Follow us

In this weekly post, we round-up FinTech-related financial services regulatory developments for the week ending 1 September 2023.




FSI: Executive summaries on DeFi financial stability risks and CBDCs; Insights paper on BigTechs in insurance

The Financial Stability Institute (FSI) of the Bank for International Settlements (BIS) has published the following:

  • Financial stability risks of decentralised finance (DeFi) – provides an overview of how the turmoil in cryptoasset markets in 2022 has exposed a number of vulnerabilities in relation to DeFi, which could, with growth in the scale of DeFi and its links with the traditional financial system (TradFi), raise the potential for contagion and threats to financial stability.
  • Central bank digital currencies (CBDCs) –discusses retail and wholesale CBDCs; the benefits and challenges of a risk-free, digital and programmable means of payment; the architecture for potentially implementing CBDCs; and potential approaches to overcoming cross-border issues, eg, mutual international recognition of national ID credentials and the use of multi-CBDC (mCBDC) arrangements.
  • Insights – emerging trends and risks of BigTechs' foray into insurance – provides an overview of BigTechs' involvement in the insurance business and the applicable regulatory frameworks for the different activities they perform whether as risk carriers, intermediaries or service providers. [31 Aug 2023]

#DeFI #cryptoasset #CBDC #BigTech


BoE WP: Deep learning model fragility and implications for financial stability and regulation

The Bank of England (BoE) has published a working paper (WP) on the fragility of deep learning models and the implications for financial stability and regulation. The opacity of deep learning models and their deployment for internal and consumer-facing decisions has led to increasing concerns regarding the trustworthiness of their results. Having tested the stability of predictions and explanations of different deep learning models, the WP results demonstrate that the models produce similar predictions but different explanations, even when the differences in model architecture are due to arbitrary factors.

This behaviour is compared with traditional 'glass-box models', and a methodology is shown based on network analysis to compare deep learning models. The analysis has implications for the adoption and risk management of future deep learning models by regulated institutions. [1 Sep 2023]


JMLSG: Revised Guidance on cryptoasset exchange providers and custodian wallet providers

The Joint Money Laundering Steering Group (JMLSG) has published final revisions to Sector 22 (Cryptoasset providers and custodian wallet providers) in Part II of its Guidance. This includes a new Annex I to Sector 22 relating to cryptoasset transfers. The new guidance relates to the provisions of The Money Laundering Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 (MLRs) that implement the Travel Rule for cryptoasset transfers in the UK. The new obligations under Regulations 64A-64H come into effect on 1 September 2023. [31 Aug 2023]

#cryptoasset #custodianwallet


ESMA sees prevailing market uncertainty as downside risks rise

The European Securities and Markets Authority (ESMA) has published its second Trends, Risks and Vulnerabilities (TRV) Report of 2023. The report indicates that, in the first half of 2023, financial markets rebounded on lower energy prices and expectations of a slower pace of monetary tightening, are adapting to durably higher interest rates and inflation, and are highly reactive to adverse events. Going forward, markets are expected to remain sensitive, especially to potential deteriorations in economic fundamentals or risks in financial institutions.

Findings include:

  • Cryptoassets and financial innovation: Cryptoasset valuations rebounded in the early H1 2023 but remained far below their historical peak. Persistently elevated cyber risks remain an important source of concern for the EU financial sector. Financial markets have started exploring potential implications of artificial intelligence (AI) after the launches of various Generative AI tools in H1 2023. [31 Aug 2023]


EIOPA: Speech by Petra Hielkema at HANFA conference

The European Insurance and Occupational Pensions Authority (EIOPA) has published the keynote speech delivered by its Chair, Petra Hielkema, at the Croatian Financial Services Supervisory Authority (HANFA) conference: Insured Risks in Uncertain Times.

Ms Hielkema began by speaking on sustainability and, in particular, natural catastrophe (Nat Cat) risk and disclosures. Other areas discussed include the latest development in Solvency II and the Insurance Recovery and Resolution Directive (IRRD), cyber security and the Digital Operational Resilience Act (DORA). [29 Aug 2023]

#cybersecurity #DORA

Hong Kong

HKSCC announces deferral of second FINI market rehearsal to 9 September 2023 due to severe weather conditions

The Hong Kong Securities Clearing Company Limited (HKSCC) has issued a circular to inform Fast Interface for New Issuance (FINI) users that the second market rehearsal scheduled for 2 September 2023 will be deferred to 9 September 2023, due to severe weather conditions brought about by tropical cyclone Saola.

