Follow us

In this regular update, we round-up FinTech-related financial services regulatory developments for the week ending 10 March 2023.


Recent updates from Herbert Smith Freehills include:



IOSCO and Cambridge Judge Business School collaborate on machine learning pilot to assist emerging markets regulators

The International Organisation of Securities Commissions (IOSCO) and the Cambridge Judge Business School have announced a pilot project for the development of a Machine Assisted Capacity Building for Standards Implementation (MASI). MASI aims to provide a capacity building tool for emerging markets jurisdictions to assist self-assessments against the IOSCO core principles and to facilitate comparisons with other regulatory frameworks from more developed jurisdictions. [9 Mar 2023]



BIS Innovation Hub: Report on cross-border retail CBDC payments - Project Icebreaker

The Bank for International Settlements (BIS) Innovation Hub has published a report on cross-border retail central bank digital currency (CBDC) payments following the conclusion of Project Icebreaker. The project was conducted on a joint basis with the central banks of Israel, Norway and Sweden and it studied the potential benefits and challenges of using retail CBDCs in international payments. The project provides an insight into the technologies that can be used and the technical and policy choices available for central banks contemplating the implementation of retail CBDCs. [6 Mar 2023]





FCA review of fast-growing firms

The FCA has published findings from its multi-firm review of fast-growing firms (FGFs). The review was conducted on 25 FCA solo-regulated firms which had experienced fast growth over a 3-year period, including contract for difference (CFD) providers, wealth managers and payment services firms; it assessed the impact of this rapid growth on their financial and non-financial resources. The FCA reviewed business plans, internal capital adequacy assessment process (ICAAP) documents, wind-down plans and other documents submitted by firms. The review focused on risk management practices, governance arrangements and adequacy of financial resources.

For most firms, the FCA found that:

  • their risk management and governance arrangements have not kept pace with the growth in their business activities, in particular commenting that 'many firms appeared to be unaware of the full range of regulatory requirements/guidance and had not considered upcoming regulatory changes in their forward planning';
  • their assessment of the adequacy of financial resources did not consider the growth in their underlying business and its associated risks with firms relying on the prescribed regulatory minimum thresholds as their capital resource requirements; and
  • their wind-down plans were inadequate, lacking consideration of events which would be likely to make a firm unviable or the additional costs likely to be incurred during wind down.

The FCA warns there is potential for harm as some firms do not have capital and/or liquid assets commensurate with the size, complexity and growth in their business. Detailed feedback letters including recommended actions were sent to all firms where concerns were identified. Firms are expected to implement these recommendations. [10 Mar 2023]

FCA Perimeter Report

The FCA has released its annual Perimeter Report. The report describes specific issues the regulator sees around the regulatory perimeter and the action it is taking in response. The FCA sets out a number of areas where it has identified particular challenges, including:

  • its ability to collect intelligence and data on unregulated activities;
  • with regard to business models: unregulated debt advice lead generators; appointed representatives; outsourcing and third party service providers; deposit aggregators; funeral plans; the general insurance (GI) perimeter; and firms supervised under the Money Laundering Regulations (MLRs) but not authorised under the Financial Services and Markets Act (FSMA);
  • on consumer investments; unregulated collective investment schemes (CIS); mass marketing of high-risk investments to retail customers; exemptions in the Financial Promotions Order (FPO); the new regulatory gateway under section 21 of FSMA; marketing of contracts for difference (CFD) and other high-risk derivative products; and
  • with regard to technology changes: online harms, including scammers' use of online platforms; digital markets; payments and changes to the payments landscape; Open Banking, Open Finance and Smart Data; access to cash; and cryptoassets and stablecoins; [10 Mar 2023]


TSC: Evidence session with the PRA 

The Treasury Committee (TSC) has published the transcript from its 7 March evidence session on the work of the PRA. The TSC heard from: PRA CEO Sam Woods; Julia Black, External Member of the Prudential Regulation Committee (PRC); and Victoria Saporta, Executive Director, Prudential Policy at the PRA.  Matters discussed ranged across a number of topics, including the PRA's identification of the risk of systemic herding during a period of stress out of commercial bank deposits into a CBDC. [10 Mar 2023]

FCA to collect economic crime levy from July

The FCA has issued a press release explaining that, with HMRC and the Gambling Commission, it will share responsibility for the collection of the economic crime levy (ECL) on behalf of HM Government (HMG) from July. The FCA will be responsible for collecting the ECL from those firms that it regulates or those that are registered with it. Specifically, the ECL will apply to anti-money laundering (AML) regulated businesses including:

  • credit institutions;
  • financial institutions;
  • auditors, insolvency practitioners, external accountants, and tax advisers;
  • independent legal professionals;
  • trust or company service providers;
  • estate and lettings agents;
  • high value dealers, casinos, auction platforms and art market participants; and
  • crypto asset exchange providers and custodian wallet providers.

