FinTech Global FS Regulatory Round-up - w/e 8 November 2024

ICYMI

• Failure to Prevent Fraud Offence: The long-awaited Government Guidance is published – companies have until September 2025 to implement 'reasonable procedures' (UK)
• Financial institutions and telcos required to share responsibility for phishing scams in Singapore from 16 December 2024

UK

PSR 'Dear CEO' letter to technology firms – upcoming publication of fraud enabler data

The Payment Systems Regulator (PSR) has published a template version of a letter that it has sent to CEOs of technology firms. The letter precedes a report that the PSR intends to publish in December 2024, with data on the firms that are most commonly reported as enabling contact between fraudsters and victims in relation to authorised push payment (APP) fraud – 'fraud enablers'.

The letter explains that the PSR proposes to publish fraud enabler data annually. It sets out the aims of publishing this data, how the PSR has collected the data from payment services firms, and future plans for publication.

The PSR intends to consult on plans to improve data collection, and develop consistent metrics and definitions, in the first quarter of 2025.

Firms that wish to discuss the plans are asked to contact the PSR by 4 December 2024. [8 Nov 2024] #APPScams

FCA PS24/15: Regulatory framework for PDS firms

The FCA has published Policy Statement 24/15: Regulatory framework for pensions dashboard service firms (PS24/15). The final framework has broadly two aspects:

• It applies the standards that the FCA expects of regulated financial services firms to pensions dashboard services (PDS) firms; such standards include those in the Principles for Businesses (including the Consumer Duty), the Perimeter Guidance, Senior Management Arrangements, Systems and Controls (SYSC), Dispute Resolution (DISP) for complaints handling and the Fees Manual (see Chapters 2 and 5).
• It introduces requirements that are specific to firms operating a PDS that are intended to balance risks and opportunities, including: measures designed to protect PDS users from harm (Chapter 3) and measures that primarily support users to understand and engage with their pensions dashboard ‘view data’ (Chapter 4).

In terms of next steps, the FCA explains that the issuance of PS24/15 allows firms to start work on their prospective business models, service design, research and testing well in advance of the FCA's gateway opening to accept applications for the new permission. However, the FCA is not yet opening the gateway as  information from HM Government (HMG) and the Pensions Dashboard Programme (PDP) for firms on designing and building a PDS is not yet available. The FCA will give the industry adequate advance notice of the gateway opening, alongside finalised application forms. [7 Nov 2024] #Pensions #Dashboards

Lloyds of London and ABI guide on defining cyber events

The Association of British Insurers (ABI) and Lloyd’s of London have co-published a guide for (re)insurers on how to approach defining a major cyber event.  The paper, Components of a Major Cyber Event: A (Re)Insurance Approach, which has been prepared by senior cyber (re)insurance leaders, sets out the factors (re)insurers should consider and provides a framework to follow when defining what constitutes a major cyber event. [7 Nov 2024] #Cyber

FCA AI Sprint

The FCA has published the details of its 2025 AI Sprint, which is due to take place from 29 to 30 January 2025. The sprint will help to inform the FCA's regulatory approach to the use of AI in financial services; it is one element of the AI Lab which was announced in October 2024.

Phase 1 of the sprint will consider how AI will accelerate and impact financial services over the next five years, including key use cases that are likely to have emerged or developed, and conditions that would help the FCA to enable safe and responsible AI adoption. This will set the stage for further detailed discussions in Phase 2 about the regulatory framework and whether changes could be made to enable innovation while mitigating the risks.

Firms that are interested in participating in the AI Sprint are asked to apply by 9 December 2024. The FCA expects to confirm and announce the final participants by the end of December 2024. [4 Nov 2024] #AI

Europe

ESAs: Oversight cooperation and information exchange under DORA

The Joint Committee of the European Supervisory Authorities (the ESAs – EBA, EIOPA and European Securities and Markets Authority (ESMA)) has published Joint Guidelines on the oversight cooperation and information exchange between the ESA's and the competent authorities under Digital Operational Resilience Act (DORA).

