On 17 October 2025, the European Securities and Markets Authority (ESMA) updated its Q&As under the Markets in Crypto-Assets Regulation (MiCA) with two new entries (Q&A 2653 and Q&A 2654). The updates provide further clarification on (i) how to distinguish between different execution services, and (ii) the treatment of crypto-assets admitted to trading before 30 December 2024. How to distinguish between different execution services (Q&A 2653) ESMA clarifies the distinction between the following services under Article 3(1) MiCA: exchange of crypto-assets for funds or other crypto-assets; execution of orders on behalf of clients; and reception and transmission of orders. According to ESMA, firms must determine the nature of the service based on how it is carried out in practice, rather than the terminology used in contractual or marketing documents. In summary: exchange services apply when the crypto-asset service provider (CASP) acts as counterparty using its own capital; execution of orders applies where the CASP acts as agent and concludes the trade on behalf of the client; and reception and transmission applies when client orders are passed to a third party for execution. ESMA further notes that acting as counterparty does not automatically exclude the service from being considered execution on behalf of a client, where the characteristics of agency activity are present. Transitional regime for pre-30 December 2024 tokens (Q&A 2654) ESMA also clarifies the application of Article 143(2) MiCA concerning crypto-assets (other than ARTs and EMTs) admitted to trading before 30 December 2024. Offerors and persons seeking admission are not required to produce a MiCAR white paper for such legacy tokens but must comply with the marketing communications requirements under Articles 7 and 9 MiCA for communications made after 30 December 2024. Operators of trading platforms must ensure, by 31 December 2027, that a compliant white paper is drawn up, notified and published where required. They must also make available hyperlinks to any existing white papers. Other CASPs referenced in Article 66(3) MiCA are required only to publish hyperlinks to existing white papers and are not responsible for producing them. ESMA adds that where a crypto-asset is not admitted to trading on a platform, a white paper may not be required at all under MiCA. The above clarifications will be particularly relevant for CASPs preparing licence applications and assessing their business models under Title V of MiCA.

On 17 October 2025, Treasury issued the second edition of the Regulatory Initiatives Grid (RIG). The RIG is available in three formats: a comprehensive RIG Report, an interactive dashboard, and an Excel workbook. As with the first edition, the second edition of the RIG outlines upcoming initiatives from financial agencies. However, in order to seek to further reduce the regulatory burden on firms, three core principles have been embedded into this new edition: Minimising overlap in significant consultations and non‑routine data collection activities. Sequencing and timing linked initiatives appropriately. Reducing duplication in data collection processes. The RIG’s scope is limited to publicly communicated initiatives and activities that will materially affect the financial sector in the 24 months from the RIG’s publication date. The RIG includes initiatives publicised prior to 26 September 2025. Initiatives publicised after 26 September 2025 are not included in this edition. A table at the back of the RIG outlines changes to the initiative name or to milestones between edition 1 and this edition of the RIG.

On 17 October 2025, the Chancellor of the Exchequer announced the fully operational Office for Investment: Financial Services. This will be a free support service available to global financial services firms, helping firms to pick locations, navigate regulation and Britain’s business environment. It will be delivered by the Office for Investment in partnership with HM Treasury, financial regulators and the City of London Corporation and is intended to deliver on commitments made in the Chancellor’s Mansion House speech to reduce regulatory uncertainty and make the UK more attractive to investors.

