ICYMI
- Navigating data protection under the new EU AI Act
- Global Privacy Enforcement Network findings around dark patterns
- Data Wrap July 2024
UK
PSR: Response to call for views on expanding VRPs
The Payment Systems Regulator (PSR) has published a response to its December 2023 call for views (CP23/12) which set out initial proposals on how the PSR could support the Phase 1 expansion of variable recurring payments (VRPs) to regulated financial services, regulated utilities sectors, and local and central government.
The response summarises the initial proposals, addresses the feedback received from stakeholders and sets out how the PSR plans to develop these proposals further.
The PSR aims to publish updated proposals in Autumn 2024 which will explain:
- the specific rules and provisions a multilateral agreement (MLA) should include;
- which organisation the PSR thinks may be best placed to operate any such MLA;
- whether mandated participation may be required and who may be mandated to participate in Phase 1;
- plans for determining a VRP application programming interface (API) access price; and
- the costs and benefits expected from any proposed intervention. [15 Aug 2024] #Payments
FRC: DP on UK digital reporting
The Financial Reporting Council (FRC), as part of a cross-regulatory group comprising the FCA, Companies House, HM Revenue and Customs (HMRC) and the Charity Commission for England and Wales, has published a discussion paper (DP) on the future of digital reporting in the UK. The paper addresses changes in the regulatory landscape and considers the impact of the Economic Crime and Corporate Transparency Act 2023, which was passed into law in October 2023. Its key topics include:
- potential alternatives to the European Single Electronic Format (ESEF) taxonomy for UK regulated markets;
- proposed changes to structured digital reporting to support regulatory disclosure initiatives;
- considerations for mandatory assurance of digital tagging;
- the impact of 'full tagging' requirements on companies and charities; and
- strategies to support stakeholders in adapting to new digital reporting requirements.
The FRC seeks feedback on how it can continue to develop digital reporting in the UK and further enhance the benefits of digital reporting. Feedback is requested by 1 November 2024. [13 Aug 2024] #DigitalReporting
Australia
APRA shares insights on common cyber control weaknesses
The Australian Prudential Regulation Authority (APRA) has written to regulated entities (including superannuation funds, banks and private health insurance funds) to provide further insight on cyber control weaknesses. This follows on from an earlier letter on the security and adequacy of back-ups, and forms part of APRA’s supervision of cyber resilience across industry.
In the letter, APRA reinforced its expectation that all entities comply with CPS 234 on information security, and confirmed its expectation that regulated entities would review their control environment against identified common weaknesses. Highlighted weaknesses included: incomplete or inaccurate inventories of privileged accounts; unapproved privileged access to information assets; inadequate and insufficient testing coverage; inadequate oversight of security test findings; and inconsistencies or gaps in baseline levels of security configuration across IT assets. [15 Aug 2024] #Cyber
Hong Kong
HKMA and Cyberport launch GenA.I. Sandbox to promote responsible innovation
The HKMA has announced that it has launched the new Generative Artificial Intelligence Sandbox (GenA.I. Sandbox) in collaboration with the Hong Kong Cyberport Management Company Limited (Cyberport). The announcement was made at FiNETech2, the second edition of the FiNETech series.
The GenA.I. Sandbox aims to promote responsible innovation in generative artificial intelligence (AI) and will empower banks to pilot their novel generative AI use cases within a risk-managed framework, supported by essential technical assistance and targeted supervisory feedback. Details of the GenA.I. Sandbox, including the eligibility criteria and the application process, will be announced in the coming weeks. Through interactive engagement with the industry, the HKMA will draw insights from the GenA.I. Sandbox and share good practices, while keeping its guidance relevant and fit-for-purpose in the light of the latest development.
Following the inaugural FiNETech event in April 2024 (see our previous update), the 'FiNETech2 – Into the A.I. verse' edition on 13 August 2024 brought together over 300 professionals from the banking, securities, insurance, and technology sectors, and showcased innovative AI technologies and explored potential applications in risk management, anti-fraud, customer services and process re-engineering.
Ms Carmen Chu, Executive Director (Banking Supervision) of the HKMA, delivered opening remarks at FiNETech2. She noted that as systems become more sophisticated and influential, it is important to ensure their ethical development and deployment. Financial institutions must maintain dynamic yet robust guardrails that keep pace with the rapid advancements in technology and address the evolving risks associated with these innovations.
In addition to this event, a number of other initiatives have been or will be launched in the coming months, including a practical training focusing on AI adoption, a use case sharing video, and a study report on practical aspects of generative AI.
The HKMA will also organise additional editions of FiNETech, focusing on the areas of greentech and distributed ledger technology, and continue to drive tangible progress in fintech adoption by banks and other financial institutions. [13 Aug 2024] #AI #Sandbox
Singapore
MAS collaborates with banks and technology partners on quantum security
MAS has announced that it has signed a Memorandum of Understanding (MoU) with banks and technology partners to embark on quantum security collaboration and study the application of quantum key distribution (QKD) in financial services. QKD can help firms protect the exchange of cryptographic keys to address the cybersecurity threats posed by quantum computing. [14 Aug 2024] #Quantum
India
RBI Deputy Governor addresses deposit insurers on financial stability in the emerging technology landscape
The Reserve Bank of India (RBI) has published a speech by Deputy Governor Shri Swaminathan J, delivered at the International Conference of the International Association of Deposit Insurers – Asia Pacific Regional Committee (IADI-APRC). The speech focused on emerging challenges for deposit insurers and the importance of crisis preparedness in an evolving financial landscape. Among other things, the Deputy Governor covered:
- emerging technology risks, such as cybersecurity, digital payments and dependence on third parties; and
- the way forward for deposit insurance, including strengthening regulatory oversight, adopting risk-based premiums, investing in technology to accelerate the claim settlement process, and prioritising contingency planning which accounts for technology-based disruptions. [14 Aug 2024] #Cyber #OperationalResilience #Outsourcing #ThirdPartyProviders #Payments
Philippines
BSP hosts 4th IRF
The BSP Research Academy has announced that it hosted the 4th International Research Fair (IRF), with the theme 'Emerging Trends Shaping Central Bank Policy and Operations', from 30 to 31 July 2024. Keynote speeches were given by BSP Governor Eli M. Remolona, Jr. and Bilkent University Professor of Economics Refet S. Gürkaynak. Professor Gürkaynak discussed the reserves accumulation behaviour of countries. Governor Remolona stressed the importance of research to central banking and identified research topics, such as economic fragmentation, sustainability, and digitalisation that could be relevant for today's central bankers. [12 Aug 2024] #Digitalisation
Rashid Ahmed
FSR & CCI Professional Support Paralegal, London
Vasuki Balasubramaniam
FSR & CCI Professional Support Paralegal, London
Disclaimer
The articles published on this website, current at the dates of publication set out above, are for reference purposes only. They do not constitute legal advice and should not be relied upon as such. Specific legal advice about your specific circumstances should always be sought separately before taking any action.