Follow us

In this regular update, we round-up FinTech-related regulatory developments for the week ending 10 December 2021.



FSB launches survey on cross-border data flows - Roadmap for Enhancing Cross-Border Payments 

The Financial Stability Board (FSB) has announced that it is conducting a survey as part of its work under Building Block 6 of the Roadmap for Enhancing Cross-Border Payments. Under the Roadmap, the FSB is tasked with conducting a stocktake of existing national and regional data frameworks relevant to the functioning, regulation and supervision of cross-border payment arrangements, and with identifying issues relating to cross-border use of those data by national authorities and by the private sector.

Feedback is invited via an online survey which will close to contributions on 14 January 2022 at 8:59 AM CET.  [10 Dec 2021]



IOSCO consults on the use of IFs in growth and emerging market

The International Organization of Securities Commissions (IOSCO) has published consultation report 07/2021 (CR07/2021) on the use of innovation facilitators (IFs) in growth and emerging markets. The report covers three types of IFs: innovation hubs; regulatory sandboxes; and regulatory accelerators. CR07/2021 also proposes four recommendations for emerging market member jurisdictions to consider when setting up IFs.

Responses to CR07/2021 are requested by 6 February 2022. [7 Dec 2021]





BoE: Transforming data collection communication to firms

The Bank of England (BoE) has published a statement providing an update on the progress of the joint transformation programme being led by the BoE, the FCA and the industry. The statement explains the progress of the programme since the launch, describing what has been achieved and the proposed activities for early 2022. It also provides an update on the expected resource needs for Transforming Data Collection for FY22/23 and engagement with stakeholders for input to solution designs. [9 Dec 2021]



PSR: PS on regulatory framework for NPA

The Payment Systems Regulator (PSR) has published Policy Statement 21/3 (PS21/3) on the regulatory framework for the new payments architecture (NPA) central infrastructure services (CIS). PS21/3 sets out requirements on both Pay.UK and a CIS provider that will address risks to competition and innovation in the NPA ecosystem.

Alongside PS21/3, the PSR has also published illustrative directions to show how the implementation of the regulatory framework could look. While not seeking feedback on the illustrative directions at this time, the PSR advises that it plans to publish and consult on draft directions closer to the go-live date for the NPA before giving them to Pay.UK and any relevant CIS provider. [9 Dec 2021]




DIT: UK agrees digital trade deal with Singapore

The Department for International Trade (DIT) has announced that the UK has agreed a digital trade deal with Singapore, the Digital Economy Agreement. The Digital Economy Agreement aims to help the UK capitalise on its strengths as the world’s second largest services exporter and a leading digital hub. [9 Dec 2021]



BoE: Minutes of the CBDC Engagement Forum - November 2021

The Bank of England (BoE) has published the minutes of the CBDC Engagement Forum for November 2021. The minutes set out the forum's discussions on central bank digital currencies (CBDCs) including in relation to retail use cases for CBDCs, in particular customer demands and end-user research. [6 Dec 2021]




EBA consults on new remote customer onboarding guidelines

The European Banking Authority (EBA) has launched a consultation on draft guidelines on the use of remote customer onboarding solutions. The draft guidelines set common EU standards on the development and implementation of sound, risk-sensitive initial customer due diligence (CDD) policies and processes in the remote customer onboarding context. The guidelines are in line with applicable anti-money laundering and countering the financing of terrorism (AML/CFT) legislation and the EU data protection framework. Once adopted, the guidelines will apply to all financial sector operators that are within the scope of the Anti-money Laundering Directive (AMLD).

Responses to the consultation are requested by 10 March 2022. A public hearing will take place via conference call on 24 February 2022.  [10 Dec 2021]

EIOPA launches Digital Transformation Strategy

The European Insurance and Occupational Pensions Authority (EIOPA) has published its Digital Transformation Strategy. The strategy is not intended to overlap EIOPA’s normal work planning process, but rather to set out how EIOPA, with its European perspective, can contribute best to the transformation of the EU insurance and pensions markets and their supervision. In doing so, EIOPA will have regard of its given mandate and following the principle of technological neutrality and maintaining a level playing field.

The strategy is centred around five long-term priorities:

  • leveraging on the development of a European data ecosystem;
  • supporting artificial intelligence (AI) and promoting financial inclusion;
  • ensuring a forward looking approach to financial stability and resilience;
  • realising the benefits of the European single market; and
    enhancing the supervisory capabilities of EIOPA and national competent authorities (NCAs).  [10 Dec 2021]


EBA consults on RTS for CSPs

The EBA has published for consultation the draft Regulatory Technical Standards (RTS) which specify the information that crowdfunding service providers (CSPs) must provide to investors. The proposed requirements cover:

  • the method used for the calculation of credit scores and loan prices;
  • the factors that CSPs need to consider when carrying out a credit risk assessment and when conducting the valuation of a loan; and
  • the underlying policies and governance arrangements which CSPs are required to have in place.