On 17 October 2025, the Financial Conduct Authority (FCA) published findings from a multi-firm review into how firms detect and prevent romance fraud. Background The FCA explained that romance fraud involves people being convinced they are in a relationship and deceived into sending money to criminals. As part of this review, the FCA looked at the approach of six payment service providers (PSPs), including retail banks and payment firms, focusing on how firms detect and prevent romance fraud, and support victims. Key findings The FCA set out examples of good practice and areas for improvement, including: Detection and monitoring: The FCA found that in some cases firms’ detection systems deferred high-risk payments or used various data points effectively to improve their ability to detect suspicious transactions. However, it also identified multiple instances of firms missing opportunities to identify seemingly suspicious transactions. Internal investigative approaches and staff capabilities: The FCA also found that most firms adopted a victim-centred approach, engaged in timely sharing of information, and took proactive steps to prevent further harm by adding confirmed fraudulent beneficiaries to blocklists. However, the FCA also identified an inconsistent approach to payment types considered in investigations (e.g. not considering faster payments such as cash withdrawals) and that some staff failed to spot red flags, such as unusual customer behaviour. Customer engagement and support: The FCA considered that effective engagement with victims was a consistent theme across firms demonstrating good practice, but that there were instances where safeguarding cases were not escalated properly. Treatment of customers in vulnerable circumstances: The FCA observed that many firms took steps to understand circumstances leading to customer vulnerability and therefore to tailor support and reduce re-victimisation. In terms of areas for improvement, the FCA found that many firms were unaware of such vulnerabilities until after fraud occurred, limiting the use of preventative measures. Education and awareness: The FCA identified that most firms demonstrated meaningful efforts to help customers recognise and avoid fraud, particularly through targeted campaigns and educational resources, but that the reach and consistency of these varied. Next steps The FCA expects all PSPs to consider these findings and assess whether their own systems, controls and customer engagement practices are sufficient to prevent and respond to romance fraud.

On 17 October 2025, the Single Resolution Board (SRB) issued a consultation on operational guidance for banks’ communication in resolution, as well as a communication testing supplement to its operational guidance for resolvability testing for banks. Background Per Article 8(9)(n) of the Single Resolution Mechanism Regulation, a communication plan needs to be prepared in the context of resolution planning. In this regard, the SRB sets out, in its Expectations for Banks (EfB), the capabilities it expects banks to develop to ensure resolvability. Communication is one of the seven resolvability dimensions in which capabilities are categorised. The EfB sets out the following two principles with respect to communication: Banks are expected to have developed a comprehensive communication plan, informing relevant stakeholders of the implications of resolution, with the aim of limiting contagion and avoiding uncertainty. Banks are expected to have in place governance arrangements to ensure effective execution of the communication plan, in close coordination with the SRB and national resolution authorities. Banks are to make every effort to comply with the European Banking Authority guidelines on improving resolvability for institutions and resolution authorities, which also includes communication as a key resolvability area. Communication The draft SRB operational guidance on banks’ communication builds on, and further clarifies, the expectations on communication, as laid out in the EfB. It covers four key areas: Coordination between the bank and the resolution authorities. Moratorium tool and implications for communication. Banks’ communication plans for resolution. Banks’ communication governance. The communication testing supplement contains guidance for specific testing. Next steps The deadline for comments on the consultation is 12 December 2025.

On 17 October 2025, there was published in the Official Journal of the EU (OJ), Regulation (EU) 2025/1958 of the European Central Bank of 9 September 2025 amending Regulation (EU) 2015/534 on reporting of supervisory financial information. Our earlier blog on Regulation (EU) 2025/1958 can be found here. It enters into force on the twentieth day following its publication in the OJ (6 November). It applies from 30 December 2025.

On 16 October 2025, the European Central Bank (ECB) published a speech by a member of its supervisory board, Pedro Machado. The speech was given at the Single Supervisory Mechanism (SSM) Conference on Digitalisation and was entitled Time is on our side: Embracing digital change while ensuring stability. Mr Machado’s remarks focus on three areas: Future of banking and emerging digital trends: In summary, the convergence of customer demands, technological innovation, competitive pressures and regulatory changes is transforming the banking industry. To remain resilient and competitive, banks will need to adapt their business models to the opportunities and risks of digitalisation. To strengthen the sustainability of their business models, banks need to define a clear, sound and effective digital strategy, based on a thorough assessment of their business environment. Implications for banks in terms of opportunities and risks: In summary, there are a number of opportunities for the most digitally advanced banks. For example, banks can offer a more personalised and seamless customer experience due to the use of data. Another opportunity lies in the ability to harness big data, which can provide insights into customer behaviour, market trends and operational efficiencies. This data-driven approach can lead to more informed decision-making and an increase in the revenue stream. But there are also certain challenges and risks. For example, increased reliance on digital technologies heightens cybersecurity risks and protecting customer data and ensuring the security of online transactions are key. The increased reliance on third-party providers, particularly software developers and cloud service providers, also introduces risks. Managing these relationships and ensuring high-quality, reliable and secure services can be a challenge. Banks must conduct due diligence, establish clear contracts and implement robust outsourcing frameworks. Impact of digitalisation on banking supervision: As technology, regulations and banks’ practices evolve, the ECB continues to scale up its capacity with a more targeted approach. Currently, the ECB is assessing the implication of digitalisation for revenue generation and cost efficiency in payments and retail business lines. In parallel, it is evaluating the impact of artificial intelligence (AI) and generative AI on banks’ business models, profitability and risk profiles.

