The UK Property (Digital Assets etc) Bill has completed its third reading in the House of Commons with further amendments and now awaits royal assent before becoming law. The Bill gives effect to recommendations of the Law Commission confirming in statute that a thing that is digital or electronic in nature can be recognised as personal property even if it does not fall within the traditional categories of "things in possession" or "things in action". The Bill applies to England, Wales and Northern Ireland.

The European Commission (EC) has adopted its Digital Omnibus Package with a set of proposals which seek to simplify rules on AI, data and cybersecurity. This forms part of the EC's broader digital initiative to help EU businesses innovate, scale and save on administrative costs. At the core of the package is the proposal for a regulation on simplification of the digital legislation which introduces technical amendments to a large range of digital laws.

Key measures include:

• AI – providing clarifications and practical measures to ensure smooth application of AI rules, including provisions for regulatory sandboxes and SME-friendly compliance pathways. Further targeted amendments to the EU AI Act are made through a separate legal proposal within the package.
• Cybersecurity – establishing a single-entry reporting mechanism that consolidates mandatory obligations under, among others, the NIS2 Directive, the General Data Protection Regulation (GDPR) and the Digital Operational Resilience Act (DORA). In a second stage, sector-specific rules in areas such as energy and aviation will also be integrated into this single-entry point.

Read more.

The Financial Stability Board (FSB) has published a letter from the FSB's Chair, Andrew Bailey, addressed to G20 leaders. The letter urges G20 leaders to accelerate efforts to modernise financial regulation while safeguarding stability, citing significant gaps in reform implementation and a challenging economic outlook. The next phase of the FSB's work will look deeper into where full, timely and consistent implementation of global standards, such as Basel III, was not achieved.

The letter highlights the growing influence of non-bank financial intermediaries in global financial markets, now estimated at USD2 trillion globally, and stresses the need for robust monitoring to prevent systemic risks. It also calls for continued attention to national policy barriers to achieve the objectives of the G20 Roadmap for enhancing cross-border payments. With the rise of digital assets, the FSB calls on authorities to carefully consider how frameworks are designed to ensure they are effective, consistent, and supportive of safe innovation and notes that it will be equally important to consider how stablecoins can operate effectively and safely across borders. The FSB's work programme for the year ahead will include a focus on stablecoins and other forms of payment.

The Investment Association and the Investment Management Association of Singapore, in partnership with the UK Financial Conduct Authority (FCA) and Monetary Authority of Singapore (MAS), have released a joint report on challenges and opportunities in tokenised asset markets across the UK and Singapore. The report highlights an "adoption gap" between innovation in digital assets and investor requirements. It introduces a practical operational readiness checklist in section 4, to guide market participants looking to design and launch tokenised financial products.

Read more.

The International Organization of Securities Commissions (IOSCO) has published its final report on the tokenisation of financial assets. The report summarises observations from IOSCO's monitoring exercise led by its Fintech Task Force. It examines the development and adoption of tokenisation and distributed ledger technology (DLT) in capital markets, to share understanding among IOSCO members of current use cases and regulatory responses. IOSCO finds that while tokenisation, enabled by DLT, offers potential efficiency gains such as shorter settlement cycles and improved collateral mobility, adoption remains limited. This is considered to be due to new or heightened risks such as interoperability challenges and the lack of credible settlement assets, which hinder scalability.

Other evolving risks include legal uncertainty, operational vulnerabilities and cyber threats, which mirror existing risk categories but manifest differently under DLT, requiring tailored risk controls. Regulatory approaches to respond to these risks vary globally, with some IOSCO members applying existing frameworks while others have issued new guidance or sandbox programs. The report concludes with examples of steps taken by authorities in various jurisdictions to address the application of existing regulatory frameworks and risks arising from tokenised capital markets products. IOSCO also encourages regulators to apply recommendations from its previous reports on crypto and digital asset markets and decentralised finance to ensure consistent outcomes under the principle of "same activities, same risks, same regulatory outcomes".

The Bank of England (BoE) has published a consultation paper outlining its proposed regulatory framework for sterling-denominated systemic stablecoins. Under the framework, HM Treasury (HMT) will determine which payment systems using stablecoins, and their service providers, are recognised as systemically important. Once designated, these entities will fall within the BoE's remit and be subject to its powers under the Banking Act 2009. The proposed regime does not cover stablecoins used for non-systemic purposes which are not widely used by individuals to make retail or business payments. These activities will remain under the supervision of the UK Financial Conduct Authority (FCA).The consultation builds on feedback to the 2023 discussion paper.

Key proposals include:

• Allowing issuers to hold up to 60% of backing assets in short-term sterling-denominated UK government debt, with the remaining 40% as unremunerated deposits at the BoE. Issuers deemed systemic at launch, or transitioning from the FCA regime, may initially hold up to 95% in short-term UK government debt to support viability during growth.

Read more.

