FinTech Global FS Regulatory Round-up - W/e 10 October 2025

In this edition we round up FinTech-related financial services regulatory developments for the week ending 10 October 2025.

ICYMI

• Australian Clinical Labs: Australia's first civil penalty of $5.8 million under privacy laws

GLOBAL

FSB report: Monitoring adoption of AI and related vulnerabilities in the financial sector

The Financial Stability Board (FSB) has published a report on how authorities are monitoring the adoption of AI and related vulnerabilities in the financial sector. The publication builds on the FSB's 2024 report on the financial stability implications of AI.

The report examines the monitoring approaches currently used by member jurisdictions. It outlines key considerations and potential indicators for tracking AI adoption and associated vulnerabilities. It also includes a case study focusing on monitoring AI-related third-party dependencies and service provider concentration. The publication provides high-level considerations to enhance monitoring and address data gaps.

The FSB encourages national authorities to enhance their monitoring approaches, leveraging the indicators presented in the report. To support these efforts, the FSB will facilitate alignment in taxonomies and indicators through cross-border cooperation. [10 Oct 2025] #AI

BIS report: Use of AI for policy purposes

The Bank for International Settlements (BIS) has published a report on how central banks, financial regulators and supervisory authorities are using AI for policy purposes. The report, which was submitted to the G20 Finance Ministers and Central Bank Governors, highlights real-world examples of how big data and machine learning are transforming key areas of work. The findings indicate that despite AI's significant potential, challenges remain, including in relation to data governance, investment in human capital and IT infrastructure. [10 Oct 2025] #AI

FSB: Progress report on G20 roadmap for enhancing cross-border payments

The Financial Stability Board (FSB) has published a consolidated progress report for 2025 on the actions taken by the FSB, the Committee on Payments and Market Infrastructures (CPMI) and other partner organisations under the G20 roadmap for enhancing cross-border payments.

The roadmap was launched in 2020 with the aim of making cross-border payments faster, cheaper, more transparent and more inclusive. To give ambition and accountability to the roadmap's goals, the G20 endorsed in 2021 a set of global quantitative targets, most of which are set for end-2027.

The report notes that several significant milestones have been achieved over the past year, including:

• the FSB's recommendations to level the playing field between bank and non-bank payment services providers (PSPs) and to mitigate data-related frictions in cross-border payments; and
• the Financial Action Task Force's (FATF's) revision of standards for data in cross-border payments (Recommendation 16 on Payment Transparency).

While the majority of the roadmap actions have been completed, these efforts have not yet translated into tangible improvements for end-users at the global level. The FSB also stated that it is unlikely satisfactory improvements at the global level will be achieved in line with the 2027 timetable. Looking ahead, the FSB and other partner organisations will focus on enhancing monitoring and supporting implementation of the agreed policy recommendations under the roadmap. [9 Oct 2025] #Payments

UK

PSR consults on price cap methodology and explains decision against interim cap

The Payment Systems Regulator (PSR) has published a consultation paper on its proposed methodology for identifying an appropriate level of multilateral interchange fees in the UK-EEA card-not-present (CNP) outbound corridor. A factsheet has been published alongside the consultation to help stakeholders understand how the consultation fits into the PSR's ongoing work on the market review. Comments on the consultation are requested by 21 November 2025.

Additionally, the PSR has published a statement of reasons on its decision to not proceed with an interim cap on cross-border interchange fees.

In December 2024, the PSR published its final report on the market review into UK-EEA cross-border interchange fees. The regulator concluded that a price cap was the only effective remedy to mitigate the harm to merchants and their customers resulting from the post-Brexit increases in the levels of cross-border interchange fees for UK-EEA CNP transactions. [10 Oct 2025] #Payments

DRCF paper: Laying the foundations for cross-regulatory innovation support – insights from AI & Digital Hub pilot

The Digital Regulation Cooperation Forum (DRCF) has published a report on the key findings from its AI & Digital Hub pilot. The paper groups the insights into three thematic areas: impacts and outcomes; engaging innovators; and building the service.