On 16 October 2025, the Australian Securities and Investments Commission (ASIC) published the keynote address provided by ASIC Commissioner Alan Kirkland at the Institute of Managed Account Professionals Independent Thought Conference. The keynote address is entitled Improving consumer outcomes is everyone’s job. Responsibility In his speech Commissioner Kirkland focused on consumer outcomes and began by making the general point that good consumer outcomes are the responsibility of everybody who operates within the financial system. Conflicts of Interest Commissioner Kirkland touched on manging conflicts of interest, noting ASIC’s recent consultation on updates to Regulatory Guide 181 (RG 181) on the management of conflicts of interests for AFS licensees. RG 181 has not been amended since 2004 and needs to be updated to reflect changes in the law and policy. Commissioner Kirkland foreshadowed that that ASIC aims to publish the final updated guidance by the end of the year. Managed Accounts Sector Commissioner Kirkland advised that ASIC will be reviewing the managed accounts sector. The sector is estimated to have increased by an average of 24% each year since 2019, mostly in the Separately Managed Account space, as well as Managed Discretionary Accounts. ASIC’s review will focus on licensees and advisers who recommend or offer managed accounts to retail clients. ASIC will examine: How financial advisers comply with their obligations to act in the best interests of their client and provide appropriate advice when they recommend managed accounts. Any conflicts of interest that may be present, and how these conflicts are addressed by advisers and licensees. ASIC will also examine the conflicts that may arise in all parts of the product manufacturing and distribution value chain. Bad Actors Commissioner Kirkland stated that everyone has a role to play to minimise the impact of misconduct: Licensees have a responsibility to ensure advisers are acting in the best interests of clients, and to have adequate monitoring and supervision arrangements to detect concerning conduct. Advisers are in a unique position to recognise where somebody has been the victim of poor advice from somebody else. Individually and in cooperation peers, licensees and advisers must uphold and promote the ethical standards of the profession and hold each other accountable for the protection of the public interest.

Australian Prudential Regulation Authority (APRA) has published the remarks made by its Deputy Chair, Margaret Cole at the FSC Innovation in Retirement conference held on 16 October 2025. In her remarks Margaret Cole noted that Australia is an aging population. Assets in retirement products are predicted to grow from $575 billion to around $3 trillion in 20 years’ time, with 2.5 million Australians predicted to transition from the accumulation phase to the retirement phase in this decade. This background set the scene for APRA’s priorities as the superannuation industry transitions to the retirement phase. These priorities include: Meeting Members’ Needs: There are many members who would benefit from greater access to easy-to-understand information about the products, services and choices available to them. In a staggering figure, $99 billion of assets in MySuper accounts are held in accounts of members aged 65 or over. Information Controls: Ensuring that regulated entities have robust information controls in place, including – but not limited to – multi-factor authentication for member accounts. Operational Risk Management: Ensuring the effective implementation of APRA’s operational risk management standard CPS 230 – particularly those requirements relating to oversight of material service providers. APRA will continue to engage with trustees to ensure they are meeting their new obligations. Retirement Product Returns: Integrating fund-level data on retirement product investment returns and investment strategies into APRA’s Comprehensive Product Performance Package from the second half of 2025-26. Retirement Reporting Framework: Designing with Treasury a new reporting framework on retirement outcomes which will commence in 2027. This will enable monitoring of the outcomes delivered to members in retirement in a consistent and transparent way. The next step for the Retirement Reporting Framework is Government confirmation of the scope of the framework, following the earlier consultation by Treasury. Getting the Balance Right: APRA is taking action to minimise regulatory burden in line with its new strategic objective, Getting the Balance Right. In addition to the reduction of capital requirements for annuity products, the initiatives include introducing further proportionality, removing unnecessary or duplicative rules, and strengthening data sharing with other agencies.