The Guidelines will apply from 17 January 2025. [6 Nov 2024] #OpRes  

Hong Kong

HKEX to digitalise ETP servicing capabilities with web-based platform in 2025

The HKEX has announced plans to digitise and automate the in-kind creation and redemption process for relevant exchange-traded products (ETPs) in 2025 through the adoption of a web-based platform, subject to technical readiness and regulatory approval.  This platform will be integrated into the ETP creation and redemption process, connecting key ETP participants with the use of distributed ledger technology and smart contracts, and will help increase overall ETP market efficiency, supporting the continued growth of secondary market activity for ETPs.

The latest plan is part of the HKEX group’s ongoing commitment to further elevate the attractiveness and competitiveness of its international ETP ecosystem, replacing several manual, paper-based processes with a goal to simplify the creation and redemption procedures of ETPs and boost market activity.  [5 Nov 2024] #DLT #SmartContracts

SFC hosts forum to further encourage responsible regtech adoption for AML/CFT, in light of survey report indicating significant increase in adoption in recent years

The SFC has concluded its Anti-Money Laundering and Counter-Financing of Terrorism Regtech Forum 2024 to encourage the financial services sector to embrace regtech in combatting anti-money laundering (AML) and counter-financing of terrorism (CFT).  See rundown and speakers here.

The forum was attended by more than 300 participants, including Government officials, industry representatives and experts.  Topics of discussion included:

• latest developments and adoption trends in regtech;
• practical application of regtech in legal and regulatory compliance for AML/CFT; and
• risk management.

Ms Julia Leung, the Chief Executive Officer of the SFC, made opening remarks at the forum, where she urged the financial industry to adopt regtech responsibly and more widely.  She announced that the SFC had published its Report on the Adoption of Regtech for Anti-Money Laundering and Counter-Financing of Terrorism. 

• The report highlighted that Hong Kong’s regtech adoption has advanced in major AML processes over the past three years.  Among the 50 firms surveyed, over 80% confirmed that their AML ability had improved due to regtech.  Three years ago, only about half of the surveyed firms had reported using technologies in AML processes. 

• A majority of the firms have implemented regtech solutions in at least one key process.  The adoption rate was as high as 92% for name screening, followed by about 70% for both customer due diligence and transaction monitoring.  In general, regtech has covered more AML processes, with more advanced technologies being deployed.

• Regtech solutions can significantly ease financial firms’ burden to perform labour-intensive tasks through automation, data analytics and artificial intelligence.  They can also swiftly process a sea of data and enable firms to focus attention on suspicious activities.  The key use cases include: client onboarding; name screening; transaction monitoring; and third-party deposit identification and due diligence.  [4 Nov 2024] #RegTech

Singapore

Singapore FinTech Festival 2024 – ninth edition

The ninth edition of the Singapore FinTech Festival (SFF) ran from 6 to 8 November 2024. This year, with AI and quantum technology taking centre stage, underscoring their transformative potential for the financial sector.  [8 Nov 2024] #AI #Quantum

MAS and SFA announce winners of the Global FinTech Hackcelerator and the SFF FinTech Excellence Awards

MAS and the Singapore FinTech Association (SFA) have announced the winners of the Global FinTech Hackcelerator and the SFF FinTech Excellence Awards at SFF 2024. The winners, comprising financial institutions, FinTechs, solution providers and individuals, were recognised for their innovative solutions and efforts in unlocking key opportunities within the financial services industry.  [7 Nov 2024] #Hackcelerator #Gamification #Agri-FinTech #OpenBanking #P2P #Platform #DataAnalytics #Algos #AI

MAS MD discusses the authority's 'FinTech vision'

The Monetary Authority of Singapore (MAS) has published an edited transcript of a 'fireside chat' between Mr Chia Der Jiun, MAS Managing Director, and Ms Manisha Tank, Broadcaster and TV Presenter, which took place at the SFF. The chat focused on MAS' overall vision for the FinTech sector and its impact on the delivery of financial services. The MAS MD delved into key topics such as global payments and digital currency, tokenisation, AI and MAS' work on a stablecoin regulatory framework. Concluding the discussion with a brief comment about quantum, he emphasised that is 'not too early' to look into security, post-quantum encryption, and quantum key distribution. [7 Nov 2024] #Payments #DigitalCurrency #Tokenisation #Stablecoins

MAS announces completion of quantum experiment

MAS has announced the successful completion of a joint experiment with Banque de France (BdF), in  post-quantum cryptography (PQC) conducted across continents over conventional internet technologies. The aim of the experiment was to strengthen communication and data security in light of quantum computing advancements, particularly cybersecurity threats. 

