Why having a regtech solution in place really matters

Fraud prevention and regulatory technology marketplace is crowded with a variety of vendors offering different products and solutions. While vendors try to package their products as unique and position them as leading and best in class, all such products can be classified in two main groups based on deployment type: Software as a Service (“SaaS”) or On-premises. Most companies would offer either one or the other. Very few are an exception to the rule and offer both deployment types.

Why do you need to deploy a risk, fraud or regtech solution for your business? How, when and to whom does it matter?

Typically, regtech solution providers are selected for their features, cost and reputation. The deployment of the solution is often considered as a secondary factor or worse, whichever deployment option is offered by the vendor is taken for granted and not considered any further.

Who should worry about the deployment types proposed?

Small businesses that average up to 40 – 50 million events or transactions per year probably don’t need to complicate their vendor selection process with deliberation on the deployment type subject. This user group should be able to make good use of any SaaS solution and achieve results and necessary price point. If your annual volume of events is below that level, most likely running an on-premises solution will be too much of a hassle and more costly than just using the same service on a hosted basis. Some edge cases might make you reconsider though: compliance with local laws, regulations or directives, such as data privacy requirements under the GDPR, that impose specific requirements about where your data should be transferred and processed or stored is one such example. Expecting a huge or rapid growth can be another instance – after all, if you expect your business to quadruple in a year then you should plan on making the most of picking the right deployment type of the regtech solution you use as this will help you cut costs, scale better and build an all-encompassing risk management framework.

Let’s speak of the other consumer group of risk and regtech solutions – medium, large and enterprise-grade companies who should definitely ask themselves whether to deploy a SaaS or on-premises solution and consider all pros and cons of both options based on their internal and external requirements.

What can you change and improve by going for an on-premises deployment option?

Short answer is – a lot. Having your own production instance allows you full control and ownership of your data, cost savings, better scalability, improved business continuity and reduced response and processing times.

When going for on-premises solutions the goal is to negotiate a flat license fee that is not volume based. This way you get the freedom to screen and process as many events as you wish, regardless of the event type – financial transactions, login attempts, password changes and other events which you would otherwise leave uncovered due to ramping up the cost of SaaS solutions.

Having a flat fee that allows you to control your data and screen unlimited number and type of events helps your business to scale long term as the ongoing costs will be limited to the price of your hardware and license fees.

In mid to long term, having an on-premises solution in your data center or Amazon Web Services (“AWS”) cloud will facilitate the build-up of new data feeds and plug-in of new data flows which you can monitor.

You will be doing better on the business continuity front too. Going out of business or suffering long down-times are eminent risks when it comes to third party vendors. When running on-premises setup these concerns won’t make the top of your agenda.

So far so good, but that coin has a flip side too, and it’s one, which is not so shiny and polished.

When moving down the on-premises route, remember the following: you need human resources to monitor the installation day and night. Have you got in-house specialists ready to take on that challenge? If you do – that’s great, but even so these don’t come free of charge.

Initial deployment and installation can be a slow and cumbersome process that takes forever, stretches all your resources and leaves you with an astronomical bill for professional services that are needed for customization of the very flexible solution you just spent some 6 or 7 digits on. Hardware or cloud cost – another $$$ chunk that can kill your budget and initial business case. When choosing a solution ask your vendors – do these come as part of the package? If yes – are they free? How is installation handled? Can you do it yourselves or your need to rely on vender resources? Does deploying a solution affect the company’s current PCI Compliance status – do you need to consider it for your next PCI onsite audit? 

When you start considering all of the above, an on-premises solution starts losing its appeal and becomes a subject of careful consideration and a hefty call to make.

As if to make it more difficult, you also need to consider if your vendor of choice has the technical architecture to allow your business to scale. As much as it’s important to acquire a technology that can process vast amounts of data quickly, it is of paramount importance that it does not break your bank. Any V8 truck will tow a 3-ton boat but what if you can do it with a 4 cylinder one? 

What about a hybrid setup that gives you all the upsides of the on-premises solution and it takes care of all the complications and complexity that comes with it? How about having your very own hardware production instance, dedicated solely to your company that you don’t need to maintain? What if you can get exactly that?

Let’s have a closer look at this one.

Technical support comes from your vendor – you get a tailor-made SLA stop worrying about providing in-house resources. 

Initial deployment made by the vendor that saves you all the hassle and inflated professional services bill. Business continuity and third party reliance – even if the vendor experiences issues with their production environment, your instance is separate and remains intact. Large data centers have a really good connectivity and up-time records. Updates get delivered and installed for you from your solution provider. You are in full control of your data and it is physically separated from any other data that your vendor handles. Last but not least – you get to keep your flat license fee, have full visibility on your direct data center costs so that with volume growth you will only invest in additional hardware and connectivity while  benefitting from better rates.

Search no more. A middle-earth that offers the best of both worlds exists. At NOTO we can do that. To find out more give us a shout, we are here to hear you out!