On 15 October 2025, the Australian Securities and Investments Commission (ASIC) updated Regulatory Guide 260 Communicating findings from audit files to directors, audit committees or senior managers (RG 260). Background RG 260 provides practical guidance for directors, audit committees, and senior managers of companies, responsible entities, superannuation trustees, disclosing entities and audit firms by outlining ASIC’s approach to communicating financial reporting and audit quality findings from audit file reviews. It details the financial reporting and audit quality findings identified from ASIC’s reviews of audit files that it would communicate to relevant directors, audit committees or senior managers. It also provides guidance on the process ASIC follows and the timing of its communications. Update This version of RG 260 supersedes the 2022 version. RG 260 has been updated to reflect both ASIC’s new responsibilities and powers to regulate the financial reporting and audit requirements of registrable superannuation entities, and to allow ASIC to communicate findings from audit file reviews to the relevant directors of superannuation trustees. Key sections RG 260 provides guidance on: ASIC’s rationale for advising the relevant directors of its audit surveillances and the timing of this communication (Section B). ASIC’s rationale and criteria for communicating financial reporting and audit quality findings from its reviews of audit files to the relevant directors, audit committees or senior managers (Section C). The process ASIC will follow (including for meeting its procedural fairness obligations) and the timing of communicating financial reporting and audit quality findings to the relevant directors, audit committees or senior managers (Section D).

On 16 October 2025, the European Securities and Markets Authority (ESMA) issued its second consolidated report on sanctions. In 2024, more than 970 administrative sanctions and measures were imposed across Member States in financial sectors under ESMA’s remit. The number of administrative sanctions and measures remained stable compared to 2023. Overall, the data shows discrepancies in the use of sanctioning powers across Member States, for example, in terms of amounts of fines, number and types of sanctions and measures and use of settlements.

On 16 October 2025, the International Organization of Securities Commissions (IOSCO) published a final report on its thematic review assessing the implementation of IOSCO’s Recommendations for crypto and digital asset (CDA) markets. Background IOSCO published in 2023 a set of 18 policy recommendations for the regulation of crypto and digital assets (CDA Recommendations) in accordance with the principle of ‘same activity, same risk, same regulation/regulatory outcome.’  These policy recommendations are designed to support greater consistency with respect to regulatory frameworks and oversight in IOSCO member jurisdictions to address concerns related to market integrity and investor protection arising from crypto-asset activities. Key findings In the report IOSCO states that, overall, significant progress is being made by its members in relation to the implementation of the key elements of the CDA Recommendations. It also adds that it is encouraging to note that the steps that its members have taken are generally designed to address investor protection and market integrity risks. However, IOSCO adds that there is still much more to be done, especially as new crypto-asset business models are being developed, existing risks are changing, and various new risks are emerging. The report also recognises that most members have mechanisms to facilitate cross-border cooperation, although in some instances there are hurdles to the effective use of these mechanisms. Members should therefore consider enhancements consistent with the CDA Recommendations to ensure that they are able to effectively share relevant information in practice.  Information note Together with the Financial Stability Board (FSB), IOSCO has issued an information note. The note accompanies IOSCO’s report and a report issued by the FSB following its thematic peer review of crypto-asset activities.

On 10 October 2025, the Digital Regulation Co-operation Forum (DRCF) published a report setting out learnings from its AI and digital hub pilot. The AI and Digital Hub pilot was the DRCF’s trial of a multi-agency advice service, designed to support innovators navigating the evolving regulatory landscape for AI and digital technologies, which offered free, informal, cross-regulatory advice. The DRCF sets out in the report that the pilot showed that a cross-agency Hub can offer significant value for both innovators and regulators, in particular highlighting lessons that will shape future DRCF initiatives and may be useful for other regulators considering similar services, including in relation to engaging participants and building the service. The DRCF also explained that insights from the pilot will inform the next phase of its work, which will focus on expanding the Hub’s reach.