The AI and Digital Hub pilot was the DRCF's trial of a multi-agency advice service, designed to support innovators navigating the evolving regulatory landscape for AI and digital technologies. The Hub offered free, informal, cross-regulatory advice, particularly to organisations whose propositions spanned the remits of at least two DRCF member regulators.

Insights from the pilot are now informing the next phase of the DRCF's work, which will focus on expanding the Hub's reach and impact through more thematic engagements and advice. [10 Oct 2025] #AI

BoE speech: How innovation is reshaping the financial system

The Bank of England (BoE) has published a speech by its Executive Director for Financial Market Infrastructure, Sasha Mills, at the at Association for Financial Markets in Europe (AFME) OPTIC Conference in Amsterdam. Ms Mills discussed how new ideas and technologies, such as distributed ledgers, are driving innovation and reshaping market structures.

The Executive Director pointed out that with innovation comes responsibility, particularly when it takes place in the heart of the financial system. Robust risk management must therefore accompany new technologies to ensure systems remain resilient and regulatory outcomes achieved. In that regard, she highlighted the BoE's support for responsible innovation by start-ups and established firms and how its approach to regulation is evolving in step with technology.

Ms Mills stated that the BoE is now 'well advanced' in developing a forward-looking regulatory framework for stablecoins, setting out the standards stablecoins must meet to support responsible and sustainable innovation. She also noted that while the BoE is open to innovation and supporting the development of viable business models, its priority is to maintain trust and confidence in money and payments. A consultation paper setting out proposals for regulating systemic stablecoins further is expected to be published later in 2026. [8 Oct 2025] #DLT

FCA research note: Open banking and open finance in the UK

The FCA has published a paper on the findings of a study on the current state of open banking services in the UK. The research aimed to:

• provide a rigorous and evidence-based understanding of the current state of open banking services; and
• inform the development of a strategic framework and theory of change for establishing open finance, and a quantification of the potential benefits that open finance could bring.

The publication:

• highlights key trends in how open banking is being adopted;
• outlines what needs to be considered when designing and implementing open finance including outdated technology systems, inconsistent data standards and low consumer awareness; and
• proposes a strategy and delivery plan to guide future regulatory and industry action.

The Research Note findings do not necessarily reflect FCA views or policies but will inform the regulator's work on open banking and finance. [6 Oct 2025]#OpenBanking

HM Treasury: G7 Cyber Expert Group statement on AI and cybersecurity

HM Treasury has published a statement by the G7 Cyber Expert Group (CEG) on AI and cybersecurity. The document does not set guidance or regulatory expectations. Instead, it aims to raise awareness of AI's cybersecurity dimensions and outlines key considerations for financial institutions, regulatory authorities and other stakeholders that support security and resilience in the financial sector.

The statement should be read in conjunction with the G7's Fundamental Elements series, which serve to guide internal and external discussions on cybersecurity risk management decisions critical to cybersecurity, promoting conversations across jurisdictions and sectors to drive effective cyber risk management practices. [6 Oct 2025] #AI#Cybersecurity

EUROPE

EBA issues opinions on proposed changes to liquidity requirements of the reserve of assets under MiCAR

The European Banking Authority (EBA) has published two opinions in response to the EC amendments relating to the draft RTS specifying the composition and liquidity requirements of the reserve of assets under the Markets in Cryptoassets Regulation (MiCAR). The EBA considers that the EC's proposed substantive amendments are not consistent with the prudential framework established by MiCAR. [10 Oct 2025] #Crypto #DigitalAsset #MiCAR

EBA: Report on tackling ML/TF risks in cryptoasset services through supervision

The European Banking Authority (EBA) has published a report on tackling money laundering and terrorist financing (ML/TF) risks in cryptoasset services, including issuance, trading, and service provision. The report draws on lessons learnt from recent supervisory cases across the EU. It is intended to inform supervisory approaches to the authorisation and oversight of cryptoasset service providers (CASPs) and issuers and to inform authorities about ways they can strengthen AML/CFT frameworks. [9 Oct 2025] #Crypto #DigitalAsset

EC: Faster and safer instant euro payments

In a press release, the EC has highlighted that payment service providers (PSPs) in the euro area are obliged to offer their clients the service of sending instant payments in euro and, in order to combat payment fraud, the service of payee verification (VoP) with effect from 9 October 2025. The EC intends that this will make instant payments ore widely available and more secure within the block.

