ICYMI
- European Commission adopts revised DORA Subcontracting RTS – a partial retreat on monitoring sub-contractors?
- China releases laws to regulate the use of facial recognition technology
Global
FSB sets up forum on cross-border payments data
The Financial Stability Board (FSB) has announced the establishment of a forum on cross-border payments data, which will work to strengthen cooperation on data-related issues in cross-border payments, such as the way data is collected, stored and managed across borders.
Working with international organisations including the Financial Action Task Force (FATF) and the Organisation for Economic Development (OECD), the forum will serve as a platform for dialogue, information exchange, and research, helping to identify and address inconsistencies in global data frameworks. An advisory body comprised of private sector representatives will also be created to provide industry perspectives and expertise to the forum. Its first meeting will be held in May 2025. [27 Mar 2025] #Payments
UK
FCA: Handbook Notice No 128
The FCA has published Handbook Notice No 128 which describes the changes to the FCA Handbook and other material made by the FCA Board under its legislative and other statutory powers. This edition includes changes to:
- increase registration fees for small payment institutions and non-crypto firms registering under the Money Laundering Regulations (MLR), clarify when a firm becomes liable to pay fees relating to the appointment of a skilled person, and introduce a new validation order (VO) application fees rules to align with the new two-stage process for VO applications; and
- disapply activity-specific requirements for a firm carrying on the core functions of a digital securities depository and related ‘category 1’ ancillary activities for the purposes of enabling the core functions of a digital securities depository in the Digital Securities Sandbox (DSS). [28 Mar 2025] #DSS #Payments
CMA: Annual plan 2025-26
The Competition and Markets Authority (CMA) has published its annual plan for 2025 to 2026, which sets out how the regulator will prioritise action to drive growth and investment whilst fulfilling its core purpose of promoting competition and protecting consumers. This will include using new powers under the Digital Markets, Competition and Consumers Act (DMCCA) to unlock opportunities for growth across the UK digital economy and the wider economy, and enhance consumer confidence by supporting business compliance and tackling poor corporate practices. [27 Mar 2025] #DigitalEconomy
NAO to review BoE RTGS renewal programme
The National Audit Office (NAO) has announced a study into whether the Bank of England (BoE) has managed the Real-Time Gross Settlement (RTGS) renewal programme effectively and efficiently to achieve a new system resilient to future developments and risks. The study will also seek to identify wider lessons for the BoE. [27 Mar 2025] #Payments
BoE: Speech – Innovating wholesale payments
The BoE has published a speech by Victoria Cleland, Executive Director for Payments, delivered at Pay 360. The speech highlighted the BoE's involvement in innovation in wholesale payments. Ms Cleland discussed the importance of modernising infrastructure, expanding access to the Real Time Gross Settlement (RTGS) service, benefitting from adopting ISO 20022 enhanced data, and engaging in experimentation. [26 Mar 2025] #Payments
Commons: Answers to written questions on cryptocurrency fraud
For HM Treasury (HMT), Economic Secretary Emma Reynolds, MP, has provided the following written responses to questions posed by Sir John Hayes, MP, on cryptocurrency fraud.
- Written response to a question on whether the Chancellor of the Exchequer will make an estimate of the amount of money lost by people in the UK to cryptocurrency fraud since 2019. The response explains that the FCA's recent consumer research publication provides indications of the levels of cryptoasset-related fraud in the UK, and that the government is proceeding with proposals to introduce a comprehensive UK financial services regulatory regime for cryptoassets.
