FinTech Global FS Regulatory Round-up - w/e 13 June 2025

ICYMI

• US Administration's priorities for cybersecurity and data privacy – What we know and what to watch

 

---

Global

BIS: FSI Brief presents a stocktake of gen AI applications in supervision

The Financial Stability Institute (FSI) at the Bank for International Settlements (BIS) has published a paper in the FSI Brief series which presents an overview of the state of gen AI applications in financial supervision. The paper draws on the responses to a survey given by supervisory authorities represented in the Informal Suptech Network, which was established by the FSI in 2018.

The FSI highlights the following from the paper:

• Financial authorities seek to leverage the new technology to find information more efficiently, but their gen AI activities are hampered by outdated IT infrastructure, data security concerns and a lack of technical skills.
• Most of the reported gen AI applications in supervision can be grouped into three categories: basic document processing (most 'in use' applications fall into this category); knowledge management; and document review. 
• The main challenges identified in integrating gen AI applications in supervision are user acceptance and inaccuracies in information provided. These challenges will likely intensify as financial authorities move to more complex gen AI use cases.

FSI Briefs are written by staff members of the FSI. They are short notes on regulatory and supervisory subjects of topical interest and are technical in character. The views expressed are those of their authors and not necessarily the views of the BIS or the Basel-based standard setting bodies. [12 Jun 2025]  #AI #GenAI

FSB Chair discusses stability and innovation – stablecoin, cross-border payments

The Financial Stability Board (FSB) has published the remarks by its Chair, Klaas Knot, at the Group of Thirty (G30) Plenary Meeting held on 7 June 2025. Mr Knot highlighted the potential systemic and cross-border implications of a widely adopted global stablecoin and outlined the global response to these developments. He also considered the need to balance innovation and stability in the context of stablecoins and touched on the FSB's work to bring the G20’s goal of making cross-border payments faster, cheaper, more accessible and more transparent to fruition. [9 Jun 2025]  #Stablecoin #Payments #Crypto

 

---

UK

SI: The Payment Services and Payment Accounts (Contract Termination) (Amendment) Regulations 2025

The Payment Services and Payment Accounts (Contract Termination) (Amendment) Regulations 2025 have been made. This statutory instrument (SI) amends regulation 51 of the Payment Services Regulations 2017 to impose new requirements on payment service providers (PSPs) in relation to the termination of framework contracts for payment services concluded for an indefinite period and entered into on or after 28th April 2026. The SI will come into force on 28 April 2026. It is accompanied by an explanatory memorandum. [13 Jun 2025]  #Payments

FCA speech on AI Lab and 'supercharged' sandbox

The FCA has published the speech by its Chief Data, Information and Intelligence Officer, Jessica Rusu, delivered at London Tech Week 2025. Ms Rusu spoke about the AI Lab highlighting four of its components: AI Sprint, AI Input Zone, AI Spotlight and AI Live Testing. The Lab was launched in January 2025 with the aim of supporting the FCA to develop its understanding of the risks and opportunities AI presents to UK consumers and markets, and help inform its regulatory approach in a practical and collaborative way.

Ms Rusu then discussed the recently launched 'supercharged' sandbox, in collaboration with NVIDIA, aimed at helping firms experiment safely with AI to support innovation. Applications for the sandbox are now open. Firms will be able to test early-stage proof of concepts (PoCs) in the sandbox from October 2025. [11 Jun 2025]  #AI

FCA appoints Deputy Chief Executive to manage growing remit

The FCA has announced the appointment of Sarah Pritchard as its Deputy Chief Executive, a new role that has been created to reflect the regulator's expanding remit. The appointment comes against the backdrop of the integration of the Payment Systems Regulator (PSR) and the FCA's regulation of stablecoin and crypto firms as well as buy now, pay later (BNPL) activities. As Deputy Chief Executive, Ms Pritchard will also support the FCA's increasingly international focus, given its role in supporting UK growth and competitiveness. [10 Jun 2025]  #Stablecoin #Crypto #Payments

FCA launches sandbox for firms to experiment with AI alongside NVIDIA

The FCA has announced the launch of a 'supercharged' sandbox which will allow firms to experiment with AI using NVIDIA accelerated computing and NVIDIA AI Enterprise Software. It will be open to financial services firms looking to innovate and experiment with AI.