The Economic Secretary to HM Treasury (HMT) has published a letter confirming it has commissioned the Financial Services Skills Commission to produce a comprehensive report on the impact of AI and other disruptive technologies on the UK financial services sector. The research, aligned with the Financial Services Growth and Competitiveness Strategy, will examine emerging technologies, their effect on the sector's growth at both national and regional levels and on implications for customers. It will also identify the skills required for successful adoption and deployment of the technologies and set out a clear plan with actionable steps for employers, employees, education providers and government on how to build the skills required over the next decade. The final report is scheduled for mid-2027.

The European Parliament's Committee on Economic and Monetary Affairs (ECON) has published three draft reports proposing amendments to the European Commission's legislative package on the establishment of the digital euro. These proposals collectively aim to establish a comprehensive legal framework for the issuance, use and coexistence of the digital euro alongside physical cash. The first draft report (COM(2023)0369) proposes amendments to the proposed regulation establishing the digital euro as a central bank digital currency, detailing its governance and operational principles. Accompanying this, the second draft report (COM(2023)0368) proposes limited procedural amendments to the proposed regulation on the provision of digital euro services by payment service providers in Member States whose currency is not the euro. Finally, the third draft report (COM(2023)0364) proposes amendments to the proposed regulation on the legal tender status of euro banknotes and coins. This measure is designed to safeguard the mandatory acceptance of continued use of cash, ensuring it remains a viable payment option alongside the digital euro.

The UK Financial Conduct Authority (FCA) has published a statement outlining guidance for firms intending to offer crypto exchange-traded notes (cETNs) to retail investors, following the lifting of its ban effective from 8 October. The products are classified as Restricted Mass Market Investments and only cETNs listed on the FCA's official list and traded on a UK Recognised Investment Exchange are eligible for retail distribution. Firms are expected to hold the appropriate permissions and comply with the relevant financial promotion rules. This includes not offering investment incentives, conducting mandatory appropriateness assessments, categorising clients, providing cooling-off periods and issuing prominent risk warnings. Firms are also expected to meet consumer duty obligations, ensuring products offer fair value, transparency and good consumer outcomes. Firms seeking authorisation or new permissions may request a pre-application meeting with the FCA through its pre-application support service.

The UK Financial Conduct Authority (FCA) has published Primary Market Bulletin 59 (PMB59). It begins with findings from a review of issuers' compliance with Article 17.4 of the UK Market Abuse Regulation (MAR) on delayed disclosure of inside information (DDII) under certain conditions. Notably, the FCA observed a 39% drop in DDII notifications, alongside an increase of approximately seven days in average delay periods compared to its previous review in November 2020. While this could be due to fewer instances of information being classified as inside information, or a reduced use of delayed disclosure rather than non-compliance, the FCA reminds issuers of their obligations under UK MAR, including timely DDII submissions and maintaining confidentiality.

Read more.

The European Commission (EC) has published a communication alongside a fact sheet outlining its 2026 work programme, which sets out a comprehensive legislative and policy agenda to strengthen the EU. The programme includes 38 new policy objectives across key areas including energy, defence and digital innovation, among others.

Key initiatives include the European Innovation Act, Cloud and AI Development Act and Quantum Act, which seek to accelerate technological progress and support the EU's digital transition. In the area of sustainable finance, the EC includes a package of measures for "the decade ahead" on climate and the Energy Union, aiming to strengthen the EU's climate and energy frameworks. These measures include revising national targets, updating the emissions trading system, and establishing new infrastructure and regulatory frameworks for CO₂ transport, energy efficiency and renewables. A notable focus of the programme is regulatory simplification, with over half of the legislative initiatives designed to reduce administrative burdens and deliver net cost savings, particularly for small and medium-sized enterprises. The annexes accompanying the work programme list the new initiatives, pending proposals and those the EC proposes to withdraw, among other elements.

The European Systemic Risk Board (ESRB) has published a report highlighting trends and systemic risks associated with the crypto-asset ecosystem, with a particular focus on stablecoins, crypto-asset investment products and multi-function groups:

• The report notes that global stablecoin market capitalisation has more than doubled since the ESRB's previous assessment in May 2023, driven in part by U.S. policies promoting the adoption of U.S. dollar-denominated stablecoins. The ESRB flag policy challenges in ensuring that stablecoins issued outside the EU that are non-compliant with MiCAR are not widely used within the EU. The ESRB also flags financial stability risks posed by stablecoins jointly issued by EU and third-country entities, noting that such schemes are not explicitly addressed under the current Markets in Crypto-Assets Regulation (MiCAR).

Read more.

The European Securities Markets Authority (ESMA) has published two Q&A's relating to the Markets in Crypto-Assets Regulation (MiCAR): (i) ESMA_QA_2653 provides guidance on how crypto-asset service providers (CASPs) should distinguish between different types of execution services; and (ii) ESMA_QA_2654 clarifies the respective responsibilities of offerors, persons seeking admission to trading, trading platform operators and other CASPs referenced in Article 66(3) of MiCAR, relating to white papers for crypto-assets (excluding asset-referenced tokens and e-money tokens) that were admitted to trading before 30 December 2024.