- Written response to a question on what steps are being taken to tackle cryptocurrency fraud. The response highlights the government's commitment to updating and expanding the UK fraud strategy to tackle the full range of threats, the FCA's cryptoassets financial promotion regime (which commenced in October 2023), and the government's plans to introduce a regulatory regime for cryptoassets (the government intends to bring forward legislation as soon as possible in 2025). [25 Mar 2025] #Crypto #Fraud
Europe
EBA: Q&As – DORA, CRD
The European Banking Authority (EBA) has published questions and answers (Q&A) relating to the Digital Operational Resilience Act (DORA) and the Capital Requirements Directive (CRD) covering:
- supervisory reporting – common reporting framework (COREP);
- Part 2 - template specific instructions to template B_06.01;
- template specific instructions – primary keys;
- template specific instructions – field B_05.02.0060 (Identification code of the recipient of sub-contracted ICT services);
- template specific instructions – field B_05.01.0020 (Type of code to identify the ICT third-party service provider);
- template specific instructions – field B_04.01.0040 (Identification code of the branch);
- template specific instructions – field B_02.02.0160 (Location of management of the data);
- template specific instructions – field B_02.02.0130 (Country of the governing law of the contractual arrangement);
- template specific instructions – field B_02.02.0130 (Country of the governing law of the contractual arrangement);
- template specific instructions - field B_01.02.0060 (LEI of the direct parent undertaking of the financial entity); and
- template specific instructions – field B_01.02.0050 (Hierarchy of the financial entity within the group). [28 Mar 2025] #DORA #OpRes
EIOPA: Q&As
The European Insurance and Occupational Pensions Authority (EIOPA) has revised its answer to a question on reporting templates. It has also published a number of rejected questions including in relation to DORA and the Solvency Capital Requirement (SCR): Q&A 3289, Q&A 3276, Q&A 3262, Q&A 3226, DORA123 – 3163, and Q&A 2680. [28 Mar 2025] #DORA #OpRes
EC takes action on transposition of EU directives
The European Commission (EC) has announced that it is taking action against several Member States that have failed to notify the EC of measures they have adopted to transpose EU Directives into their national laws. Among those laws on which the EC is acting is DORA. It has decided to open infringement procedures by sending a letter of formal notice to 13 Member States for failing to fully tranpose the DORA Directive into national law by 17 January 2025. The Member States concerned will have two months to respond and to complete their transposition and notify their measures to the EC. In the absence of a satisfactory response, the EC may decide to issue a reasoned opinion. [28 Mar 2025] #DORA #OpRes
EBA: Draft technical package for reporting framework 4.1
The European Banking Authority (EBA) has published a draft technical package for version 4.1 of its reporting framework, with standard specifications to support certain reporting obligations relating to Pillar 3, the Markets in Cryptoassets Regulation (MiCAR), instant payments and ESG. The final version will be published in end-May 2025 and will include possible corrections following revisions of the technical package by various stakeholders. The EBA invites comments and suggestions in respect of the technical package by 15 April 2025. [27 Mar 2025] #Crypto #MiCAR #Payments
EIOPA: Technical advice on standard formula capital requirements for investments in cryptoassets
The European Insurance and Occupational Pensions Authority (EIOPA) has published its technical advice to the European Commission (EC) in which it proposes the introduction of a blanket 100% capital requirement across all crypto holdings, regardless of their balance sheet treatment or whether the exposure is direct or indirect.
While the Capital Requirements Regulation (CRR) and MiCAR include transitional prudential measures for cryptoassets, the EU’s regulatory framework for (re)insurers so far has lacked specific provisions on crypto assets. As a result, (re)insurers currently classify their cryptoassets without a consistent approach, raisings concerns about the risk sensitivity of these practices and the level of prudence associated with them.
The EC will now consider EIOPA’s technical advice in the review of level 2 provisions of Solvency II. [27 Mar 2025] #Crypto
ESMA: Guidelines on suitability requirements and format of periodic statement for portfolio management activities under MiCAR
The European Securities and Markets Authority (ESMA) has published guidelines on certain aspects of the suitability requirements and format of the periodic statement for portfolio management activities under MiCAR.
The objectives of the guidelines are to establish consistent, efficient and effective supervisory practices within the European system of financial supervision and to ensure the common, uniform and consistent application of the provisions in 81(1), (7), (8), (10), (11), (12) and (14) of MiCAR, as relevant.
The guidelines apply 60 calendar days from the date of their publication in all official EU languages. [26 Mar 2025] #Crypto #MiCAR
EBA: Consumer trends report
The EBA has published the 9th edition of its biennial Consumer Trends Report for 2024/25. The report has identified payment fraud, indebtedness, and unwarranted de-risking as the most important issues affecting EU consumers. Payment fraud was identified as the most significant issue, reflecting the emergence of new types of fraud, such as social engineering techniques.
Following these findings, the EBA will consider which actions to take in 2025/26 to address these issues. [26 Mar 2025] #Payments #Fraud
OJ: Regulations under MiCAR and DORA
The following regulations have been published in the OJ:
- Commission Delegated Regulation (EU) 2025/415 supplementing MiCAR with regard to regulatory technical standards (RTS) specifying adjustment of own funds requirement and minimum features of stress testing programmes of issuers of asset-referenced tokens (ARTs) or of e-money tokens (EMTs). The Regulation enters into force on the twentieth day following that of its publication in the OJ.
- Commission Delegated Regulation (EU) 2025/418 supplementing MiCAR with regard to RTS specifying the minimum content of the governance arrangements on the remuneration policy of issuers of significant ARTs or EMTs. The Regulation enters into force on the twentieth day following that of its publication in the OJ.
- Commission Delegated Regulation (EU) 2025/419 supplementing MiCAR with regard to RTS specifying the procedure and timeframe for an issuer of ARTs or of EMTs to adjust the amount of its own funds. The Regulation enters into force on the twentieth day following that of its publication in the OJ.
