skills management are the challenges where products like Compliance.ai may help financial services players with.” She notes her experience with the platform in the video below:

In one case study, Compliance.ai claims to have worked with the Bank of Marin (Headquartered in California) to help automate the banks’ regulatory tracking processes which was previously done manually by compliance officers.

According to the case study, the bank’s compliance officers would constantly track regulatory changes from the websites or newsletters of its regulatory bodies such as the Federal Deposit Insurance Corporation (FDIC) and state regulators like the California Department of Business Oversight.

Compliance.ai claims that its platform was able to automatically identify the most relevant compliance requirements from an ocean of regulatory information from multiple state and federal sources. Although Compliance.ai claims that the Bank of Marin realized a return on investment in terms of time spent for compliance employees, no further data on the cost of the integration or its end results could be found.

Compliance.ai CEO and Co-founder Danielle Deibler is also the Co-President of the International RegTech Association (IRTA) in the Bay Area and has previously worked with mobile application development. We could not find anyone with robust experience in AI development in the executive leadership team at Compliance.ai, although according to their LinkedIn page, three employees specialize in data science and machine learning.

Text IQ

Text IQ is a San Francisco-based AI startup founded in 2014. With roughly 32 employees, the company offers risk and compliance software for enterprises, law firms and government agencies which the company claims uses machine learning to identify sensitive and compromising in big data (like internal business data records).

Text IQ offers a platform tailored for Chief Compliance Officers. The company claims it combines natural language processing with relationship analysis and aims to narrow down document sets to manageable sizes for human officials to review.

Here are a few examples of how Test IQ claims the platform can be used:

  • The chief compliance officer at a financial institution might be able to cut down the time spent in keeping track of FCPA, GDPR, anti-money laundering or insider trading risks by ‘summarizing’ only the relevant regulatory content from all the authorities into a document that can be reviewed by a human officer.
  • A consumer goods manufacturing company might be able to find systemic behaviors in employee work patterns that are in violation of the law or internal policies leading to regulatory infringement.

During our preliminary research we found no evidence of successful case studies from enterprises using the Text IQ platform specifically for regulatory compliance although there seems to be some evidence that Wendy Riggs the senior manager of eDiscovery and litigation operations at Twitter Twitter was interested in a demonstration from Text IQ for using their platform in an eDiscovery application.

Text IQ was co-founded by CEO, Apoorv Agarwal who earned a PhD in computer science from Columbia University in New York. The company also claims that over 70 percent of its team are either PhD or master’s degree holders in computer science, however, we could not confirm this through research on the company site, Linkedin or Crunchbase.

Machine Learning For Enterprise Email Filtering

Tessian (formerly CheckRecipient)

According to the General Data Protection Regulation (GDPR) regulations in Europe, enterprises can be fined up to 20 million euros or four percent of their annual global turnovers for infringing on data security laws, including instances like misaddressed or unauthorized emails.

London-based Tessian, founded in 2013 provides an enterprise email security platform which the company claims uses machine learning to help prevent sensitive emails in an enterprise from being sent to the wrong person. The 58 employee company claims their platform can potentially detect emails that may lead to data loss (example – misaddressed emails) or a data security threats (emails to unauthorized accounts).

Tessian claims that their platform can analyze historical enterprise email data (such as the records of all the incoming and outgoing emails sent by a particular team or employee) and ‘understand’ patterns in email behavior of employees (such as regular emails with sensitive information to persons external to the company) to devise security filters.

According to the company, once these patterns are recorded, the platform monitors outgoing emails of employees and can potentially spot anomalies like, “recipient looks unusual for the context of this mail,” or ‘top secret project data detected in this email.” Employees can then ensure that there are no breaches to data security more efficiently.

Abhirukt Sapru, the head of business development at Tessian, explains how the platform might help enterprises with email security in this interview with Information Security Media Group(ISMG).

Taylor Vinters, a law firm in the UK, used Tessian’s platform to ensure that the company’s data security was in alignment with the GDPR regulations which included preventing email breaches proactively.

Steve Sumner, Director of IT at Taylor Vinters, explains in the video below that the law firm needed to upgrade their email security since traditional rule-based security in Microsoft Outlook (which they previously used) was time-consuming and inefficient.

Tessian claims that Com Laude, a brand protection and corporate domain name management services provider, used the platform to implement a regulatory framework for their internal communication policies. No further details of the case study, including how long the integration process was or other quantifiable end-results, could be found.

