Follow us

In this regular update, we round-up FinTech-related financial services regulatory developments for the week ending 16 December 2022.


Recent updates from Herbert Smith Freehills include:



BCBS: Standard on prudential treatment of cryptoasset exposures 

The BCBS has published a Standard on prudential treatment of cryptoasset exposures. The Standard provides a global regulatory framework for internationally active banks' exposures to cryptoassets that promotes responsible innovation while preserving financial stability. The Standard sets out the prudential treatment of banks' exposures to cryptoassets, including tokenised traditional assets, stablecoins and unbacked cryptoassets. The standard is to be implemented by 1 January 2025, and the BCBS will monitor the implementation and effects of the Standard. [16 Dec 2022]

BCBS: Work programme and strategic priorities for 2023/24

The BCBS has published its work programme and strategic priorities for 2023/24. The work programme takes a forward-looking approach to identifying and assessing emerging risks and vulnerabilities to the global banking system, it also prioritises work related to the ongoing digitalisation of finance, climate-related financial risks and monitoring, implementing and evaluating the Basel III framework.

The key themes for 2023-24 include:

  • emerging risks and horizon scanning;
  • digitalisation of finance;
  • climate-related financial risks;
  • monitoring and review of existing standards and guidance; and
  • implementation and evaluation. [16 Dec 2022]
IAIS: Report and note on digital innovation in the insurance sector

The International Association of Insurance Supervisors (IAIS) has published the following in relation to digital innovation in the insurance sector.

  • Report on FinTech developments in the insurance sector, which presents the outcomes of exploratory assessments in relation to the use of application programming interfaces (APIs) and open data; distributed ledger technologies (DLTs) and blockchain; and safe, fair and ethical adoption of artificial intelligence (AI) and machine learning (ML); and the use and governance of data.
  • Joint Note with the Access to Insurance Initiative (A2ii) and the Financial Stability Institute (FSI) of the Bank for International Settlements (BIS) on the role of supervisory technology (SupTech) in insurance supervision, which provides examples of how 38 SupTech tools are being used by insurance supervisors. [14 Dec 2022]



FCA, PSR, CMA and HMT: Joint statement on the future of open banking

The FCA, Payment Systems Regulator (PSR), Competition and Markets Authority (CMA) and HM Treasury (HMT) – which constitute the Joint Regulatory Oversight Committee (JROC) – have published a joint statement to provide an update on the future of open banking and the plans for a new entity to succeed the Open Banking Implementation Entity (OBIE). The statement communicates the authorities' vision and emerging thinking on the design of the future oversight entity for open banking, and is issued ahead of a further statement planned for Q1 2023 which will set out views and recommendations. [16 Dec 2022]

CMA: Consultation on Annual Plan 2023 to 2024

The Competition and Markets Authority (CMA) has published consultation on its priorities for the next three years and a draft Annual Plan for 2023 to 2024. The CMA's draft plan sets out areas of focus around three core outcomes:

  • people can be confident they are getting great choices and fair deals;
  • competitive, fair-dealing businesses can innovate and thrive; and
  • the whole UK economy can grow productively and sustainably.

Among the activities which the CMA outlines for 2023 to 2024 are:

  • continuing the ongoing programme of work to address possible ‘greenwashing';
  • providing guidance to businesses and industry associations on how they can ensure competition law compliance when collaborating to develop or accelerate the adoption of more environmentally sustainable products and services; and
  • preparing to operate the proposed statutory pro-competition regime for digital markets once the legislation is adopted, including recruitment to support the Digital Markets Unit (DMU).