Firms have until 11 August 2025 to apply to use the sandbox via the AI Lab page. Application results will be communicated by 16 September 2025, with successful applicants able to start experimenting from October 2025. [9 Jun 2025]  #AI

 

---

Europe

ESCB responds to EC consultation on integration of EU capital markets

The ECB has published the response of the European System of Central Banks (ESCB) to the EC's consultation on the integration of EU capital markets.

In the area of trading, the ESCB supports efforts to remove barriers to EU capital market integration and reap digital technology benefits. Regarding asset management and funds, the ESCB strongly supports the EC's focus on removing barriers to the European cross-border operation and marketing of investment funds that affect costs and accessibility for EU citizens.

The ESCB also called for the integration of EU supervision to be prioritised for sectors and market actors whose activities have a European cross-border footprint and particular systemic importance, such as market infrastructures and cryptoasset service providers (CASPs). [11 Jun 2025]  #Crypto

EBA: 'No Action' letter on interplay between PSD2/3 and MiCAR

The European Banking Authority (EBA) has published a 'No Action' letter on the interplay between the Payment Services Directive (PSD2/3) and MiCAR in relation to cryptoasset service providers that transact electronic money tokens (EMTs).

The letter advises the EC, the Council and the European Parliament (EP) to ensure that, in the long term, EU law needs to avoid a dual authorisation under two pieces of EU law for the activity of transacting EMTs.

While the existing PSD2 still applies, the letter advises national competent authorities (NCAs) to enforce authorisation of PSD2 for a specified subset only of cryptoasset service providers (CASPs) that transact EMTs, to do so only after a transition period that ends on 2 March 2026, and then to deprioritise specified PSD2 provisions. [10 Jun 2025]  #Crypto #MiCAR

OJ: Delegated Regulations under MiCAR

The following regulations under MiCAR have been published in the OJ:

• Commission Delegated Regulation (EU) 2025/1141supplementing MiCAR as regards regulatory technical standards (RTS) specifying the requirements for policies and procedures on conflicts of interest for issuers of asset-referenced tokens;
• Commission Delegated Regulation (EU) 2025/1140supplementing MiCAR with regard to RTS specifying records to be kept of all crypto-asset services, activities, orders and transactions undertaken; and
• Commission Delegated Regulation (EU) 2025/1142supplementing MiCAR with regard to RTS specifying the requirements for policies and procedures on conflicts of interest for crypto-asset service providers and the details and methodology for the content of disclosures on conflicts of interest.

The Regulations enter into force on the twentieth day following that of their publication in the OJ.

In addition, amending Decision (EU) 2025/1148 of the ECB on access by non-bank payment service providers (PSPs) to Eurosystem central bank operated payment systems and central bank accounts has been published in the OJ. The Decision enters into force on the day after its publication in the OJ. [10 Jun 2025]  #Crypto #MiCAR

 

---

Hong Kong

SFC proposes further restrictions under SFO and AMLO over use of misleading names

To enhance investor protection, the SFC has launched a consultation aimed at restricting unregulated entities from improperly adopting names that may give the public a false impression that they are regulated entities.  Feedback on the proposals is required to be submitted by 11 August 2025.

The SFC proposes expanding the current list of restricted titles under the Securities and Futures Ordinance (SFO) to cater for recent developments, including the emergence of virtual asset trading platforms (VATPs).  In parallel, the SFC proposes to include similar restrictions under the Anti-Money Laundering and Counter-Terrorist Financing Ordinance (AMLO), as the VATP regime is set out under both ordinances.

