Follow us

In this regular update, we round-up FinTech-related financial services regulatory developments for the week ending 17 March 2023.

ICYMI

Recent updates from Herbert Smith Freehills include:

 

Global

FATF: Report on countering ransomware financing 

The Financial Action Task Force (FATF) has published a report on countering ransomware financing. The report analyses the methods that criminals use to carry out their ransomware attacks and how payments are made and laundered. It explains that criminals are almost exclusively using crypto or virtual assets, and have easy access to virtual asset service providers (VASPs) around the world.

The report proposes a number of actions that countries can take to more effectively disrupt ransomware-related money laundering. This includes: building on and leveraging existing international cooperation mechanisms; developing the necessary skills and tools to quickly collect key information, trace the nearly instantaneous financial transactions and recover virtual assets before they dissipate; and extending collaboration beyond traditional counterparts to include cyber-security and data protection agencies. [15 Mar 2023]

#Ransomware
#Crypto#VASPs

 

UK

FCA: Updated webpage on cryptoassets AML / CFT regime

The FCA has updated its webpage on anti-money laundering and countering the financing of terrorism (AML/CFT) regime for cryptoassets. The update explains that if an individual is acquiring or increasing control over an FCA-registered cryptoasset firm – so that they become a beneficial owner within the meaning of Regulation 5 or Regulation 6 of the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 (MLRs) – then they must submit a change in control notification and await FCA approval before completing the transaction. [17 Mar 2023]

#Cryptoassets

#AML/CFT

FCA: Portfolio letter to payments firms

The FCA has published a template version of its portfolio letter to the CEOs of firms in the payments portfolio. The letter explains the regulator's expectations and priorities, and sets out three outcomes which the FCA is seeking for payments firms:

  • that customers’ money is safe;
  • that financial system integrity is not compromised; and
  • that customers’ needs are met, including through high quality products and services, competition and innovation, and robust implementation of the FCA Consumer Duty.

Within each of these outcomes, the FCA has set specific priorities and actions for payment firms. The letter also highlights the FCA's cross-cutting priorities which include: governance and leadership, including the oversight of agents and distributors; operational resilience; regulatory reporting; the FCA's approach to authorisation ('the gateway'); changes in control; environmental, social and governance (ESG); and diversity and inclusion (D&I).

The letter should be considered by firms' boards and/or executive committees. The FCA will expect firms to be able to explain to it the actions they have taken in response to this letter. [16 Mar 2023]

#payments

#openbanking

#technology

HMT: Spring Budget 2023 speech and associated documents 

HM Treasury (HMT) has published the Chancellor's Budget speech and associated documents, including: Policy CostingsPolicy DecisionsMeasures announced at Autumn Statement 2022 or earlier that will take effect from April 2023 or later.

Among the associated documents are the report of Sir Patrick Vallance's review on  pro-innovation regulation for digital technologies and HM Government's (HMG's) response. The advice given focuses on specific challenges for artificial intelligence (AI) and data, as well as short-term actions to address regulatory barriers for autonomous vehicles, drones, cyber security, and space and satellite technologies. Sir Patrick's report makes recommendations in three broad areas:

  • supporting a step-change in the UK’s regulatory approach to AI;
  • facilitating greater industry access to public data to help deliver on HMG's public services transformation programme and address pressing societal challenges; and
  • ensuring regulators focus on innovation in autonomous vehicles, drones, cyber security, and space and satellite technologies.

The advice complements recent reviews including HMG's Plan for Digital Regulation, Digital Strategy and the report of the independent Taskforce on Innovation, Growth and Regulatory Reform. The recommendations will support forthcoming policy including through the AI White Paper and the Emerging Technologies Regulation Review.

