- in United States
- within Finance and Banking, Environment and Coronavirus (COVID-19) topic(s)
ICYMI
UK
FCA: Individual convicted for data protection breach
The FCA has reported that an individual was convicted for obtaining and disclosing personal data in violation of the Data Protection Act (DPA), after he had sold confidential customer data to a family friend for use in a boiler room fraud. Two individuals were subsequently sentenced to 5 years and 4 months and 6 years and 6 months, respectively, for their roles in a crypto scam that defrauded at least 65 investors of £1.5m.
Commenting on the case, Steve Smart, Executive Director of Enforcement and Market Oversight at the FCA, highlighted that it was the regulator's first prosecution under the DPA. [30 Oct 2025] #Crypto #DigitalAsset
FCA statement to firms looking to offer cETNs
The FCA has published a statement regarding crypto exchange trade notes (cETNs). The FCA lifted the ban on retail access to certain cETNs on 8 October; retail consumers may now access cETNs when they are listed on the Official List and admitted to trading on a UK recognised investment exchange. Where firms are planning to offer cETNs, they are requested to inform their FCA supervisory contact. Prospectuses must be reviewed and approved before the products are available.
The cETNs are categorised as restricted mass market investments (RMMIs) and firms who offer them will need to comply with the financial promotion rules including:
- not offering any incentives to invest;
- having robust appropriateness assessments, client categorisation and cooling-off periods; and
- highlighting relevant risk warnings.
Firms offering cETNs will also need to comply with other rules, including the Consumer Duty.
If a firm wishes to apply for authorisation or new permissions to offer cETNs, they can request a pre-application meeting through the FCA's pre-application support service. [27 Oct 2025] #cETN #Crypto #DigitalAsset
UK Finance: Fraud report for H1 2025
UK Finance has published its fraud report detailing the amount its members reported as stolen through payment fraud and scams in H1 2025. UK Finance highlighted that there has been a three per cent increase on total amount stolen (up to £629,3m) and a 17 per cent increase in the number of cases (up to 2.09m cases) on the same period in 2024. However, banks prevented £870m of unauthorised fraud, which is 20 per cent more than in H1 2024 and equivalent to 70p in every £1 attempted.
Out of the £629.3m recorded, £215.4m was attributed to remote purchase fraud, an eight percent increase compared to 2024. The number of these cases increased by 22 per cent to 1.66m. This type of fraud occurs when a card is not present; criminals typically use social engineering to steal card details to buy something on the internet, over the phone or via mail order.
On authorised push payment (APP) fraud, losses amounted to £257.5m in H1 2025, a 12 per cent increase on the same time last year, but APP fraud cases fell by eight per cent to 110,747. UK Finance found that online continues to be the most significant place these frauds to originate, with some 66 per cent of APP fraud cases starting online (down from 71% in H1 2024). By comparison, only 17 per cent started through telecommunications networks. However, online and telecommunications sourced cases had a nearly equivalent share of value at 30% and 29% respectively. [27 Oct 2025] #Payments
Europe
ECB advances to next phase of digital euro project
The European Central Bank (ECB) has announced that its Governing Council has decided to move to the next phase of the digital euro project following the completion of the preparation phase. The Eurosystem will focus on three main areas in the coming phase: technical readiness, market engagement and legislative process support.
The ECB Governing Council's final decision on digital euro issuance will be taken once the relevant legislation has been adopted. if the European co-legislators approve the regulation establishing the digital euro in 2026, a pilot exercise could start in mid-2027 ahead of a potential first issuance of the digital euro in 2029. [30 Oct 2025] #Crypto #DigitalAssets
Australia
ASIC provides further guidance on digital asset innovation
The Australian Securities and Investment Commission (ASIC) has published additional guidance regarding the application of presently existing financial services laws to digital assets. In particular, ASIC has confirmed that stablecoins, wrapped tokens, tokenised securities and digital asset wallets are among the digital asset products that it considers falling within the ambit of 'financial products'. As explained by ASIC Commissioner Alan Kirkland, it is hoped that this updated guidance 'provides the regulatory clarity that firms have been calling for'.
Kirkland further explained that the character of digital assets as financial products would be maintained under the Government's proposed law reform, meaning that almost all digital asset providers will require a financial services licence to ensure proper consumer protection. However, in an attempt to allow firms to consider and implement this guidance, ASIC has announced it will enforce a sector-wide no-action policy until 30 June 2026.
