On 30 October 2025, the European Banking Authority (EBA) responded to the European Commission’s Call for Advice on the following six regulatory mandates that the new Anti-Money Laundering Authority (AMLA) will adopt: Draft regulatory technical standards (RTS) on the methodology national supervisors will use to assess and classify the inherent and residual risk profile of obliged entities and the frequency at which such profile must be reviewed (Article 40(2) of the Sixth Anti-Money Laundering Directive (AMLD6)). Draft RTS on the risk assessment AMLA will use to determine which institutions it will directly supervise (Article 12(7) of the Anti-Money Laundering Regulation (AMLAR)). Draft RTS on the information obliged entities will have to obtain as part of the customer due diligence process under the new AML regime (Article 28(1) of AMLAR). Draft RTS on the way supervisors will classify breaches of the new regime by severity, and the criteria they will apply when setting the level of pecuniary sanctions or taking administrative measures, or when imposing periodic penalty payments (Article 53(10) of the AMLD6). Preparatory work on two additional mandates relating to draft RTS on group wide policies (Article 16(4) of AMLR) and guidelines on the base amounts for pecuniary fines (Article 53(11) of the AMLD6). When putting together its proposals, the EBA was guided by the principles of a proportionate, risk-based approach that can be applied effectively by financial institutions and their AML supervisors and is conducive to limiting the cost of compliance where possible. It will fall to AMLA, in consultation with the Commission, to take these proposals forward.

On 30 October 2025, the Financial Conduct Authority (FCA) issued a warning to investors about the risks of investing in Contracts for Differences (CFDs) and the implications of giving up retail client protections. Overview The FCA explained that it considers CFDs to be complex, high-risk products and that the protections given to retail investors under FCA rules save consumers from millions of pounds of losses each year. The FCA further set out that is concerned that firms are using high-pressure techniques to encourage investors to claim that they are a professional client, putting them at risk of higher losses, due to the lack of client retail client protections such as leverage limits and client loss protections. The FCA also found that investors are being targeted by finfluencers using promotional techniques that do not make it clear that they are promoting firms that are unregulated and may be offering unrealistic returns. Next steps The FCA made clear that it will take action against firms breaking FCA rules, including where firms push elective professional or redirection promotions to retail clients, and that it will also continue to target finfluencers promoting financial services products illegally.

In the latest episode of our EMEA APAC regulatory insights series, Floortje Nagelkerke, Nikolai de Koning and Selma Joner from our Amsterdam office discuss the local remuneration landscape; the latest on Dutch implementation of the CRD VI and MiFID II review; and the growing regulatory focus on crypto-assets. Listen to episode here.

On 21 October 2025, HM Treasury published a Consultation Response providing details of responses to its 2023 consultation on the reform of the anti-money laundering/ counter-terrorist financing (AML/CTF) supervision regime and confirming that the Government has decided that the Financial Conduct Authority (FCA) should become the single professional services supervisor for AML/ CTF. In our latest briefing, we set out some key takeaways from the Consultation Response, as well as practical steps that relevant firms can be taking now to get ready for FCA supervision.

On 13 October 2025, the Financial Conduct Authority (FCA) issued a Final Notice to Neil Dwane, imposing a financial penalty of £100,281 and a prohibition as a result of sales of shares prior to an announcement that the FCA concluded amounted to insider dealing. For the key takeaways from this case, as well as the key findings, please see our latest Notice in a Nutshell briefing here. All of our publications in this series can also be found here.

On 29 October 2025, the Financial Ombudsman Services (FOS) published its quarterly complaints data from July to September 2025. Key findings from the data include: The number of new complaints decreased from 73,700 in the same period in 2024 to 46,300. Professional representatives were found to account for 4,300 cases referred to the FOS across all sectors, with a higher proportion of complaints coming directly from consumers, following the introduction of a new charging model. The most complained about products were current accounts, hire-purchase (motor) and credit cards.

