The UK Financial Conduct Authority (FCA) has published a new webpage to support the safe and responsible adoption of AI in UK financial markets. The FCA confirms it does not intend to introduce new AI-specific regulations, opting instead to rely on existing frameworks which mitigate many of the risks associated with AI. The webpage outlines the requirements already in place that are relevant for using AI safely: the consumer duty and the accountability and governance requirements under the senior managers and certification regime. Firms are encouraged to visit the FCA's AI Lab for support on developing AI models and solutions safely and responsibly. The FCA confirms that it is leveraging AI tools, including predictive models and large language models, to enhance supervisory efficiency and consumer engagement. The webpage also highlights ongoing collaboration with domestic and international partners, including co-chairing the AI consortium with the Bank of England and signposting links to research the FCA has been involved in. In parallel, the FCA has confirmed on the same day that it intends to proceed with AI live testing.

The UK Financial Conduct Authority (FCA) has published feedback statement FS25/5, summarising responses to its April engagement paper on AI live testing. The AI live testing service aims to promote the safe and responsible adoption of AI in UK financial services through a collaborative, real-world testing environment. The live testing service is voluntary and open to firms that have developed AI proofs of concept and are active in UK financial markets, subject to competitive selection criteria. The FCA has made it clear that the feedback statement does not set out its policy position or views on AI use in financial markets. The feedback reveals strong industry support for the proposal, with respondents recognising the potential of AI live testing.

Read more.

The Wolfsberg Group has published comprehensive guidance on managing financial crime risks for financial institutions (FIs) that provide banking services to fiat-backed stablecoin issuers. While recognising the legitimate benefits of stablecoins, such as pseudonymity, rapid settlement and global reach, the Group also highlights that these same benefits introduce unique risks. The guidance therefore introduces a risk-based framework for assessing and monitoring relationships with issuers operating in regulated jurisdictions. It notes that although existing financial crime risk management principles remain applicable, existing controls may require adapting to address the specific risks posed by stablecoin issuers. The guidance introduces the relevant terminology used by the Group on stablecoins and describes the typical fiat-based services an FI may offer to a stablecoin issuer, highlighting how financial crime-related controls may require adjustment. It also explains how, under a risk-based approach, an FI may evaluate the issuer's compliance obligations on the blockchain. Ultimately, the Group's view is that the approach to banking a stablecoin issuer mirrors that of any customer relationship: firstly to identify and understand the risks associated with both the customer and the nature of the relationship, as well as evaluate how the issuer manages those risks; secondly to determine whether the issuer's risk profile and mitigation strategies align with its own risk appetite; and finally, the FI should implement a proportionate risk management framework that enables ongoing monitoring of the issuer's behaviour and supports timely corrective action when necessary.

The UK Financial Conduct Authority (FCA) has published Market Watch 83, sharing findings from a series of reviews on market abuse risks and related systems and controls at corporate finance firms that provide advisory and corporate broking services to small and mid-cap companies.

The FCA has observed the following in relation to market soundings:

• Disclosing Market Participants (DMPs) extending their market soundings to a relatively large number of Market Sounding Recipients (MSRs) without a process for considering the appropriateness or the number of MSRs contacted. The FCA highlights that a good practice was a simple governance process where a senior employee or relevant committee approved the initial proposed list of MSRs, as well as any additions to it. The FCA encourages firms to consider whether their policies and procedures help effectively manage the number of MSRs to control the flow of inside information.

Read more.

The Bank of England has published a discussion paper (DP) setting out potential measures to enhance the resilience of the UK gilt repo market and support broader financial stability. Developed in consultation with the UK Financial Conduct Authority and informed by input from HM Treasury and the UK Debt Management Office, the DP reflects on insights from the Bank's System-wide Exploratory Scenario and considers international developments, most notably in the U.S., where the Securities and Exchange Commission (SEC) has mandated central clearing for most repo and cash US Treasury transactions by mid-2027. To strengthen the UK gilt repo market, the paper explores two primary options: (i) increasing central clearing of gilt repo transactions; and (ii) introducing minimum haircuts or margins on non-centrally cleared repos. These options aim to reduce counterparty credit risk and mitigate systemic vulnerabilities. The DP also considers additional measures that could improve market resilience, such as enhanced public and private counterparty disclosures. These could serve as alternatives to, or complement, the two core proposals. The deadline for responses is 28 November. Next steps will be considered closely with other UK authorities, with further consultation to follow should any measures be progressed.

The European Banking Authority has announced an extension to the consultation deadline for its draft guidelines on credit conversion factor estimations (EBA/CP/2025/10) under the Capital Requirements Regulation (CRR), as amended by the revised Capital Requirements Regulation (CRR III). The original deadline of 15 October has now been extended to 29 October. The consultation paper sets out draft guidelines on the methodology institutions shall apply for their own estimation and application of credit conversion factors under Article 182(5) of the CRR, to ensure alignment and consistency with existing guidelines on the Probability of Default and Loss Given Default estimation.