Feedback is requested by 30 January 2023. A summary of the responses, along with a final Annual Plan, will be published by the end of March 2023. [15 Dec 2022]



BoE posts requests for application to provide PoC for a sample CBDC wallet

The Bank of England has posted a request for applications to provide proof of concept (PoC) for a sample wallet for a central bank digital currency (CBDC). The deadline for questions is 16 December 2022, and for applications is 23 December 2022. The latest start date is 16 January 2023, with an expected contract length of five months (with option for one month extension).  The request sets out a number of aims for the project, including to 'explore the end-to-end user journey as a way to sharpen functional requirements for both the Bank and the private sector. The Bank will not develop a user wallet itself, but may develop payment scheme rules & user experience guidelines etc for the private-sector wallet providers, in addition to supporting core CBDC functionality via its ledger and API'. [14 Dec 2022] 




ESMA: Q&As on AIFMD, MiFID II, MiFIR, ECSPR, crowdfunding and DLT Pilot Regime 

The European Securities and Markets Authority (ESMA) has updated the following questions and answers (Q&As) on:



ECB Banking Supervision sets out key observations from 2022 horizontal analysis of IT and cyber risk

European Central Bank (ECB) Banking Supervision has set out key observations on IT and cyber risk as informed by the responses received from significant institutions (SIs) to the ECB's annual IT risk questionnaire. The observations include:

  • IT outsourcing expenses continue to grow, with cloud expenses increasing by 45%, albeit from a low basis compared with other IT outsourcing expenses (total cloud expenses account for 4.2% of total IT outsourcing expenses);
  • 50% of institutions declared that they were the target of at least one successful cyberattack in 2021, though the number of successful cyberattacks decreased by 16%;
  • data quality management remains the least mature IT risk control domain with the worst self-assessment scores reported by the institutions;
  • software changes were again identified as the main cause of critical services downtime, mentioned by 79% of responding banks;
  • the level of IT expertise on boards was similar to the previous year, though 14% of banks still report that no board members have IT expertise; and
  • some banks still report a lack of key risk control measures.

Deficiencies in IT outsourcing and cyber resilience have been identified as a key vulnerability to be addressed by ECB Banking Supervision as a supervisory priority in the period 2022-24. [16 Dec 2022]




ESMA: Guidance on applications under the DLT Pilot Regime

The European Securities and Markets Authority (ESMA) has published guidance for applications under the EU's Distributed Ledger Technology (DLT) Pilot Regime. ESMA provides guidance on the standard templates, forms and formats when applying for permission to operate a DLT market infrastructure. The guidance will enter into force on 23 March 2023. [15 Dec 2022] 



EIOPA: Speech on AI governance, AI Act

The European Insurance and Occupational Pensions Authority (EIOPA) has published the opening remarks delivered by its Chair Petra Hielkema at EIOPA's artificial intelligence (AI) governance event. In her speech, Ms Hielkema spoke about: the role of AI in the digital transformation of the insurance industry and various use cases across the insurance value chain; opportunities and risks in relation to AI; and the need for a combination approach to AI governance. She noted EIOPA's plans to issue a digitalisation market monitoring survey in 2023 to monitor the uptake of AI in the industry.

She also made some observations about the EU's AI Act, noting that 'it is very important for the specificities of the insurance sector to be fully taken into consideration and to recognize that sectoral legislation is already addressing the risks of the use of AI and mandating supervisors to act when needed'. Ms Hielkema stated that EIOPA does not support the inclusion of insurance AI use cases as high-risk applications in the Act at this time, but that AI should be further addressed in sectoral legislation. Further, the definition of AI should not cover mathematical models such as those traditionally used in the insurance sector, but should be narrower with a focus on AI systems with distinctive features. [15 Dec 2022] 





ASIC: Finder Wallet sued for alleged unlicensed conduct and inadequate risk disclosure over Finder Earn product

ASIC has commenced civil penalty proceedings in the Federal Court against Finder Wallet Pty Ltd, a subsidiary of comparison website, for allegedly providing unlicensed financial services, breaching product disclosure requirements and failing to comply with DDO in relation to its crypto-asset related product Finder Earn.

