FinTech Global FS Regulatory Round-up - w/e 27 September 2024

ICYMI

• More questions than answers? Thoughts on regulation of AI in the UK
• Cyber Blog – Data Centres to be classed as 'critical national infrastructure' in the UK
• Australia releases new mandatory guardrails and voluntary standards on AI – what you need to know

---

UK

FCA: Digital Sandbox Spring Expo

The FCA has updated its Digital Sandbox page to report on its inaugural Digital Sandbox Spring Expo which took place on 25 April 2024 at the FCA's London office. The Expo showcased 13 innovative projects from the Digital Sandbox service, spanning four key themes: financial inclusion; RegTech; data and enablement; and fraud detection. The complete recording of the event can be viewed on the Digital Sandbox platform.

Additionally, the FCA has announced the FCA Innovation Services Autumn Expo, which will take place on 4 November 2024 at the FCA's London office. The Expo will showcase 14 innovative projects developed through the FCA Innovation Hub services, including the Digital Sandbox, Regulatory Sandbox, and Innovation Pathways. An overview of the projects has been released. [26 Sep 2024]  #Sandbox #RegTech #Data #Fraud

FCA consults on changes to safeguarding regime for payments and e-money firms

The FCA has published Consultation Paper 24/20: Changes to the safeguarding regime for payments and e-money firms (CP24/20). CP24/20 contains proposals on rules and guidance for the interim and end state stages of the proposed safeguarding regime.

The interim rules will improve compliance with the existing safeguarding requirements set out in the Electronic Money Regulations (EMRs) and Payment Services Regulations (PSRs). The end state will replace the safeguarding requirements of the EMRs and PSRs with a client assets (CASS) style regime where relevant funds and assets are held on trust for consumers.

The aim of the proposals is to address weaknesses in the current safeguarding approach and ensure that consumer money is kept safe by:

• minimising shortfalls in safeguarded relevant funds;
• ensuring these funds are returned as cost-effectively and quickly as possible; and
• strengthening the FCA's ability to identify and intervene when firms do not meet its safeguarding expectations.

Feedback is requested by 17 December 2024. The FCA intends to publish the strengthened interim safeguarding rules for firms in H1 2025. [25 Sep 2024]  #Payments

PSR confirms decision on APP scams maximum reimbursement limit

Following a recent consultation, the Payment Systems Regulator (PSR) has confirmed that the maximum reimbursement limit for victims of Authorised Push Payment (APP) scams will be £85,000. A final Policy Statement (PS) explaining the reason for the decision will be published in the week commencing 30 September 2024.

In alignment with this decision, the Bank of England (BoE) has adopted £85,000 as the maximum reimbursement level for CHAPS, but will review this limit within 12 months. [25 Sep 2024]  #APPscams

BoE announces AI Consortium – new platform for private-public engagement

The BoE has announced that it is establishing an Artificial Intelligence (AI) Consortium to provide a platform for public-private engagement to gather input from stakeholders on the capabilities, development, deployment and use of AI in UK financial services. The Consortium's specific aims are:

• to identify how AI is or could be used in financial services;
• to discuss the benefits, risks and challenges arising from the use of AI; and
• to inform the BoE's approaches to addressing risks and challenges, and to promoting the safe adoption of AI.

Alongside the announcement, the BoE has published terms of reference for the consortium and a call for interest (CfI) for membership. Interested parties are asked to submit their applications by 8 November 2024. [25 Sep 2024]  #AI

BoE speech: The need for TRUSTED AI models

The BoE has published a speech by James Benford, Executive Director (ED) for Data and Analytics Transformation and Chief Data Officer, delivered at the Central Bank AI Conference. Mr Benford spoke about central banks' engagement with AI. He articulated the following as key messages:

• central banks are not starting from scratch, but are building on many decades of experience working with economic and financial models and, more recently, multidisciplinary AI solutions;
• as the recent developments will quickly expand the breadth and depth of the use of models, modernising how data is managed and used must be accelerated; and
• central banks need to be alive to gaps being exposed in existing frameworks given the increasing use of AI, including ongoing work to embed ethical consideration, appropriate governance, and stress testing into systems.

During his speech, Mr Benford outlined some of the proof-of-concept studies which are currently ongoing at the BoE, including one in the PRA.  This aims to use cloud AI technology, with human insights, to gain supervisory insights into vast quantities of unstructured data.

Towards the end of his remarks, Mr Benford explained that, based on initial work, the BoE has determined that believe there are several dimensions that need to be satisfied for AI models to be TRUSTED (Targeted, Reliable, Understood, Secure, stress-Tested, Ethical and Durable) to inform decision-making at scale and effectively underpin the BoE's monetary policy and financial stability remits. [25 Sep 2024]  #AI #Data #Cloud

UK Finance report: UK Payment Markets 2024

UK Finance has published UK Payment Markets 2024 which provides detailed commentary on trends in payment markets in 2023 and forecasts up to 2033. The report includes statistical tables of historic and forecast data for payments and cash acquisition between 2013 and 2033.