The BIS Innovation Hub London Centre, in collaboration with the Bank of England, has announced the launch of Project Keystone, an initiative exploring how technology can enhance the analytical use of ISO 20022 data. 93% of payment system operators have either implemented or are preparing to implement ISO 20022. Project Keystone aims to support this transition by offering a standardised data analytics platform focused on ISO 20022 data. The tool comprises two modules: one for managing the complex data structure and storage needs of ISO 20022, and another for conducting data-driven analysis. Keystone is intended to be an off-the-shelf component for payment system operators to integrate into their own systems, enabling enhanced use of enriched payments data. Central banks and other regulatory bodies could leverage this to gain deeper insights into real-time economic activity, monitor system-wide liquidity and enhance participant confidence, including ensuring adherence to the ISO 20022 standard itself.

The Interim Working Group (IWG) advising on the UK Financial Conduct Authority's (FCA) Credit Information Market Study has issued a formal response to the FCA's feedback on its final report regarding the establishment of the Credit Information Governance Body (CIGB). The IWG welcomes the FCA's support and acknowledges its recommendations, confirming these will be communicated to the newly appointed CIGB staff. The response addresses key areas including supporting positive outcomes for financial inclusion, effectiveness reviews for the CIGB, Memoranda of Understanding (MoUs) between the FCA and CIGB, decision-making safeguards, funding transparency and commercial data governance. While the IWG agrees with the FCA's emphasis on inclusive and transparent governance, it notes that certain initiatives, such as early MoUs and effectiveness reviews, may be delayed due to resource constraints during the CIGB's initial operational phase.

HM Treasury (HMT) has published a formal response letter dated 2 September to the House of Lords Financial Services Regulation Committee's June report on the UK Financial Conduct Authority (FCA) and UK Prudential Regulation Authority's (PRA) secondary international competitiveness and growth objectives. The letter welcomes the Committee's recommendations and notes their alignment with the UK government's Financial Services Growth and Competitiveness Strategy, announced in July, reaffirming its commitment to regulatory reform. HMT's response outlines ongoing efforts that directly address the Committee's recommendations, including reforms to the UK Financial Ombudsman Service (FOS) to restore its original role as a swift and impartial dispute resolution body, a review of the consumer duty's application to wholesale firms, with the FCA due to report back to the Chancellor by the end of September, and the prioritisation of the Advice Guidance Boundary Review to tackle the advice gap. Appendix A of the letter provides further detail on the government's response to each of the Committee's recommendations, including ongoing work and future priorities.

Read more.

The UK Payment Systems Regulator (PSR) has published its annual report and accounts for 2024/25, summarising the PSR's progress across its key activities over the year. In March, the UK government announced that the PSR would consolidate into the UK Financial Conduct Authority (FCA) to streamline regulation and enhance efficiency. While legislation is pending, the report highlights the transitional work already underway to support a more streamlined approach. You may like to read our opinion piece "UK Payment Systems Regulator to be abolished - what's next?" which explores key considerations and potential impacts of the transition. The PSR's annual report sets out significant achievements in its work over the past year, including in fraud prevention through the reimbursement requirement for authorised push payment fraud scams, resulting in 99% of victims being reimbursed in the first three months.

Read more.

Delegated Regulation (EU) 2025/1768 and Delegated Regulation (EU) 2025/884 have been published in the Official Journal of the European Union (OJ), extending the scope of rules on fines and fees for data reporting service providers (DRSPs) to include consolidated tape providers (CTPs). Previously, these rules applied only to two types of DRSPs: approved publication arrangements and approved reporting mechanisms. The amendments align with the EU's review of the Markets in Financial Instruments Directive and Regulation, which aims to improve market data transparency and support the emergence of CTPs in the EU.

Read more.

HM Treasury (HMT) has published the draft Money Laundering and Terrorist Financing (Amendment and Miscellaneous Provision) Regulations 2025, accompanied by a policy note, for technical consultation. This follows HMT's 2024 consultation on improving the effectiveness of the UK Money Laundering Regulations (MLRs), with the government's response published in July this year. The consultation identified key weaknesses in the UK's anti-money laundering (AML) regime, including issues with pooled client accounts, trust registration, cryptoasset regulation and the practicalities of customer due diligence (CDD). The draft statutory instrument (SI) proposes targeted amendments to the MLRs 2017 and related legislation to address these concerns. The key changes are set out below.

Read more.