Tessian was founded by Tim SadlerEd Bishop and Tom Adams, all of whom were graduates from Imperial College London. We were unable to find evidence of the Tessian leadership team’s robust academic or business experience with artificial intelligence in the past.

Conclusion

Our research concludes the following themes:

  • Artificial intelligence applications in RegTech are in their infancy today although regulatory compliance is ripe for automation through AI, as evidenced by the emergence of many startups and AI vendors in the space.
  • The major applications today seem to be around using predictive analytics to stress test a company’s business performance under different market conditions, automatically tracking compliance requirements and establishing an email monitoring and filtering systems.

We also took note of two themes that business leaders may be interested in:

  • Data security regulations have been steadily getting more strict and with the recent GDPR mandate in the EU, businesses can expect that data security norms might get tighter in the future.
  • AI use-cases in RegTech are still few in number and the next two to five years might see the emergence of many established AI applications – just as was seen for AI applications FinTech.

*This article first appeared on Emerj.


Interested in the impact of new technologies on regulation? Get involved at this year’s annual conference. Contact Jim McKay (jamesmckay@lawscot.org.uk) to become involved as a speaker or session moderator. 

post

The implications of AI on legal regulators and how they can use it

At last year’s ICLR Annual Conference in The Hague, ICLR member came together to present on the implications of AI on legal regulators and how they might harness this technology to their advantage. Panelists drew from input from ICLR members and how their own institutions were engaging with Artificial Intelligence, as shown in the infographic below:

The presentation cover various aspects, including:

  • What is Artificial Intelligence? … And what it isn’t: Steve Wilson, Standpoint Decision Support
  • What are the Potential Risks to be Managed: Bridget Gramme, Center for Public Interest Law at the University of San Diego School of Law
  • How Legal Regulators can use AI: Crispin Passmore, Solicitors Regulation Authority
  • Getting into Artificial Intelligence: Alison Hook, Hook Tangaza

You can access the full presentation here:  ICLR Artificial Intelligence Presentation


Interested in the impact of new technologies on regulation? Get involved at this year’s annual conference. Contact Jim McKay (jamesmckay@lawscot.org.uk) to become involved as a speaker or session moderator. 

post

How can Blockchain and other Consensus Driven Cryptographic Technology be Regulated?

Some participants in the crypto/blockchain/DLT industry actively invite regulatory oversight but policy considerations and the usual patterns of legal and regulatory development can mean that wanting to be regulated is not always the same as being able to be regulated.

In the Hong Kong Lawyer, Syren Johnstone examines aspects of the technology that make it difficult to regulate the primary and secondary market, while at the same time allowing industry development without it being affected by fraud and abuse, or being used to service money laundering and other criminal purposes. It concludes by suggesting the policy approach that regulators should take to this new technology.

*This article first appeared in the Hong Kong Lawyer


The technology is the starting point

In 1988 Tim May famously stated “Computer technology is on the verge of providing the ability for individuals and groups to communicate and interact with each other in a totally anonymous manner. Two persons may exchange messages, conduct business, and negotiate electronic contracts without ever knowing the True Name, or legal identity, of the other.” Today, that has become a reality in a developing digital ecosystem that is being built on cryptographically secure consensus technology (“CCTech”) that forms the basis of blockchain and distributed ledger technology applications.

CCTech enables qualitatively different boundaries of commercial activity than was previously possible. It holds the promise of enabling new ways of undertaking existing commerce that provide efficiency gains, as well as generating new types of commercial activity. The first peer-to-peer version of electronic cash created on 3 January 2009 (Bitcoin), has been followed by other cryptocurrencies, digital tokens that provide access to some service or utility or operate as a security (see Hong Kong Lawyer, March 2018 “ICO Utility Tokens and the Relevance of Securities Law”), and smart contracts (collectively, ”cryptos”).

Industry growth has involved developers tapping into the highly regulated public capital market in ever-larger offerings. A secondary market facilitated by crypto exchanges has emerged. This is creating significant challenges to regulatory agencies to define how existing laws and regulations might apply.

Establishing a sustainable regulatory approach is complicated by features of CCTech still undergoing transformational evolution that pose novel challenges to regulatory policy making and raise fundamental questions about what regulatory oversight might look like, and to what it should attach.