The Financial Stability Board (FSB) has published a thematic peer review report assessing the implementation progress of its 2023 global regulatory framework for crypto-asset activities. As of August of this year, the review shows that while many jurisdictions have made notable progress in regulating crypto-asset activities, there has been slower progress in finalising their global stablecoin arrangements (GSCs). Even where regulatory frameworks have been finalised, alignment with FSB recommendations remains limited, especially regarding stablecoin arrangements and crypto-asset service providers (CASPs). These gaps could pose risks to financial stability and to the development of a resilient digital asset ecosystem.

In response to the concerns, the report sets out eight recommendations to address outstanding issues in the following key areas set out below.

Read more.

The Bank of England (BoE) has published the terms of participation for its upcoming Synchronisation Lab which will support the testing and refinement of a proposed synchronisation capability for the UK's renewed Real-Time Gross Settlement (RTGS) service, RT2. Synchronisation would allow for atomic settlement in central bank money: the conditional settlement of funds in RT2 against assets on a variety of external asset ledgers, meaning that funds in RT2 will settle if and only if the external asset also settles. The Lab is being launched as a platform to simulate the synchronisation interface enabling prospective synchronisation operators (Lab Participants), to develop and demonstrate viable propositions across multiple use cases.

The Lab is scheduled to launch in Spring 2026 and will run for approximately six months across four six-week testing and development phases. In each phase, Lab Participants will showcase end-to-end synchronised transaction flows and interact with synchronisation users. Lab findings will inform the design and delivery of a potential future live RT2 synchronisation capability. Participation is by invitation by the BoE and based on an application process. Technical onboarding will begin roughly one month before launch. Demonstrations and a final report summarising key learnings will follow the Lab's conclusion.

The European Securities and Markets Authority (ESMA) has published its second consolidated report on sanctions and measures imposed by national competent authorities in Member States in 2024. The report reveals that over 970 administrative sanctions and measures were issued in financial sectors under ESMA's remit, with the total aggregated value of administrative fines exceeding EUR100 million, an increase compared to 2023. The highest number of administrative sanctions and measures were imposed under the Market Abuse Regulation (MAR), the Markets in Financial Instruments Directive (MiFID) and the Markets in Financial Instruments Regulation (MiFIR).

The highest amounts of administrative fines for 2024 were imposed under MAR. The more granular data shows that over 60% of all administrative sanctions and measures imposed in 2024 were administrative fines, and 10% were issued using settlement procedures. ESMA also reports that no sanctions or measures were imposed under the Securities Financing Transactions Regulation (SFTR) or the Markets in Crypto-Assets Regulation (MiCAR), while a measure was issued for the first time under the European Crowdfunding Service Providers Regulation. ESMA highlights discrepancies in sanctioning powers across jurisdictions, including differences in the amounts of fines, number and types of sanctions and measures, and use of settlements.

The Bank of England (BoE) has published its approach to supporting responsible innovation across artificial intelligence (AI), distributed ledger technology (DLT) and quantum computing. Recognising these as potentially transformative technologies, the BoE emphasises its role in enabling safe adoption while safeguarding monetary and financial stability. The BoE acknowledges that these technologies will significantly impact the work it does, from setting interest rates, to maintaining financial stability, to operating the UK's core payments infrastructure. It also highlights its responsibility to understand and manage the risks and opportunities these innovations present.

To foster a resilient and innovation-friendly environment, the BoE sets out the following three key regulatory levers.

Read more.

The European Banking Authority (EBA) has released its 2024 annual report on the convergence of supervisory practices across the EU. The report outlines the EBA's ongoing efforts to strengthen the alignment of supervisory approaches across Member States and across key areas of its activities, including prudential, resolution, digital finance, consumer protection and until the end of this year anti-money laundering/counter-terrorist financing (AML/CFT). In the area of prudential regulation, the report reflects on findings from its 2024 European Supervisory Examination Programme focused on liquidity and funding risk, interest rate risk and hedging, and recovery operationalisation. The report notes that risk levels in these areas remain stable, though challenges persist around data quality, stress testing scenarios and modelling assumptions. The EBA will continue monitoring risks related to online deposit platforms and compliance with Supervisory Outlier Tests in 2025.

Read more.

The UK Financial Conduct Authority (FCA) has published consultation paper CP25/28, accompanied by a press release, outlining proposals to accelerate the adoption of tokenisation and tokenised funds in the UK. The proposals apply to authorised funds but the FCA's discussion and roadmap sections may be of wider interest to fund and asset managers, including managers of non-authorised funds. The FCA's proposals address fund tokenisation, and do not address unbacked assets such as cryptocurrencies.

The FCA's proposals include:

• Guidance for operating a tokenised fund under the Blueprint model.
• Rules and guidance for an alternative, streamlined dealing model for conventional and tokenised authorised funds, referred to as 'direct to fund' (D2F). D2F has wider application than just to tokenised funds, but the FCA thinks allowing this new dealing model will enable tokenisation.
• A roadmap to advance fund tokenisation and address key barriers.
• A discussion on future tokenisation models that use DLT to provide tokenised portfolio management at retail scale and how regulation may need to change to be fit for the future.