In addition, the proposal will extend the restrictions to commonly used terms that are similar in meaning to 'exchange' (such as 'trading platform') and those that refer to some of the financial products and platforms regulated under the SFO (such as 'virtual assets' and 'clearing facilities').  The proposal will also cover titles that may imply an association with established exchanges, VATPs and other similar entities.  [12 Jun 2025]  #Crypto #VirtualAsset

SFC Chairman delivers speech on the role of traders in driving the future of Hong Kong's capital markets

The SFC's Chairman, Dr Kelvin Wong, delivered a speech titled 'Traders – Driving the Future of Hong Kong’s Capital Markets' at Asia Trader Forum Annual Meeting & Equity Trading Summit 2025. 

Dr Wong outlined the SFC’s vision and regulatory approach, and discussed the important role of traders and how it aligns with the SFC's vision to develop markets, the opportunities and challenges in today’s markets, and the SFC’s expectations on market participants (including traders) to drive a better future.

With regard to generative artificial intelligence (AI), the SFC operates under a clear philosophy – to promote the responsible innovation and deployment of technology – to leverage technology to boost market efficiency, transparency, cost-savings and the investor experience, while at the same time safeguarding market integrity and stability.  The SFC actively encourages and supports licensed corporations to use technology responsibly to innovate, deliver better products and services, and streamline their internal processes.  To address the risks of generative AI, the SFC issued guidance in November 2024 outlining a risk-based approach, where licensed corporations are required to validate the output of generative AI models, closely monitor model performance, manage the key risks of such models, and ensure that senior management is accountable for internal controls and oversight (see our previous update).  [12 Jun 2025]  #AI

SFC urges LCs to enhance protection for clients against rising cases of SMS phishing

The SFC has issued a circular to provide licensed corporations (LCs) with guidance on appropriate measures to prevent unauthorised trading in client accounts, in light of a recent increase in attacks perpetrated by fraudsters through hyperlinks in phishing mobile text messages (commonly known as SMS phishing).

In the recent unauthorised trading incidents, the SFC suspects that, after deceiving clients into clicking on hyperlinks embedded in mobile text messages and redirecting them to websites resembling the LCs', fraudsters intercepted clients' usernames, login passwords and authentication data, thereby gaining access to the client accounts at LCs to conduct unauthorised trading.

In light of the above, the SFC expects LCs to adopt the following measures, among others, in preventing and handling unauthorised trading incidents:

• Help their clients verify the identity of text message senders and to prevent impersonation by fraudsters by signing up for the SMS Sender Registration Scheme administered by the Office of the Communications Authority (which enables registered participants to send SMS messages with the prefix '#' to help recipients verify the sender’s identity and prevent impersonation);
• Implement an effective monitoring and surveillance mechanism to identify red flags and detect unauthorised access to their clients' accounts, promptly file suspicious transaction reports to the Joint Financial Intelligence Unit, and immediately report to the SFC any material failure, error or defect in the operation or functioning of its systems or identification of suspicious transactions as required under paragraph 12.5 of the SFC's main code of conduct; and
• Raise clients' awareness by stepping up client outreach and engagement efforts, particularly if the LCs have encountered unauthorised trading incidents or are on notice that such incidents are occurring within the industry, including encouraging them to make use of Scameter and the Scameter+ mobile application.

The SFC reminds LCs that their senior management (particularly the manager-in-charge of information technology) is ultimately responsible for the identification, monitoring and mitigation of the cybersecurity risks faced by their LCs and the implementation of the regulatory expectations in relation to cybersecurity.

The Stock Exchange of Hong Kong Limited and the Hong Kong Futures Exchange Limited have issued circulars reminding exchange participants to follow the SFC's guidance in the above circular and implement appropriate measures to prevent unauthorised trading in their clients' accounts.  [6 Jun 2025]  #Cybersecurity

---

India

RBI speech on financial inclusion

The Reserve Bank of India (RBI) has published a speech by its Deputy Governor M Rajeshwar Rao on the theme of financial inclusion. Mr Rao spoke about the history of financial inclusion in India, the role of digital payments in this regard, and recent regulatory initiatives aimed at improving financial inclusion in the country. He also highlighted certain challenges that need to be addressed in order to advance financial inclusion, including in relation to grievance redressal, mis-selling and cyber safety.  [9 Jun 2025]  #Cyber

