Follow us

Follow us

ICYMI

Global

BIS Innovation Hub launches project on improving cross-border payments using central bank money settlement

The Bank for International Settlements (BIS) Innovation Hub has announced the launch of Project Rialto which will explore how instant cross-border payments could be improved using a modular foreign exchange (FX) component combined with settlement in tokenised wholesale central bank money.

The project's goal is to develop a proof of concept to demonstrate the technical feasibility of retail cross-border payments using interlinked instant payment systems together with an automated FX wholesale conversion layer that allows the use of central bank money as a safe settlement asset.

An interim report has also been published which outlines the main features and challenges in the retail cross-border payments market, and identifies the main policy and technical aspects to be considered in Project Rialto. Details of the proof of concept, as well as findings from the experiment, will be described in the final project report. [13 Feb 2025]  #Payments

UK

HoC: CfE on Data (Use and Access) Bill

The House of Commons (HoC) Public Bill Committee has published a call for evidence (CfE) on the Data (Use and Access) Bill. The Bill had its second reading on 12 February 2025 and is comprised of seven parts. Part 1 covers access to customer and business data and aims to enable 'smart data' to be used in sectors other than its current use in open banking in the finance sector.

The Committee will meet for the first time on 4 March 2025 to consider the Bill and is expected to report by 18 March 2025. When the Committee concludes its consideration of the Bill it is no longer able to receive written evidence and it can conclude earlier than the deadline of 5pm on 18 March 2025. As such, interested parties are advised to submit their written evidence as soon as possible.  [14 Feb 2025]  #SmartData #OpenFinance

FCA AI research series: Analysis of pricing differences by demographic characteristics in the mortgage market

The FCA has published a research note, as part of its AI research series, on the potential for pricing differences by demographic characteristics in the mortgages market. The paper analyses whether there are differences in the prices paid for mortgage products by four demographic characteristics: ethnicity, sex, sexual orientation and having a health condition (as a characteristic of vulnerability).

The FCA observed no difference in mortgage pricing across different demographic groups from this research. Instead, it found that groups appear to have different types of mortgage products, but it was unclear what was driving this difference. As such, the FCA says that it cannot conclude that there are no issues with 'demand fairness' around the availability of products to different groups.

Research notes may not necessarily represent the position of the FCA, but they are one source of evidence that the FCA may use while discharging its functions and to inform its views. [13 Feb 2025]  #AI

PSR: Next steps to APP scams reimbursement claims management system

The Payment Systems Regulator (PSR) has published a thought piece by its Head of Policy Kate Fitzgerald on the implementation of the authorised push payment (APP) scams requirements and on next steps.

The PSR plans to publish in April 2025 a consultation on whether to put in place regulatory requirements for Pay.UK’s reimbursement claims management system (RCMS) for the purpose of APP scam claim management and data reporting. The regulator anticipates that the earliest possible date for any requirements to come into effect is likely to be late 2025. [12 Feb 2025]  #APPFraud #Payments

Europe

OJ publications – MICAR

The following delegated legislation relating to the Markets In Cryptoassets Regulation (MICAR) has been published in the Official Journal of the EU (OJ):

ECB updates TIBER-EU framework to ensure consistency with DORA

The ECB has announced that updates have been made to its European framework for threat intelligence-based ethical red-teaming (TIBER-EU framework) to align it with the RTS of the Digital Operational Resilience Act (DORA) on threat-led penetration testing. The updates include:

  • incorporating the strict timelines which have been introduced by the DORA RTS for completing deliverables;
  • specifying purple-teaming as mandatory;
  •  terminology changes to be consistent with DORA;
  •  changes to documents which accompany the main framework;
  • advice on how to assess the quality of a provider; and
  • moving away from the requirement for authorities that want to implement TIBER-EU to publish a full national implementation guide. [12 Feb 2025]  #DORA #OpRes

EIOPA consults on AI governance and risk management

EIOPA has published a consultation on its opinion on AI governance and risk management. The sets high-level supervisory expectations towards the governance and risk-management principles that insurance undertakings should apply to ensure a responsible use of AI systems adapted to specific use cases. These principles include:

  • applying a risk-based and proportional approach throughout the AI system's lifecycle;
  •  acting based on fairness and ethical principles, in the best interest of consumers;
  • clearly defining the roles and responsibilities of relevant staff;
  • being able to meaningfully explain the outcomes of AI systems;
  •  implementing sound data governance policies; and
  •  maintaining adequate and orderly documentation and records.