The deadline for responses to the consultation proposals is 21 November, except for the discussion chapter on future tokenisation models, which is 12 December. The FCA expects to publish a policy statement with final rules in the first half of 2026.

The UK Financial Conduct Authority (FCA) has announced a major new partnership and the launch of two TechSprints aimed at accelerating the delivery of open finance in the UK. The announcement follows the FCA's January letter to the Prime Minister which reaffirmed the FCA's commitment to promote digital innovation, particularly in small and medium-sized enterprise (SME) lending. To support this vision, the FCA commissioned KPMG and Europe Economics to carry out work to assess the potential benefits of open banking and open finance for consumers and the financial services sector.

As part of its broader innovation strategy, the FCA confirms that its recently launched Smart Data Accelerator, an extension of the FCA's sandbox, will enable the testing of real uses of open finance in practice. The FCA is also collaborating with Raidiam to use its testing environment, which will provide Smart Data Sprint participants with access to a stable environment that mirrors real-world conditions. Following the FCA's Open Finance Sprint held in March, and the publication of the FCA's outcomes report in July, the two upcoming TechSprints will take place between 17 November and 12 February 2026, with separate focuses on mortgages and finance for SMEs. The sprints are now open for registration until 2 November. The FCA will set out a roadmap for open finance by March 2026.

The European Banking Authority (EBA) has published two opinions in response to the European Commission's (EC) proposed amendments to the draft regulatory technical standards (RTS) concerning the composition and liquidity requirements of the reserve of assets under the Markets in Crypto-Assets Regulation (MiCAR). The EBA considers the EC's proposed changes to be inconsistent with the prudential framework established by MiCAR. The first opinion (EBA/Op/2025/13) addresses amendments to the final draft RTS on liquidity requirements of the reserve of assets. The second opinion (EBA/Op/2025/14) concerns amendments to the final draft RTS on the highly liquid financial instruments (HLFI) with minimal market risk, credit and concentration risk.

Read more.

The Digital Regulation Cooperation Forum (DRCF) has announced the launch of its new Thematic Innovation Hub. Building on the success of the AI and Digital Hub pilot, the Thematic Hub will provide tailored regulatory advice on priority topics, with its first thematic focus centred on agentic AI – AI systems capable of autonomous decision-making and initiating actions without direct human prompts. As part of this new approach, the DRCF has also published a "call for views" seeking input on the regulatory challenges and opportunities associated with agentic AI. The call for views consists of six questions that stakeholders may choose to respond to or share other insights that they believe are relevant.

The deadline for submissions is 6 November. The DRCF clarifies that it does not intend to issue advice or guidance in response to submissions; the aim is to gather insights to inform future thematic work. Accompanying the launch, the DRCF has published an insights paper that shares learnings from the pilot phase of its AI and Digital Hub.

The European Banking Authority (EBA) has published a report addressing money laundering and terrorist financing (ML/TF) risks in crypto-asset services, including issuance, trading and service provision. Drawing on lessons from recent supervisory cases across the EU and engagement with national supervisors, the report identifies vulnerabilities in the sector and offers guidance to strengthen compliance and oversight. It examines strategies used by certain crypto-asset service providers and issuers to side-step national AML/CFT supervision, including through unauthorised operations, forum shopping and improper use of certain regulatory exemptions. The report also outlines safeguards introduced by MiCAR and the AML/CFT regime, stating that effective implementation will depend on proactive monitoring of unauthorised activities, continuous risk identification and strong cross-border cooperation, amongst others.

Delegated Regulation 2025/1264 supplementing Regulation (EU) 2023/1114 (Markets in Crypto Assets Regulation) has been published in the Official Journal of the European Union. The Delegated Regulation (adopted by the European Commission on 27 June) sets out regulatory technical standards (RTS) specifying the minimum contents of the liquidity management policy and procedures for certain issuers of asset-referenced tokens and e-money tokens. The RTS aim to ensure that issuers maintain robust liquidity frameworks capable of withstanding both normal and stressed market conditions. The Regulation enters into force on 23 October.

The European Securities and Markets Authority (ESMA) has published its 2026 annual work programme, guided by its 2023-2028 strategy.

Key priorities include: (i) continuing to build on existing priorities under the savings & investments union (SIU) strategy particularly by aligning supervisory practices across Member States, enhancing market data capabilities and contributing to upcoming reforms designed to create a more integrated and globally competitive EU financial system; (ii) continuing support for key legislative files such as the revised European Market Infrastructure Regulation (EMIR 3) and the European Single Access Point. Other legislative files that may warrant ESMA's involvement include the Retail Investment Strategy, along with the reviews of the Packaged Retail and Insurance-Based Investment Products Regulation, Sustainable Finance Disclosure Regulation and the Securitisation Regulation; and (iii) driving data innovation and market integration through the rollout of the ESMA Data Platform and the development of AI-powered supervisory tools. ESMA will also continue to focus on the effective implementation of the Markets in Crypto Assets Regulation, particularly on the authorisation and supervision of crypto-asset service providers and coordinate closely with market participants on the T+1 settlement cycle towards the agreed implementation date of 11 October 2027.