The UK Home Office has published a progress report on the outcomes framework of the 2023 Economic Crime Plan 2 (ECP2). The ECP2 set out strategic objectives to reduce economic crime, safeguard national security and promote legitimate economic growth in the UK. The progress report sets out insights gathered to date under the ECP2, including: a 36% increase in prosecutions and 7% increase in convictions for money laundering offences in 2024; indications that Suspicious Activity Reports are having a positive effect on asset recovery; and evidence of improved transparency in company ownership, with 32,000 entities having registered on the Companies House Register of Overseas Entities as of 31 March. The report acknowledges a comprehensive assessment of progress towards ECP2 outcomes is constrained by data limitations, with steps being taken to address these data gaps, including through HM Treasury's Effectiveness Framework and the Home Office's Economic Crime Survey 2024. The Home Office plans to publish a further update to the progress report in 2027.

Read more.

HM Treasury (HMT) has published a revised Memorandum of Understanding (MoU) with the Bank of England (BoE) and UK Prudential Regulation Authority (PRA) on financial crisis management, replacing the previous version from October 2017. The MoU sets out the coordinated responsibilities of HMT, the BoE and the PRA, under the Banking Act 2009, the Financial Services Act 2012 and the Financial Services and Markets Act 2023 (FSMA 2023). The MoU has been updated to align with key developments since 2017.

The Better Data Sharing Regulation (Position (EU) No 5/2025), formally adopted by the Council of the EU on 8 July, has been published in the Official Journal of the European Union (OJ), together with the Council's Statement of Reasons. The Regulation amends seven foundational EU laws to streamline supervisory reporting and improve data sharing among EU financial authorities. Key features include: (i) a requirement for the European Supervisory Authorities, through the Joint Committee and in cooperation with other EU bodies, to deliver a feasibility report within five years (i.e., by 18 September 2030) on a cross-sectoral integrated reporting system. Based on its findings and a comprehensive impact assessment, the European Commission may, where appropriate, put forward a legislative proposal; (ii) calls for consistent application of the "report once" principle, whereby authorities should obtain information from other authorities that have already collected it, rather than requesting it again from reporting entities, provided this does not compromise the entities' ability to perform their tasks; (iii) a shift from biannual to annual reporting under the InvestEU Programme; (iv) clarification of the scope and conditions for both mandatory and voluntary data sharing; and (v) encouragement for authorities to enter into memoranda of understanding to support information exchange. The Regulation enters into force on the twentieth day following its publication in the OJ, being 18 September.

The European Banking Authority has published three single rulebook Q&As relating to Commission Delegated Regulation (EU) 2018/389 supplementing the revised Payment Services Directive 2 (Directive 2015/2366/EU), specifying regulatory technical standards on strong customer authentication (SCA) and secure communication. The Q&As cover: (i) whether payment initiation service providers can access payment status information without encountering obstacles (2024_7261); (ii) the manner in which corporate clients of account servicing payment service providers can use proxy matrices to invoke the services of third party providers (2024_7265); and (iii) whether an application programming interface key can constitute a knowledge element of SCA (2024_7286).

The UK Financial Conduct Authority (FCA) has confirmed further steps to simplify its supervisory communications, building on its April announcement and aligning with its Consumer Duty Requirements Review. The FCA confirms it will simplify multi-firm and thematic reviews, labelling those published before 2022 as "historical". While these documents will remain publicly accessible, going forward, the FCA will shift towards publishing concise market reports in place of traditional Dear CEO or portfolio letters. Firms have been advised to continue referring to current relevant supervisory communications until the new reports are released.

The Financial Action Task Force (FATF) has announced the launch of a new National Risk Assessment (NRA) toolkit aimed at enhancing countries' ability to identify and address money laundering risks. The toolkit supports a risk-based approach aligned with FATF Standards and provides cross-country insights into predicate offences, laundering methods, and proceeds of crime. It focuses on four priority areas that are currently consistently challenging to assess, including: corruption, virtual assets and service providers, legal persons and arrangements, and the informal economy. Quick guides, which include practical examples, have also been published to support risk assessment in each priority area. The toolkit draws on good practices from FATF member jurisdictions and is designed to be flexible and adaptable to country-specific needs. It can be integrated into a full NRA, applied to sectoral or thematic assessments, or used to strengthen broader efforts to improve risk understanding. Coinciding with the launch, on the same day, the FATF has also updated its NRA guidance, to reflect recent changes made to its Recommendation 1 standard and guidance on financial inclusion and anti-money laundering and counter terrorist financing measures.

The UK Financial Conduct Authority (FCA) has issued a statement alongside a press release aimed at clarifying the rules surrounding workplace savings schemes. These schemes, which allow employees to save directly from their salary via payroll, are seen as a tool to enhance financial resilience and support economic growth. Despite their potential, uptake remains low with only 7% of UK employers currently offering such schemes, largely due to perceived regulatory barriers. The statement is intended to provide reassurance that workplace savings schemes can be successfully set up and implemented to comply with existing rules and legislation.

Read more.