HMG's response accepts Sir Patrick’s recommendations and sets out how these will be implemented.  In particular, the response notes the concurrent publication of HMG's National Quantum Strategy. [15 Mar 2023]

#AI

#CyberSecurity

DSIT: National Quantum Strategy

The Department for Science, Innovation and Technology (DSIT) has published the National Quantum Strategy. The policy paper sets out HMG's vision for the UK to be a leading quantum-enabled economy by 2033 and commits £2.5 billion to the development of quantum technologies in the UK over ten years from 2024. [15 Mar 2023]

#Quantum 
BoE: Implementing ISO 20022 - new webpage

The Bank of England (BoE) has published a new webpage on implementing ISO 20022, the global payments messaging standard, within  Clearing House Automated Payment System (CHAPS) and Real-Time Gross Settlement (RTGS). The webpage explains the new messaging standard, highlights key delivery dates, and provides links to key resources. [15 Mar 2023]

#payments
MoJ: Report on eSignatures

The Ministry of Justice (MoJ) has published the final report of the expert Industry Working Group on electronic execution of documents documents – eSignatures. The report completes the objective of the Industry Working Group to promote and facilitate the electronic execution of documents by matching appropriate solutions to the requirements of parties and to the problems they might face. It addresses the challenges arising from the use of electronic signatures in cross-border transactions and how best to use eSignatures to optimise their benefits when set against the risk of fraud. The report also sets out the Industry Working Group’s recommendations for reform including with regard to enhanced certification and self-certification, and a uniformity of approach to e-signing and online identification. [15 Mar 2023]

#eSignatures
TSC hearing with the FCA Chair and CEO

The Treasury Committee (TSC) has published the transcript of its evidence session with the FCA's leadership on 8 March.  The TSC heard from FCA Chair Ashley Alder and CEO Nikhil Rathi on a variety of topics, including on cryptoassets regulation and the letter which the Committee received from former FCA Chair Charles Randell which argues 'that speculative crypto is gambling'. [15 Mar 2023]

#cryptoassets
SI: The Amendments of the Law (Resolution of Silicon Valley Bank UK Limited) Order 2023

The Amendments of the Law (Resolution of Silicon Valley Bank UK Limited) Order 2023 has been published (along with an explanatory memorandum). The statutory instrument (SI) made certain amendments to the law to enable powers under Part 1 of the Banking Act 2009 to be used effectively in connection with the sale of Silicon Valley Bank UK Limited to HSBC UK Bank plc. The Order entered into force on 13 March 2023. [14 Mar 2023]

#SVB
HMT/BoE/FCA: SVBUK sold to HSBC UK Plc

HM Treasury (HMT) has published a statement confirming that Silicon Valley Bank UK Limited (SVBUK), the UK subsidiary of the US bank, has been sold to HSBC UK Bank Plc (HSBC). The BoE and FCA have also issued statements regarding the sale. The BoE statement comments that, 'This action has been taken to stabilise SVBUK, ensuring the continuity of banking services, minimising disruption to the UK technology sector and supporting confidence in the financial system.' The Economic Secretary has written to the Chair of the Treasury Select Committee, Harriett Baldwin, to advise her of the arrangements for SVBUK. [13 Mar 2023]

#SVB

 

Hong Kong

HKMA announces publication of report 'Cross-boundary Payment and Settlement Systems in the Greater Bay Area: Current Practices and Recent Developments' by HKIMR

The HKMA has announced the issue of a new research report, titled 'Cross-boundary Payment and Settlement Systems in the Greater Bay Area: Current Practices and Recent Developments' by the Hong Kong Institute for Monetary and Financial Research (HKIMR), the research arm of the Hong Kong Academy of Finance.

The report studies the current status of cross-boundary payments and settlements within the Guangdong-Hong Kong-Macao Greater Bay Area (GBA) and provides an overview of the recent development of Hong Kong’s financial market infrastructure and business opportunities in the GBA.  Some of the findings and observations include:

  • Development of a set of multi-currency and multi-dimensional payment and settlement systems connected with the financial market infrastructures of other GBA cities to support cross-boundary financial services. For example, a cross-boundary electronic bill payment service which allows customers in Hong Kong to make bill payments to merchants in Guangzhou;
  • Adoption of emerging technologies to enhance the financial market infrastructure and strengthen financial integration within the GBA. For example, blockchain, artificial intelligence /Big Data  technologies, digital identity technologies, electronic wallets and data-sharing techniques;
  • Results of a survey and interviews commissioned by the HKIMR, which investigates market participants’ current practices and challenges associated with cross-boundary payment and settlement systems in the GBA. Over 90% of the surveyed financial institutions in Hong Kong highlighted the importance of cross-boundary payment and settlement channels within their GBA outreach activities; and
  • The report also provides some preliminary considerations on facilitating cross-boundary payments and settlements. For example, improving the functionality of payment and settlement infrastructures, promoting the adoption of emerging technologies, and encouraging the implementation of data-sharing arrangements.  [14 Mar 2023]
 #payments