Alongside the work programme, ESMA has published its simplification and burden reduction document, outlining upcoming publications expected in Q1 and Q2 2026 aimed at streamlining regulatory requirements and reducing compliance burdens.

The European Banking Authority (EBA) has published its 2026 work programme, setting out its key priorities and planned initiatives. The programme is driven by three overarching priorities: (i) developing a rulebook to foster a resilient and efficient financial single market, with proposals to simplify rules, improve public sector coordination and assess the framework's impact. This includes continuing work on the EU banking package and advancing proposals on the forthcoming revised Payment Services Directive 3, the Payment Services Regulation and the Financial Data Access Act; (ii) strengthening risk assessment capabilities through improved data, methodologies and oversight under the Digital Operational Resilience Act (for critical ICT third-party providers), Markets in Crypto-Assets Regulation (for supervision of crypto-asset issuers) and European Market Infrastructure Regulation (for validation of initial margin models); and (iii) advancing innovation and technological capacity across the financial sector, with a focus on AI and machine learning, including its contribution to the implementation of the EU AI Act. In parallel, the EBA has published a report (EBA/REP/2025/26) proposing ways to streamline the EU's regulatory and supervisory framework, following a comprehensive review earlier this year of four key areas: level 2 and 3 measures, reporting burdens on financial institutions, the EBA's role in the prudential framework and its internal processes. The review resulted in 21 recommendations which are set out in the report.

HM Treasury has announced the formation of a "Transatlantic Taskforce for Markets of the Future", jointly established by UK Chancellor Rachel Reeves and U.S. Treasury Secretary Scott Bessent. The Taskforce aims to strengthen collaboration between the UK and U.S. financial systems, particularly in capital markets and digital assets. Reporting back with recommendations to both ministries through the UK-U.S. Financial Regulatory Working Group (FRWG), the Taskforce will explore short- and long-term opportunities on digital assets while legislation and regulatory regimes are still developing, and in wholesale digital markets innovation. It will also assess ways to reduce cross-border capital-raising burdens and enhance market competitiveness in both UK and U.S. markets. The Taskforce is expected to deliver its recommendations within 180 days.

The UK Financial Conduct Authority (FCA) has published consultation paper CP25/25 (CP), alongside a press release, setting out its proposed regulatory framework for cryptoasset activities under the Financial Services and Markets Act 2000 (FSMA). This follows HM Treasury's (HMT) draft statutory instrument (SI) to bring qualifying cryptoasset activities within the scope of the Regulated Activities Order 2001 (RAO) and under the FCA's remit. Qualifying cryptoasset activities will include issuing qualifying stablecoins, safeguarding qualifying cryptoassets and specified investment cryptoassets, operating a qualifying cryptoasset trading platform (CATP), intermediation and staking. Firms and individuals undertaking these activities will require FCA authorisation before operating by way of business in the UK.

Read more.

Two Commission Regulations supplementing the Markets in Crypto-Assets Regulation have been published in the Official Journal of the European Union (OJ), namely the:

• Commission Delegated Regulation (EU) 2025/1125 of 5 June, which sets out regulatory technical standards specifying the information in an application for authorisation to offer asset-referenced tokens to the public or to seek their admission to trading; and
• Commission Implementing Regulation (EU) 2025/1126 of 5 June, which lays down implementing technical standards establishing standard forms, templates and procedures for the information to be included in such applications.

Both Regulations enter into force on the 20th day following publication in the OJ and apply from 5 October.

The Wolfsberg Group has published comprehensive guidance on managing financial crime risks for financial institutions (FIs) that provide banking services to fiat-backed stablecoin issuers. While recognising the legitimate benefits of stablecoins, such as pseudonymity, rapid settlement and global reach, the Group also highlights that these same benefits introduce unique risks. The guidance therefore introduces a risk-based framework for assessing and monitoring relationships with issuers operating in regulated jurisdictions. It notes that although existing financial crime risk management principles remain applicable, existing controls may require adapting to address the specific risks posed by stablecoin issuers. The guidance introduces the relevant terminology used by the Group on stablecoins and describes the typical fiat-based services an FI may offer to a stablecoin issuer, highlighting how financial crime-related controls may require adjustment. It also explains how, under a risk-based approach, an FI may evaluate the issuer's compliance obligations on the blockchain. Ultimately, the Group's view is that the approach to banking a stablecoin issuer mirrors that of any customer relationship: firstly to identify and understand the risks associated with both the customer and the nature of the relationship, as well as evaluate how the issuer manages those risks; secondly to determine whether the issuer's risk profile and mitigation strategies align with its own risk appetite; and finally, the FI should implement a proportionate risk management framework that enables ongoing monitoring of the issuer's behaviour and supports timely corrective action when necessary.