The UK Financial Conduct Authority (FCA) has published the findings from its multi-firm review of principal trading firms' compliance with the detailed organisational requirements for algorithmic trading set out under the UK Markets in Financial Instruments Directive, specifically those outlined in the associated regulatory technical standards known as RTS 6. The review reveals progress in governance, notably in the quality of self-assessments and validation processes, but also exposes weaknesses such as outdated or incomplete policies, poor documentation, and inconsistent compliance oversight. While many firms demonstrated strong practices in maintaining algorithm inventories, such as detailed records outlining each algorithm's objective, ownership, market usage, and associated risk parameters, in some cases, the algorithmic inventory did not specify the individuals who were approved to operate the algorithm. Deployment protocols were generally formalised, with clear accountability and multi-layered approval processes, especially for new market entries or material changes. However, some firms had outdated policies or lacked clarity on what constituted a material change.

Read more.

The Bank of England (BoE) has published its 2024/25 annual report for the Real-Time Gross Settlement (RTGS) system and CHAPS, marking the successful completion of the RTGS Renewal Programme with the launch of RT2 in April. RT2 introduces a new core ledger and settlement engine, enhancing resilience, security, and functionality, including ISO 20022 messaging and extended automation. Looking ahead, the BoE is shifting towards an "ongoing programme of change" focused on continuous improvement to further strategic deliverables. This includes the following as set out below.

Read more.

On 20 August, Commission Delegated Regulation (EU) 2025/885 supplementing the Markets in Crypto-assets Regulation with regard to regulatory technical standards specifying the arrangements, systems, and procedures for persons to prevent, detect, and report market abuse, the templates to be used for reporting suspected market abuse, and the coordination procedures between competent authorities for the detection and sanctioning of market abuse in cross-border market abuse situations, has been published in the Official Journal of the European Union (OJ). The Delegated Regulation enters into force on the twentieth day following its publication in the OJ, being 9 September.

The European Securities and Markets Authority (ESMA) and the European Environment Agency (EEA) have announced the signing of a Memorandum of Understanding (MoU) to enhance cooperation in the area of sustainable finance. The MoU seeks to reinforce the integration of environmental considerations into the EU's sustainable finance framework, including its supervisory practices. It outlines how ESMA and the EEA will exchange expertise, data and information to promote collaboration between national securities regulators and environmental authorities. This partnership is expected to create synergies, reduce duplication of efforts, and support the EU's broader goals in addressing biodiversity loss, climate change, and pollution.

The UK Financial Conduct Authority (FCA) has released the second report on generating and using synthetic data in financial services, offering comprehensive insights into the governance, ethical, and regulatory considerations surrounding its use in the sector. The report builds on the first 2024 report and responds to industry feedback to the FCA's 2022 Call for Input, which focused on key governance considerations for organisations and professionals planning to use synthetic data. Drawing on insights from members of its Synthetic Data Expert Group (SDEG) (a specialised sub-group of the FCA's Innovation Advisory Group, launched in March 2023 and concluding with this second and final publication), the report offers practical guidance on identifying challenges in synthetic data projects, suggests possible mitigation strategies, and outlines ways to build strong governance practices. It outlines nine key principles for responsible synthetic data adoption which firms may wish to consider when developing their own approaches. These principles, which include accountability, transparency, fairness, and continuous monitoring, among others, provide a foundation for building trustworthy and effective synthetic data practices. The report does not constitute regulatory guidance but serves as a foundational resource highlighting insights and best practices identified from SDEG members, reinforcing the FCA's commitment to fostering safe experimentation and digital transformation within the UK financial sector.

The European Central Bank (ECB) has published its opinion adopted on 14 August in response to a request from Lithuania's Minister of Finance. The opinion concerns proposed amendments to the Law on Lietuvos bankas (the draft law) aimed at transposing Directive (EU) 2024/1619, commonly referred to as the Capital Requirements Directive (CRD VI), into national legislation. CRD VI introduces enhanced requirements for the supervisory independence of competent authorities and the prevention of conflicts of interest among their officials and employees. Lithuania's draft law seeks to reinforce the independence of Lietuvos bankas by introducing measures such as public disclosure of dismissal grounds for board members, structured cooling-off periods for former staff and board members, and broader post-employment restrictions. The ECB confirms that Lithuania's provisions on appointment and dismissal are consistent with CRD VI and the Statute of the European System of Central Banks. However, it stresses that national rules must remain compatible with the ECB's ethics framework, including the Single Code of Conduct and Guideline (EU) 2021/2256. It notes that the proposed 12-month cooling-off period for certain officials is less stringent than the ECB's own framework, which allows for up to two years. It also highlights that Lithuania's definitions of restricted entities post-employment are narrower than those in the Single Code. The ECB emphasises that the draft law must be interpreted without prejudice to the Single Code, as it may be amended from time to time.

