FinTech Global FS Regulatory Round-up - w/e 16 May 2025

ICYMI

• The Future of Critical National Infrastructure Cyber Regulations: What’s Next? 
• OJK assumes regulatory oversight of digital financial assets

---

Global

IOSCO concludes 50th Annual Meeting

IOSCO has announced that it has concluded its 50th Annual Meeting. The meeting brought together all 130 member jurisdictions to discuss the most relevant issues and risks with regard to global financial markets, and how to assist regulators in implementing standards through capacity building.

Alongside the meeting, three regulatory workshops were also offered to members. These focused on sustainability disclosure for corporates, the implementation of crypto frameworks, and how to navigate private finance.

The IOSCO Board approved the publication of five Final Reports, three of which relate to IOSCO’s work concerning online retail investor protection; Finfluencers, Online Imitative Trading Practices and Digital Engagement Practices. The other two Final Reports relate to Sustainable Bonds and Liquidity Risk Management in collective investment. These Reports will be published shortly. [16 May 2025]  #Crypto #Finfluencer

---

UK

FCA: Updated cryptoassets webpage

The FCA has updated its cryptoassets webpage. The aim is to help firms to better understand the FCA's expectations, the information they need to provide, and the key areas to focus on when applying for registration under the Money Laundering Regulations (MLRs). It highlights the elements of a firm's business model and control environment that the FCA look at when assessing an application, and should be read in conjunction with the MLRs. [15 May 2025]  #Crypto

PSR: Snapshot of observations since the APP scams reimbursement requirement went live

The Payment Systems Regulator has published an article setting out its observations since the authorised push payment (APP) scams reimbursement requirement went live on 7 October 2024. The key findings from the first seven months of implementation include:

• reimbursement rates for victims are high, and vulnerable consumers are better protected;
• more payment firms are now reimbursing victims of APP scams than before;
• in terms of the rates of fraud reported, the data suggests that the volume of APP scam claims submitted by consumers was lower relative to a similar period in 2023; and
• just two per cent of total claims were rejected because the consumer standard of caution has not been met.

In terms of next steps, an independent review on the effectiveness of the policy will begin in October 2025. The PSR will continue to engage with industry stakeholders and consumer representatives on their experiences of the policy. [15 May 2025]  #APPFraud #Payments

CMORG AI taskforce: AI baseline guidance review 

The Cross-Market Operational Resilience Group (CMORG) AI taskforce has published its AI baseline guidance review. The review provides guidance on:

• the governmental and regulatory approaches taken to balance GenAI opportunity and risk, including a snapshot of emerging regulation;
• risk management principles and frameworks and their role in managing operational, reputational, and compliance risks relative to GenAI;
• technical implementation standards that firms should consider when deploying control frameworks to manage the risks associated with GenAI adoption and implementation (focusing on data protection and privacy, cyber information security, and model risk);
• third party and legal considerations arising from GenAI usage; and
• building and embedding a ‘responsible AI’ culture and on upskilling personnel to mitigate GenAI risks and threats.

CMORG is a public-private partnership run jointly between the Bank of England and UK Finance. It enhances the operational resilience of the UK financial sector through collective action and is supported by specialist industry groups. [15 May 2025]  #Cyber #AI #GenAI

FCA: AI Sprint video

The FCA has published a video covering discussion highlights from the two-day AI Sprint held in January 2025 as well as participant feedback. A transcript of the video has also been made available. [14 May 2025]  #AI

Commons: Answer to written question on APP fraud prevention

For HMT, Economic Secretary Emma Reynolds has provided a written response to a question posed by Mark Garnier, MP, on what discussions HMT has had with social media and telecommunication companies on reducing authorised push payment (APP) fraud on online platforms.

Ms Reynolds noted that, in November 2024, the Secretary of State for Science, Innovation and Technology and the Chancellor wrote to signatories of the Online Fraud Charter and the Telecommunications Fraud Sector Charter calling for technology platforms and telecoms providers to go further and faster in their efforts to tackle the fraud that exploits their services. She further confirmed that the Government will publish a fraud prevention strategy in due course, which will aim to ensure a unified and coordinated response from Government, law enforcement and industry. [13 May 2025]  #APPFraud

BoE speech on data governance

The BoE has published a speech by its Executive Director for Data and Analytics Transformation and Chief Data Officer, James Benford, on the importance of data governance. Mr Benford discussed the contribution that data governance can make across three dimensions: a data strategy to align around priorities, coherent management of data and information, and enabling innovation with AI. He spoke about how the BoE does this, and encouraged a collaborative and inclusive culture as well as a humble approach in navigating data governance. [13 May 2025]  #Data #AI

---

Europe

ECB: Amendments to TARGET Guideline postponed

The European Central Bank (ECB) has announced that the amendment to the Trans-European Automated Real-time Gross Settlement Express Transfer system (TARGET) Guideline, which would allow non-bank payment service providers (PSPs) to participate in TARGET is postponed. This decision is a result of delays in some euro area countries in transposing the required amendments to the Settlement Finality Directive (SFD) and Payment Services Directive 2 (PSD 2) into their national legislation. 