HM Treasury (HMT) has published the draft Money Laundering and Terrorist Financing (Amendment and Miscellaneous Provision) Regulations 2025, accompanied by a policy note, for technical consultation. This follows HMT's 2024 consultation on improving the effectiveness of the UK Money Laundering Regulations (MLRs), with the government's response published in July this year. The consultation identified key weaknesses in the UK's anti-money laundering (AML) regime, including issues with pooled client accounts, trust registration, cryptoasset regulation and the practicalities of customer due diligence (CDD). The draft statutory instrument (SI) proposes targeted amendments to the MLRs 2017 and related legislation to address these concerns. The key changes are set out below.

Read more.

The Financial Action Task Force (FATF) has announced the launch of a new National Risk Assessment (NRA) toolkit aimed at enhancing countries' ability to identify and address money laundering risks. The toolkit supports a risk-based approach aligned with FATF Standards and provides cross-country insights into predicate offences, laundering methods, and proceeds of crime. It focuses on four priority areas that are currently consistently challenging to assess, including: corruption, virtual assets and service providers, legal persons and arrangements, and the informal economy. Quick guides, which include practical examples, have also been published to support risk assessment in each priority area. The toolkit draws on good practices from FATF member jurisdictions and is designed to be flexible and adaptable to country-specific needs. It can be integrated into a full NRA, applied to sectoral or thematic assessments, or used to strengthen broader efforts to improve risk understanding. Coinciding with the launch, on the same day, the FATF has also updated its NRA guidance, to reflect recent changes made to its Recommendation 1 standard and guidance on financial inclusion and anti-money laundering and counter terrorist financing measures.

On 20 August, Commission Delegated Regulation (EU) 2025/885 supplementing the Markets in Crypto-assets Regulation with regard to regulatory technical standards specifying the arrangements, systems, and procedures for persons to prevent, detect, and report market abuse, the templates to be used for reporting suspected market abuse, and the coordination procedures between competent authorities for the detection and sanctioning of market abuse in cross-border market abuse situations, has been published in the Official Journal of the European Union (OJ). The Delegated Regulation enters into force on the twentieth day following its publication in the OJ, being 9 September.

The European Banking Authority (EBA) has published its final report containing final draft regulatory technical standards (RTS) on the prudential treatment of cryptoasset exposures under the Capital Requirements Regulation (CRR), as amended by the CRR3. The RTS specify the technical elements necessary for institutions to calculate and aggregate cryptoasset exposures in relation to the prudential treatment of such exposures. The draft RTS, initially consulted on in January, remain largely unchanged. However, in response to consultation feedback, the EBA: (i) removes the requirement for prudent valuation of fair value cryptoasset exposures; and (ii) introduces a provision clarifying how institutions should aggregate long and short positions when determining the exposure limit. Together with the transitional provisions in CRR3, the RTS provide institutions with an interim method to capitalise cryptoasset exposures until a permanent prudential framework is in place, enabling institutions to participate in the rapidly evolving crypto markets.

The UK Financial Conduct Authority (FCA) has announced that effective from 8 October, retail consumers will be permitted to access crypto exchange traded notes (cETNs), marking a significant shift from the current ban. This move is the latest step in the FCA's evolving approach to establishing a regulatory framework for crypto, in line with its crypto roadmap. To ensure investor protection, cETNs must be traded exclusively on an FCA-approved, UK-based Recognised Investment Exchange (RIE). Firms offering these products will be subject to financial promotion rules to avoid offering consumers inappropriate incentives to invest and to ensure consumers are provided with the right information. While the consumer duty will apply to firms offering these products to retail investors, the FCA clarifies that there will not be coverage from the Financial Services Compensation Scheme. Consumers should therefore ensure they understand the risks before deciding to invest. The existing ban on cryptoasset derivatives for retail clients remains in force.

The UK Financial Conduct Authority (FCA) has published the findings from its review on digital design in customers' online journeys when accessing consumer credit, with related press release, identifying good practices and areas for improvement. Although the findings relate to consumer credit providers, other firms with a digital presence may find the examples of good and poor practice useful. The FCA found that some firms' digital design supported good consumer outcomes, such as using simplified language and offering explainer videos. Other firms had less well-designed digital platforms. A particular issue was a lack of "positive friction", meaning consumers were driven towards making quick decisions that did not align with their best interests.

Read more.

The European Banking Authority (EBA) has published its fifth opinion on money laundering and terrorist financing (ML/TF) risks. In the report, the EBA highlights the growing vulnerabilities in the EU financial sector arising from the growth of technologies, new financial products such as crypto-assets, and the increasing interconnection of financial products and services across sectors. The EBA states that while tools such as RegTech and AI offer potential for enhanced compliance, their improper implementation (often due to lack of expertise and oversight) has led to serious compliance failures. Competent authorities have reported high or rising ML/TF risks in Fintech firms and crypto-asset service providers linked to weak AML/CFT controls and governance. Additionally, the use of AI by criminals to automate laundering and forge documents is outpacing institutional defences. The EBA notes that supervisory engagement has improved the capability of some sectors to fight financial crime. The EBA emphasises the importance for consistent application of the new EU AML/CFT legal framework.