The European Securities and Markets Authority (ESMA) has published an updated registration guide (dated 14 August), outlining the procedures and expectations for entities seeking registration, authorisation, recognition, or endorsement to operate within EU financial markets. The guide applies to a broad range of entities including credit rating agencies, benchmark administrators, trade and securitisation repositories, and data reporting services providers. It also anticipates the forthcoming mandates such as ESG rating providers and external reviewers under the EU Green Bond Regulation. Applicants are expected to submit complete and accurate documentation aligned with relevant regulatory and implementing technical standards (RTS/ITS). ESMA places particular emphasis on governance, internal controls, ICT resilience, outsourcing risks, and methodological robustness as key criteria in its assessment process. From January 2026, new mandates under the Benchmarks Regulation review and the Environmental, Social, Governance Regulation will expand ESMA's supervisory scope. While not legally binding, the guide serves as a practical tool to promote transparency and consistency across ESMA's supervisory functions and should be read alongside the specific information available on ESMA's website and the relevant RTS/ITS. The Annex to the guide provides a consolidated overview of the applicable legal frameworks for each type of supervised entity, providing a practical reference point for applicants navigating the registration and compliance process.

The Transition Finance Council, co-launched by the City of London Corporation and HM Government, has issued a consultation on draft entity-level Transition Finance Guidelines. The aim of the Guidelines is to establish a consistent framework for assessing the credibility of transition finance at entity-level across asset classes and jurisdictions, particularly for high-emitting sectors, to shift toward lower-carbon, more sustainable models and transition to net zero in line with the Paris Agreement. Designed to complement existing disclosure frameworks such as those from the Transition Plan Taskforce and the International Sustainability Standards Board, the Guidelines introduce four core principles, each addressing a dimension of credibility. This includes credible ambition, action into progress, transparent accountability, and addressing dependencies. The principles are supported by: (i) universal factors, which serve as minimum criteria applicable in all cases to assess whether the principles are met; and (ii) contextual factors, which apply depending on the materiality of the issue to the entity or the policy environment in which it operates. The consultation specifically seeks feedback on the structure, content, and usability of the Guidelines. The deadline for responses is 19 September, with a second consultation planned for later this year and final publication expected in 2026.

The European Commission (EC) has published two draft regulations which aim to modernise and reinforce the transparency and integrity of the EU's wholesale energy markets under Regulation (EU) No 1227/2011 on Wholesale Energy Market Integrity and Transparency (REMIT). The proposals follow the recent revision of REMIT by Regulation (EU) 2024/1106, which entered into force in May 2024, to address growing volatility in energy markets, geopolitical disruptions, and the emergence of new trading technologies. REMIT IR (Implementing Regulation (EU) No 1348/2014) sets out the principles and technical details for reporting transactional and fundamental data to the European Union Agency for the Cooperation of Energy Regulators (ACER). To align with the revised REMIT, its revision is now required.

Read more.

The European Banking Authority (EBA) has published its final draft regulatory technical standards (RTS) concerning the allocation of off-balance sheet items and the specification of factors that may constrain institutions' ability to cancel unconditionally cancellable commitments. Under the standardised approach to credit risk, the exposure values of off-balance sheet items depend on the application of specific percentages, which are determined by a bucket classification. Developed under Article 111(8) of the Capital Requirements Regulation (CRR), the RTS introduces assignment criteria for items not currently mapped to the five factor buckets in Annex I of the CRR, thereby supporting consistent classification. These criteria aim to reflect varying levels of conversion probability, considering the existence of financial covenants, non-credit related conditions, and obligor optionality.

Read more.

The BIS Innovation Hub has announced the launch of Project Noor, a collaborative initiative with the Hong Kong Monetary Authority and the UK Financial Conduct Authority aimed at enhancing the transparency and accountability of AI models used by banks and other financial institutions. AI is increasingly shaping decisions in digital finance, from mortgage approvals to fraud detection. Yet as these models grow more complex, the press release states that regulators and consumers alike face challenges in interpreting how decisions are made. Project Noor seeks to address this by prototyping explainable AI (XAI) tools that translate complex model logic into human-readable explanations and intuitive visuals. The initiative intends to support compliance with emerging regulations requiring high-risk financial AI systems to be auditable and explainable, without prescribing fixed standards. It empowers supervisors to assess fairness, robustness, and consistency in AI-driven decisions, while preserving privacy and promoting responsible innovation. Importantly, Project Noor does not seek to override existing practices or impose mandatory frameworks. Rather, its purpose is to support supervisors by offering tools and reference points to help them develop their own well-informed judgments. Financial institutions will remain responsible for model explainability.