In the same press release, ASIC announced a proposal for new regulatory relief measures to support innovation in digital assets. These measures include class relief for distributors of eligible stablecoins and wrapped tokens, as well as amendments to custody standards to allow omnibus account structures under specified conditions. ASIC is inviting feedback on the proposal until 12 November 2025.
ASIC's position regarding both the no-action position and the proposed regulatory relief was partly informed by its consultation paper in December 2024 ( CP 381), a summary of which was posted alongside the aforementioned guidance. [29 Oct 2025] #Crypto #DigitalAsset
Treasury invites feedback on draft regulations for payment systems modernisation
The Treasury has announced it is inviting feedback on the Payment Systems Legislation Amendment (2025 Measures No. 1) Regulations 2025 (Cth) and the supporting Explanatory Statement until 11 November 2025. The regulations support the recently passed Treasury Laws Amendment (Payments System Modernisation) Act 2025 (Cth) and, if implemented, will amend sections in the Payments Systems (Regulation) Regulations 2006 (PSRR), the Australian Securities and Investments Commission Regulations 2001 (Cth) (ASIC Regulations) and the Corporations Regulations 2001 (Cth).
The key amendments are as follows:
- ASIC, APRA, ACCC, and AUSTRAC are now designated 'special regulators' under the PSRR. The regulations define the heads of these regulators and their eligible delegates who are authorised to exercise powers under the PSRR. Specified 'prescribed persons' within these special regulators may use or disclose information obtained under the Payment Systems (Regulation) Act 1998 (Cth) ('the Act') to either the RBA or another special regulator. Additionally, the regulations provide civil liability protections for 'prescribed persons' acting in good faith while performing functions or exercising powers under the Act.
- A regulation specifically outlining payment systems that are not financial products (such as Mastercard, VISA, EFTPOS etc...) will be inserted into the ASIC Regulations. A similar provision will be inserted into the Corporations Regulations 2001 (Cth). [29 Oct 2025] #Payments
APRA member speaks to Financial Services and ASX Sector Assurance Forum
In a speech to the Financial Services and ASX Sector Assurance Forum 2025, APRA Member Suzanne Smith outlined the regulator's evolving attitudes towards growing technological risks within the financial services' sector.
Smith outlined the following concepts as of particular importance to proper risk management:
- Given the exponential rise in digital banking, online superannuation management and digital insurance platforms, cybersecurity is expected to be audited regularly and will be treated as a concern for the whole company, rather than being characterised simply as an IT issue.
- APRA-regulated entities must inform the Authority in the event of any cyber-incident, whether it pertains simply to an accidental data disclosure or an actual compromise of cybersecurity systems.
- Many banks, insurers and superannuation trustees should be looking to update or replace their technology management capabilities, with many entities relying 'heavily on legacy systems, which are often built on now outdated software and hardware [and are] typically less resilient to cyber threats'. Smith added that there are economic benefits to this proactive approach, as the 'delaying the replacement of technology assets, for example, often comes with hidden costs which eventually need to be paid'.
- APRA is closely monitoring concentration risk, warning that reliance on a small number of critical technology providers, such as cloud, SaaS, PaaS, and IaaS vendors, could pose systemic threats if any were to fail.
- APRA expects entities to implement strong data governance, privacy protections, and AI oversight, with internal audit protocols aimed at ensuring that entities are adapting to emerging technologies to ensure compliance with prudential standards. [28 Oct 2025] #Cybersecurity #AI
Hong Kong
HKMA executive director discusses supervisory technology and initiatives for supporting innovation while protecting consumers
In his keynote speech at a 'Risk & Compliance Re-imagined' Seminar, Mr Alan Au, the HKMA's Executive Director (Banking Conduct), discussed the technology used by the HKMA for surveillance.
The HKMA has been utilising various technologies, including robotic process automation, speech transcription and agentic AI to enhance the efficiency and effectiveness of conduct supervision by freeing up its staff from administrative and repetitive tasks, so that its staff can devote more time and effort to complex tasks and supervisory analysis. For example:
- The HKMA has employed a workflow system powered by agentic AI and web-scraping technologies to detect and monitor misleading marketing claims, including the misuse of terms like 'bank' or 'deposit', to protect the public against misleading advertisements or deceptive practices in the market.