The amendment is now expected to enter into force in October 2025. [16 May 2025]  #Payments

ECON draft report – Impact of AI on the financial sector

The draft report prepared for the Committee on Economic and Monetary Affairs (ECON) of the European Parliament (EP) on the impact of AI on the financial services sector has been published. The report analyses the deployment of AI in the sector and 'regrets that the EU is lagging behind in terms of AI innovation and investment'. It provides a number of policy recommendations to enable the use of AI in financial services and clarify regulatory overlaps, including:

• calling on the European Commission (EC) to ensure clarity and guidance on how existing financial services regulations apply to the use of AI in financial services;
• warning against the adoption of new sectoral legislation to regulate AI in financial services, as there are already established sectoral rules that cover AI deployment;
• calling on the European and national supervisory authorities to support the uptake of AI by promoting consistent interpretations and avoiding overly strict application of existing regulations; and
• asking for more clarity with regard to the AI Act’s requirements for financial institutions to comply with AI literacy requirements. [16 May 2025]  #AI

EIOPA: Survey on adoption of generative AI solutions in the European insurance sector

The European Insurance and Occupational Pensions Authority (EIOPA) has launched a survey which seeks information on the adoption of generative AI solutions in the European insurance sector. To EIOPA aims to gather information about the extent to which insurance undertakings have implemented, or are planning to implement, generative AI solutions; it also seeks to understand whether (and, if so, how) these differ from their adoption of traditional AI systems and what governance and risk management measures they are taking to ensure responsible use of the technology.

The survey is being distributed to insurance companies via their national competent authorities (NCAs), but EIOPA advises that any undertaking is welcome to complete it. Responses are requested by 15 June 2025. [15 May 2025]  #AI #GenAI

IRSG advice on EIOPA’s Opinion on AI governance and risk management

EIOPA has published the Insurance and Reinsurance Stakeholder Group's (IRSG's) advice regarding EIOPA’s Opinion on AI governance and risk management.

Overall, the IRSG agrees with EIOPA's choice to issue a high-level opinion addressed to supervisors, instead of detailed guidance addressed to insurance undertakings. The group's advice also comments on the opinion in more detail. [15 May 2025]  #AI

ECB: Digital euro and the future of payments in Europe

The ECB has published a speech delivered by Piero Cipollone, Member of the Executive Board of the ECB, about the digital euro and the future of payments in Europe at the France Payments Forum.  Mr Cipollone focused on ways to future-proof the euro which should enhance the integration, competitiveness and resilience of European payments in the digital era.

With regard to the digital euro, he outlined the rationale for the shift and then discussed three challenges which the digital euro would address:

• the need to ensure the strategic autonomy and monetary sovereignty from the non-European payment providers; 
• the absence of a Europe-based international card scheme; and
• the need to improve the user experience for Europeans – there is no digital payment solution which can be used across the eurozone.

Mr Cipollone moved on to discuss the role of central bank money in shaping a European market for digital assets. He then concluded with a statement that the digital euro will ensure that Europeans have access to a secure, reliable and universally accepted digital payment solution that complements cash while reducing reliance on non-European providers. Meanwhile, in his opinion, leveraging central bank money in DLT-based transactions will foster a dynamic and unified digital asset market, driving innovation and unlocking new business opportunities across the continent. [15 May 2025]  #DigitalEuro #CBDC 

OJ: Corrigendum to RTS on DORA

A Corrigendum to Commission Delegated Regulation 2024/1774 supplementing the Digital Operational Resilience Act (DORA) with regard to regulatory technical standards (RTS) specifying ICT risk management tools, methods, processes, and policies and the simplified ICT risk management framework, has been published in the Official Journal (OJ).

The Corrigendum relates to Article 23, first subparagraph, point (d) of Commission Delegated Regulation 2024/1774; it amends the reference to Article 15 in Commission Delegated Regulation 2024/1772 to Article 8(2) in the same.  Article 8(2) concerns the criteria by which recurring incidents may be identified as 'material'. [15 May 2025]  #DORA #OpRes

AFME: Scaling DLT Capital Markets

The Association for Financial Markets in Europe (AFME) has published proposals in areas key to further scaling of distributed ledger technoilogy (DLT)-based capital markets. These include implementation proposals for the ways in which DLT-based securities could be made eligible as collateral in central bank credit operations. Both the ability to settle DLT transactions in central bank money and to use DLT-based securities as eligible collateral are key to building liquidity and attractiveness of DLT-based markets. [14 May 2025]  #DLT

---

Australia

AUSTRAC: Cointree Pty Ltd fined $75k for missing reporting deadlines

AUSTRAC has issued infringement notices totalling $75,120 to Australian-based digital currency exchange provider Cointree Pty Ltd for failing to submit suspicious matter reports (SMRs) on time, as required by the Anti-Money Laundering and Counter-Terrorism Financing Act (AML/CTF Act).