The opinion applies to those AI systems that are not considered as prohibited AI practices or high-risk under the Artificial Intelligence Act.

Responses to the consultation are requested by 12 May 2025. [12 Feb 2025]  #AI 

EBA amends Guidelines on ICT and security risk management measures to reflect DORA

The EBA has published its Final Report on amendments to its guidelines on ICT and security risk management measures. The EBA has narrowed down the scope of its existing Guidelines due to the application of harmonised ICT risk management requirements under DORA from 17 January 2025.  In particular, the EBA has narrowed down:

  •  the entity scope of the Guidelines to only those that are covered by DORA, namely credit institutions, payment institutions, account information service providers, exempted payment institutions and exempted e-money institutions; and
  •  the scope of the Guidelines to the requirements on relationship management of the payment service users in relation to the provision of payment services.

The EBA notes that security and operational risk management requirements under the Payment Services Directive (PSD2), which are applicable since March 2018, continue to apply to other types of payment service providers (PSPs), such as post-office giro institutions and credit unions, that are not covered by DORA. There may also be additional national requirements which apply.

The amended Guidelines will apply within two months of the publication of the translated versions. [11 Feb 2025]  #DORA #OpRes

EC: Guidelines on AI system definition

The EC has published non-binding guidelines on AI system definition to facilitate the first AI Act's rules application. The guidelines explain the practical application of the legal concept, as anchored in the AI Act. They are designed to evolve over time and will be updated as necessary, in particular in light of practical experiences, new questions and use cases that arise. 

As of 2 February 2025, the first rules under the AI Act apply. These include the AI system definition, AI literacy, and a limited number of prohibited AI use cases that pose unacceptable risks in the EU. [10 Feb 2025]  #AI

Australia

Scams Prevention Framework Bill Passed

The Scams Prevention Framework Bill passed both Houses of Parliament on 13 February 2025. The Bill establishes a scams prevention framework under which service providers in selected industries (such as banking and telecommunications) are required to combat scams relating to their services. The commencement date will be the day after the Act receives Royal Assent.  [13 Feb 2025]  #SPF

ASIC publishes financial advice update

ASIC has released an update with a round-up of regulatory developments and issues relating to financial advice, including on the adoption of AI by licensees. ASIC is urging licensees to ensure their governance practices are keeping up with the rapid (and growing) adoption of AI. [12 Feb 2025]  #AI

 

Hong Kong

SFC convenes inaugural Virtual Asset Consultative Panel meeting

The SFC has convened the inaugural meeting of the Virtual Asset Consultative Panel for licensed virtual asset trading platforms (VATP), which is chaired by the SFC’s Executive Director of Intermediaries, Dr Eric Yip, and comprises all licensed VATPs represented by members of their senior management. 

At the Hong Kong Fintech Week in October 2024, Dr Yip announced plans to form a consultative panel and launch the panel in early 2025 (see our previous update).  The panel will provide invaluable contribution to the SFC’s formulation of regulatory policy to further facilitate the development of a sustainable and resilient virtual asset ecosystem.  It will identify the policy priorities, paving way for market and regulatory developments backed by investor safeguards.  [14 Feb 2025]  #VirtualAsset

HKMA launches industry consultation on certain miscellaneous amendments to Banking (Capital) Rules, seeking feedback by 7 March 2025

The HKMA has issued a letter to The Hong Kong Association of Banks and The DTC Association to consult the industry on certain miscellaneous amendments to the Banking (Capital) Rules.  This follows an earlier consultation on the prudential treatment of cryptoasset exposures held by authorised institutions which closed on 20 February 2025 (see our previous update).  Feedback on the miscellaneous amendments is required to be submitted by 7 March 2025.

The proposed amendments mainly cover:

  • The revised capital treatment for authorised institutions' direct holdings of certain non-capital loss-absorbing capacity liabilities; and
  • Revisions to certain definitions and provisions to enhance clarity and align with the Basel Framework or within the Banking (Capital) Rules.

The HKMA intends to implement the amendments concurrently with those relating to the prudential treatment of cryptoasset exposures, with an effective date of 1 January 2026.  [11 Feb 2025]  #Crypto

 

Singapore

MAS and ABS to establish new payments entity – positioning national payment schemes for the future

In a joint release, MAS and the Association of Banks in Singapore (ABS) have announced that a new entity will be set up to consolidate the administration and governance of Singapore’s national payment schemes in order to position these schemes for the next stage of growth. The entity will also collaborate with MAS on the development of Singapore’s national payments strategy, aiming to ensure 'a safe, efficient and innovative payments infrastructure'.