ASIC Deputy Chair Sarah Court said, ‘This is ASIC’s third recent action against a firm offering a crypto-asset related product that we consider to be a financial product. Our message to industry is clear - just because an offer involves a crypto-asset related product does not guarantee it will fall outside the current regulatory regime.’

ASIC alleges that the Finder Earn product was, in substance, a debenture. This is because customers deposited money with Finder Wallet on the understanding that their money would ultimately be repaid, together with a return for allowing Finder Wallet to use their capital. ASIC also alleges that offering Finder Earn without a licence exposed consumers to potential harm, including the possibility that they were offered a product that was not suitable for them.  [15 Dec 2022]

Council of Financial Regulators releases its Quarterly Statement – December 2022

The Council of Financial Regulators held its regular quarterly meeting on Monday, 12 December. Items discussed included the evolving risks to household and business balance sheets, non-bank financial intermediation, cyber risks and regulatory developments in the payments system, including crypto, stablecoins and financial market infrastructure. [15 Dec 2022]




Hong Kong

HKEX launches two crypto asset ETFs

The HKEX has announced the listing of two crypto asset exchange traded funds (ETFs), following the publication of a circular by the SFC earlier setting out the requirements for authorisation of virtual asset (VA) futures ETFs for public offering in Hong Kong (see our previous update).

The two newly listed ETFs, namely CSOP Bitcoin Futures ETF (Stock code: 3066) and CSOP Ether Futures ETF (Stock code: 3068), both managed by CSOP Asset Management Limited, track the standardised, cash-settled Bitcoin futures contracts and Ether futures contracts traded on the Chicago Mercantile Exchange, respectively.  These ETFs are the first crypto asset ETFs in Asia.

The SEHK has also issued a circular to its participants, reminding them to note and understand VA futures ETFs features and corresponding obligations when providing services to clients, in preparation for the listing of VA futures ETFs. The participants should refer to the SFC’s circular relating to authorisation and point of sale requirements for further information.

Similar to other exchange traded products and stocks, margin financing is allowed for VA futures ETFs, subject to an individual participant’s risk management policy.  However, in view of the high volatility of VA Futures ETFs, the participants should be particularly prudent in providing clients margin financing for trading such products, and adhere to SFC's guidelines on securities margin financing activities.  [12 and 16 Dec 2022]



HKMA Executive Director delivers opening remarks on AML legislation and regulation, Suptech and Regtech, and importance of ecosystem response

Ms Carmen Chu (HKMA's Executive Director, Enforcement and AML) delivered opening remarks at the Anti-Money Laundering (AML) Seminar 2022 on 15 December 2022, highlighting the following key aspects of developments:

  • Legislation and regulation – Changes have just been made to the Anti-Money Laundering and Counter-Terrorist Financing Ordinance (AMLO) to align with the latest international standards and practices, including a new licensing regime for virtual asset service providers (see our previous update).  Other changes include adoption of a new concept of "former politically exposed persons (PEPs)" to allow a risk-based approach when determining the extent of customer due diligence (CDD) based on identified risk in individual circumstances.  The HKMA is now in the process of engaging consultancy services to assist with a review of international best practices to inform a risk-based, and practical guidance for banks to meet their CDD obligations in relation to PEPs.
  • AML Suptech and Regtech – The HKMA recently started its pilot on the application of data analytics using granular financial crime data across multiple banks for the first time.  The objective is to make its AML supervisory work more data-driven, more timely in identifying risk displacement, and preventing serious harm from mule account networks used for fraud and financial crime.
  • Increasing recognition of the importance of an ecosystem response – In Hong Kong, financial institutions, government bureaux, regulators and law enforcement agencies are all collaborating closely through public-private partnership for information sharing.  It is a joint effort by all stakeholders of the AML ecosystem to prevent, detect and disrupt the abuse of the financial system for illicit fund flows.  [15 Dec 2022]


SFC issues statement regarding investment risks and potential legal requirements for offering VA Arrangements 

The SFC has issued a statement to remind investors of the risks associated with virtual asset (VA) platforms offering VA "deposits", "savings", "earnings" or "staking" services (VA Arrangements) to investors in Hong Kong in light of their continued prevalence, despite previous investor warnings and recent events in the virtual asset industry.  The SFC also reminds the industry of the potential legal requirements when they offer VA Arrangements to investors in Hong Kong.