On 29 October 2025, the Australian Securities and Investments Commission (ASIC) updated Information Sheet 225 Digital assets: Financial Products and Services (INFO 225). Background In December 2024, ASIC consulted on updates to INFO 225 (CP 381) to clarify when certain digital assets are financial products. CP 381 also sought feedback on the application of the existing Australian Financial Services (AFS) licensee obligations to digital asset businesses, potential relief for wrapped tokens and ‘stablecoins’ for the transition to the Government’s proposed digital asset platforms and payment regimes, and a potential class ‘no action’ position for digital asset businesses to transition to licensing. Updates to INFO 225 In the updated version of INFO 225 ASIC has, among other things: Provided further guidance on some of the perceived challenges encountered by the digital assets industry in meeting specific requirements like the financial resources requirements for custodians, professional indemnity insurance, suitable qualified responsible managers, the requirement to hold client money in a separate trust account with an Australian authorised deposit-taking institution and preparing a target market determination under the design and distribution obligations. Added five new examples (bitcoin, native proof-of-stake staking, tokenised real estate, wrapped tokens and non-interest bearing stablecoins) and five amended examples (managed staking/staking as a service, new blockchain, gold-linked token, yield-bearing stablecoin, and wallet). In particular, this confirms ASIC’s view that Bitcoin is unlikely to be a financial product. Added examples of non-yield bearing stablecoins (that are non-cash payment facilities) and wrapped tokens (that are derivatives). Clarified that custodial or depository standards apply to any financial product, based on any technology, using the existing principles-based approach. No action letter Together with the updated version of INFO 225 ASIC has published a class no-action letter for digital asset businesses. The no-action position outlines the scope and conditions where ASIC does not intend to take action for breaches relating to the requirement to hold an AFS licence, Australian market licence, or Australian clearing and settlement (CS) facility licence. It includes an AFS licence lodgement window no later than 30 June 2026. For Australian market and CS facility licences, the same window applies but rather than a licence lodgement, the requirement, among other things, is that ASIC is notified in writing of a person’s intention to apply. The no-action position is subject to conditions including the requirement to have Australian Financial Complaints Authority membership and foreign company registration if not Australian-based. Financial services relating to crypto lending/earn products, and crypto derivatives – other than wrapped tokens – are excluded from the no-action position. Transitional class relief for secondary distributors ASIC has decided, in principle, to give transitional class relief for secondary distributors of eligible stablecoins and wrapped tokens. ASIC is seeking feedback on a draft instrument – CS 32 Proposed relief for certain stablecoins and wrapped tokens, and extension of omnibus accounts for digital asset custody. The deadline for comments is 12 November 2025. Feedback ASIC also released today a summary of feedback themes from submissions to CP 381. Feedback from the consultation informed the no-action position, and ASIC’s decision to provide the proposed relief and include additional examples in the updated guidance.

On 29 October 2025, the Australian Prudential Regulation Authority (APRA) released a response to its submissions paper on proposed changes to the capital treatment of longevity products. In June 2025, APRA released a consultation paper seeking to address two issues with the prudential framework for longevity products: it imposes relatively conservative capital requirements; and the framework is insufficiently risk sensitive and may exacerbate procyclicality by requiring life insurers to liquidate assets during a market downturn. APRA proposed to address these issues by redesigning the ‘illiquidity premium’, a key factor determining capital requirements for longevity products. The response paper summarises the key substantive feedback received from stakeholders to the consultation and outlines APRA’s response. In addition, APRA has also released draft prudential standards proposed to take effect from 1 July 2026, subject to feedback. As regards transitional arrangements, APRA’s assumption is that they will not be required as the proposals in the response paper introduce an additional option for the calculation of the illiquidity premium (the ‘advanced illiquidity premium’). APRA does not intend to change the existing calculation (‘the standard illiquidity premium’), which remains available to insurers. Next steps The deadline for comments on the consultation is 17 December 2025.