HM Treasury (HMT) has published five new webpages, each with a collection of joint statements from key international financial partnerships reflecting their shared commitments and the outcomes they are seeking to achieve. These include:

• UK-U.S. Financial Regulatory Working Group – joint statements from the biannual UK-U.S. Financial Regulatory Working Group held between HMT, U.S. Treasury and representatives from their respective supervisory authorities.
• UK-U.S. Financial Innovation Partnership (FIP) – joint statements from the annual FIP held between HMT and the U.S. Treasury on emerging trends in financial services innovation.

Read more.

The President of the European Central Bank (ECB), Christine Lagarde, has issued a letter responding to Members of the European Parliament regarding the Eurosystem's evolving approach to climate-related financial risks. Firstly, the letter confirms the ECB's plan to introduce a "climate factor" in the second half of 2026, which will adjust the collateral value of marketable assets from non-financial corporations based on climate risk data. This replaces previously proposed collateral pool concentration limits, which were not implemented due to insufficient data granularity. The climate factor is part of the ECB's broader Climate and Nature Plan, aimed at strengthening climate risk management across the Eurosystem's balance sheet and collateral framework. Secondly, the letter emphasises the importance of high-quality climate data and raises concerns about the Omnibus I sustainability package, which proposes amendments to the Corporate Sustainability Reporting Directive (CSRD) and the Corporate Sustainability Due Diligence Directive that would reduce reporting obligations. As highlighted in the ECB opinion dated 8 May on the Omnibus proposal, it is their view that the proposed changes risk reducing firm-level sustainability reporting, weakening the Eurosystem's ability to assess climate-related financial risks, and causing delays in the transposition of the CSRD into the national laws of euro area member states. The letter therefore concludes by stressing the need to "strike the right balance" between preserving the benefits of sustainability reporting and ensuring proportionality in the requirements.

The UK Financial Conduct Authority (FCA) has published a summary of discussions held throughout 2024 with industry members of the FCA's Cyber Coordination Group programme. The publication is not intended to introduce any additional regulatory expectations. The FCA states that it is making the insights widely available so that firms can consider them, within the context of the FCA's existing expectations, to learn from other firms and to help strengthen their cyber resilience capabilities. They included insights from both members' positive and more challenging experiences of the issues, and focus on three key topics: i) the reconnection framework and third-party management; ii) threat and vulnerability management and threat-led penetration testing; and iii) AI and other emerging technologies, including quantum computing.

The UK Financial Conduct Authority (FCA) has published a letter to heads of sustainable finance on the sustainability-linked loan (SLL) market and by way of update since the FCA's previous letter on this topic in 2023. The FCA report improvements in the market for SLLs, with better practice and more robust product structures, but continue to observe barriers to scaling the SLL market and some concerns around incentives. The FCA will continue to monitor the SLL market and will work closely with the Transition Finance Council (TFC) to promote the competitive position of the UK as a transition finance hub. Firms are encouraged to engage collaboratively with the TFC's work and the Loan Markets Association, to build alignment in approaches to transition finance.

The UK Payment Systems Regulator (PSR) has published its decisions to revoke:

• From 27 August, Specific Direction 2, which requires all central infrastructure for Bacs to be competitively procured (and Specific Direction 2a which varied the requirement). This decision stems from work to deliver the National Payments Vision (NPV) and aims to provide the necessary space and certainty for work to deliver the NPV.
• From 25 August, Specific Direction 4, which requires the operator of the LINK payment system to procure any future contracts for central infrastructure services in a competitive manner (and Specific Direction 4a which varied the requirement). This decision aims to ensure that LINK and its members have the regulatory clarity they need to focus on their longer-term sustainability and the delivery of an efficient network, given that due to changes in market conditions, a competitive tender obligation may no longer be an effective way to address the competition issues.

Decision 2025/1734 of the European Central Bank (ECB) of 31 July on safeguards in relation to access by central counterparties (CCPs) to Eurosystem overnight credit in TARGET, has been published in the Official Journal. Under Guideline 2022/912, national central banks of Member States whose currency is the euro may provide overnight credit through a dedicated crisis facility to CCPs established in the euro area and which meet certain requirements. This Decision specifies i) the requirements that CCPs must meet in relation to financial soundness and liquidity risk management; ii) the assessments of compliance which the Eurosystem central banks are to carry out; iii) the Governing Council's powers to decide on discretionary measures in cases where an eligible CCP does not comply with the requirements relating to the safeguards on financial soundness and sound liquidity risk management; and iv) the penalties applicable for cases where a CCP's access to the CCP credit facility has been limited and the CCP exceeds the restricted level of access, or resorts to the CCP credit facility in breach of relevant requirements relating to liquidity risk controls. The Decision enters into force on 2 September and applies from 6 October, aligned with the date of application of the amendments to Guideline 2022/912 relating to the CCP credit facility.

The Bank of England (BoE) has published a new webpage on the national payments vision and the vision engagement group (VEG) of sector representatives supporting delivery of the vision. The webpage on the national payments vision contains an update on the delivery of the next generation UK retail payments infrastructure to date and next steps in 2025, focusing on key deliverables in H2.