#settlements

#blockchain

#AI

#BigData

 

Thailand

SECT: Public hearing on proposed regulations on offering sustainability-themed bonds via crowdfunding and private placement

The Securities and Exchange Commission Thailand (SECT) is seeking comments on proposed amendments related to issuance and offer for sale of sustainability-themed bonds that would enable SMEs and startups in Thailand to issue and offer such securities through crowdfunding and private placement (PP-10) channels. The amendments also aim to support the offering of sustainability-themed bonds through convertible debentures by private limited companies (PP-SME). This will open up funding opportunities for SMEs, startups and businesses of all sizes, and allow them to participate in sustainable development. Finally, the proposed amendments include revisions to the information disclosure rules pertaining to sustainability-themed bonds as well as sustainability issues before and after the offering in line with international standards.

The public hearing closes on 17 April 2023. [16 Mar 2023]

#Crowdfunding

 

India

RBI and Central Bank of the UAE sign MoU to promote innovation in financial products and services

The Reserve Bank of India (RBI) and the Central Bank of the United Arab Emirates (CBUAE) have signed a memorandum of understanding (MoU) to enhance cooperation and jointly enable innovation in financial products and services.

Under the MoU, the two central banks will collaborate on various emerging areas of FinTech, especially central bank digital currencies (CBDCs) and explore interoperability between the CBDCs of CBUAE and RBI. CBUAE and RBI will jointly conduct proof-of-concept (PoC) and pilot(s) of bilateral CBDC bridge to facilitate cross-border CBDC transactions of remittances and trade. This bilateral engagement of testing cross-border use case of CBDCs is expected to reduce costs, increase efficiency of cross border transactions and further the economic ties between India and UAE. The MoU also provides for technical collaboration and knowledge sharing on matters related to Fintech and financial products and services. [15 Mar 2023]

#Innovation

#CBDCs

RBI: Speech on innovation, inclusion and regulation within fintech

The RBI has published a speech delivered by its Deputy Governor, Shri M. Rajeshwar Rao, on innovation, inclusion and regulation within fintech. The Deputy Governor spoke about: the current fintech environment; the risks and benefits of fintech; financial inclusion; and approaches to the regulation of fintech.[10 Mar 2023]

#FinTech
SEBI circular: Clarification with respect to QRTAs – Cyber framework

SEBI has issued a circular to provide clarification with respect to qualified registrars to an issue and share transfer agents (QRTAs) with reference to SEBI's 8 September 2017 circular on Cyber Security and Cyber Resilience Framework for RTAs.  The circular address the categorisation of an RTA as a QRTA, the period for which an RTA shall be recognised as a QRTA, and initial relaxation. The circular has immediate effect.  [10 Mar 2023]

#CyberSecurity 
RBI: Speech on digital payments

The RBI has published a speech delivered by its Governor, Shri Shaktikanta Das, on digital payments. The Governor spoke about the existing payments ecosystem and the work that the RBI is undertaking to digitalise this. He also highlighted the need to ensure awareness and inclusion when rolling out digital payments initiatives. [6 Mar 2023]

#DigitalPayments 

 

Philippines

BSP: Launch of Paleng-QR Ph Plus

​Bangko Sentral ng Pilipinas (BSP) has announced that Bacolod City launched the Paleng-QR Ph Plus at the Libertad Public Market, drawing the participation of over 1,800 market vendors and 1,100 public utility vehicle (PUV) drivers to accept digital payments. Through the program, customers can pay for goods and services by using their smartphones to scan merchants’ and PUV drivers’ QR codes. The launch was led by Bangko Sentral ng Pilipinas (BSP) Deputy Governor Bernadette Romulo-Puyat, Bacolod City Mayor Alfredo B. Benitez, City Councilor Celia Matea R. Flor, and financial service providers who assisted program participants in opening transaction accounts and printing QR codes. Bacolod is the third local government unit in the Visayas and the seventh in the Philippines to officially launch Paleng-QR Ph Plus. [13 Mar 2023]

#QRcodes

 

Vietnam

SBV publishes plan for development of population database, personal identification and eKYC for national digital transformation

The State Bank of Vietnam (SBV) has issued Decision No. 264/QD-NHNN on the banking sector’s plan for the implementation of Decision No. 06/QD-TTg, issued by the Prime Minister, on developing the applications of the population database, the personal identification and electronic know your customer (eKYC) for the national digital transformation for the 2021-2025 period and the vision to 2030. The plan focuses on the following five objectives.