Impacted firms (those who were subject to the money laundering regulations between 6 April 2022 and 5 April 2023) will see the ECL appear on invoices from July 2023. It will be paid annually and determined by a firm’s UK revenue. To ensure firms are charged the right amount, all impacted firms must submit their data via new Reg Data Report (FIN074) from 1 April. A failure to submit in time may result in a £250 administrative fee. [9 Mar 2023]



HMT: Speech on Edinburgh Reforms and FSM Bill

HMT has published the speech delivered by Andrew Griffith MP, Economic Secretary, at a FIX trading conference. In his speech, Mr Griffiths spoke about elements in the Edinburgh Reforms package and the Financial Services and Markets (FSM) Bill. With regard to technology and innovation, Mr Griffith outlined a number of initiatives, including:

  • the creation of a financial market infrastructure (FMI) sandbox to help industry adopt and scale digital solutions for markets - the first of these is expected to be up and running this year;
  • the recent publication of consultation papers on crypto assets and a potential digital pound; and
  • the progression of other initiatives such as the launch of a new Centre for Finance, Innovation and Technology (CFIT) backed by £5 million of Treasury seed funding to 'champion the UK’s world-leading fintech sector, helping firms to create high-skilled jobs across the country...' [9 Mar 2023]




FCA takes further action against unregistered crypto ATMs

The FCA has issued a press release in relation to its inspection of several sites in East London suspected of hosting illegally operating crypto ATMs, as it continues its crackdown on the illicit sector following similar visits in Leeds. The FCA will review evidence gathered during these visits and consider taking further action where necessary. [8 Mar 2023] 

HoC Library: Research briefing on CBDCs

The HoC Library has published a research briefing on CBDCs. The briefing covers: the definition of CBDCs; how CBDCs differ from cryptocurrencies; the benefits and challenges of CBDCs; and plans to introduce a digital pound. [8 Mar 2023] 

JMLSG: Updated guidance

The Joint Money Laundering Steering Group (JMLSG) has published final amendments to the following text in Part II of its Guidance:

These amendments have been submitted to HMT for Ministerial approval.

Amendments have also been made to Part I Chapter 6 Paragraphs 6.70-6.71, to highlight the FOS's ability to effectively handle complaints with a money laundering element. [6 Mar 2023]




ESMA: Speech on digital finance and capital markets

The European Securities and Markets Authority (ESMA) has published a speech by its Chair, Verena Ross, on digital finance and capital markets. Ms Ross spoke about: the risks and benefits of digitalisation in financial markets; the growing risk of cybersecurity threats to the financial system; and building digital operational resilience through the Digital Operational Resilience Act (DORA). [10 Mar 2023]

ESMA - Updated Q&As on ECSPR

ESMA has published updated questions and answers (Q&As) on the European Crowdfunding Service Providers Regulation (ECSPR): there is an update in section 5 General Provisions with a new Q&A on using exemptions under the Revised Payment Services Directive (PSD2). [10 Mar 2023]

ESMA: Guidelines on applying for permission to operate a DLT market infrastructure 

ESMA has published guidelines setting out standard forms, formats and templates to apply for permission to operate a distributed ledger technology (DLT) market infrastructure. The guidelines apply from 23 March 2023. [8 Mar 2023] 

ECB: Speech on cyber resilience in the financial sector 

The European Central Bank (ECB) has published a speech by Fabio Panetta, Member of the Executive Board, on building up cyber resilience in the financial sector. In his speech, Mr Panetta spoke about current cyber threats, emerging risks and the implications of these for the ECB's future work. In particular, he highlighted the risk of supply chain attacks, ransomware attacks and the risks around artificial intelligence (AI). Mr Panetta also explained that it is necessary to adapt operational and cyber resilience frameworks constantly, as well as to ensure strict regulation and enforcement. [8 Mar 2023] 

EIOPA: Digitalisation Market Monitoring Survey

The European Insurance and Occupational Pensions Authority (EIOPA) has launched a new Digitalisation Market Monitoring Survey. The survey will monitor the development of European insurers' digital transformation strategies in order to help develop a better understanding of how undertakings use or plan to use innovative business models and technologies. The survey will gather information on the use of financial innovation in the European insurance sector, including the spread of new business models such as digital distribution and communication channels as well as insurers' partnerships with start-ups and big techs.