---

Philippines

BSP issues implementing rules on the Anti-Financial Account Scamming Act

​The Bangko Sentral ng Pilipinas (BSP) has released implementing rules in respect of the Anti-Financial Account Scamming Act, thereby giving effect to the Act which aims to prevent the misuse of financial accounts in fraud and scams like phishing and vishing. It also defines and penalises social engineering schemes, money mule activities, and related offenses. These include those committed using advances in technology, which were previously not covered by existing cybercrime laws in the Philippines.

The BSP has issued three circulars to implement the Act:

• The IT Risk Management Regulations which reinforce the responsibility of BSP-Supervised Institutions (BSIs) to strengthen fraud prevention and detection.
• Rules on Financial Account Inquiry and Information Sharing which outline the BSP’s authority to inquire into financial accounts linked to scams.
• ​Regulations on Temporary Holding of Disputed Funds and Coordinated Verification Process which mandate BSIs, including clearing switch operators, to implement a real-time or near-real-time automated system to track disputed transactions within one year of the regulations’ effectivity.  [11 Jun 2025]  #Cybersecurity

 

---

 

US

CFTC announces order requiring over $25m in monetary penalty and restitution in relation to digital asset fraud

The CFTC has announced that the U.S. District Court for the District of Massachusetts has entered a final default judgement against two individuals and two entities requiring them to pay, jointly and severally, a $19,326,324 civil monetary penalty and $6,442,108 in restitution to defrauded victims in connection with their role in a digital asset fraud scheme. The order also imposes a permanent injunction against the defendants and bans them from trading in any CFTC-regulated markets; entering into any transactions involving commodity interests or digital asset commodities; and registering with the CFTC.

The CFTC's release also includes details of previous CFTC enforcement action and parallel criminal action against another individual in relation to the same scheme.  [11 Jun 2025]  #DigitalAsset

SEC Chair addresses DeFi roundtable

The SEC has published the opening remarks delivered by its Chair Paul S. Atkins at the Crypto Task Force Roundtable on DeFi. Chair Atkins thanked the Division of Corporation Finance for, "clarifying its view that voluntary participation in a proof-of-work or proof-of-stake network as a 'miner,' 'validator,' or 'staking-as-a-service' provider is not within the scope of the federal securities laws." However, he observed that this alone is not sufficient, so the SEC must adopt appropriate regulation.

The SEC Chair also commented on the role of software developers and on self-executing software code, noting that attempting to apply the current "century-old" regulatory framework can stifle innovation.  [9 Jun 2025]  #Crypto #DeFi

Trade bodies write to Treasury Secretary about regulators' cybersecurity and incident response arrangements

The Bank Policy Institute, American Bankers Association (ABA), Managed Funds Association (MFA) and Securities Industry and Financial Markets Association (SIFMA) have written to Treasury Secretary Scott Bessent to highlight the importance of regulators implementing robust cybersecurity and incident response practices akin to those which are expected of financial institutions.  [9 Jun 2025]  #Cybersecurity

FSOC members discuss bank regulators' focus, U.S. leadership on digital assets

The Treasury has published the readout from the meeting of the Financial Stability Oversight Council (FSOC) in executive session which was chaired by Treasury Secretary Scott K.H. Bessent. At this meeting:

• The Fed, the Federal Deposit Insurance Corporation (FDIC), and the OCC provided an update on their efforts to enhance their supervisory and regulatory frameworks and to focus bank supervision on material financial risks. 
• Treasury staff delivered a briefing on the work of the President’s Working Group on Digital Asset Markets. The Chairs of the SEC and the Acting Chairman of the Commodity Futures Trading Commission (CFTC) also provided updates on their agencies’ recent actions and contributed to discussion of ongoing efforts to promote U.S. leadership in digital assets. [4 Jun 2025]  #DigitalAsset