On 28 October 2025, Treasury released for consultation the draft Payment Systems Legislation Amendment (2025 Measures No. 1) Regulations 2025 (the draft Regulations) and its Explanatory Statement. The purpose of the draft Regulations is to support the amendments in Schedule 1 to the Treasury Laws Amendment (Payments System Modernisation) Bill 2025 (the Bill), which was passed by both Houses of Parliament on 4 September 2025. It does this in the following way: Schedule 1 to the Bill amends the Payment Systems (Regulation) Act 1998 (PSRA) to modernise the payments regulatory framework. In particular, Schedule 1 to the Bill provides that the Minister may designate a payment system as a special designated payment system if the Minister considers that doing so is in the national interest. The Minister may nominate special regulators in relation to special designated payment systems and to give directions in relation to the special regulator’s performance of functions or exercise of powers under the PSRA. The draft Regulations support the amendments in Schedule 1 to the Bill by prescribing special regulators, heads of special regulators and eligible delegates in relation to special regulators that are nominated special regulators. Schedule 1 to the Bill also provides that certain persons may use or disclose information or documents obtained under, or for the purposes of, the PSRA to either the Reserve Bank of Australia or another nominated special regulator in relation to a special designated payment system for the purposes of the PSRA.. Schedule 1 to the Bill provides that certain persons are not subject to civil liability in respect of an act or omission if the act or omission relates to a special designated payment system, and is done in good faith in the performance or exercise (or purported performance or exercise) of a function or power under the PSRA, or for the  purposes of assisting another person to perform or exercise a function or power under the PSRA. Next steps The deadline for comments on the draft Regulations is 11 November 2025. When finalised the draft Regulations will commence at the same time as the bill.

On 29 October 2025, the European Banking Authority (EBA) issued a Final Report on draft Regulatory Technical Standards (RTS) on credit valuation adjustment (CVA) risk of securities financing transactions (SFTs). Background The Capital Requirements Regulation (CRR) as amended by Regulation 2024/1623 (CRR3) implements in the EU the revised framework for the determination of own funds requirements for CVA risk. Article 382(6) of the CRR (as amended) mandates the EBA to develop draft RTS to specify the conditions and the criteria that institutions shall use to assess whether the CVA risk exposures arising from fair-valued SFTs are material, as well as the frequency of that assessment. The draft RTS are part of the Phase 2 deliverables of the EBA roadmap on the implementation of the EU banking package in the area of market risk​. When producing the draft RTS the EBA has considered the feedback it received to an earlier consultation which took place from 8 July 2024 until 8 October 2024. Draft RTS The draft RTS set out a quantitative approach for the determination of the materiality of CVA risk exposures arising from fair-valued SFTs. In particular, they specify an assessment based on a ratio that quantifies the increase of CVA risk arising from the inclusion of fair-valued SFTs in scope of the own funds’ requirements for CVA risk. Next steps The draft RTS will be submitted to the European Commission for adoption following which they will be subject to scrutiny by the European Parliament and the Council before being published in the Official Journal of the EU.

On 17 October 2025, the European Securities and Markets Authority (ESMA) updated its Q&As under the Markets in Crypto-Assets Regulation (MiCA) with two new entries (Q&A 2653 and Q&A 2654). The updates provide further clarification on (i) how to distinguish between different execution services, and (ii) the treatment of crypto-assets admitted to trading before 30 December 2024. How to distinguish between different execution services (Q&A 2653) ESMA clarifies the distinction between the following services under Article 3(1) MiCA: exchange of crypto-assets for funds or other crypto-assets; execution of orders on behalf of clients; and reception and transmission of orders. According to ESMA, firms must determine the nature of the service based on how it is carried out in practice, rather than the terminology used in contractual or marketing documents. In summary: exchange services apply when the crypto-asset service provider (CASP) acts as counterparty using its own capital; execution of orders applies where the CASP acts as agent and concludes the trade on behalf of the client; and reception and transmission applies when client orders are passed to a third party for execution. ESMA further notes that acting as counterparty does not automatically exclude the service from being considered execution on behalf of a client, where the characteristics of agency activity are present. Transitional regime for pre-30 December 2024 tokens (Q&A 2654) ESMA also clarifies the application of Article 143(2) MiCA concerning crypto-assets (other than ARTs and EMTs) admitted to trading before 30 December 2024. Offerors and persons seeking admission are not required to produce a MiCAR white paper for such legacy tokens but must comply with the marketing communications requirements under Articles 7 and 9 MiCA for communications made after 30 December 2024. Operators of trading platforms must ensure, by 31 December 2027, that a compliant white paper is drawn up, notified and published where required. They must also make available hyperlinks to any existing white papers. Other CASPs referenced in Article 66(3) MiCA are required only to publish hyperlinks to existing white papers and are not responsible for producing them. ESMA adds that where a crypto-asset is not admitted to trading on a platform, a white paper may not be required at all under MiCA. The above clarifications will be particularly relevant for CASPs preparing licence applications and assessing their business models under Title V of MiCA.