• In September: i) The BoE will communicate further on the establishment of the Retail Payments Infrastructure Board (RPIB), and the application process for membership of RPIB; ii) The Bank, HM Treasury, FCA and PSR will engage with VEG members to discuss the Payments Vision Delivery Committee's strategy, which is due to be published later in the autumn.
• In October and November: i) The BoE will appoint members to the RPIB with a view to holding the first meeting of the RPIB in late October; ii) The BoE will also set out an approach to wider stakeholder engagement across the ecosystem for the RPIB beyond 2025, and the processes to deliver an early 2026 RPIB consultation paper; iii) The Payments Vision Delivery Committee plans to publish its strategy for retail payments infrastructure. This will inform the early 2026 RPIB consultation paper.
• In December: The Payments Vision Delivery Committee will publish the Payments Forward Plan by the end of the year.

The UK Financial Ombudsman Service (FOS) has published a consultation on further changes to its case fee structure. In April, the FOS implemented changes to its charging structure, which included charges for professional representatives bringing cases. The proposed additional changes in this consultation are stated to respond to regular feedback from stakeholders that further differentiation is required to support the 'polluter pays' model and to better reflect the work the FOS carries out on individual cases.

Read more.

The UK Competition and Markets Authority (CMA) has published its provisional decision that the remaining provisions of the SME Banking (Behavioural) Undertakings 2002 (the 'Limitation on Bundling Provisions') are no longer appropriate and should be released. The Limitation on Bundling Provisions prevent the banks that gave the undertakings from requiring, as a condition of granting a business loan or approving the opening of a business deposit account, that a small or medium-sized enterprise (SME) customer should open or maintain a business current account with the bank. The proposed release is due to changes in the competitive landscape in the SME banking markets and changes in customer behaviour, and the decision follows the CMA's review of the undertakings earlier this year. The CMA is now consulting on this provisional decision before it makes its final decision. The deadline for comments is 5pm on 3 September.

The EU Single Resolution Board (SRB) has launched a consultation on its operational guidance for banks on separability and transferability. The SRB has updated its 2021 operational guidance on separability and seeks to align it with the SRB's operational guidance on resolvability self-assessment, with the SRB's focus now being on operationalisation, resolution testing, and crisis readiness. It is accompanied by an operational framework for transfer playbooks and an annex on testing. It is intended to clarify the procedures for banks and resolution authorities to operationalise the use of transfer tools, supporting enforcement of Articles 38-42 of Directive 2014/59 (BRRD) and applies to all banks under the SRB's remit with transfer tools in their resolution plans. The SRB states that this update 'does not introduce new deliverables, but instead it seeks to enhance the effectiveness of existing ones. The SRB invites feedback on the updates and their impact on banks' current deliverables by 22 October. The guidance is intended to be applicable from the resolution planning cycle 2026.

The European Banking Authority (EBA) has published a report on the use of SupTech tools in anti-money laundering and countering the financing of terrorism (AML/CFT) supervision, as well as a press release. In November 2024, the EBA surveyed competent authorities on their use of SupTech tools and in January 2025, a workshop was held on AML/CFT SupTech. The EBA's report provides its findings from both programs, considers the current use of SupTech tools at EU level and how the tools are implemented. The EBA concludes that SupTech tools can improve the effectiveness of AML/CFT supervision and competent authorities have identified benefits such as enhanced collaboration, improved data quality and analytics, and the ability to scale supervision under the new EU AML/CFT framework, particularly with the establishment of the Authority for Anti-Money Laundering and Countering the Financing of Terrorism, known as AMLA. Poor data quality and governance, limited resources, legal uncertainty, operational risks, and friction related to institutional transformation are recognised as potentially impeding progress. Various good practices have emerged, including promoting a digital-first culture, adopting structured change management strategies, enhancing data governance and interoperability and leveraging synthetic data to safeguard privacy.

HM Treasury (HMT) has published a policy statement on the appointed representatives regime, setting out how it proposes to adjust the appointed representative (AR) legislative framework to provide further needed protection for consumers of AR firms. First, a new gateway for authorised firms will be implemented which will require an authorised firm that intends to use ARs to obtain permission from the Financial Conduct Authority (FCA) before doing so. The FCA's role will be to assess whether an authorised firm has the appropriate resources and expertise to properly oversee ARs. HMT states that it is already working with the FCA on a detailed proposal for designing and implementing the permission gateway. The intention is that the new gateway will not require existing principal firms to apply for the new permission and firms seeking a new authorisation will be able to apply for the permission during the authorisation process. The FCA will have powers to limit, vary, or revoke a permission to act as principal.

Secondly, HMT intends to mitigate consumer harm by closing a gap in the complaints redress system.

