In this regular update, we round-up FinTech-related financial services regulatory developments for the week ending 2 September 2022.


Recent updates from Herbert Smith Freehills include:


FSB Secretary General: Making the most of digital payments 

The Financial Stability Board (FSB) has  published a speech, delivered by Dietrich Domanski, the Secretary General of the FSB in Frankfurt, Germany. In his speech, Mr Domanski discussed the role of financial regulation in promoting efficient and safe cross-border digital payments.

Concluding his address, Mr Domanski advised that the FSB will report to the G20 Finance Ministers and Central Bank Governors in October 2022 on regulatory and supervisory approaches to stablecoins and other crypto-assets. At that time, the FSB also will consult on a review of its high-level recommendations for the regulation, supervision and oversight of GSC arrangements, including how existing frameworks may be extended to close gaps and implement the high-level recommendations. Additionally, the FSB plans to consult on its proposed recommendations for promoting international consistency of regulatory and supervisory approaches to other crypto-assets and crypto-asset markets and strengthening international cooperation and coordination. [1 Sep 2022]



FCA: Occasional Paper on robo-advice for borrower repayment decisions

The FCA has  published an  Occasional Paper on robo-advice for borrower repayment decisions. The paper explains the  results from a robo-advice experiment that asked consumers to make hypothetical borrower repayment decisions. The paper sets out the following key findings.

  • Access to free robo-advice significantly improves repayment decisions.
  • The average willingness to pay for robo-advice is actually higher than the interest and fees it saves borrowers, suggesting a significant mental cost to making repayment decisions.
  • Consumers learn little from using robo-advice, even when provided with explanations. As a result, borrowers are likely to need repeated access to robo-advising tools for decisions to be improved on an ongoing basis. [30 Aug 2022]


ASIC warns brokers considering high-risk offers to retail investors

ASIC has  warned brokers to reconsider high-risk products and services to retail investors where the true cost is masked. Due to the decrease in retail investor activity, some brokers are looking to offer retail investors high-risk products or services, such as (1) securities lending, (2) crypto-assets, and (3) 'zero' and 'low-cost' brokerage. These products can be inappropriate and result in poor outcomes for retail investors.

  1. Securities lending – complex and generally limited to institutional investors who have the sophistication and capacity to understand and manage the associated risks.
  2. Crypto-assets – volatile, complex and often offered alongside shares and other regulated financial products, providing retail investors with a false sense of protection.
  3. Zero or low-cost brokerage – claims that may not be true where the service is bundled.

ASIC also reminded licensees to supervise their authorised representatives, particularly online-only brokers.  [31 Aug 2022]


Hong Kong

HKMA sets out supervisory expectations relating to adoption of cloud computing

The HKMA has issued a  circular to provide guidance to authorised institutions (AIs) on its supervisory expectations relating to the adoption of cloud computing.  This is in light of the growing trend of AIs adopting cloud computing via third-party cloud service providers (CSPs).

The HKMA's supervisory expectations are developed with reference to the results of a round of thematic examinations undertaken from 2021 to 2022.  The principles serve to complement (and should be read in conjunction with) the relevant existing HKMA guidance, including supervisory policy manual module SA-2 (Outsourcing), module OR-2 (Operational Resilience) and module TM-G-1 (General Principles for Technology Risk Management).  AIs should apply the guidance in a proportionate manner and in a way that is commensurate with the criticality of their cloud adoption and potential impact on their risk profiles.

The key principles include:

  • Governance framework – AIs should adopt an effective governance framework overseen by the board of directors and senior management and a proper due diligence process to assess the capabilities and suitability of a CSP before and regularly during engagement.
  • Ongoing risk management and controls – AIs should understand their roles and responsibilities under the agreement with the CSP, develop comprehensive risk management procedures, ensure effective controls in relation to information security and customer data confidentiality, and develop a viable and effective contingency plan to cope with disruptions.
  • Protection of access and other legal rights – There should be suitable arrangements to guarantee AIs' audit rights and other rights and risk management needs, as well as the HKMA's supervisory access to information stored in the cloud.
  • Risk management capabilities – AIs should equip staff with the knowledge and skills required to securely use and manage risks associated with cloud computing.  [31 Aug 2022]


MAS and BI announce work on cross-border QR code payments connectivity

Bank Indonesia (BI) and MAS have  announced the commencement of work on a cross-border QR payment linkage between Indonesia and Singapore as part of the ASEAN-wide payments connectivity effort. This linkage, which is targeted to be launched in the second half of 2023, will allow users to make instant, secure, and efficient retail payments by scanning the QRIS (Quick Response Code Indonesian Standard) or NETS QR codes displayed by merchants.  [29 Aug 2022]



MAS MD on digital assets innovation

MAS has  published the opening address delivered by Ravi Menon, Managing Director, at the Green Shoots Seminar. Under the title of 'Yes to Digital Asset Innovation, No to Cryptocurrency Speculation', Mr Menon explained: the complexities of the digital asset ecosystem and its different; what MAS is actively promoting; what MAS is discouraging; and what are the risks MAS is seeking to manage.  [29 Aug 2022]



BSP champions SupTech and RegTech for cyber resilience

In a press release, Bangko Sentral ng Pilipinas (BSP)  highlighted its support for industry initiatives to further enhance cyber resilience.  The BSP explains that it has recently completed the Advanced SupTech Engine for Risk-Based Compliance (ASTERisC*), which will soon be deployed among selected BSP Supervised Financial Institutions (BSFIs). ASTERisC* is a unified regulatory and supervisory technology (RegTech and SupTech) solution that streamlines and automates regulatory supervision, reporting, and compliance assessment of BSFIs' cybersecurity risk management.

As Lead Computer Emergency Response Team (CERT) covering all BSFIs, the BSP will be issuing the Financial Services Cyber Resilience Plan, spearheaded by its Financial Supervision Sector – Technology Risk and Innovation Department. The plan, which will serve as the primary framework for policies and strategies to strengthen cyber defense in the financial services industry, is expected to bolster the regulatory and supervisory environment for cyber security.  [31 Aug 2022]





Fed updates FedNow service timing to mid-2023

The US Federal Reserve (Fed) has  announced plans to launch its instant payments system for banks, the "FedNow" service, between May and July 2023.  The FedNow service will allow banks to instantly transfer payments across the financial system. Currently, more than 120 organizations are participating in the FedNow Pilot Program. The Fed Vice Chair, Lael Brainard, has said that the testing on the system will begin in mid-September. [29 Aug 2022]



The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.