The prospect of regulation

On the prospect of oversight by regulatory agencies, the crypto-industry continues to express its voice in a partisanly manner. There are those who see independence from oversight as a necessary expression of political freedom, or advocate that the industry should not be subjected to any oversight other than by the community participating in cryptos. Other participants in the industry wish to take advantage of the current situation by moving to the lowest commercially viable legal standard or jurisdiction.

There are also those who actively seek to be regulated as a means of being accepted into mainstream commercial activities and validated as a legitimate activity, and to foster the industry by directing it to applications benefitting society. Some see regulation as a competitive advantage over others who are ill-equipped, or inadequately funded, to cope with the anticipated burden of regulatory oversight. However, policy considerations and the usual patterns of legal and regulatory development can mean that wanting to be regulated is not always the same as being able to be regulated.

Regulatory agencies have to date primarily applied existing regulatory standards to the industry where they can. There is a general sense that this will not be enough to facilitate industry development while also dealing with the risk of fraud and consumer abuse. There are also real concerns that the anonymity provided by CCTech could be used by bad actors to further criminal purposes.

The primary hurdle for regulatory clarity is sometimes said to be the legacy system of laws, regulations and financial and commercial practices that have been established in a pre-CCTech era. Industry requests for regulators to specify the features that would determine which regulatory silo a crypto belongs to (money, security, futures contract, commodity, or other) oversimplifies the new context presented by CCTech and underestimate the related policy considerations.

Primary market activity thus remains governed by a singular question: is the crypto a security? This leaves CCTech developers cum promoters to resolve questions that lawyers and regulatory agencies cannot currently clearly define other than by reference to broad functional concepts, or narrow established categories, raising the danger of ex post regulation.

The development of taxonomies that seek to map cryptos onto existing securities laws as a means of assisting regulatory clarity has become a mini-industry. However, these often “solve” the problem without changing the underlying assumptions about how existing laws securities laws apply. As such they are essentially recursive and achieve very little. It is of course somewhat paradoxical to address something new by treating it as though it were something old.

In contrast to the situation in the primary market for securities, regulators in the UK and the U.S. have permitted a futures market to evolve around cryptocurrencies (Bitcoin, and recently Ether). The court in CFTC v. McDonnell, et al. (18-CV-361, 2018) has confirmed the oversight powers of the U.S. Commodity Futures Trading Commission (“CFTC”) in this regard. Although many in the industry perceive regulatory oversight as abhorrent to the essence of CCTech, regulatory oversight of the futures market has enabled the development of financial products within an established regulated infrastructure that has facilitated the perception of cryptocurrencies as a valid asset class to gain exposure to. Importantly, it means that investors are brought within a context subject to safeguards imposed on regulated intermediaries.

Building blocks

Regulation of the financial services industry in the modern era is based around three primary choke points concerning products, venues and acts. These assume some form of intermediation via markets, brokers and advisers. Regulation has already had to adapt in response to technology that displaces human involvement, such as algorithmic trading and robo-advising, where sentience ceases to form part of the regulated act but rather is embedded in the coding that enables the act to be undertaken.

CCTech presents additional difficulties. There is a venue, but it may be only exist in a code supported on a network of participants. There is an act, but that may take place without intermediation other than the non-sentient operation of a code operated over a network in which the creator no longer has a role. There is a product, but there is a recognised lack of clarity as to how to characterise a crypto for the purposes of regulatory silos. CCTech enables venue, act and product to be collapsed into the operation of code via distributed networks, decentralised and dis-intermediated arrangements, and smart contracts.

The possibility of undertaking commercial activity on a decentralised, peer-to-peer basis represents a qualitatively different kind of issue for regulatory agencies. At some point, adaptability may be challenged to the extent that existing regulatory tools which have developed around centralised, intermediary-based systems may to some extent be rendered obsolete, raising questions as to the continued viability of existing legal silos and traditional choke points, and giving rise to policy concerns.

Even if basic problems were solved about which or whether a law applies to a crypto, or at what choke point to apply it, there remain problematic areas. Regulation proceeds on the basis that regulation is possible but CCTech does not, at the present point in time, provide some of the usual building blocks that enable the meaningful implementation of regulatory objectives.