The SFC has observed that some of these platforms may offer a high "interest rate" on VA "deposits" or a daily generation of additional VA at a guaranteed or fixed rate to investors.  The VA deposited by investors with the platform may then be on-lent by the platform to borrowers on other platforms or decentralised lending protocols or used in investment or other activities.  Some platforms may also offer staking services to investors where investors’ VA may be delegated to a staking pool to earn staking rewards for investors.

There are significant risks associated with investing in these types of VA Arrangements.  Investors may suffer significant or even total loss, especially in the event of fraud or collapse of a VA platform, as evident in the recent fallout of a number of VA platforms.  In particular:

  • The VA Arrangements commonly labelled or marketed as "deposits" or "savings" products are not regulated and are not the same as bank deposits.
  • A vast majority of VA platforms offering VA Arrangements are unregulated.
  • VA are exposed to heightened risks and may lose all value.
  • Some VA Arrangements may be unauthorised collective investment schemes (CISs) and may be highly risky.

The SFC also includes a reminder in its statement that it is an offence under the SFO for a person to issue an advertisement, invitation or document which is or contains an invitation to the Hong Kong public to acquire an interest in or participate in a CIS, unless the issue has been authorised by the SFC or an exemption applies.  It is also an offence under the SFO for a person to carry on a business of marketing or distributing interests in a CIS in Hong Kong or targeting Hong Kong investors without an SFC licence unless an exemption applies.

The SFC states that it takes breaches of the SFO seriously and will take robust enforcement action promptly to safeguard investors’ interests.  [13 Dec 2022]





RBI Governor meeting with FinTechs and Industry Associations

Shri Shaktikanta Das, Governor, Reserve Bank of India (RBI), met with select FinTech entities (including AgriTechs) and some of their Associations. In his introductory remarks, the Governor noted that FinTech initiatives and start-ups are playing a transformative role in the financial system through digital innovations and innovative means of delivery of financial services. He highlighted the proactive and supportive role of the RBI in providing conducive policy environment for responsible innovation. He advised FinTechs to pay close attention to governance, business conduct, data protection, customer centricity, regulatory compliance and risk mitigation frameworks. The Governor reiterated that the RBI will continue to adopt a participative and consultative approach for facilitating innovations in the financial sector. [14 Dec 2022]




BSP Highlights Digitalization During FinEd Expo

​The Bangko Sentral ng Pilipinas (BSP) highlighted how digitalization can support the financial health of Filipino families during the 5th Financial Education (FinEd) Expo held virtually from 21 to 25 November 2022. Themed “Owning the Future: Rebuilding and Strengthening Financial Health through Financial Literacy,” FinEd Expo 2022 put the spotlight on responsible personal debt management, financial planning, and risk management. [13 Dec 2022]




SEC charges eight social media influencers in $100 million stock manipulation scheme

The Securities and Exchange Commission (SEC) has announced charges against eight individuals in a $100 million securities fraud scheme in which they used two social media platforms to manipulate exchange-traded stocks. According to the SEC, since at least January 2020, seven of the defendants promoted themselves as successful traders and cultivated hundreds of thousands of followers on their social media accounts. These seven defendants allegedly purchased certain stocks and then encouraged their substantial social media following to buy those selected stocks by posting price targets or indicating they were buying, holding, or adding to their stock positions. However, as the complaint alleges, when share prices and/or trading volumes rose in the promoted securities, the individuals regularly sold their shares without ever having disclosed their plans to dump the securities while they were promoting them. The complaint further charges a resident of Texas, with aiding and abetting the alleged scheme by, among other things, co-hosting a podcast in which he promoted many of the other individuals as expert traders and provided them with a forum for their manipulative statements.

