ARTICLE
8 May 2026

FinTech Global FS Regulatory Round-up - W/e 8 May 2026

KL
Herbert Smith Freehills Kramer LLP

Contributor

Herbert Smith Freehills Kramer LLP logo
Herbert Smith Freehills Kramer is a world-leading global law firm, where our ambition is to help you achieve your goals. Exceptional client service and the pursuit of excellence are at our core. We invest in and care about our client relationships, which is why so many are longstanding. We enjoy breaking new ground, as we have for over 170 years. As a fully integrated transatlantic and transpacific firm, we are where you need us to be. Our footprint is extensive and committed across the world’s largest markets, key financial centres and major growth hubs. At our best tackling complexity and navigating change, we work alongside you on demanding litigation, exacting regulatory work and complex public and private market transactions. We are recognised as leading in these areas. We are immersed in the sectors and challenges that impact you. We are recognised as standing apart in energy, infrastructure and resources. And we’re focused on areas of growth that affect every business across the world.
Explore Firm Details
Financial regulators worldwide are intensifying their focus on artificial intelligence and cybersecurity risks in the banking sector, with new guidance emerging on AI model risk management, cyber resilience frameworks, and the implications of advanced vulnerability detection tools. From the BIS examining stablecoin impacts on international monetary systems to ASIC demanding urgent cyber uplift measures, authorities are racing to address the rapidly evolving technological landscape while the HKMA advances tr
Worldwide Finance and Banking
Chris Ninan,Jon Ford,Michael Tan
+3 Authors
 Your Author LinkedIn Connections
Chris Ninan’s articles from Herbert Smith Freehills Kramer LLP are most popular:
  • in United States
  • with readers working within the Aerospace & Defence and Technology industries
Herbert Smith Freehills Kramer LLP are most popular:
  • within Wealth Management, Employment and HR and Transport topic(s)
  • with Senior Company Executives, HR and Inhouse Counsel

In this edition we round up FinTech-related financial services regulatory developments for the week ending 8 May 2026.

ICYMI

Global

BIS paper: Impact of stablecoins on international monetary and financial system

The Bank for International Settlements (BIS) has published a paper on how stablecoins could affect the international role of currencies, with particular emphasis on implications for emerging market and developing economies (EMDEs). The findings suggest that private sector store of value and medium of exchange functions face the most immediate pressure, particularly in EMDEs where stablecoins offer accessible alternatives to domestic currency instruments during periods of macroeconomic instability.

The views expressed in the publication are those of the authors and do not necessarily reflect the views of the BIS or its member central banks. [5 May 2026] #DigitalAsset #Stablecoin

UK

FCA: Payment services approach – May 2026

The FCA has published the seventh version of its payment services approach document, which is designed to provide a comprehensive picture of the payment services and e-money regulatory regime in the UK. The document also sets out guidance for a practical understanding of the requirements, FCA regulatory approach, how businesses will experience regulatory supervision and the effect of Brexit on the payment services and e-money regulatory regime.

The May 2026 version reflects rules and guidance on safeguarding and resolution packs in the Client Assets Sourcebook (CASS), safeguarding audits and monthly returns in the Supervision Manual (SUP), and account termination updates.

The regulator notes that the approach document has not otherwise been reviewed or updated, and parts may be out of date. [7 May 2026] #Payments

Europe

ECB: Annual report 2025

The ECB has published its 2025 annual report. Among other matters, the report highlights some of the ECB's broader work over the year, including in respect of the payments and market infrastructures of the future. [5 May 2026] #Payments

Australia

ASIC calls for urgent action as AI accelerates cyber threats

The Australian Securities and Investments Commission (ASIC) has published a letter to all licensees and market participants calling for urgent action to ensure that systems are capable of withstanding increasing cybersecurity threats posed by the rapid evolution of AI models.

The letter strongly encourages market participants to adopt a proactive stance to cybersecurity against AI threats, prompting companies not to wait for 'perfect clarity' but to act decisively and immediately to strengthen cyber resilience fundamentals underpinning businesses. Cyber risk management must be proportionate to the size, nature and complexity of a business, and enabled by consistent implementation of proven controls, clear governance and adequate resourcing.

ASIC identifies key steps which companies are encouraged to pursue, including:

  • reassessing current cyber risks and recalibrating overall risk management frameworks;
  • identifying and protecting critical assets;
  • strengthening cybersecurity fundamentals through regular reviews of controls;
  • minimising attack surfaces and regularly reviewing user access;
  • ensuring that any system patches are implemented promptly and effectively, and strengthening management of this;
  • implementing layered cybersecurity architecture;
  • refining and rehearsing their incident response protocols; and
  • using AI where appropriate to identify vulnerabilities and secure software.

The letter expressly notes that ensuring company cyber resilience is a critical part of licensee and market participant obligations and that there is an expectation for boards and senior executives to be actively involved in managing and mitigating cyber risk. It makes clear that governance cannot solely rely on assurances but must be supported by evidence such as test results and independent validation.

ASIC will continue to work alongside other regulators and industry participants, and expects licensees to engage similarly.

The letter follows on from the recent call for a step-change in AI-related risk management and governance issued by the Australian Prudential Regulation Authority (APRA). [8 May 2026] #AI #Cybersecurity

Hong Kong

HKMA launches pilot programme to advance trade finance digitalisation using cargo and trade data

The HKMA has launched the Cargox Pilot Programme, working with 21 banks to take deep dives into cargo and trade data use cases, leveraging the Commercial Data Interchange data infrastructure, with a view to advancing trade finance digitalisation and unlocking greater trade finance availability for Hong Kong’s small and medium-sized enterprises (SMEs).