This includes an assortment of investor protection and market integrity considerations, such as: integrity of ownership and integrity of transactions, issues related to account management including proof of ownership to public audit standards, custody and segregation, how record keeping is to be undertaken, how exchange regulation might work, the ability to assert market transparency and market abuse protections, how money laundering risks are to be addressed.

To this can be added technical issues that the industry is actively trying to solve, many of which potentially give rise to legal issues and have implications for investor protection and market integrity. These often require an appreciation of how the science and technology operate and their weak points such as how they might be gamed by bad actors. They include: the management of keys and wallets, the risk of consensus hijack, denial of service attacks, double spending, scalability, code governance controls and cyber security challenges.

Disclosure is another building block. Key disclosures might address: does the underlying code do what it is expected or promised to do, is the governance of the code appropriate (such as agreeing on roll-backs), has it been properly written so that it is free of bugs that might facilitate hacks or other problems, has the security protocols been properly implemented, is the crypto scalable to benefit from network effects. Not all codes are the same in this regard and coding errors have caused significant problems in the past, yet there are no established standards for audits of code writing.

Not all problems are adequately managed by merely releasing information. Positive action is sometimes required. This can take the form of an industry regulating itself via standards and best practices, but the industry is in its nascent stages in this regard. An area of development to watch is the standards being developed by the International Organisation for Standardisation in their ISO/TC 307 programme. Nine new projects concerned with blockchain and DLT are currently in their proposal or preparatory stages.

Resolving some of the above building blocks is therefore a precursor for effective, granular regulation to develop. Solutions are likely to come from the technology itself as it develops in response to regulatory expectations. This may serve to facilitate the development of regulatory technology, which presents opportunities for creating avenues within the underlying CCTech code for interactions between the actors involved in any crypto generation or exchange, any buyer of a crypto, and regulatory agencies.

One of the inherent difficulties of addressing the regulation question is the reality that the industry is in its early stages of maturation. Core concepts are still subject to significant debate, the potential technological implementations of the science remains in a discovery and development phase, and the prospects for commercial use cases of CCTech is still evolving. This makes the policy formation that leads to regulatory implementation difficult as these conditions increase the risk that regulations are made only to see the industry change under it, or regulations are made that capture the wrong family of acts – in either case the policy objectives are missed.

The dynamics that animate regulatory change are subject to two related overarching considerations: to what extent is meaningful regulation possible and, if it is, how and when should regulatory oversight be imposed? Regulatory intervention that is too early, too heavy, or misses the target runs the risk of slowing the growth of the industry and damaging the beneficial prospects it offers to commercial activity and society more generally.

The technology is also the end point

The present state of regulatory uncertainty creates risks to the industry itself. It increases the cost of industry development because raising capital in an uncertain legal environment gives rise to increased liability risk. To this can be added the risks (including attendant industry costs) already observed in traditional capital markets (primary and secondary) that include fraud, money laundering, theft, mis-disclosure, manipulative practices, internal control failures, misfeasance, and adequate custody and handling of money, or securities or other assets belonging to another.

Whatever regulatory controls might be put in place, the reality is that the nature of CCTech presents a fundamental obstacle to oversight control because of the possibility – and consequences – of an alternative means of undertaking commerce on Internet-based networks that does not require the involvement of a regulated financial institution that intermediates transactions.

The intractable problem created by CCTech is how to bring cryptos within an appropriate oversight mechanism given its particular technological capability to subvert – unmeasured oversight control runs the risk of achieving the opposite effect of driving activity further out of sight. The proposal by the United States Treasury’s Office of Foreign Assets Control (“OFAC”) that it may add digital wallet addresses to its SDN List was criticised for just that. This reflects the anarchic potential of CCTech that is crucial for regulators to fully grasp if regulation is to be successfully developed. Regulatory agencies may need to look for ways of bringing oversight to the industry by using strategies different to those previously employed.

Actors in the industry seeking to be regulated are doing so for a number of commercial reasons including validation and legitimacy, the usual assurances provided to the market by regulatory oversight, industry risk reduction, and access to a larger pool of capital. It is proposed that these reasons can be engaged to make regulation a desirable option.

In short, the best way to establish regulation may be to make it attractive. That may not be a regulatory end-point but a point from which regulators can begin to better work with the industry. For that dynamic to work, it is essential that oversight controls do not undermine the opportunities that cryptos offer to new ways of engaging in commercial activity. Regulations must be based on outcomes that are independent of specific technologies and activities, such as fair disclosure, industry standards, and accountability for wrongdoing. Care must be taken that oversight controls do not to operate as anti-competitive tools.