The HKSCC issued another circular a day earlier regarding the potential deferral and reminded FINI users in the meantime to ensure that they have completed the necessary user account and teams setup within the HKEX Access Management Portal for their staff who will be using FINI, validated the access credentials by logging into the portal, and checked that the email address used by HKEX to send one-time login passwords and other FINI notifications to FINI users has been whitelisted by their organisations.

The Access Management User Guide and Market Rehearsal Information Pack, with details of FINI user account setup procedure and market rehearsal arrangements, are available on the FINI webpage.  [30 & 31 Aug 2023]



MAS MD comments at UNDP Interactive Dialogue on digital, financial and green inclusion for MSMEs

MAS has published the remarks of Managing Director, Ravi Menon, at the Interactive Dialogue at the Executive Board of United Nations Development Programme (UNDP), UN Population Fund (UNFPA) and UN Office for Project Services (UNOPS). Mr Menon spoke on MAS' efforts to build three foundational digital infrastructures, as well as MAS’ collaboration with UNDP to maximise opportunities for micro, small, and medium sized enterprises (MSMEs).  [30 Aug 2023]



Omnibus law: OJK's criminal investigation authorities expanded, out-of-court settlement possible for financial service crimes

OJK recently issued OJK Regulation No. 16 of 2023 on Financial Service Crime Investigation ('2023 Regulation', in Indonesian language), revoking its predecessor, OJK Regulation No. 22/POJK.01/2015 ('2015 Regulation', in Indonesian language). The new regulation was issued to implement the financial omnibus law. Compared to the 2015 regulation, the 2023 Regulation vests OJK with more robust authorities pertaining to financial services crimes (a 'crime'). It also broadens the scope of financial services that are subject to such authorities.

Scope of crime

In tandem with the technological advancements in the financial service sector as of late, the 2023 Regulation expressly include fintech and crypto crimes in its scope. Furthermore, following the recent OJK regulation on carbon exchange, the 2023 Regulation also expressly encompasses crimes in exchange-facilitated carbon trading.

Investigative powers and authorities

In the 2015 Regulation, OJK's investigative powers and authorities are itemised – instead, the 2015 Regulation refers to the Indonesian Penal Code and other laws and regulations pertinent to the police force's investigative powers and authorities. In the 2023 Regulation, such powers and authorities are itemised, and they include:

  • receive crime reports and assess their merits;
  • collect evidence and summon witnesses;
  • request for support from other governmental institutions in blocking the alleged perpetrator; and
  • block bank accounts.

The above powers and authorities also extend to allegations of money laundering.

Out-of-court settlement

Most notably, the 2023 Regulation introduces provisions for out-of-court settlements of crimes. An alleged perpetrator may submit a request for a settlement to OJK during OJK's investigation of the relevant crime. The request must detail, among others, calculation of loss, details of victims, suggested method of settlement and its timeline, as well as a plan for business and governance improvements. Moreover, in such a request, the alleged perpetrator must agree that in the event they fail to follow through with the settlement, OJK can continue their investigation. OJK will assess the request and verify the loss calculation. The OJK may approve or reject a request for settlement.

In the event of a rejection, OJK will continue their investigation. In the event of an approval, parties to the dispute (i.e. the victim(s) and alleged perpetrator(s)) must enter into written agreement(s) for settlement. A settlement must be completed within one year from the date of the written agreement(s). Upon completion of settlement, the parties must submit a statement to the OJK that they relinquish their legal rights pertaining to the relevant crime. Failure by the alleged perpetrator to follow through with the settlement completion will result in OJK continuing investigation. Furthermore, despite of a settlement being approved, the 2023 Regulation empowers OJK to impose additional administrative sanction(s) to the alleged perpetrator, ranging from written reprimands to licence revocation.

The 2023 Regulation came into effect on 7 August 2023. [1 Sep 2023]

#crypto #fintech


SEBI: Guidelines for MIIs regarding cyber security and cyber resilience

Based on the recommendations of the High Powered Steering Committee on Cyber Security and in consultation with market infrastructure institutions (MIIs), SEBI has issued a circular which provides guidelines for strengthening the existing cyber security and cyber resilience framework of MIIs. The provisions of the circular have immediate effect.  [29 Aug 2023]

#cybersecurity #cyberresilience


Karen Anderson photo

Karen Anderson

Consultant, London

Karen Anderson
Cat Dankos photo

Cat Dankos

Regulatory Consultant, London

Cat Dankos

Key contacts

Karen Anderson photo

Karen Anderson

Consultant, London

Karen Anderson
Cat Dankos photo

Cat Dankos

Regulatory Consultant, London

Cat Dankos
Karen Anderson Cat Dankos