The total number of payments increased to 48.1b in 2023, compared to 45.7b in 2022. The number of payments made using both debit cards and credit cards increased in 2023. Further, the share of payments made using cards, which had increased to 59% of all payments during 2022, increased further to 61% of all payments in 2023. Contactless payments continued to be popular, with almost four out of ten (38%) of all payments in 2023 being made using contactless.

Around one in eight payments (12%) in 2023 were made using cash, a reduction from 14% in 2022. Cash remained the second most frequently used payment method in 2023. [24 Sep 2024]  #Payments

PSR: PS24/6 and final guidance – Distinguishing APP scams from civil disputes

The Payment Systems Regulator (PSR) has published Policy Statement 24/6: Supporting the identification of APP scams and civil disputes (PS24/6) and final guidance to help firms distinguish between authorised push payment (APP) scams and civil disputes.

The guidance sets out the core principles that payment service providers (PSPs) are expected to follow to assess whether there is an APP scam claim, including factors to consider in distinguishing between an APP scam and civil dispute. These include:

• communication and relationship between the consumer and the alleged scammer;
• the trading status of the alleged scammer;
• the alleged scammer’s capability to deliver any goods or services related to the claim;
• information held by the receiving PSP(s) about the relevant account(s); and
• use of the 'stop the clock' provision in Specific Requirement 1.

The guidance also explains that the PSR will be engaging with Pay.UK and industry on developing a detailed operational process for allocating and managing complex cases. [23 Sep 2024]  #APPscams

---

Europe

ESRB speech: Old and new frontiers – systemic risk, non-banks and data analysis

The European Systemic Risk Board (ESRB) has published the keynote by Olli Rehn, First Vice-Chair of the ESRB and Governor of the Bank of Finland, at the eighth Annual Conference of the ESRB. Mr Rehn touched on the ESRB's track record and discussed some of the key risks for EU financial stability, highlighting the geopolitical risks and the still fragile recovery of the European economy.

Mr Rehn then spoke about the review of the ESRB, setting out three priorities for the ESRB in the coming years: enhancing its analytical capacity by making better use of data and research; bringing into use new analysis methods and technologies; and focusing on the core activities.  [27 Sep 2024]  #Data

EBA: Q&As – PSD2

The European Banking Authority (EBA) has published the following questions and answers (Q&As) in relation to the Payment Services Directive (PSD2):

• revocation of the account servicing payment service provider's (ASPSP's) exemption from the contingency mechanism due to prolonged service disruption;
• criteria for selecting the operations to be included in the calculation of fraud rates for the transaction risk analysis (TRA) exemption; and
• secure corporate payment processes and protocols and inactivity time period.  [27 Sep 2024]  #Payments

ECB paper: Adopting TIBER-EU will help fulfil DORA requirements

The European Central Bank (ECB) has published a paper which outlines how the European framework for threat intelligence-based ethical red teaming – the TIBER-EU framework – can help competent authorities and financial entities fulfil the requirements around threat-led penetration testing (TLPT) as set out in the Digital Operational Resilience Act (DORA).

The TIBER-EU framework provides guidance on how authorities, financial entities, threat intelligence providers and red team testers should work together to test and improve financial entities’ cyber resilience, by carrying out controlled cyberattacks. By adopting the TIBER-EU framework, competent authorities will equip themselves and financial entities to perform sound TLPT and thereby meet the DORA requirements for such tests.  [27 Sep 2024]  #PenTesting

ECB speech: Technology as a new frontier for macroprudential policy

The European Central Bank (ECB) has published the speech by Christine Lagarde, President of the ECB and Chair of the European Systemic Risk Board (ESRB), at the eighth annual conference of the ESRB. The ECB Chair focused on the impact of technology on the financial system as well the response of macroprudential policy. She discussed the use of artificial intelligence (AI) and the opportunities and risks it poses. Ms Lagarde then spoke about the implications of technology for macroprudential policy, advising that macroprudential authorities will need to embrace technology to stay ahead of the curve. [26 Sep 2024]  #AI

EC announces that over 100 companies have signed EU AI Pact pledges

The European Commission (EC) has announced that over 100 companies make up the first signatories of the EU AI Pact and its voluntary pledges. The Pact encourages signatories to start applying the principles of the AI Act ahead of its application. The EU AI Pact voluntary pledges call on participating companies to commit to at least three core actions: having an AI governance strategy; mapping high-risk AI systems; and promoting AI literacy. More than half of the signatories have also committed to additional pledges, including ensuring human oversight, mitigating risks, and transparently labelling certain types of AI-generated content, such as deepfakes.

The AI Act entered into force on August 1, 2024. While some provisions of it are already applicable, the AI Act will be fully applicable 2 years following its entry into force, with some exceptions. [26 Sep 2024]  #AI

OJ: Commission Implementing Regulation (EU) 2024/2494 – MiCAR ITS

Commission Implementing Regulation (EU) 2024/2494 has been published in the Official Journal (OJ). The regulation lays down implementing technical standards (ITS) for the application of the Markets in Crypto Assets Regulation (MiCAR) with regard to standard forms, templates and procedures for the cooperation and exchange of information between competent authorities and European Banking Authority (EBA) and European Securities and Markets Authority (ESMA).