AUSTRAC CEO Brendan Thomas commended Cointree for its continued cooperation, and for self-disclosing the breaches. Cointree has committed to remediate its systems and controls to ensure it is compliant with the AML/CTF Act.

In 2024, AUSTRAC released the Money Laundering in Australia National Risk Assessment, identifying the digital currency exchange (DCE) sector as vulnerable to money laundering due to its speed, global reach, pseudonymity, and ability to facilitate funds flows to and from foreign jurisdictions with low visibility. Concerns were raised about some DCEs' capacity for and commitment to AML/CTF compliance. AUSTRAC has identified that addressing these risks is a regulatory priority in 2025.

Cointree has paid the fine in full, with AUSTRAC acknowledging that the payment does not constitute an admission of liability, and the payment concludes the matter.  [16 May 2025]  #Crypto

---

Hong Kong

HKMA Executive Director provides update on initiatives for strengthening financial crime response

At the Deloitte Financial Crime and Compliance Symposium – Cross World, Mr Raymond Chan, Executive Director (Enforcement and AML) of the HKMA, highlighted several current and upcoming initiatives to enhance the ecosystem response to meet the challenges posed by the digital evolution of criminality. 

• The HKMA is actively exploring building a payment data analytics platform which would enable it to find patterns and draw insights from payment data currently residing in the banking system, which have so far been under-utilised.  The Police is also aiming to develop a financial data analytic platform to enhance its capability to develop financial intelligence to combat increasingly sophisticated financial crimes.
• The HKMA issued a circular in September 2024 asking banks to critically assess the need to deploy artificial intelligence (AI) to ensure the continued effectiveness of their transaction monitoring systems, and report the assessment results to it by the end of March 2025 (see our previous update).  The HKMA notes that all banks with significant operations in Hong Kong (48 in total) are in favour of incorporating AI in their transaction monitoring systems.  Eighteen of these banks are already using AI to augment their transaction monitoring capability and consider that there is further scope to expand such use.  Twenty-one banks are not yet using AI for transaction monitoring but have a plan to do so in the next one to three years, so the HKMA will help them accelerate their deployment.  The other banks have not yet made a decision, but will be included as part of the HKMA's initiative to achieve more consistent levels of innovation and adoption across the sector.
• With regard to virtual assets, Hong Kong has established a strong regulatory perimeter through the SFC's licensing regime for virtual asset trading platforms and the HKMA's proposed licensing regime for fiat-referenced stablecoin issuers.  The HKMA is working with the SFC to ensure that anti-money laundering and counter financing of terrorism (AML/CFT) standards are aligned and improvements made in tandem.  The HKMA will soon publish a consultation paper on the AML/CFT requirements for the proposed stablecoin regime.  [15 May 2025]  #Payments #AI #Crypto

SFC builds regional consensus on regulatory collaboration to combat online scams at IOSCO annual meeting

At the 50th International Organization of Securities Commissions (IOSCO) annual meeting in Doha, Qatar, the SFC led Asia-Pacific securities regulators to reach an agreement on closer collaboration to combat online investment scams.

Chaired by the SFC’s Chief Executive Officer, Ms. Julia Leung, the IOSCO Asia-Pacific Regional Committee (APRC) met to discuss emerging trends and risks faced by capital markets in the region, including the prevalence of deepfake-driven online investment scams and the growing phenomenon of finfluencers. 

Representing the APRC, Ms Leung addressed IOSCO members during the Presidents Committee meeting on key regional initiatives aimed at fostering closer cooperation.  She also participated in the IOSCO-OECD roundtable, reaffirming the Asia-Pacific region’s unwavering commitment to jointly tackle online scams.  [15 May 2025] #AI #Deepfake

 

---

Thailand

BoT announces joint project to promote responsible provision of financial promotions by finfluencers

The Bank of Thailand (BoT), the Securities and Exchange Commission (SEC) and the Office of the Insurance Commission (OIC) have jointly launched the 'Responsible Voices for Finfluencers' project. The project aims to provide finfluencers in the financial, investment and insurance sectors with the requisite knowledge and ability to disseminate information appropriately to followers.  [9 May 2025]  #Finfluencer #SocialMedia

 

---

India

IFSCA consults on draft TechFin regulations

The International Financial Services Centres Authority (IFSCA) has published for consultation its draft TechFin and Ancillary Services Regulations. These regulations aim to put in place a regulatory framework for TechFins and Ancillary Services Providers for making arrangements for carrying on any of the financial services specified under clause (e) of subsection (1) of Section 3 of the IFSCA Act, 2019. Responses to the consultation are requested by 1 June 2025.  [9 May 2025] #TechFin