Read more.

The European Commission (EC) has published a draft delegated regulation amending Delegated Regulation 2017/567 as regards the obligation to provide market data on a reasonable commercial basis, the determination of what constitutes a liquid market for equity instruments, and the definition of and disclosure for post-trade risk reduction (PTRR) services under the markets in financial instruments regulation (MiFIR).

The proposed amendments follow and seek to reflect the MiFIR reform aimed at enhancing data transparency, removing obstacles to the emergence of consolidated tapes, optimising the trading obligations, and prohibiting receiving payment for order flow and parallel amendments to MiFID II.

Read more.

The Bank of England (BoE) and Financial Conduct Authority (FCA) have together published a consultation paper on proposed additional Q&A under the UK's European Market Infrastructure Regulation. The proposed Q&A relate to the reporting of FX swaps and reporting with technical ISIN. Responses to the consultation may be submitted to either the BoE or the FCA until 12 September.

The Bank of England (BoE) has published a policy statement confirming its amendments to the trade repository reporting requirements under the UK's European Market Infrastructure Regulation (EMIR). In June last year, the BoE had consulted on proposed revisions to the Technical Standards (EMIR Reporting and Data Quality and Miscellaneous Amendments) Instrument 2023. In the policy statement, the BoE confirms that the changes will take effect largely as proposed, except for minor changes to validation rules. On the same day, the Financial Conduct Authority (FCA) published the Technical Standards (EMIR Reporting and Data Quality and Miscellaneous Amendments) Instrument 2025. Both the FCA and BoE changes take effect on 26 January 2026.

Commission Delegated Regulation 2025/791 and Commission Implementing Regulation 2025/790, with regard to the functioning of colleges of supervisors referred to in Articles 116 and 51(3) of Directive 2013/36 (CRD IV) have been published in the Official Journal of the EU. Commission Delegated Regulation 2025/791 contains regulatory technical standards specifying the general conditions for the functioning of supervisory colleges, and repeals Commission Delegated Regulation 2016/98. Commission Implementing Regulation 2025/790 sets out implementing technical standards regarding the operational functioning of colleges of supervisors, and repeals Implementing Regulation 2016/99. Both the Delegated Regulation and the Implementing Regulation enter into force on 28 August.

The UK Financial Conduct Authority (FCA) has published a feedback statement on the design of the Future Entity for UK open banking (FS25/4). The feedback statement responds to the feedback received to the consultation, which was issued by the Joint Regulatory Oversight Committee (JROC). However, in line with the National Payments Vision, JROC has been wound down and the FCA is progressing the further development of open banking. In the feedback statement, the FCA states that subject to legislation the Future Entity will be the primary standard setting body for open banking Application Programming Interfaces (APIs) in the UK. It will set common standards for a minimum level of service and interoperability across open banking services, monitor API performance and compliance with standards (although it will not have enforcement powers), provide directory and certification services and assist in development standards to enable commercial schemes. It is not envisaged that the Future Entity will own or operate commercial schemes where market innovation incentives exist. The FCA expects that the Future Entity and commercial scheme operators will be regulated as interface bodies under the Data (Use and Access) Act. The FCA intends to progress the design of the Future Entity, which is intended to be established by the end of the year.

The European Banking Authority (EBA) has published its final draft implementing technical standards (ITS), amending the Implementing Regulation on the benchmarking of credit and market risk for the 2026 exercise. The EBA flags that the most significant change is in the area of market risk, where it is proposing to restrict the data collection to the information on the alternative standardised approach (ASA) from those banks that were granted the internal model approval. In light of the additional delay to the application of the Fundamental Review of the Trading Book (FRTB), the templates based on the alternative internal model approach (AIMA) have not been implemented.

On credit risk, the EBA report that only minor changes are being made to align the definitions used with the ITS on supervisory reporting following the implementation of Basel III. In particular, the EBA has introduced a mapping between the asset classes used in the benchmarking exercise and the breakdown of credit risk IRB templates adopted in the revised ITS on supervisory reporting.

The draft ITS will be submitted to the European Commission for endorsement and will apply 20 days after publication in the Official Journal of the European Union.

The European Banking Authority (EBA) has published a statement confirming that following the European Commission's Delegated Act postponing the application of the market risk framework (FRTB) by one more year, to 1 January 2027, the EBA's no action letter published on 12 August 2024 would remain fully valid and in place. 

Read more.

The European Banking Authority has published single rulebook Q&A relating to the Digital Operational Resilience Act (DORA). The answers to the questions were given by the joint European Supervisory Authorities. The Q&A cover:

• The identification of ICT service providers (2024_7089).
• Guidance on completing the refPeriod field of the parameters.csv file for the DORA register of information (2025_7387).
• The obligation to maintain a register of information for FEs exempt under article 16, DORA (2025_7388).