Responses are requested by 8 March 2022. [8 Dec 2021]

EC keynote marks 10 years of the ESRB

The European Commission (EC) has published the keynote address delivered by Commissioner Mairead McGuiness at the 5th European Systemic Risk Board (ESRB) Conference.  Commissioner McGuinness noted the key role which the ESRB has played as the macro-prudential supervisor of the EU financial system in the 10 years since its establishment before moving on to highlight areas for ESRB focus going forward.  The Commissioner discussed:

  • the potential impact on financial stability of any abrupt asset price correction following Covid-19;
  • the EC's proposal to improve the availability and use of liquidity management tools in its review of the Alternative Investment Fund Managers Directive (AIFMD);
  • how the forthcoming Supervisory Data Strategy will be an important step to improving understanding of risk exposures and interdependencies;
  • the EC's intention to propose measures in 2022 to make EU-based central counterparties (CCPs) more attractive to market participants and thereby reduce reliance on CCPs based outside of the EU;
  • the importance of understanding what financial stability implications may arise from the interaction of digital finance, in particular crytpoassets, with traditional finance; and
  • that cryptoassets, digitalisation, cyber resilience and climate change will all be considerations as the EC commences its review of the macro-prudential framework for the banking sector. [8 Dec 2021]


ECON reports under the EU Digital Finance Strategy, including with regard to DORA

The European Parliament (EP) has published the following reports adopted by the Economic and Monetary Affairs Committee (ECON) which relate to proposed legislation under the EU's Digital Finance Strategy:




EPC: 2021 Payment Threats and Fraud Trends Report

The European Payments Council (EPC) has published its 2021 report on payment threats and fraud trends. The report provides an overview of the current threats in the payments space, aims to create awareness amongst stakeholders, and discusses possible mitigating measures to prevent fraud. [6 Dec 2021]




Transforming Australia’s Payments System

The Government has released ‘Transforming Australia’s Payments System’. This response addresses the findings in the Review of the Australian Payments System, the Senate Select Committee on Australia as a Technology and Financial Centre Final Report (the Senate Report), and the Parliamentary Joint Committee Corporations and Financial Services Report on Mobile Payment and Digital Wallet Financial Services (the MPDWFS Report) .

The Government outlined the key steps it is taking to ensure Australia’s regulatory framework is fit for purpose, including:

  • developing a Payments System Strategic Plan to coordinate system-wide innovations, ensure regulators collaborate effectively and respond to future innovations in the sector;
  • modernising the existing licensing framework for payments service providers;
  • updating the Payment Systems (Regulation) Act 1998 (Cth) to ensure the Reserve Bank of Australia can accommodate the changing payments landscape;
  • creating a Ministerial designation power to respond to emerging issues that are in the national interest or fall beyond the remit of regulators;
  • clarifying the tax and regulatory obligations of crypto businesses;
  • obtaining advice from the Council of Financial Regulators on policy options regarding de-banking; and
  • requesting a review from Board of Taxation regarding an appropriate policy framework for the taxation of digital transactions and assets.

The Government also provided to responses to each of the recommendations arising from these reports. Notably, the Government:

  • agreed to all recommendations from the Review of the Australian Payments System;
  • either agreed in principle or noted the majority of the recommendations in the Senate Report;
  • disagreed with the Senate Report’s recommendation regarding a renewable tax discount; and
  • either agreed in principle or noted the majority of the recommendations in the MPDWFS Report.   [8 Dec 2021]


ASIC Reports on cyber resilience assessments of financial markets firms

ASIC has released its latest report on the cyber resilience of firms operating in Australia’s financial markets. The report provides an update on organisations’ cyber resilience in the last two years since the previous report 651, November 2018-19. ASIC Commissioner Cathie Armour agreed that firms continue to be resilient against a rapidly changing cyber threat environment, with the increased threat of opportunities from the Covid-19 pandemic including targeting of remote workers and accessing remote infrastructure and supply chains.

The findings indicate that while there has been a small improvement in the cyber resilience of firms, the increase of 1.4% falls short of the 14.9% improvement targeted for the period. It is believed the shortfall is attributed to the combined result of overly ambitious targets, escalation in the cyber threat environment and disruptions caused by the pandemic leading organisations to reassess the targets set in 2019.

The key findings from the report include:

  • the closing of the gap between large and small to medium enterprises (SMEs);
  • the improvement of cyber resilience of SMEs;
  • confidence of larger firms in their own cyber resilience has fallen slightly; and
  • level of cyber resilience for supply chain risks has remained relatively stable.

ASIC has warned that failure to invest in supply chain risk management may lead to significant consumer harm that might warrant ASIC investigation and action.  [6 Dec 2021]



Hong Kong

HKMA launches Enhanced Competency Framework on Fintech

The HKMA has published a circular on the launch of its Enhanced Competency Framework on Fintech, which establishes a set of common and transparent competency standards for developing a strong fintech talent pipeline and enhancing the professional competence of existing banking practitioners involved in technological innovation for financial services.

The framework, a collaborative effort of the HKMA, the Hong Kong Institute of Bankers and the banking sector, will facilitate banking practitioners in acquiring relevant fintech knowledge and develop professional competencies in the fintech area more effectively.  Details of the framework, including its scope of application, competency standards, qualification structure, modular exemption, certification and grandfathering arrangements, and continuing professional development requirements (CPD) are set out in the guide attached to the circular.

Authorised institutions (AIs) are strongly encouraged to adopt the framework as part of their overall efforts in supporting the ongoing professional development of their employees. The HKMA expects AIs to adopt appropriate measures to monitor and maintain the competence levels of their employees, including

  • supporting their employees to attend training and examinations that meet the framework's certification;
  • keeping proper records of the relevant training and qualification of their employees;
  • providing employees with necessary assistance in their applications for grandfathering and certification and their fulfilment of CPD training under the framework. [3 Dec 2021]
SECP encourages corporations to strengthen cybersecurity

The Securities and Exchange Commission, Philippines (SECP) has issued a notice to all corporations under its supervision regarding cybersecurity. In anticipation of the holidays and an expected surge in digital transactions, and in light of the rise of cyber financial crimes and scams, including ransomware hacking incidents, the SECP is encouraging corporations to strengthen their cybersecurity measures. [6 Dec 2021]


Key contacts

Nick Pantlin photo

Nick Pantlin

Partner, Head of TMT & Digital UK & Europe, London

Nick Pantlin
Alex Kay photo

Alex Kay

Partner, London

Alex Kay