On 10 October 2025, the Payment Systems Regulator (PSR) published a decision not to proceed with an interim cap for UK-EEA cross-border interchange fees, alongside a statement of reasons explaining this decision. Summary The PSR explained that in its earlier final report on the market review into the UK-EEA cross-border interchange fees, it had concluded that these fees should be capped. However, the PSR further explained that it has decided that the most effective way to give effect to this is to implement a cap in one step, once its work to determine an appropriate level for UK-EEA cross-border interchange fees has concluded. Next steps The PSR set out that it will continue to progress its work to develop a longer-term price cap, highlighting that its current consultation on the methodology for assessing an appropriate level for the cap is open until Friday 21 November 2025.

On 9 October 2025, the Financial Markets Standards Board (FMSB) published in final form a Statement of Good Practice on Unauthorised Trading Frameworks. The FMSB is an industry-led, member-funded global standards body for the wholesale financial markets. The FMSB has issued the Statement of Good Practice to help establish practical, industry-wide guidance for oversight and controls of unauthorised trading, as well as more consistent expectations among firms and regulators regarding the frameworks needed to effectively contain it.

On 10 October 2025, the Financial Stability Board (FSB) issued a report that examines how financial authorities can monitor artificial intelligence (AI) adoption and assess related vulnerabilities. The report builds on the FSB’s 2024 report and incorporates findings from a member survey on AI monitoring approaches, interviews with member authorities, publicly available information and stakeholder outreach. In particular, building on the 2024 report, which identifies third-party dependencies and service provider concentration as key vulnerabilities, the report examines recent developments that could have implications for financial institutions’ reliance on a small number of third-party service providers. These developments highlight the importance of monitoring the role of service providers in supporting financial institutions’ operations and addressing potential vulnerabilities in the AI supply chain. The report includes a case study on this issue, relating to generative AI (GenAI), noting that while financial institutions appear to be cautiously adopting GenAI with apparently limited use for critical functions and critical operations so far, financial institutions are also exploring new use cases. The report concludes with the following considerations for the FSB, standard setting bodies (SSBs) and national financial authorities: National authorities are encouraged to enhance their monitoring approaches by leveraging the potential indicators presented in the report, collaborating with domestic stakeholders to formalise metrics, enhancing engagement with regulated financial institutions, exploring AI tools to both monitor and mitigate vulnerabilities, and promoting greater data sharing across domestic authorities. The FSB and relevant SSBs should continue to support these efforts by facilitating cross-border cooperation, including through sharing information, experiences, and good practices, and by working towards greater alignment in taxonomies and indicators where feasible. The FSB and relevant SSBs are encouraged to continue monitoring AI developments and addressing data gaps as appropriate, working towards a comprehensive approach to understanding AI adoption in the financial sector and related vulnerabilities.

On 10 October 2025, the European Securities and Markets Authority (ESMA) issued a red line version of its updated manual on post-trade transparency under MiFID II/MiFIR. The updates to the manual reflect the changes in the revised MiFID II/MiFIR that were not affected by Level 2 measures. In December 2024, ESMA submitted its Final Reports on the review of Regulatory Technical Standard (RTS) 13 and RTS 24 (limited to bonds, structured finance products and emission allowances). The current update of the manual reflects the changes introduced by those amendments to Level 2. The updated manual includes a new section 6 dealing with pre-trade transparency for equity instruments and a new section 7 with the input/output data reported to/transmitted by the consolidated tape provider. The manual does not provide EU law interpretation nor does it contain supervisory elements. Rather it is intended to promote common approaches and practices in the implementation of the applicable MiFID II and MiFIR post-transparency legal requirements by clarifying the relevant legal provisions and thus assisting Member State competent authorities, natural or legal persons.