According to Article 2 of the Regulation, each competent authority shall designate a contact point for the purposes of cooperation and exchanging information, and shall communicate the details of such contact points to ESMA and EBA by 27November 2024.

The regulation enters into force on the twentieth day following that of its publication in the OJ. [25 Sep 2024]  #Crypto

ECB speech: The role of the digital euro

The European Central Bank (ECB) has published a speech delivered by Member of Executive Board of ECB Piero Cipollone at the Committee on Economic and Monetary Affairs (ECON) of the European Parliament (EP). Mr Cipollone highlighted the problem of foreign dominance in the European payment landscape and said this could be addressed by creating a strong European digital payments system by bringing central bank money into the digital era with the introduction of a digital euro. Mr Cipollone said he was convinced that the Single Currency Package, which would ensure that cash is widely accepted and pave the way for a digital euro, would be beneficial for European citizens as well as for banks and that it will open new opportunities for European merchants. Mr Cipollone also gave an update on the project preparation phase, explaining that it will take several years to introduce a digital euro that all banks and other providers make available to their customers, and that all merchants accept. [24 Sep 2024]  #DigitalEuro

---

Hong Kong

HKMA commences Phase 2 of e-HKD pilot programme, renamed Project e-HKD+

The HKMA has announced that it has commenced Phase 2 of the e-HKD Pilot Programme (launched in March 2024 - see our previous update) to delve deeper into innovative use cases for new forms of digital money, including e-HKD and tokenised deposits, that can potentially be used by individuals and corporates.

The project has been renamed as Project e-HKD+ to reflect the evolving fintech landscape and the HKMA’s commitment to unlocking the full potential of digital money.

Under Phase 2, 11 groups of firms from various sectors will explore innovative use cases for e-HKD and tokenised deposits across three main themes: settlement of tokenised assets, programmability, and offline payments.  The firms will also examine the commercial feasibility, within a real-world setting, of new forms of digital money that may potentially be accessible to individuals and corporates.

As with Phase 1, an e-HKD sandbox will be made available to pilot participants to accelerate their prototyping, development and testing of use cases.  The HKMA will work closely with the selected firms in the next 12 months or so, with the aim of sharing the key learnings from Phase 2 with the public by the end of 2025. 

The outcome of Phase 2 will help the HKMA understand the practical issues that may be faced in designing, implementing and operating a digital money ecosystem that comprises both publicly and privately issued digital moneys. 

The HKMA will also establish the e-HKD Industry Forum to provide a collaborative platform for participating institutions to discuss common issues and further explore the possible implementation and adoption of new forms of digital money in a scalable manner.  Under the forum, industry-led working groups will be established to make recommendations on specific topics, with an initial focus on issues related to programmability.  [23 Sep 2024]  #eHKD #Tokenisation #Payments

---

Singapore

MAS establishes international advisory panel for cyber and technology resilience

The Monetary Authority of Singapore (MAS) has announced the establishment of a Cyber and Technology Resilience Experts (CTREX) Panel. The Panel replaces MAS’ Cyber Security Advisory Panel, with an expanded mandate to cover technology resilience which, together with cybersecurity, significantly underpins the operational resilience of the financial sector.   

The Panel will advise MAS on key emerging technology risks and threats facing the financial sector, and recommend strategies and measures to enhance the technology and cyber resilience of Singapore’s financial sector.  [25 Sep 2024]  #OpRes #Cyber

---

India

RBI Governor speech: Central banking in the 21st century – changing paradigm

The Reserve Bank of India (RBI) has published a speech by its Governor Shaktikanta Das on central banking. The Governor spoke about the established paradigm of central banking at the turn of the last century and how this has evolved in light of the crisis experiences of the 21st century. He then touched on the RBI's policymaking aimed at maintaining financial stability and outlined some of the challenges that central banks will face in the 21st century, such as climate change, geopolitical disturbances, and artificial intelligence and machine learning (AI/ML).  [24 Sep 2024]  #AI #MachineLearning

---

US

SEC charges crypto companies with defrauding investors through investment program

The SEC has announced settled charges against two crypto companies for their fraudulent and unregistered sales of investment contracts involving a purported stablecoin.

According to the SEC’s complaint, one of the companies was an issuer of the purported stablecoin and the other was the developer and operator of a so-called lending protocol. The complaint alleges that from November 2020 until April 2023, the two companies engaged in the unregistered offer and sale of investment contracts. The complaint further alleges that the companies falsely marketed the investment opportunity as safe and trustworthy by claiming that the stablecoin was fully backed by U.S. dollars or equivalent, when in fact a substantial portion of the assets purportedly backing the stablecoin had been invested in a speculative and risky offshore investment fund.

Without admitting or denying the allegations, the companies have agreed to settle the SEC’s charges by consenting to the entry of final judgments enjoining them from violating applicable provisions of the federal securities laws and to pay civil penalties of $163,766 each. The SEC’s investigation is ongoing. [24 Sep 2024]  #Crypto