The new entity will be governed by senior representatives from MAS and the financial services industry. Further details on the entity name, governance structure and board composition will be announced later in 2025.  [12 Feb 2025]  #Payments

 

Indonesia

Revamp of the Whitelist of crypto assets eligible for trading

The Indonesia Commodity Futures Trading Regulatory Agency (Bappebti) has issued Bappebti Regulation No. 1 of 2025 (Regulation 1/2025, in Indonesian language) as the third amendment to Bappebti Regulation No. 11 of 2022 on the Stipulation of List of Crypto Assets Traded on Crypto Assets Physical Market which was previously amended by (i) Bappebti Regulation 4 of 2023; and (ii) Bappebti Regulation 2 of 2024 (Regulation 11/2022, in Indonesian language).

Regulation 1/2025 revamps the list of crypto assets eligible for trading on the crypto assets physical market (the Whitelist) to meet market needs and provide legal certainty and protection for crypto transactions in Indonesia. Previously, Bappebti Regulation 11/2022 covered 545 crypto assets in the Whitelist. The Whitelist now officially includes the additional 851 crypto assets by the issuance of Regulation 1/2025.

Regulation 1/2025 was issued on 9 January 2025, a day before the regulation and supervision authority of crypto assets were effectively transferred from Bappebti to Indonesia Financial Services Authority (OJK) as regulated under OJK Regulation No.27 of 2024 on the Trading Operation of Digital Financial Assets including Crypto Assets (Regulation 27/2024, in Indonesian language). While Regulation 27/2024 has been in effect since 10 January 2025, the transitional provisions therein expressly provide that the Whitelist published by Bappebti remains valid until the OJK licensed exchange publishes a new list of crypto assets eligible for trading. This new list is expected to be published by April 2025. [14 Feb 2025]  #Crypto

US

CFTC OCEO joins forces with multiple agencies to launch scam awareness campaign

In coordination with multiple federal, state, and nonprofit organizations, the Office of Customer Education and Outreach (OCEO) at the Commodity Futures Trading Commission (CFTC) has launched a national awareness effort to alert the public to relationship investment scams targeting Americans through wrong-numbered texts, dating apps, and social media. Over the coming weeks, the interagency 'Dating or Defrauding?' social media awareness campaign will warn people to be skeptical of any request from online friends for cryptocurrency, gift cards, wire transfers, or other forms of payment.  [10 Feb 2025]  #Scam #Crypto #SocialMedia

CFTC announces crypto CEO Forum

The CFTC has announced that it will hold a CEO Forum of industry-leading firms to discuss the launch of the CFTC’s digital asset markets pilot program for tokenized non-cash collateral such as stablecoins.  [7 Feb 2025]   #Crypto

FDIC Acting Chair writes to FinCEN to express support for flexibility with respect to CIP requirements

The Acting Chair of the Federal Deposit Insurance Corporation (FDIC), Travis Hill, has written to the Financial Crimes Enforcement Network (FinCEN) to express support for allowing more flexibility with respect to certain customer identification program (CIP) requirements for bank-fintech partnerships. Acting Chair Hill specifically noted his support for generally allowing the collection of the last four digits of a Social Security number from a customer, rather than the full nine digits; this is the approach permitted for credit card customers.  [7 Feb 2025]  #Onboarding

Article tags

VirtualAssets Cyber E Money Crypto OpenFinance EMoney AI Payments Fraud SmartData

Related categories

FinTech Round-Up Asia AI Fintech payments Europe UK Cyber security, data protection and IT

Key contacts

Cat Dankos photo

Cat Dankos

Regulatory Consultant, London

View profile
Rashid Ahmed photo

Rashid Ahmed

FSR & CCI Professional Support Paralegal, London

Vasuki Balasubramaniam photo

Vasuki Balasubramaniam

FSR & CCI Professional Support Paralegal, London

Disclaimer

The articles published on this website, current at the dates of publication set out above, are for reference purposes only. They do not constitute legal advice and should not be relied upon as such. Specific legal advice about your specific circumstances should always be sought separately before taking any action.

Cat Dankos