The survey is being distributed via the national competent authorities. However, any undertaking is welcome to complete the survey which can be found on the EIOPA website. [7 Mar 2023] 



Hong Kong

HKMA issues further practical guidance on key AML/CFT requirements for account opening and ongoing monitoring of private banking customers

The HKMA has issued a circular to provide authorised institutions (AIs) with further practical guidance on key AML and CFT requirements for account opening and ongoing monitoring of private banking customers.

Under a risk-based approach, AIs are moving away from a purely compliance-based approach towards a focus on effectiveness and outcomes.  The HKMA places significant emphasis on the risk-based approach in its supervisory work and provides guidance in various formats to assist AIs.  The three guiding principles of this approach (ie, risk differentiation, proportionality, and not a 'zero failure' regime) apply equally to private banking businesses.

Nonetheless, feedback from the industry and customers indicate that private banks face challenges in customer onboarding and account maintenance, especially in the following areas:

  • Establishment of source of wealth and source of funds;
  • Ongoing monitoring; and
  • AML regtech adoption.

The HKMA has therefore prepared a set of 'do’s and don’ts' and good practices in its Smart Tips for Private Banking to help private banks' management and AML compliance and customer-facing units to appropriately apply AML/CFT requirements to deliver effective outcomes.  AIs should review and update their policies and procedures taking into account this and other guidance, including the presentation on 'Source of Wealth Requirements' in the recent 2022 AML Seminar, and Appendix 1 'Establishing source of wealth' to the AML/CFT FAQs published by the Hong Kong Association of Banks.

In addition, the HKMA is introducing supervisory technology to strengthen its risk-based and data-driven AML supervision. This includes an upcoming revamp of the way it obtains and analyses data collected from banks to optimise supervisory and compliance resources, as well as focusing on collaborative efforts and an ecosystem response to evolving money laundering and financial crime risks, and supporting a safe and efficient platform for the development of private wealth management businesses.  [7 Mar 2023] 

SFC publishes quarterly report for October to December 2022

The SFC has published its quarterly report summarising its work and key developments from October to December 2022. The highlights covered by the report include (among others):

  • Product-related developments – These include authorising the first two virtual asset futures exchange-traded funds (ETFs); and
  • Virtual assets – These include issuing a circular to set out the requirements for authorising ETFs which obtain exposure to virtual assets through futures, and issuing a statement to alert investors about the significant risks associated with trading platforms offering virtual asset 'deposits', 'savings', 'earnings', or 'staking' services and to remind the industry of the potential legal requirements when offering these arrangements.  [7 Mar 2023]



SCM at BPAM bond market awards 2023

The SCM has published the keynote address of Muhammad Hakim, Deputy Director, Fixed Income, at the Bond Pricing Agency Malaysia (BPAM) Bond Market Awards 2023. The Deputy Director spoke about: the bond market landscape; the push for digitalisation; and the importance of bond pricing agency. [8 Mar 2023] 




SECT: Draft regulation prohibiting digital asset business operators providing crypto deposit taking and lending services

The SECT is seeking comments on a draft regulation prohibiting digital asset business operators from providing or getting involved with crypto saving (deposit taking) and lending services. The proposed regulation aims to provide greater protection to investors, reduce associated risks, and prevent a misunderstanding that deposit taking and lending services are under the same supervision as regulated digital asset businesses. Feedback is requested by 7 April 2023. [8 Mar 2023]




BSP mandates full adoption of QR Ph codes by 1 July 2023

The Bangko Sentral ng Pilipinas (BSP) has approved the guidelines that will facilitate the full transition of all quick response (QR) code-enabled payments services to the National QR Code Standard or 'QR Ph'. The guidelines mandate BSP-supervised financial institutions (BSFIs) acting as payment service providers (PSPs) and offering QR code-enabled payment services to use and display QR Ph on their internet and mobile channels from 1 July 2023. PSPs, including those participating in the InstaPay automated clearing house, are required to submit the status of their compliance with the QR Ph standard within 30 days from the date of the memorandum. [9 Mar 2023]





FSC launches Green FinTech thematic campaign

The Financial Supervisory Commission (FSC) has announced that it will launch a Green FinTech thematic campaign. The campaign will involve a series of Green FinTech activities, including domestic and international conferences, business matching and proof-of-concept activities, and events to announce significant achievements.