The UK Office of Financial Sanctions Implementation (OFSI), part of HM Treasury, has published a sector-specific threat assessment report highlighting significant compliance risks facing UK cryptoasset firms in relation to financial sanctions. Covering the period from January 2022 to May of this year, the report concludes it is "almost certain" that UK cryptoasset firms have underreported suspected sanctions breaches since being designated as "relevant firms" under the UK sanctions regulations, in August 2022. OFSI identifies inadvertent non-compliance due to direct and indirect exposure to designated persons (DPs) and sanctioned entities such as the Russian exchange Garantex, cyber threats from DPRK-linked hackers exploiting cryptoassets to evade sanctions and transfers to Iranian cryptoasset firms with suspected links to DPs. The report emphasises the importance of timely and accurate reporting, enhanced due diligence and the use of blockchain analytics to detect and mitigate sanctions risks. OFSI urges firms to adopt a risk-based approach, conduct retrospective reviews and report any suspected breaches to OFSI, the UK Financial Conduct Authority and the National Crime Agency.

The National Crime Agency (NCA) and the UK Financial Conduct Authority (FCA) have jointly published a set of nine system priorities to combat economic crime in the UK, in line with the UK's second Economic Crime Plan and the National Risk Assessment. Backed by the Home Office, HM Treasury, the National Economic Crime Centre and UK Finance, the priorities seek to enhance public-private collaboration, enabling regulated firms to allocate resources more effectively while maintaining compliance. Key focus areas include money laundering through UK corporate structures linked to certain jurisdictions; fraud originating from international offenders; exploitation of money mules; and criminal cash consolidation via UK banking channels.

Additional priorities target terrorist financing; sanctions evasion by professional enablers; abuse of power by overseas Politically Exposed Persons; and the resilience of the cryptoasset ecosystem against criminal abuse. The only predicate offences explicitly listed in these priorities are those which fall under the definition of economic crimes—namely fraud, sanctions evasion and terrorist financing. However, the priorities concerning money laundering methods are intended to apply to all potential predicate offences, including but not limited to organised immigration crime, drug and firearms offences and human trafficking. A newly established System Prioritisation Governance Group will oversee governance of the priorities, with further guidance expected to be published in due course to support firms in aligning with these objectives.

The European Securities and Markets Authority (ESMA) has published two Q&As under the Markets in Crypto-assets Regulation (MiCAR), providing further guidance on the application of MiCAR to crypto-asset service providers (CASPs). ESMA_QA_2607 addresses whether MiCAR permits the staking of clients' crypto-assets by CASPs for their own account, and ESMA_QA_2608 considers whether MiCAR allows CASPs to use clients' crypto-assets for pre-funding client orders.

HM Treasury has published its latest 2025 National Risk Assessment (NRA) of Money Laundering and Terrorist Financing, offering a comprehensive review of the UK's exposure to financial crime. Building on the 2015, 2017, and 2020 assessments, the 2025 NRA evaluates: (i) the UK's AML/CFT framework and the government's response to the 2020 NRA; (ii) overarching money laundering (ML) risks; (iii) overarching terrorist financing (TF) risks; (iv) sector-specific ML/TF risks under the Money Laundering Regulations (MLRs); and (v) emerging cross-cutting risks outside MLR-regulated sectors.

Read more.

The European Central Bank (ECB) has published its final guide on outsourcing cloud services, following from a July 2024 consultation. Feedback on the consultation is set out in an accompanying feedback statement. The guide clarifies supervisory expectations for banks under the ECB's remit in relation to the Digital Operational Resilience Act (DORA). While not legally binding, the guide outlines good practices for effective cloud outsourcing risk management, particularly given growing reliance on a limited number of third-party providers. Key areas covered include governance and risk management strategy, pre-outsourcing analysis, contractual arrangements, exit strategies and termination rights, and ongoing monitoring and oversight. The guide emphasises a risk-based and proportionate approach to outsourcing cloud services, tailored to the diverse structures, activities and risk profiles of ECB-supervised banks. The final version distinguishes more clearly between DORA requirements and ECB-recommended practices.

HM Treasury has published a policy paper on the wholesale financial markets digital strategy. The purpose of the strategy is to ensure the UK benefits from opportunities to improve its wholesale financial markets, by using new technologies effectively. This policy spans trading venues, clearing houses, settlement systems, payment systems and other elements of the UK's financial ecosystem that support the operation of financial markets. The policy is structured as focusing on three areas: (i) market optimisation – which includes removing paper-based and manual processes, and using data effectively; (ii) market transformation – which centres on proactive innovation for new models across the range of market activities and includes taking forwards the issuance of the UK's digital gilt instrument (DIGIT) using distributed ledger technology (please see above for HM Treasury's policy paper for further detail); and (iii) market leadership – where the UK government has committed to working with the sector to develop a cross-cutting approach which will seek to reduce potential fragmentation and regulatory barriers, and to appointing an industry expert "Digital Markets Champion".