- The HKMA has also introduced a speech-to-text system to analyse audio recordings between banks and their customers. Leveraging the system to transcribe and analyse audio recordings, this system facilitates identification of potential compliance issues, such as inadequate product disclosure for the HKMA's further review, enhancing the efficiency of its supervision work. The HKMA's sampling capacity has increased notably as a result.
Mr Au also highlighted the initiatives the HKMA has introduced in recent years to reimagine and adapt its supervisory approach to conducting supervision and consumer protection in the digital age. The areas he covered included online wealth management, responsible use of AI, and anti-scam initiatives. Mr Au noted the need to find the right balance between supporting innovation and protecting consumers, given that technology is a double-edged sword. [30 Oct 2025] #AI
HKMA publishes e-HKD Pilot Programme Phase 2 Report and outlines future direction for e-HKD, prioritising wholesale uses and continuing work on extension to retail uses
The HKMA has published the ' e-HKD Pilot Programme Phase 2 Report', presenting key findings and learnings from 11 industry pilots and setting out its latest policy stance on the e-HKD. Details of each pilot can be found in the factsheets and supplementary reports prepared by the pilot participants, accessible via the links in Appendix A of the report.
Since 2017, the HKMA has been exploring the potential of a central bank digital currency for Hong Kong, with Phase 2 of the pilot programme evaluating the commercial viability and scalability of an e-HKD in various retail scenarios, as well as comparing it with tokenised deposits (see our previous update).
The pilots under Phase 2 explored innovative use cases across three main themes, namely, settlement of tokenised assets, programmability, and offline payments. The results have demonstrated that both e-HKD and tokenised deposits can enable cost-efficient, programmable, and resilient transactions. In particular, the public perception of e-HKD and tokenised deposits was found to be similar, reflecting the public's high trust in Hong Kong's stable banking system. Commercial banks showed a slight preference for tokenised deposits over an e-HKD, citing potential benefits such as lower cost of capital, flexibility in design, and strong customer stickiness.
In light of the findings, the HKMA has concluded that the immediate priority for the e-HKD lies in areas beyond retail use cases, and will prioritise the e-HKD work in wholesale payments (which has already been implemented in some applications), to support the development of the tokenisation ecosystem and cross-border payments, such as settlements of international trade.
In the meantime, the HKMA will maximise Hong Kong's readiness to extend the use of the e-HKD to retail scenarios by laying the policy, legal, and technical groundwork by the first half of 2026, taking into account the design considerations outlined in the report. The HKMA will regularly review the decision to proceed with such an extension, subject to various factors such as market demand, international developments, and evolvement of technologies.
As part of the e-HKD Industry Forum's work, the HKMA will publish a set of common token standards to facilitate the scaled adoption of programmability in digital money. These standards are intended to provide a foundation for the potential future development and adoption of an e-HKD aimed at serving the needs of individuals and corporates in Hong Kong. [28 Oct 2025] #CBDC
Malaysia
BNM publishes discussion paper on asset tokenisation
The Bank Negara Malaysia (BNM) has published a discussion paper setting out BNM's proposed approach to exploring asset tokenisation in the Malaysian financial sector. Responses are requested by 1 March 2026. [30 Oct 2025] #Tokenisation
Thailand
BOT announces launch of cross-border QR payment linkage
The Bank of Thailand (BOT) has announced the launch of the cross-border QR payment linkage between Thai banks and three Chinese payment service providers. The launch means that users from China will be able to use the three Chinese payment service providers to scan Thai merchants displaying Thai QR Codes issued specified banks.
Currently, arrangements for cross-border QR payment collaboration is in place with nine countries. [30 Oct 2025] #Payments
India
RBI: Draft circular on guidelines to facilitate faster cross-border inward payments
The Reserve Bank of India (RBI) has published a draft circular on guidelines to facilitate faster cross-border inward payments. Feedback on the draft is requested by 19 November 2025. [29 Oct 2025] #Payments
US
DFPI provides guidance on identifying AI-related scams
The California Department of Financial Protection and Innovation (DFPI) has published tips for consumers on how to recognize AI scams. [28 Oct 2025] #AI #Cybersecurity
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.