  • First, improving the legal frameworks, including developing the SBV Governor’s Directive requesting the entities of the banking sector to accelerate the implementation of Scheme 06; coordinate with the relevant Ministries and agencies to revise and improve the draft Decree on cashless payment to be submitted to the Government for promulgation; develop a Circular providing guidance for the implementation of the Decree on cashless payment; review and develop relevant plans for amending and supplementing the legal documents in order to simplify the procedures, the dossiers and the paperwork, the declared information, and to share the data for online public services.
  • Second, connecting the national population database, the personal identification, eKYC for the benefit of the public services and the SBV’s professional operations, such as the integration with the SBV’s public services; the connection and the exploitation of the national population database for the benefit of the state management on anti-money laundering; the development and connection of a national database of state officials and civil servants working in state agencies.
  • Third, connecting the national population database, the personal identification and eKYC for the benefit of the socio-economic development, such as the application of citizen authentication via chip-based ID cards and elDs when providing banking services; the connection and exploitation of the national population database in support of the banking operations.
  • Fourth, enhancing non-cash payments in making payment to the beneficiaries/recipients of benefits from the state budget.
  • Fifth, continuing to enhance the communication on the implementation and the results from the implementation of Scheme 06. [13 Mar 2023]
#Digital
#Payments#Innovation

 

US

SEC proposes new requirements to address cybersecurity risks to the US securities markets

The Securities and Exchange Commission (SEC) has proposed requirements for broker-dealers, clearing agencies, major security-based swap participants, the Municipal Securities Rulemaking Board, national securities associations, national securities exchanges, security-based swap data repositories, security-based swap dealers, and transfer agents (collectively, “Market Entities”) to address their cybersecurity risks.

The proposal would require all Market Entities to implement policies and procedures that are reasonably designed to address their cybersecurity risks and, at least annually, review and assess the design and effectiveness of their cybersecurity policies and procedures, including whether they reflect changes in cybersecurity risk over the time period covered by the review. The proposal – through new notification requirements applicable to all Market Entities and additional reporting requirements applicable to Market Entities other than certain types of small broker-dealers (collectively, “Covered Entities”) – would improve the SEC’s ability to obtain information about significant cybersecurity incidents affecting these entities. Further, new public disclosure requirements for Covered Entities would improve transparency about the cybersecurity risks that can cause adverse impacts to the US securities markets.

The proposing release will be published in the Federal Register. The public comment period will remain open until 60 days after the date of publication of the proposing release in the Federal Register. [15 Mar 2023]

#CyberSecurity
DoJ investigation leads to takedown of darknet cryptocurrency mixer that processed over $3 billion of unlawful transactions

The DoJ has announced a coordinated international takedown of a darknet cryptocurrency “mixing” service responsible for laundering more than $3 billion worth of cryptocurrency, between 2017 and the present, in furtherance of, among other activities, ransomware, darknet market, fraud, cryptocurrency heists and other hacking schemes. The operation involved US federal law enforcement’s court-authorized seizure of two domains that directed users to the defendant service and one Github account, as well as the German Federal Criminal Police’s seizure of the defendant’s back-end servers and more than $46 million in cryptocurrency.

Coinciding with the takedown efforts, an individual, of Hanoi, Vietnam, was charged in Philadelphia with money laundering, operating an unlicensed money transmitting business and identity theft, connected to the operation of the company. [15 Mar 2023]

#Cryptocurrency 
FDIC acts to protect all depositors of Silicon Valley Bank

The Federal Deposit Insurance Corporation (FDIC) has transferred all deposits – both insured and uninsured – and substantially all assets of Silicon Valley Bank, to a newly created, full-service FDIC-operated bridge bank in an action designed to protect all depositors of the bank.