On 17 October 2025, Treasury issued the second edition of the Regulatory Initiatives Grid (RIG). The RIG is available in three formats: a comprehensive RIG Report, an interactive dashboard, and an Excel workbook. As with the first edition, the second edition of the RIG outlines upcoming initiatives from financial agencies. However, in order to seek to further reduce the regulatory burden on firms, three core principles have been embedded into this new edition: Minimising overlap in significant consultations and non‑routine data collection activities. Sequencing and timing linked initiatives appropriately. Reducing duplication in data collection processes. The RIG’s scope is limited to publicly communicated initiatives and activities that will materially affect the financial sector in the 24 months from the RIG’s publication date. The RIG includes initiatives publicised prior to 26 September 2025. Initiatives publicised after 26 September 2025 are not included in this edition. A table at the back of the RIG outlines changes to the initiative name or to milestones between edition 1 and this edition of the RIG.

On 17 October 2025, the Chancellor of the Exchequer announced the fully operational Office for Investment: Financial Services. This will be a free support service available to global financial services firms, helping firms to pick locations, navigate regulation and Britain’s business environment. It will be delivered by the Office for Investment in partnership with HM Treasury, financial regulators and the City of London Corporation and is intended to deliver on commitments made in the Chancellor’s Mansion House speech to reduce regulatory uncertainty and make the UK more attractive to investors.

On 17 October 2025, the Financial Conduct Authority (FCA) published findings from a multi-firm review into how firms detect and prevent romance fraud. Background The FCA explained that romance fraud involves people being convinced they are in a relationship and deceived into sending money to criminals. As part of this review, the FCA looked at the approach of six payment service providers (PSPs), including retail banks and payment firms, focusing on how firms detect and prevent romance fraud, and support victims. Key findings The FCA set out examples of good practice and areas for improvement, including: Detection and monitoring: The FCA found that in some cases firms’ detection systems deferred high-risk payments or used various data points effectively to improve their ability to detect suspicious transactions. However, it also identified multiple instances of firms missing opportunities to identify seemingly suspicious transactions. Internal investigative approaches and staff capabilities: The FCA also found that most firms adopted a victim-centred approach, engaged in timely sharing of information, and took proactive steps to prevent further harm by adding confirmed fraudulent beneficiaries to blocklists. However, the FCA also identified an inconsistent approach to payment types considered in investigations (e.g. not considering faster payments such as cash withdrawals) and that some staff failed to spot red flags, such as unusual customer behaviour. Customer engagement and support: The FCA considered that effective engagement with victims was a consistent theme across firms demonstrating good practice, but that there were instances where safeguarding cases were not escalated properly. Treatment of customers in vulnerable circumstances: The FCA observed that many firms took steps to understand circumstances leading to customer vulnerability and therefore to tailor support and reduce re-victimisation. In terms of areas for improvement, the FCA found that many firms were unaware of such vulnerabilities until after fraud occurred, limiting the use of preventative measures. Education and awareness: The FCA identified that most firms demonstrated meaningful efforts to help customers recognise and avoid fraud, particularly through targeted campaigns and educational resources, but that the reach and consistency of these varied. Next steps The FCA expects all PSPs to consider these findings and assess whether their own systems, controls and customer engagement practices are sufficient to prevent and respond to romance fraud.