HM Treasury (HMT) has published a policy paper on its update on the digital gilt instrument (DIGIT) pilot. The paper follows the Preliminary Market Engagement Notice (PMEN), which closed in April and which was the first stage of the procurement process. The pilot, part of the UK's broader strategy to explore distributed ledger technology (DLT) in sovereign debt issuance, seeks to: (i) enable the UK government to explore applications of DLT across the UK sovereign debt issuance lifecycle; and (ii) support the growth of UK-based DLT infrastructure and its adoption in financial markets. To meet these aims, the PMEN outlined an initial set of designs, including that DIGIT will be digitally native, short-dated, issued on a platform within the Digital Securities Sandbox (DSS) and separate from the government's debt issuance programme. 

Read more.

The European Securities and Markets Authority (ESMA) has published its final guidelines under the Markets in Crypto-Assets Regulation (MiCAR) specifying the criteria for assessing the knowledge and competence of staff at crypto-asset service providers (CASPs). Aimed at enhancing investor protection and trust in the crypto-asset sector, the guidelines: (i) outline the minimum professional qualifications and experience required for staff providing information or advice on crypto-assets; (ii) set out the organisational requirements for assessment, maintenance and updating of knowledge and competence; and (iii) address specific risks associated with the crypto-asset market, such as high volatility and cybersecurity, by setting out the assessment criteria for staff knowledge and skills. The guidelines will be translated into all EU languages and will apply six months after publication. Competent authorities must notify ESMA within two months of publication whether they comply or intend to comply with guidelines.

The European Securities and Markets Authority (ESMA) has issued a public statement addressed to crypto-asset service providers (CASPs) that offer both regulated and unregulated services under the Markets in Crypto-Assets Regulation (MiCAR). ESMA calls on CASPs to avoid creating investor confusion about the regulatory protections that apply to unregulated products and services. To address this risk, ESMA reminds CASPs of their obligation to act fairly, professionally and in the best interests of their clients, to avoid any conduct that can mislead or confuse them. In the statement, ESMA also cautions against CASPs using their regulated status as a marketing tool to promote unregulated services, as this can further contribute to investor misunderstanding. To mitigate these risks, ESMA encourages CASPs to adopt all necessary measures and provides a practical table of "dos and don'ts". This includes measures such as maintaining clear and effective communication with clients at every stage of the sales process, ensuring marketing materials are fair, clear and not misleading and disclosing the absence of MiCAR protections for unregulated services, among others.

The Proceeds of Crime (Money Laundering) (Threshold Amount) (Amendment) Order 2025 has been made and published with an accompanying explanatory memorandum. The legislation increases the financial threshold under sections 339A(2) and 339A(6A) of the Proceeds of Crime Act 2002 (POCA) from GBP1,000 to GBP3,000. These thresholds apply to two key exemptions for regulated businesses, such as banks, electronic money institutions and payment institutions, among others set out in schedule 9 of POCA, enabling them to (i) operate a customer account; or (ii) return funds when terminating a customer relationship, without committing a money laundering offence, even where criminal property is suspected (i.e., property believed to represent the proceeds of crime), provided the amount involved is below the threshold. The change aims to reduce the volume of low-value Defence Against Money Laundering (DAML) Suspicious Activity Reports (SAR), which in 2024 accounted for 23,000 submissions but only 0.1% of assets denied. A DAML SAR can be submitted for transactions above the threshold, which means a criminal offence will not be committed by the regulated entity, although the transaction is frozen pending the outcome of the review of the transaction or the lapse of three months. A review of the exit and pay away exemption introduced via the Economic Crime and Corporate Transparency Act 2023 is scheduled for 2026.

The European Securities and Markets Authority (ESMA) has published a peer review report assessing the authorisation and supervision of a crypto-asset service providers (CASPs) under the Markets in Crypto-Assets Regulation (MiCAR). While the peer review was conducted in Malta and sets out specific recommendations addressed to the Malta Financial Services Authority (MFSA), ESMA also makes broader recommendations which apply to all national competent authorities (NCAs).

Read more.

The Bank of England's Financial Policy Committee (FPC) has published its July financial stability report alongside the record of its 27 June meeting. After assessing the risks to the UK financial system, the FPC reports that global financial markets remain vulnerable, with elevated risks stemming from geopolitical tensions, trade fragmentation and sovereign debt pressures.

Read more.

The European Securities and Markets Authority (ESMA) has published official translations of its guidelines on supervisory practices to prevent and detect market abuse under the Markets in Crypto-Assets Regulation (MiCAR). The guidelines, initially released in April through a final report, outline general principles to promote high-quality and effective supervision of market abuse in crypto-assets, alongside more targeted practices to support national competent authorities (NCAs) in detecting and preventing such abuse. The guidelines will now apply from 9 October, being three months after their publication in all official EU languages. NCA's shall confirm by 9 September whether they comply or intend to comply with the guidelines. If an NCA does not comply or does not plan to comply, it must notify ESMA, providing the reasons for its position. ESMA will subsequently publish this information on its website.