The FSC recently supported the Taiwan Financial Services Roundtable (TFSR) and the British Office Taipei jointly hosted UK-Taiwan Green FinTech Forum. The UK Financial Conduct Authority (FCA), the London Stock Exchange (LSE), as well as Taiwan’s Joint Credit Information Center, Academia Sinica, and FinTech firms from both countries were invited to share their experiences and take part in a panel discussion. Noting that the UK government has achieved remarkable successes in its efforts to promote green finance and FinTech, the FSC has been working with the UK to hold this event in order to strengthen cooperative ties between firms in the two countries, and to help financial institutions in Taiwan to keep abreast of the latest international green FinTech trends.   [10 Mar 2023]





SEC charges software company for misleading disclosures about ransomware attack that impacted charitable donors

The Securities and Exchange Commission (SEC) has announced that a South Carolina-based public company that provides donor data management software to non-profit organizations, agreed to pay $3 million to settle charges for making misleading disclosures about a 2020 ransomware attack that impacted more than 13,000 customers.

The SEC’s order finds that, on July 16, 2020, the company announced that the ransomware attacker did not access donor bank account information or social security numbers. Within days of these statements, however, the company’s technology and customer relations personnel learned that the attacker had in fact accessed and exfiltrated this sensitive information.

The SEC's order finds that the company violated Sections 17(a)(2) and 17(a)(3) of the Securities Act of 1933 and Section 13(a) of the Securities Exchange Act of 1934 and Rules 12b-20, 13a-13, and 13a-15(a) thereunder. Without admitting or denying the SEC’s findings, the firm agreed to cease and desist from committing violations of these provisions and to pay a $3 million civil penalty. [10 Mar 2023]

Fed speech: Approach to the supervision and regulation of banks' crypto-related activities

The Federal Reserve (Fed) has published the speech delivered by Vice Chair for Supervision Michael S. Barr at the Peterson Institute for International Economics in Washington, DC on the Fed's approach to supervision and regulation of banks’ crypto-related activities. Mr Barr acknowledges the recent turmoil in the crypto sector, but says that the Fed has not lost sight of the potential for crypto technology to transform the financial sector.  [9 Mar 2023]

Treasury: Remarks by Under Secretary for International Affairs at the IIB Annual Washington Conference

The Treasury has published the remarks delivered by Under Secretary for International Affairs Jay Shambaugh at the Institute of International Bankers’ (IIB) Annual Washington Conference.  Mr Shambaugh touched on a number of regulatory matters, including:

  • finalizing implementation of Basel III;
  • remaining risks in non-bank financial intermediaries (NBFIs);
  • international cooperation on an approach to digital assets;
  • the reliance on third party service providers, in particular cloud-based technologies;
  • climate change; and
  • systemic vulnerabilities identified during the Covid-19 and Ukraine shocks. [6 Mar 2023]



SEC files emergency action against Miami investment adviser and principal for orchestrating $100 million crypto fraud scheme

The SEC has announced that it filed an emergency action in which it successfully obtained an asset freeze, appointment of a receiver, and other emergency relief against a Miami-based investment adviser and one of its principals, in connection with a crypto asset fraud scheme. From at least October 2018 through to September 2022, the adviser raised approximately $100 million from at least 55 investors to invest in crypto assets, but the defendants instead used some of the money to make Ponzi-like payments and for personal use.

According to the SEC’s complaint, the defendants assured investors that their money would be used primarily to trade crypto assets and represented that the adviser would generate returns for investors through separately managed accounts and five private funds. As the complaint alleges, the defendants disregarded the structure of the funds, commingled investor assets, and used more than $3.6 million to make Ponzi-like payments to fund investors. The complaint also alleges that the principal misappropriated at least $371,000 of investor money to, among other things, pay for vacations, sporting events tickets, and a New York City apartment. According to the complaint, the principal attempted to conceal the unauthorized use of investor money by providing altered documents with inflated bank account balances to the third-party administrator for certain of the funds. The complaint further alleges that the adviser materially misrepresented to some investors that the adviser, or one of the funds, received an audit opinion from a 'top four auditor', when in fact neither the adviser nor any of the funds received an audit opinion at any time. [6 Mar 2023]





Ukraine-related sanctions information

Regular updates on sanctions and other developments that may impact businesses with interests or operations in Ukraine and/or Russia are available on our FSR and Corporate Crime Notes blog here.



Karen Anderson photo

Karen Anderson

Consultant, London

Karen Anderson
Cat Dankos photo

Cat Dankos

Regulatory Consultant, London

Cat Dankos

Key contacts

Karen Anderson photo

Karen Anderson

Consultant, London

Karen Anderson
Cat Dankos photo

Cat Dankos

Regulatory Consultant, London

Cat Dankos
Karen Anderson Cat Dankos