On 10 October 2025, the European Securities and Markets Authority (ESMA) issued its second statement concerning the transition for the application of the MiFID II/MiFIR review. ESMA issued its first statement on the MiFID II/MiFIR review on 27 March 2024 and the statement complements an interpretative notice issued by the European Commission (Commission). In its second statement ESMA states: Notwithstanding potential changes in the timing for the adoption of delegated and implementing acts by the Commission, market participants are expected to comply with the provisions as amended by the MiFID II/MiFIR review, unless otherwise specified. As a general rule, the revised MiFID II provisions apply when the relevant changes are transposed into national law. ESMA also provides in its second statement practical guidance to markets participants on: Commodity derivatives, derivatives on emission allowances and systematic internalisers: Position management controls – In December 2024, ESMA submitted to the Commission the amending draft Regulatory Technical Standards (RTS) on position management controls. The amendments to the RTS on position management controls are a direct consequence of the change to the Level 1 text. ESMA expects trading venues to take into account the position management controls in relation to derivatives of emission allowances included in the amending draft RTS until the current RTS is revised. Position reporting – In December 2024, ESMA submitted an amendment to Implementing Technical Standard (ITS) 4 to the Commission to implement the changes to Article 58 MiFID. ESMA states that the relevant documentation containing technical specifications to be used for reporting purposes by trading venues were published on 25 September 2025. ESMA will communicate separately on the test phase for reporting as per the new requirements. The planned go live of the amended reporting and register is scheduled for 1 April 2026. As per the amended Level 1 text, investment firms are no longer required to report positions in emission allowances under Annex II of ITS 4. Systematic internaliser (SI) regime – With the start of the Designated Publishing Entity regime, the mandatory SI regime based on a quantitative test is no longer applicable, and investment firms are relieved from performing that test. Investment firms meeting the qualitative requirements for equity instruments or opting into the regime will need to register as an SI. When notifying information to their respective Member State competent authorities, those investment firms are invited to base such notification on the template in the draft ITS on the content and format of the SI notification, pending adoption by the Commission and the publication of the final ITS in the Official Journal of the EU (OJ). Single volume cap mechanism (VCM) in MiFIR as amended by the MiFIR review: The single VCM – Has replaced the double VCM and has become operational with the first calculation results published on 9 October 2025. Revised transparency rules for bonds, structured finance products, emission allowances, and equity instruments: Application of the revised rules on equity and non-equity transparency – The Commission Delegated Regulation amending RTS 1 and RTS 2 stipulates that most of the revised transparency requirements in respect of bonds, structured finance products, emission allowances, and equity instruments apply from 2 March 2026. However, as regards RTS 1, 20 days after the amending Commission Delegated Regulation has been published in the OJ, two main provisions start applying: (i) Article 13 – give-up and give in transactions will be excluded from the post-trade transparency reporting when executed off-venue and (ii) Articles 11a and 11b – SIs will have to comply with new quoting obligations.  In this regard, ESMA has published an announcement on the standard market size for liquid instruments on the basis of the amended Table 3 and the new Table 3a of Annex II of RTS 1. These values will determine the new quoting obligation for SIs according to Articles 11a and 11b of RTS 1. While these amendments are still to be published in the OJ, market participants are invited to anticipate the application of the MiFIR provisions related to the transparency requirements for these instruments as of 2 March 2026. Discontinuation of FITRS and DVCAP reporting flows – The last reporting day for volume cap data will be 31 December 2025. The last reporting day for FITRS quantitative data on equity instruments, bonds, structured finance products and emission allowances will be 31 March 2026. The submission of FITRS reference data will remain unchanged in the interim period.

On 10 October 2025, the European Banking Authority (EBA) issued two opinions in response to the European Commission’s amendments relating to the draft Regulatory Technical Standards specifying the composition and liquidity requirements of the reserve of assets under the Markets in Crypto-Assets Regulation (MiCA). The EBA considers that the Commission’s proposed substantive amendments are not consistent with the prudential framework established by MiCA.

In the last episode of our mini-series on the Chancellor’s Mansion House speech and Leeds Reforms, Katie Stephen, Matthew Gregory and Catherine Pluck discuss the proposals in relation to the Financial Ombudsman Service and redress. Listen to our podcast here.