On 17 October 2025, the Single Resolution Board (SRB) issued a consultation on operational guidance for banks’ communication in resolution, as well as a communication testing supplement to its operational guidance for resolvability testing for banks. Background Per Article 8(9)(n) of the Single Resolution Mechanism Regulation, a communication plan needs to be prepared in the context of resolution planning. In this regard, the SRB sets out, in its Expectations for Banks (EfB), the capabilities it expects banks to develop to ensure resolvability. Communication is one of the seven resolvability dimensions in which capabilities are categorised. The EfB sets out the following two principles with respect to communication: Banks are expected to have developed a comprehensive communication plan, informing relevant stakeholders of the implications of resolution, with the aim of limiting contagion and avoiding uncertainty. Banks are expected to have in place governance arrangements to ensure effective execution of the communication plan, in close coordination with the SRB and national resolution authorities. Banks are to make every effort to comply with the European Banking Authority guidelines on improving resolvability for institutions and resolution authorities, which also includes communication as a key resolvability area. Communication The draft SRB operational guidance on banks’ communication builds on, and further clarifies, the expectations on communication, as laid out in the EfB. It covers four key areas: Coordination between the bank and the resolution authorities. Moratorium tool and implications for communication. Banks’ communication plans for resolution. Banks’ communication governance. The communication testing supplement contains guidance for specific testing. Next steps The deadline for comments on the consultation is 12 December 2025.

On 17 October 2025, there was published in the Official Journal of the EU (OJ), Regulation (EU) 2025/1958 of the European Central Bank of 9 September 2025 amending Regulation (EU) 2015/534 on reporting of supervisory financial information. Our earlier blog on Regulation (EU) 2025/1958 can be found here. It enters into force on the twentieth day following its publication in the OJ (6 November). It applies from 30 December 2025.

On 16 October 2025, the European Central Bank (ECB) published a speech by a member of its supervisory board, Pedro Machado. The speech was given at the Single Supervisory Mechanism (SSM) Conference on Digitalisation and was entitled Time is on our side: Embracing digital change while ensuring stability. Mr Machado’s remarks focus on three areas: Future of banking and emerging digital trends: In summary, the convergence of customer demands, technological innovation, competitive pressures and regulatory changes is transforming the banking industry. To remain resilient and competitive, banks will need to adapt their business models to the opportunities and risks of digitalisation. To strengthen the sustainability of their business models, banks need to define a clear, sound and effective digital strategy, based on a thorough assessment of their business environment. Implications for banks in terms of opportunities and risks: In summary, there are a number of opportunities for the most digitally advanced banks. For example, banks can offer a more personalised and seamless customer experience due to the use of data. Another opportunity lies in the ability to harness big data, which can provide insights into customer behaviour, market trends and operational efficiencies. This data-driven approach can lead to more informed decision-making and an increase in the revenue stream. But there are also certain challenges and risks. For example, increased reliance on digital technologies heightens cybersecurity risks and protecting customer data and ensuring the security of online transactions are key. The increased reliance on third-party providers, particularly software developers and cloud service providers, also introduces risks. Managing these relationships and ensuring high-quality, reliable and secure services can be a challenge. Banks must conduct due diligence, establish clear contracts and implement robust outsourcing frameworks. Impact of digitalisation on banking supervision: As technology, regulations and banks’ practices evolve, the ECB continues to scale up its capacity with a more targeted approach. Currently, the ECB is assessing the implication of digitalisation for revenue generation and cost efficiency in payments and retail business lines. In parallel, it is evaluating the impact of artificial intelligence (AI) and generative AI on banks’ business models, profitability and risk profiles.

On 16 October 2025, the Australian Securities and Investments Commission (ASIC) published the keynote address provided by ASIC Commissioner Alan Kirkland at the Institute of Managed Account Professionals Independent Thought Conference. The keynote address is entitled Improving consumer outcomes is everyone’s job. Responsibility In his speech Commissioner Kirkland focused on consumer outcomes and began by making the general point that good consumer outcomes are the responsibility of everybody who operates within the financial system. Conflicts of Interest Commissioner Kirkland touched on manging conflicts of interest, noting ASIC’s recent consultation on updates to Regulatory Guide 181 (RG 181) on the management of conflicts of interests for AFS licensees. RG 181 has not been amended since 2004 and needs to be updated to reflect changes in the law and policy. Commissioner Kirkland foreshadowed that that ASIC aims to publish the final updated guidance by the end of the year. Managed Accounts Sector Commissioner Kirkland advised that ASIC will be reviewing the managed accounts sector. The sector is estimated to have increased by an average of 24% each year since 2019, mostly in the Separately Managed Account space, as well as Managed Discretionary Accounts. ASIC’s review will focus on licensees and advisers who recommend or offer managed accounts to retail clients. ASIC will examine: How financial advisers comply with their obligations to act in the best interests of their client and provide appropriate advice when they recommend managed accounts. Any conflicts of interest that may be present, and how these conflicts are addressed by advisers and licensees. ASIC will also examine the conflicts that may arise in all parts of the product manufacturing and distribution value chain. Bad Actors Commissioner Kirkland stated that everyone has a role to play to minimise the impact of misconduct: Licensees have a responsibility to ensure advisers are acting in the best interests of clients, and to have adequate monitoring and supervision arrangements to detect concerning conduct. Advisers are in a unique position to recognise where somebody has been the victim of poor advice from somebody else. Individually and in cooperation peers, licensees and advisers must uphold and promote the ethical standards of the profession and hold each other accountable for the protection of the public interest.