The range of relations that CCTech can possibly create, and the behaviours in the market once they are created, are at once simulacra of human commerce and a potential further development of it. It remains to be seen whether the current trajectory of regulatory thought and action is working toward supporting the efficient allocation of risk and industry development, wherein capital finds projects that offer, and have a reasonable prospect of delivering, economic and social improvement.


Interested in the impact of new technologies on regulation? Get involved at this year’s annual conference. Contact Jim McKay (jamesmckay@lawscot.org.uk) to become involved as a speaker or session moderator. 

post

Four steps legal regulators can take to embrace their data

Data has always been a foundational part of the practice of law. However, the convenience, accessibility, and speed of digital mediums is transforming the discipline from within. Law firms are stepping up the plate leveraging their internal data, as well as industry data to make their practice and delivery of services more efficient and effective. E-Discovery, case predictive technologies and even fledgling artificial intelligence programmes are proliferating across top firms globally. Small and large firms alike are engaging with varying degrees of software to manage information and leverage its value.

It is time legal regulators attempt to match pace. This month ICLR.net is focusing on how legal regulators can start to think about data’s role in improving their regulatory responsibilities. We have identified four preliminary steps to help your institution to start thinking about leveraging data.

1. Start small and close to home: Identify your data sources

Identify consistent incoming sources of data. This may be lawyer registrations, renewals and fees. This “low hanging fruit” often serves as the fundamental data base, which can yield insights such as lawyer demographics and disciplinary patterns.

2. Clean and organise your data

Unwieldy spreadsheets no longer make the grade. Setting your organisation up for success means treating your data properly and preparing it for utilisation. Categorising and cleaning your data in a consistent manner will make things easier down the road. Data should be stored in a clear and structured format, which is both secure and shareable with appropriate access permissions.

3. Collaborate with those who know data

Some institutions may want to call the professionals in from day one. Smaller organisations may be able to tackle the first two steps on their own, but to begin to leverage analytics really requires a professional touch for the best results. You should be looking for a company specialises in data structures and analytics. The legal tech sector is rich with software providers offering data management products, but working with a professional in selecting the best fit for your organisation’s data or building a unique system is what will ensure success. It is key to work with someone with the skills as well as background knowledge and insights into the legal profession and industry.

4. Fostering a data-driven culture

Legal information and data powerhouse Thomson Reuters puts it best:

“Building a data-driven legal practice is not something you assign to a task force, department, or an individual. It requires a buy-in from everyone from the top leadership down.”

In addition, it is worth saying that employees at all levels should be involved in the data system development process, to ensure compatibility and realistic adoption and utilisation of the system. The human resource is what will bring an organisation the strongest return on any data investment.

Is data analytics for your organisation?

Some regulators may believe they are too small or the resource required to harness data is too great. However, these four steps can be completed at various levels, just as law firms of all sizes are engaging in data tools. Ultimately, it will be a matter of survival for regulators to keep pace with those they regulate. Information has a strong multiplier effect, and data analytics has the power to transform regulation and industry’s productivity as a whole.


We are interested in hearing about how your institution is using data to assist in regulation. Let us know! Interested in the power of data in regulation – get involved at this year’s annual conference. Contact Jim McKay (jamesmckay@lawscot.org.uk) to become involved as a speaker or session moderator. 

Colorado Lawyer Self-Assessment Program yields analytical insights

Colorado Supreme Court Office of Attorney Regulation Counsel started developing its lawyer self-assessment program more than two years ago, immediately after a seminal workshop on proactive, risk-based regulation at the 41st ABA National Conference of Professional Responsibility in May 2015. The new resource is a leading facet of a larger shift toward proactive management-based regulation, which aims to help lawyers practice ethically and soundly in the first place, rather than just reactively imposing discipline after lawyers make mistakes.

The new system provides the regulatory team with real time stats on lawyer engagement and self-assessed professional performance. It highlights the professional objectives scoring the highest and lowest across all respondents, providing the team with evidence to support further educational program development. The platform also has the ability to create customized lists of continuing legal education (CLE) resources based on each respondent’s own personal benchmarks and areas of need. These lists make yearly CLE planning fast and easy for lawyers, and keeps them focused on the most effective resources for their needs.

