Home
HARPOCRATES COMPLY.RegAvailableHARPOCRATES COMPLY.DocIn Development
AboutContact
Get StartedBook a Demo
PPI AG×Harpocrates Solutions
Joint Case Study

A New Normal in RegTech

How to Ensure Regulatory Compliance in an Automated Way

A joint case study between PPI and HARPOCRATES with focus on audit-relevant regulatory aspects

By Jan Jensen & Martin Förster (HARPOCRATES Solutions GmbH), Astrid Freier & Alexander Hummel (PPI AG)

Download Whitepaper (PDF)Book a Demo

“With rapid and fast-moving changes the world becomes more complex — especially in compliance. The dedicated MaRisk function among others is heavily burdened with a lot of manual tasks through the entire lifecycle of regulation and associated compliance. This white paper describes the tremendous progress made especially in the analysis phase of the lifecycle by using AI and NLP in a time and cost-efficient way.”

Proof-of-Concept Results

Auditor annotations transform accuracy

PPI provided real examination data from an international financial institution. HARPOCRATES trained on auditor annotations and measured accuracy across two EBA guidelines.

EBA Outsourcing Guidelines

EBA/GL/2019/02

Baseline73%
After Training93.1%
+20.1pp improvement

EBA ICT Security Guidelines

Category tagging accuracy

Baseline64.1%
After Training95.4%
+31.3pp improvement

>99%

Auto-Categorization

Category tagging accuracy after training, outperforming manual expert classification

>99%

Processing Time Reduction

Compared to traditional manual processes — weeks of analysis reduced to minutes

The Challenge

Regulatory complexity is exploding

In 2021, almost a third (32%) of senior decision makers in financial institutions predicted the total cost of ensuring regulatory compliance will be greater than 5% of their revenues. These costs result mainly from labour-intense, manual processes.

Before any regulation is applied to systems and processes, a lot of cognitive work must be performed: screening and monitoring laws and regulations, identifying affected business units, implementing changes to IT systems and governance, updating policies and controls, and providing evidence of compliance to auditors.

Even with trained, expert staff the process of manually examining guidelines can take an analyst more than a week for a relatively comprehensive document like the EBA guidelines.

Methodology

How the validation was conducted

PPI and HARPOCRATES jointly constructed a Proof of Concept to quantify productivity gains by applying AI/NLP to automatically process regulatory guidelines, extract requirements, and categorize them for dispatching. The target regulations were the EBA revised Guidelines on outsourcing arrangements (EBA/GL/2019/02) and the EBA Final draft Guidelines on ICT and security risk management.

01

Real-World Training Data

PPI provided prior examination results from an international client — a genuine EBA ICT and outsourcing compliance review with expert auditor annotations.

02

Guideline Deconstruction

Each guideline was deconstructed into parts mapped to regulatory categories — governance, IT security, documentation, risk management, and more.

03

Two-Iteration Training

Baseline model accuracy was measured first, then the algorithm was retrained on auditor annotations. Both iterations compared against expert manual classification.

04

Triple Measurement

Three dimensions validated: category tagging accuracy, obligation extraction accuracy, and processing time — all against the expert baseline.

The Technology

The right ontology for your regulatory needs

An ontology allows domain-specific knowledge to be represented in a machine-readable format. Fed with data using NLP techniques, ontologies offer maximum flexibility in how to access and utilize stored data — especially when the input is highly unstructured, like legal text.

HARPOCRATES builds its own ontology, fed with highly specific financial regulatory knowledge while also leveraging public knowledge ontologies. This allows high flexibility to adapt to new use cases and enables holistic service applications in highly specific areas of implementation.

Using the HARPOCRATES platform, processing times could be reduced by over 80% thanks to refined category tagging and subsequently improved accuracy of requirement extraction — leading to an overall higher level of compliance with the regulation in scope.

Applications

Three identified use cases

All three support the MaRisk Compliance function, letting affected employees focus on what really matters: strategic focus and quality of documentation.

Pre-Assessment

Pre-assessment of new regulation and regulatory amendments before they take effect.

Pre-Screening

Pre-screening of relevant documents in the light of upcoming or changed regulation.

Completeness Check

Completeness check of all necessary amendments in order to comply with upcoming or changed regulation.

Looking Ahead

Customized solutions for your regulatory requirements

PPI and HARPOCRATES continue working together on further improvement of the language model to address more complex use-cases in partnership with customers in the financial sector.

The HARPOCRATES Compliance-as-a-Service platform provides the foundation to improve the process of achieving initial and recurrent compliance — from monitoring the latest developments in laws and regulations to automated reconciliation against existing controls, gap identification, and reporting.

The platform is industry- and use-case agnostic: financial services, GDPR, ESG and sustainability reporting, automotive (UNECE), and any regulatory domain where structured compliance is required.

Harpocrates Solutions

HARPOCRATES offers a Compliance-as-a-Service platform providing an automated technology stack based on AI and NLP to convert laws and regulations into digital rules. The platform is industry- and use-case agnostic and can be leveraged for all kinds of compliance.

Hosemannstraße 9b, 10409 Berlin
harpocrates-corp.com
PPI AG

PPI AG is a software and consulting company focusing on banks, insurance companies and financial service providers for more than 30 years. A stable and steadily growing family-owned company with more than 750 employees, with a leading payment business position across Europe.

Moorfuhrtweg 13, 22301 Hamburg
ppi.de

References

  1. Kroll — Global Regulatory Outlook 2021
  2. EBA revised Guidelines on outsourcing arrangements (EBA/GL/2019/02)
  3. EBA Final draft Guidelines on ICT and security risk management
See It in Action

Experience the accuracy yourself

See how HARPOCRATES COMPLY.Reg delivers the same validated accuracy across your regulatory landscape. Book a demo with the founders.

Download WhitepaperBook a Demo