From January 2027, PSPs outside the euro area will also be required to allow their clients to send and receive instant payments in euro and verify the beneficiary. [9 Oct 2025] #Payments

ESAs warn consumers of risks and limited protection for certain cryptoassets and providers

The European Supervisory Authorities (EBA, EIOPA and ESMA – the ESAs) have issued a statement to warn consumers regarding cryptoaasset risks and that legal protection may be limited depending on the type of cryptoassets invested in. The warning is accompanied by a factsheet that provides an overview of what cryptoassets are, which cryptoassets are regulated by the Markets in Cryptoassets Regulation (MiCAR) and which are not, and the providers consumers may encounter.

The ESAs advise consumers to research any product or service and evaluate the risks before investing. Additionally, they recommend verifying that the provider of cryptoasset services is authorised in the EU, and to ensure any wallets used to store cryptoassets are sufficiently secured. [7 Oct 2025]#Crypto #DigitalAsset

OJ: SEPA ITS

Commission Implementing Regulation (EU) 2025/1979 laying down implementing technical standards (ITS) for the application of the Single Euro Payments Area (SEPA) Regulation with regard to uniform reporting templates, instructions and methodology for the reporting of the level of charges for credit transfers, instant credit transfers and payment accounts, and the share of rejected transactions has been published in the OJ.

The Regulation will enter into force on the twentieth day following its publication in the OJ. [6 Oct 2025] #Payments

AUSTRALIA

The Treasury consults on regulation of payment service providers

The Treasury has published draft legislation for a new regulatory framework for payment service providers.

The draft legislation is intended to 'capture new types of financial products and services and ensures the [Australian financial services] licensing framework' applies to tailored financial products and services. Additionally, the following changes will be made:

• major providers of stored value facilities must register with APRA who will monitor and regulate these entities;
• the Minister will be empowered to make an ePayments Code to bind payment service providers, authorised deposit-taking institution (ADIs) and payment participants under the Payment Systems (Regulation) Act 1998 (Cth) to minimum standards of consumer conduct;
• requirements to ensure payment-related money held by licensees is available to complete transfers or be returned to the person who is legally entitled to it; and
• a process for for managing inactive and dormant money held in major stored value facility accounts ensuring they can deal with unclaimed money in a streamlined manner.

Feedback on the draft is requested by 6 November 2025. [10 Oct 2025] #Payments

HONG KONG

SFC publishes latest issue of Enforcement Reporter focusing on fighting scams in digital age

The SFC has published the latest issue of its Enforcement Reporter, discussing ongoing anti-scam efforts in the digital age:

• Growing threat of financial scams: In 2024, the Hong Kong Police Force recorded over 44,000 deception cases, a fourfold increase in five years. Scam-related complaints have shown an alarming year-on-year increase during the first half of 2025, surpassing more than half of 2024's full-year total.
• Emerging scam trends: Key scam trends include cross-border scams, impersonation on social media, rise of finfluencers (some of whom engaging in unlawful activities such as promoting unauthorised investment products, charging fees for investment advice, and engaging in unlicensed activities), cryptocurrency-related scams, market manipulation via social media, and more prevalent SMS phishing.
• The SFC's strategies to combat scams: The SFC has introduced a Social Media Monitoring System (SENSOR) to monitor potential signs of financial scams. The Alert List on the SFC's website provides timely warnings to investors about potential fraudulent schemes and serves as a database of 'risky entities'. The SFC is working with major social media platform operators to establish direct notification-and-removal mechanisms after its first takedown protocol was established in October 2024 with a major platform operator. It plans to implement a 'detect and remove' model to proactively identify and prevent the investing public from encountering fraudulent content.
• Practical tips for investors: The SFC sets out various tips to stay ahead of scams.
• Anti-Scam Consumer Protection Charter 3.0: This was launched in collaboration with other financial regulators, technology firms and telecom companies to promote dialogue and collaboration on combating financial frauds and scams (see our previous update).
• Enforcement actions: The SFC discussed two recent enforcement actions against finfluencers engaging in unlawful activities.
• Global and regional collaboration: The SFC discussed international and regional initiatives to raise public awareness and strengthen monitoring of online platforms through collaboration with platform providers. [9 Oct 2025] #Crypto #SocialMedia