The joint initiative trialled its first use of quantum-resistant cryptographic algorithms for the signing and encryption of emails. The goal was to strengthen the current level of security for electronic communications in the future, while retaining compatibility with existing internet standards, technologies and communication channels. The experiment has demonstrated the practical feasibility of these new security methods as well as their effectiveness in widely-adopted application environments. [5 Nov 2024] #Quantum #PostQuantumCryptography #QuantumResistant #Algos

MAS announces plans to support commercialisation of asset tokenisation

MAS has announced plans to advance tokenisation in financial services. These include: forming commercial networks to deepen liquidity of tokenised assets; developing an ecosystem of market infrastructures; fostering industry frameworks for tokenised asset implementation; and enabling access to common settlement facility for tokenised assets.

In particular, to facilitate broad based acceptance and implementation of tokenised assets by financial institutions, two industry frameworks developed by Project Guardian industry group members have been published:

• Guardian Fixed Income Framework (GFIF)  – GFIF integrates the International Capital Market Association’s (ICMA's) Bond Data Taxonomy, Capital Markets and Technology Association’s (CMTA's) Token Standards, and the Global Financial Markets Association’s (GFMA's) Design Principles for Tokenised Securities. It provides an industry guide to implementing tokenisation in debt capital markets.
• Guardian Funds Framework (GFF)  – GFF provides a set of recommendations for industry best practices for tokenised funds. This includes the Guardian Composable Token Taxonomy to facilitate development of tokenised investment vehicles comprising multiple assets, simplifying the process of incorporating new tokenised funds, and help achieve efficiencies in fund settlement. [4 Nov 2024] #Tokenisation

MAS Deputy Managing Director, Markets & Development, addresses Layer One Summit on tokenisation

MAS has published the keynote address by Mr Leong Sing Chiong, Deputy Managing Director, Markets & Development, delivered at the inaugural Layer One Summit of the SFF. The theme of the speech was ' Tokenisation in Financial Services: Pathways to Scale'. Mr Sing Chiong outlined the benefits of tokenisation before moving on to the 'four jigsaw puzzle pieces that need to come together to support industry-wide deployment of tokenised assets', namely: liquidity; foundational infrastructure; standardised frameworks and protocols; and common settlement assets. [4 Nov 2024] #Tokenisation

Malaysia

BNM consults on RMiT 2024

The BNM has published for consultation an exposure draft on Risk Management in Technology (RMiT). The exposure draft outlines new requirements on for the management of technology risks to improve the resilience of financial services and enhance system-wide cyber defence. The proposed policy revisions also aim to improve the supervisory review process for emerging technologies to better facilitate digitalisation of the financial system.

BNM invites feedback on the exposure draft, including suggestions on areas to be clarified or alternative proposals that can deliver the intended outcomes. Respondents are also invited to provide views on the specific questions to calibrate the applicability, scope and implementation timeline of the new requirements.

Responses are requested by 31 January 2025. [7 Nov 2024] #OpRes #Cyber

Philippines

BSP approves 'Guidelines on Operational Resilience'

The Bangko Sentral ng Pilipinas (BSP) has announced the approval of the Guidelines on Operational Resilience for BSP-Supervised Financial Institutions (BSFIs). The guidelines aim to strengthen BSFIs’ ability to manage and mitigate the impact of disruptions on their critical operations, given frequent natural disasters and fast-paced advancements in technology. The guidelines also help to ensure that financial services will remain available to the public despite prolonged business interruptions, such as those experienced during the COVID-19 pandemic. This is in line with the BSP’s drive to foster continuous delivery of financial services to support inclusive and sustainable economic growth. [6 Nov 2024]  #OpRes #Cyber

US

CFTC customer advisory warns of potential dangers in messaging apps

The Commodity Futures Trading Commission’s (CFTC's) Office of Customer Education and Outreach has released a customer advisory alerting messaging app users to beware of schemes to defraud them of assets, specifically cryptoassets. The CFTC warns that fraudsters are exploiting the default settings of commonly used messaging apps, telephone networks, and mobile devices to lure users into crypto pump-and-dump schemes and other scams.  The customer advisory lists actions that app users should take if they receive a message from an unfamiliar person or number indicating that they have been added to a group chat. [31 Oct 2024] #SocialMedia