Opinion | Crowdsourcing for better regulation

Sebi should conduct online and offline hackathons on the use of data to construct better fraud detection algorithms

The Securities and Exchange Board of India (Sebi) must strategically outsource and crowdsource data that is not sensitive and where the comparative advantage inherently rests outside its organizational boundaries.

It must also institute a strong whistle-blower programme. Although Sebi has mandated listed companies to institute a whistle-blower policy, it does not have one for its own benefit. The Securities and Exchange Commission (SEC) has a detailed whistle-blower policy (bit.ly/2wLx2eG) where any person knowing any possible securities law violation can inform it. Further, the commission provides a reward of 10% to 30% of the money collected from enforcements higher than $1 million. It is important for Sebi to create such a policy in order to ensure that it is constantly provided with information which it cannot independently collect. This would ensure greater transparency and accountability and improve regulations. In fact, whistle-blowers have played an important role in some of the recent instances that have put the spotlight on corporate governance.

The SEC’s extremely successful whistle-blower programme provides a good benchmark. In 2016, it received more than 4,200 tips from whistle-blowers—a 40% increase over the number received in 2012, the year the programme began. That year, the SEC also surpassed the $100 million mark for awards to whistle-blowers.

Several of the SEC’s largest settlements came in cases brought in by whistle-blowers. For example, a major financial institution admitted wrongdoing related to the misuse of customer cash and improperly risking customer securities, and settled charges with the SEC for $415 million. Another whistle-blower tipped off the commission that a large agricultural business violated accounting rules and misstated company earnings regarding a flagship product. This whistle-blower was a financial executive with the company who allegedly tried to rectify the situation internally and sought outside auditor assistance before providing “a detailed tip and extensive assistance" to the SEC. The commission awarded the whistle-blower $22 million, the second-largest award ever for a whistle-blower. The SEC has also been aggressive in enforcing the anti-retaliation provisions of the Dodd-Frank Act and Rule 21F-17, which precludes companies from impeding a whistle-blower’s communications with the commission. Thus far, the commission has brought two settled actions under the anti-retaliation provisions of the Dodd-Frank Act, and at least six settled actions against companies for violating Rule 21F-17. The whistle-blower provisions that should be adopted at Sebi must contain similar anti-retaliation provisions that must be enforced diligently to lend power to this “crowdsourcing" phenomenon.

With the rise of crowdsourcing, a major chunk of public data can be structured using crowdsourcing platforms such as Amazon’s Mechanical Turk. These platforms divide the process of identifying the key elements in a filing and use humans to perform the task. This process can be most cost-effective and reliable, and can be tried using data that are not currently sensitive. Implementing such initiatives requires a team that can decide and segregate data which can go to the public with necessary security-enabling features. Sebi should also get involved in conducting online and offline hackathons on the use of data to construct better fraud detection algorithms. The power of crowdsourcing has to be leveraged for this purpose.

Fintech is transforming the manner in which financial services and transactions within financial services occur. Funding fintech firms that are focused on creating applications to enhance the monitoring and detection processes could have a transformative effect on these functions. Applications that are suited to insource must then be bought by Sebi. This process would then replicate “innovation through acquisition and corporate venture capital" that several leading technology firms such as Cisco Systems, Intel, Amazon, Microsoft etc. are following.

A longer-term solution to the problem of identifying shell companies and monitoring them will need further collaboration between Sebi and Registrar of Companies (RoC). While Sebi’s primary responsibility is to ensure regulations in trading market, it is also important for it to ensure that trading happens in bonafide stocks. Hence, in order to ensure that the initial registering processes and monitoring mechanisms are strengthened, it is important to combine the forces of both the departments. Further, as soon as a company files for getting listed, the collaboration can ensure that Sebi has the data to analyse whether the company is worthy of being listed. Such collaboration would combine efforts of both the departments (Sebi and RoC) to identify companies beforehand which enter stock markets for manipulation or personal gains.

Corporate governance relies on strengthening and fostering the symbiotic relationship between four key pillars: (i) protecting investors, (ii) maintaining fair and orderly capital markets, (iii) facilitating capital formation, and (iv) enhancing the value of corporate assets, and, thereby, national wealth. By implementing the steps outlined here to build regulatory capacity, Sebi would also be able to enhance corporate governance in listed firms in spirit,thereby setting an example for other regulatory organizations in India and other parts of the world.

This is the concluding article in a four-part series.

Krishnamurthy Subramanian is associate professor of finance at the Indian School of Business, Hyderabad.

Comments are welcome at theirview@livemint.com