Jon White, staff attorney at the regulator, writes “The practice of law will always be challenging. The “ounce of prevention is worth a pound of cure” approach of the proactive practice program seeks to reduce some of that stress. The self-assessments give lawyers the blueprint to build an ethical infrastructure. Lawyers, in turn, benefit from enhanced peace of mind. Clients benefit from exceptional service. It is a win-win for all.” The insights generated by the program’s data is informing the regulator where practitioners need more assistance, and where there may be weaker points in the sector as a whole. Staying ahead of this issues protects the public and strengthens the jurisdiction as a whole.

Read more about Colorado’s Lawyer Self-Assessment Program Here

 

Platform Economy in Legal Profession: An Empirical Study on Online Legal Service Providers in China

Platform economy breaks into the legal profession by pooling lawyers with different specializations into a simple user-friendly platform, consolidating the lower-tier supply side of the legal market and generating economy of scale. This paper is the very first empirical piece looking into China’s online legal service portals. It is found that, the intermediary functions of the portals as the “matchmaker” between the supply and the demand side are often commingled with certain substantive legal services, which cannot be easily unbundled from each other. Given the grand information asymmetry in legal service provision and the potential importance the users may attach to the portals’ recommendation, the quality of such intermediation and matchmaking still leaves to be desired. This being said, because the portals help to improve the access to justice in China by virtue of offering an EXTRA channel for acquiring and comparing potentially useful information, which is made available at a much lower cost than visiting a physical law firm, the regulator should strive to improve the quality, rather than block up the source of the information. To that end, this paper proposes, based on the inspiration of the ABS regime, an alternative license for these online legal service providers, which imposes minimum regulatory and leaves room for new innovative business structures to evolve.

Full Paper Available Here

Jing Li, Tilburg University – Department of Business Law

Regulation Tomorrow: What Happens When Technology is Faster than the Law?

In an age of constant, complex and disruptive technological innovation, knowing what, when, and how to structure regulatory interventions has become more difficult. Regulators find themselves in a situation where they believe they must opt for either reckless action (regulation without sufficient facts) or paralysis (doing nothing). Inevitably in such a case, caution tends to trump risk. But such caution merely functions to reinforce the status quo and makes it harder for new technologies to reach the market in a timely or efficient manner. The solution: lawmaking and regulatory design needs to become more proactive, dynamic, and responsive. So how can regulators actually achieve these goals? What can regulators do to promote innovation and offer better opportunities to people wanting to build a new business around a disruptive technology or simply enjoy the benefits of a disruptive new technology as a consumer?

Full Paper Available Here

Mark Fenwick, Kyushu University – Graduate School of Law; Wulf A. Kaal, University of St. Thomas, Minnesota – School of Law; Erik P. M. Vermeulen, Tilburg University – Department of Business Law

Netherlands Bar Association launches research into innovation and digitalization in the legal profession

More than 1,300 lawyers participated in the recent NOvA survey on strategy, innovation and digitization. The results will be published after the summer. The survey is part of a broader investigation into developments affecting the future of the legal profession in the Netherlands, which the NOvA is expected to complete by the end of this year.

Changes in society such as globalization, digitization and increased cost awareness can have consequences for the administration of justice and the activities of lawyers in it. The adjustment to these developments can demand a lot from individual lawyers. Because of the essential function in a democratic constitutional state, the NOvA wants to contribute to the future-proof nature of the legal profession.

Approach
With the research into the digitization and competitive strength of the legal profession, the NOvA wants to map which developments are important for lawyers (offices). In addition to the survey, we conduct desk research, visit lawyers and organize group discussions.

Survey
With the survey, the NOvA wants to gain insight into the themes that are relevant to lawyers (offices), as well as their needs, possibilities and barriers to innovating their practice. Moreover, the results can show the extent to which the legal profession prepares for changes in the legal services with regard to the organization and digitization of the law firm.

Interviews
Through (group) discussions with lawyers and law firm employees, a better picture is obtained of the state of affairs of the Dutch legal profession. This includes opportunities and threats, the changing needs and expectations of customers and the role of regulation. The working method of progressive law firms is further analyzed.

Outcomes
Finally, an assessment is made of the impact of developments on the proper administration of justice. With the results of the research, the NOvA wants to determine which task and assignment it has. Depending on this, the NOvA will then develop policy on this.

Visit the NOvA