The SEC's complaint seeks permanent injunctions, disgorgement, prejudgment interest, and civil penalties against each defendant. Criminal charges against all eight individuals also were filed in a parallel action brought by the Department of Justice’s (DoJ's) Fraud Section and the US Attorney’s Office for the Southern District of Texas. [14 Dec 2022]

SEC charges four individuals in crypto pyramid scheme that targeted Spanish-speaking communities

The SEC has charged four defendants for their roles in creating and promoting a fraudulent crypto asset pyramid scheme that raised more than $8.4 million from hundreds of retail investors primarily from Spanish-speaking communities throughout the US and other countries. According to the SEC’s complaint, from approximately July 2017 to November 2020, the defendants enticed and defrauded investors out of millions of dollars with the promise of guaranteed returns resulting from investments in “memberships” in a crypto investment platform. These memberships purportedly gave investors an interest in profits from supposed crypto asset trading and mining operations. Investors could also participate in a referral program, which, as the complaint alleges, incentivized recruiting new victims. The complaint alleges that the defendants knew or were reckless in not knowing that the investment platform had no crypto asset trading and mining operations and that the only way the scheme could continue was by increasing the investor base. The defendants allegedly accelerated the platform’s inevitable collapse by misappropriating investor funds to buy themselves homes, cars, and luxury goods.

The SEC’s complaint charges the defendants with violating the anti-fraud and registration provisions of the federal securities laws. The complaint seeks permanent injunctive relief, conduct-based injunctions preventing the defendants from participating in multi-level marketing or crypto asset offerings, disgorgement of ill-gotten gains and prejudgment interest, civil penalties, and officer-and-director bars. [14 Dec 2022]




SEC charges CEO with defrauding investors in crypto asset trading platform

The SEC has charged the CEO and co-founder of FTX, a crypto trading platform, with orchestrating a scheme to defraud equity investors. According to the SEC’s complaint, since at least May 2019, the crypto trading platform raised more than $1.8 billion from equity investors, including approximately $1.1 billion from approximately 90 US-based investors. In his representations to investors, the defendant promoted the crypto trading platform as a safe, responsible crypto asset trading platform, specifically touting the crypto trading platform’s sophisticated, automated risk measures to protect customer assets. The complaint alleges that, in reality the defendant orchestrated a years-long fraud to conceal from investors: (1) the undisclosed diversion of customers’ funds to his privately held crypto hedge fund; (2) the undisclosed special treatment afforded to the privately-held crypto hedge fund; and (3) undisclosed risk stemming from the crypto trading platform’s exposure to overvalued, illiquid assets. The complaint further alleges that the defendant used commingled customers’ funds to make undisclosed venture investments, lavish real estate purchases, and large political donations.

The SEC’s complaint charges the defendant with violating the anti-fraud provisions of the Securities Act of 1933 and the Securities Exchange Act of 1934. The SEC’s complaint seeks injunctions against future securities law violations; an injunction that prohibits the defendant from participating in the issuance, purchase, offer, or sale of any securities, except for his own personal account; disgorgement of his ill-gotten gains; a civil penalty; and an officer and director bar. [13 Dec 2022]





Ukraine-related sanctions information

Regular updates on sanctions and other developments that may impact businesses with interests or operations in Ukraine and/or Russia are available on our FSR and Corporate Crime Notes blog here.



Karen Anderson photo

Karen Anderson

Consultant, London

Karen Anderson
Cat Dankos photo

Cat Dankos

Regulatory Consultant, London

Cat Dankos

Key contacts

Karen Anderson photo

Karen Anderson

Consultant, London

Karen Anderson
Cat Dankos photo

Cat Dankos

Regulatory Consultant, London

Cat Dankos
Karen Anderson Cat Dankos