Australian Prudential Regulation Authority (APRA) has published the remarks made by its Deputy Chair, Margaret Cole at the FSC Innovation in Retirement conference held on 16 October 2025. In her remarks Margaret Cole noted that Australia is an aging population. Assets in retirement products are predicted to grow from $575 billion to around $3 trillion in 20 years’ time, with 2.5 million Australians predicted to transition from the accumulation phase to the retirement phase in this decade. This background set the scene for APRA’s priorities as the superannuation industry transitions to the retirement phase. These priorities include: Meeting Members’ Needs: There are many members who would benefit from greater access to easy-to-understand information about the products, services and choices available to them. In a staggering figure, $99 billion of assets in MySuper accounts are held in accounts of members aged 65 or over. Information Controls: Ensuring that regulated entities have robust information controls in place, including – but not limited to – multi-factor authentication for member accounts. Operational Risk Management: Ensuring the effective implementation of APRA’s operational risk management standard CPS 230 – particularly those requirements relating to oversight of material service providers. APRA will continue to engage with trustees to ensure they are meeting their new obligations. Retirement Product Returns: Integrating fund-level data on retirement product investment returns and investment strategies into APRA’s Comprehensive Product Performance Package from the second half of 2025-26. Retirement Reporting Framework: Designing with Treasury a new reporting framework on retirement outcomes which will commence in 2027. This will enable monitoring of the outcomes delivered to members in retirement in a consistent and transparent way. The next step for the Retirement Reporting Framework is Government confirmation of the scope of the framework, following the earlier consultation by Treasury. Getting the Balance Right: APRA is taking action to minimise regulatory burden in line with its new strategic objective, Getting the Balance Right. In addition to the reduction of capital requirements for annuity products, the initiatives include introducing further proportionality, removing unnecessary or duplicative rules, and strengthening data sharing with other agencies.

On 15 October 2025, the Australian Securities and Investments Commission (ASIC) updated Regulatory Guide 260 Communicating findings from audit files to directors, audit committees or senior managers (RG 260). Background RG 260 provides practical guidance for directors, audit committees, and senior managers of companies, responsible entities, superannuation trustees, disclosing entities and audit firms by outlining ASIC’s approach to communicating financial reporting and audit quality findings from audit file reviews. It details the financial reporting and audit quality findings identified from ASIC’s reviews of audit files that it would communicate to relevant directors, audit committees or senior managers. It also provides guidance on the process ASIC follows and the timing of its communications. Update This version of RG 260 supersedes the 2022 version. RG 260 has been updated to reflect both ASIC’s new responsibilities and powers to regulate the financial reporting and audit requirements of registrable superannuation entities, and to allow ASIC to communicate findings from audit file reviews to the relevant directors of superannuation trustees. Key sections RG 260 provides guidance on: ASIC’s rationale for advising the relevant directors of its audit surveillances and the timing of this communication (Section B). ASIC’s rationale and criteria for communicating financial reporting and audit quality findings from its reviews of audit files to the relevant directors, audit committees or senior managers (Section C). The process ASIC will follow (including for meeting its procedural fairness obligations) and the timing of communicating financial reporting and audit quality findings to the relevant directors, audit committees or senior managers (Section D).