Through a series of pilot transactions, the HKMA will take forward the 20 recommendations under the data, infrastructure and connectivity pillars outlined in the ‘Project Cargox Recommendation Report’ published in January 2026 (see our previous update).

The 21 participating banks have established their own dedicated cross-functional taskforce to support the development of projects under the pilot programme. The integration of cargo and trade data will transform banking operations and trade finance processes, thereby assisting SMEs, particularly importers and exporters, in addressing the existing pain points in obtaining financing. 

In 2026 and 2027, the pilot projects will focus on four key areas, including:

  • integrating with key cargo and trade data platforms;
  • combining SME trade flow and cash flow data for banks’ multi-dimensional credit assessment;
  • adopting digital corporate identity to enable trusted data sharing; and
  • enhancing connectivity with key trade corridors. [7 May 2026] #Digitalisation

HKMA publishes Annual Report 2025

The HKMA has published its Annual Report 2025, which contains an overview of its work in 2025 and priorities and plans for 2026 and beyond.

Fintech-related priorities for 2026 and beyond include:

Risk-based supervisory focus

  • developing the Cyber Resilience Testing Framework;
  • introducing a blueprint for enhancing the readiness of banks to transition to Post Quantum Cryptography;
  • supporting the use of AI and other technology to combat money laundering and terrorist financing;
  • working with the SFC to provide guidance in relation to stablecoin activities;

Future-proofing the banking sector

  • enhancing the Generative Artificial Intelligence Sandbox and Supervisory Incubator for distributed ledger technology (DLT);
  • further supporting fintech adoption across the industry by rolling out Fintech Connect 2.0, organising additional events under the FiNETech series, and publishing practice guides and research papers; and
  • exploring the adoption of agentic artificial intelligence workflows to transform the HKMA's supervisory reviews and examinations. [30 Apr 2026] #AI #Cyber #Quantum #Stablecoin #DLT

Singapore

MAS undertakes proof-of-value to explore AI techniques to tackle financial crime

MAS has announced that it is working with partners in the banking industry, the Government Technology Agency of Singapore, and the Singapore Police Force to combat financial crime, using AI and machine learning (AI/ML) techniques to enhance scam detection capabilities. MAS is conducting a proof-of-value to explore AI/ML techniques for pre-emptive scam detection. By bringing together data from five banks, the exercise aims to build more robust and accurate AI/ML models that help identify higher-risk transactions and accounts. Prompt identification could enable timely assessment, intervention and reduction of customer losses to scams.

To support the work, MAS has provided industry partners with a secure data sharing environment governed by policies and protocols to safeguard customer information. It has also established a secure data sharing framework with industry participants to ensure that data will be protected and used responsibly. [4 May 2026] #AI #MachineLearning

India

SEBI: Advisory on emerging advanced AI tools for vulnerability detection

SEBI has issued a circular: Advisory on Emerging Advanced Artificial Intelligence (AI) Tools for Vulnerability Detection. The circular notes recent developments in AI (eg Mythos) present ‘new dimensions of risk’ for firms. SEBI has constituted a task force to examine the risks presented by AI models and to develop a mitigation strategy; the task force will also facilitate intelligence sharing. It will report on cyber events, and look at the cyber security of third party application providers.

SEBI notes that the circular should be read in conjunction with other applicable SEBI circulars, including but not limited to Cybersecurity and Cyber Resilience framework, and any subsequent updates issued by SEBI from time to time. [5 May 2026] #AI #Cybersecurity

Philippines

BSP issues warning on unauthorised VASPs

The Bangko Sentral Ng Pilipinas (BSP) has issued a warning to the public not to deal with unauthorised virtual asset service providers (VASPs). The warning outlines the risks of dealing with such VASPs, and provides information on how to check for BSP-authorised VASPs. [8 May 2026] #VirtualAsset

US

Fed Vice Chair Bowman sets out supervisory approach to AI in banking, citing amended model risk management guidance

Fed Vice Chair for Supervision Bowman delivered a speech at the Financial Stability Oversight Council (FSOC) AI Series Roundtable on Cybersecurity and Risk Management, addressing the Fed’s evolving supervisory approach to AI in banking. The Fed, together with the OCC and FDIC, recently amended model risk management guidance (SR 26-2 was issued in April) to clarify that it does not apply to generative or agentic AI, with the revised guidance applying narrowly to traditional models and basic AI applications. The Fed is also working to update and simplify its third-party risk management guidance to remove barriers to innovation and better reflect actual risk. 

Ms Bowman highlighted the implications of Anthropic's Mythos AI model, which accelerates the detection of cyber vulnerabilities, and noted that Secretary Bessent and Fed Chair Jerome Powell have already met with the largest banks to discuss cybersecurity implications. 

In her capacity as chair of the Financial Stability Board's (FSB’s) Standing Committee on Supervisory and Regulatory Cooperation, Ms Bowman announced that a draft report on sound practices for AI adoption for consultation is expected to be released in Q3 2026; the Fed is working closely with the U.S. Treasury and SEC on this FSB workstream. [May 1, 2025] #AI #Cybersecurity

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.

[View Source]
Authors
Photo of Chris Ninan
Chris Ninan
Photo of Jon Ford
Jon Ford
Photo of Cat Dankos
Cat Dankos
Photo of Michael Tan
Michael Tan
Photo of Rashid Ahmed
Rashid Ahmed
Photo of Oliver Hoong
Oliver Hoong
Your Author LinkedIn Connections
See More Popular Content From

Mondaq uses cookies on this website. By using our website you agree to our use of cookies as set out in our Privacy Policy.

Learn More