- Commission Delegated Regulation (EU) 2025/421 supplementing MiCAR with regard to RTS specifying the data necessary for the classification of cryptoasset white papers and the practical arrangements to ensure that such data is machine-readable. The Regulation applies from 23 December 2025.
- Commission Delegated Regulation (EU) 2025/420 supplementing the regulation on pan-European oversight framework of ICT third-party service providers designated as critical (CTPPs) under DORA, with regard to RTS to specify the criteria for determining the composition of the joint examination team ensuring a balanced participation of staff members from the European Supervisory Authorities ((ESMA, EBA and EIOPA – ESAs) and from the relevant national competent authorities (NCAs), their designation, tasks and working arrangements. The Regulation enters into force on the twentieth day following that of its publication in the OJ. [24 Mar 2025] #Crypto #MiCAR #DORA #OpRes
Hong Kong
Protection of Critical Infrastructures (Computer Systems) Ordinance gazetted, with new Commissioner's Office targeted to be established within a year
The Government has gazetted the Protection of Critical Infrastructures (Computer Systems) Ordinance, which seeks to impose statutory requirements on designated operators of critical infrastructures, to ensure they take appropriate measures to protect their computer systems and minimise the chance of essential services being disrupted or compromised due to cyberattacks.
The Bill was introduced into the Legislative Council (LegCo) for consideration in December 2024 (see our previous update and blog post) and a Bills Committee was established to consider the Bill. The LegCo passed the Bill on 19 March 2024 with some amendments – see Appendix 3 of the Bills Committee report of 10 March 2025, and a similar Bills Committee report dated 13 March 2025.
The Government aims to establish the new Commissioner’s Office within a year (first half of 2026), with critical infrastructure operators designated in phases within six months after the establishment of the Commissioner’s Office (within the second half of 2026). [28 Mar 2025] #OpRes
Singapore
MAS consults on prudential treatment of crypto exposures, Tier 1 and Tier 2 capital instruments for banks
MAS has published a consultation seeking feedback on proposed amendments to the standards relating to the regulatory framework for capital and large exposures for Singapore-incorporated banks, and the regulatory framework for liquidity for banks in Singapore.
The proposed amendments are aimed at implementing the Basel Committee on Banking Supervision (BCBS) standards relating to the prudential treatment and disclosure of cryptoasset exposures.
Responses are requested by 28 April 2025. [27 Mar 2025] #Crypto
India
SEBI: Advisory to registered intermediaries - Uploading advertisements on social media
SEBI has issued an advisory to registered intermediaries regarding the uploading of advertisements on social media platforms. This follows SEBI's observation that there has been a rapid increase in frauds related to the securities market, e.g. enticing victims with online trading courses or seminars, or giving misleading or deceptive testimonials, promises or guarantees of assured or risk-free returns.
Following consultation with social media platform providers, all registered intermediaries who upload or publish advertisements on social media platforms will be required to register on the platforms using the email IDs and mobile numbers with which they have registered on the SEBI Intermediary (SI) Portal. This will enable platform providers to carry out advertiser verification of registered intermediaries. SEBI asks all registered intermediaries to update their contact details on the SI Portal by April 30, 2025. [21 Mar 2025] #SocialMedia #Fraud
US
SEC Crypto Task Force announces four more roundtables
The SEC's Crypto Task Force has announced that it will hold four more roundtables in its ongoing series discussing crypto asset regulation. The dates and topics for each roundtable are:
- April 11, 2025 - Between a Block and a Hard Place: Tailoring Regulation for Crypto Trading
- April 25, 2025 - Know Your Custodian: Key Considerations for Crypto Custody
- May 12, 2025 – Tokenization - Moving Assets Onchain: Where TradFi and DeFi Meet
- June 6, 2025 - DeFi and the American Spirit
Each roundtable will be open to the public at SEC's headquarters and streamed live on the SEC website. [25 Mar 2025] #Crypto
CFTC: Federal Court orders recovery of nearly $2.3m for victims of an online romance scam
The Commodity Futures Trading Commission (CFTC) has announced that the U.S. District Court for the District of Arizona has issued a default judgment against a purported digital asset platform. The order finds the platform liable for fraud and for misappropriating over $2m in customers’ funds. It bans the platform from trading in any CFTC regulated markets or registering with the CFTC; the order also requires the platform to pay a $221,466 civil monetary penalty and over $2.2m in restitution.
No actual digital asset trading took place on the customers’ behalf. [21 Mar 2025] #DigitalAsset #Fraud
Rashid Ahmed
FSR & CCI Professional Support Paralegal, London
Vasuki Balasubramaniam
FSR & CCI Professional Support Paralegal, London
Disclaimer
The articles published on this website, current at the dates of publication set out above, are for reference purposes only. They do not constitute legal advice and should not be relied upon as such. Specific legal advice about your specific circumstances should always be sought separately before taking any action.