SINGAPORE

MAS: Deputy Chair's speech at the IBF Distinction Evening - AI

MAS has published the address delivered by Mr Chee Hong Tat, Minister for National Development, and Deputy Chair of MAS, at the Institute of Banking and Finance (IBF) Distinction Evening.

The Minister focused his remarks on how technology is shifting the landscape for businesses and the workforce. In particular, he focused on AI and the need for Singapore's firms to be enabled 'to adopt AI efficiently, effectively and responsibly'. Mr Chee then outlined some of the actions which will advance Singapore's AI ecosystem; these included:

• the launch of a new knowledge hub to facilitate peer learning;
• the development of supervisory guidelines on AI risk management (MAS will consult later in 2025);
• through Project MindForge, developing an AI risk management handbook (to be published later in 2025); and
• targeted work to develop AI foundational skills in the workforce. [9 Oct 2025] #AI

ABS: Banks to strengthen anti-scam measures

The Association of Banks in Singapore (ABS) has announced that, from 15 October 2025, major retail banks will implement enhanced fraud surveillance on all digital transactions in order to strengthen customer protection measures against scams. Where banks detect that an account is being quickly emptied and suspect a scam, transactions may be held for a 24-hour cooling period before being released or rejected immediately. Customers may experience delays in digital payments and transfers, including for legitimate transactions, as banks bolster consumer protection efforts. [3 Oct 2025]#Payments

INDONESIA

New fit and proper test regulation for the financial technology innovation, digital financial assets, and crypto assets sector

On 20 June 2025, the Financial Services Authority (OJK) issued OJK Regulation No. 16 of 2025 on Fit and Proper Tests and Reassessments for Principal Parties in the Financial Technology Innovation Sector, Digital Financial Assets, and Crypto Assets (OJK Reg. 16). This regulation introduces a uniform regime for the fit and proper test for the main parties in these sectors, which include:

• a controlling shareholder (holding more 25% or more of issued shares with voting right, or less than 25% of issued shares with voting right but exercising control directly or indirectly);
• members of the board of directors; and
• members of the board of commissioners.

Under this OJK Reg. 16, assessments are based on three criteria: integrity, financial soundness and competence of the candidate. OJK Reg. 16 outlines details procedures and requirements for the fit and proper test and reassessments.

OJK Reg. 16 provides that the fit and proper test approval of the main parties issued by OJK prior to enactment of OJK Reg. 16 or by other authority overseeing the digital financial asset trading organisers (i.e, Commodity Futures Trading Supervisory Agency (Badan Pengawas Perdagangan Berjangka Komoditi or Bappebti) before the transfer of supervisory authority to OJK, will remain valid. OJK Reg. 16 took effect since 1 October 2025. (10 Oct 2025) #Crypto #DigitalAsset

US

Fed announces expanded operating days for two large-value payment services

The Federal Reserve Board (Fed) has announced that the operating days of the Fedwire® Funds Service and the National Settlement Service (NSS) will be expanded to include Sundays and weekday holidays. The expansion will be implemented no earlier than 2028 to ensure operational and industry readiness.

Currently, both large-value payment services operate Monday through Friday, excluding holidays. The operating hours each day will remain the same, with the Fedwire Funds Service open 22 hours per day, and NSS open 21.5 hours per day. [9 Oct 2025] #Payments

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.