Depositors and borrowers will automatically become customers of the bridge bank and will have customer service and access to their funds by ATM, debit cards, and writing checks in the same manner as before. The bank’s official checks will continue to clear. Loan customers should continue making loan payments as usual.

The bank was closed by the California Department of Financial Protection and Innovation on 10 March 2023, and the FDIC was appointed receiver.

The transfer of all the deposits was completed under the systemic risk exception. All depositors of the institution will be made whole. No losses associated with the resolution of the bank will be borne by taxpayers. Shareholders and certain unsecured debt holders will not be protected. Senior management has also been removed. Any losses to the Deposit Insurance Fund (DIF) to support uninsured depositors will be recovered by a special assessment on banks, as required by law. The receiver for the bank has also transferred all Qualified Financial Contracts (as defined in 12 USC 1821(e)) of the failed bank to the bridge bank. [13 Mar 2023]

#SVB
FDIC establishes a successor to Signature Bank NY

The FDIC has announced that Signature Bank, New York has been closed by the New York State Department of Financial Services (NYDFS), with the FDIC appointed as receiver. To protect depositors, the FDIC transferred all the deposits and substantially all of the assets of the bank to a full-service bank that will be operated by the FDIC as it markets the institution to potential bidders.

The bank had 40 branches across the country in New York, California, Connecticut, North Carolina, and Nevada. Banking activities will resume 13 March 2023, including on-line banking. Depositors and borrowers will automatically become customers of the bridge bank, and will continue to have uninterrupted customer service and access to their funds by ATM, debit cards, and writing checks in the same manner as before. The bank’s official checks will continue to clear. Loan customers should continue making loan payments as usual.

The transfer of all the deposits was completed under the systemic risk exception approved earlier today. All depositors of the institution will be made whole. No losses will be borne by the taxpayers. Shareholders and certain unsecured debt holders will not be protected. Senior management has also been removed. Any losses to the DIF to support uninsured depositors will be recovered by a special assessment on banks, as required by law. [12 Mar 2023]

#SignatureBank
SEC charges software company for misleading disclosures about ransomware attack that impacted charitable donors

The SEC has announced that a South Carolina-based public company that provides donor data management software to non-profit organizations, agreed to pay $3 million to settle charges for making misleading disclosures about a 2020 ransomware attack that impacted more than 13,000 customers.

The SEC’s order finds that, on 16 July 2020, the company announced that the ransomware attacker did not access donor bank account information or social security numbers. Within days of these statements, however, the company’s technology and customer relations personnel learned that the attacker had in fact accessed and exfiltrated this sensitive information. These employees did not communicate this information to senior management responsible for its public disclosure because the company failed to maintain disclosure controls and procedures. Due to this failure, in August 2020, the company filed a quarterly report with the SEC that omitted this material information about the scope of the attack and misleadingly characterized the risk of an attacker obtaining such sensitive donor information as hypothetical. [9 Mar 2023]

#Ransomeware 
New York Attorney General continues crackdown on unregistered cryptocurrency platforms

New York Attorney General Letitia James has continued with efforts to crack down on unregistered cryptocurrency platforms by filing a lawsuit against a cryptocurrency platform  for failing to register as a securities and commodities broker-dealer and falsely representing itself as an exchange. The Office of the Attorney General (OAG) was able to buy and sell cryptocurrencies on the platform in New York even though the company is not registered in the state. Through this enforcement action, Attorney General James seeks to stop the platform from operating in New York and to block access to its website until it complies with the law. [9 Mar 2023]

#Cryptocurrency 

 

 

Ukraine-related sanctions information

Regular updates on sanctions and other developments that may impact businesses with interests or operations in Ukraine and/or Russia are available on our FSR and Corporate Crime Notes blog here.

 

 

Karen Anderson photo

Karen Anderson

Consultant, London

Karen Anderson
Cat Dankos photo

Cat Dankos

Regulatory Consultant, London

Cat Dankos

Key contacts

Karen Anderson photo

Karen Anderson

Consultant, London

Karen Anderson
Cat Dankos photo

Cat Dankos

Regulatory Consultant, London

Cat Dankos
Karen Anderson Cat Dankos