The European Banking Authority (EBA) has published its final report containing final draft regulatory technical standards (RTS) on the prudential treatment of cryptoasset exposures under the Capital Requirements Regulation (CRR), as amended by the CRR3. The RTS specify the technical elements necessary for institutions to calculate and aggregate cryptoasset exposures in relation to the prudential treatment of such exposures. The draft RTS, initially consulted on in January, remain largely unchanged. However, in response to consultation feedback, the EBA: (i) removes the requirement for prudent valuation of fair value cryptoasset exposures; and (ii) introduces a provision clarifying how institutions should aggregate long and short positions when determining the exposure limit. Together with the transitional provisions in CRR3, the RTS provide institutions with an interim method to capitalise cryptoasset exposures until a permanent prudential framework is in place, enabling institutions to participate in the rapidly evolving crypto markets.

The UK Financial Conduct Authority (FCA) has announced that effective from 8 October, retail consumers will be permitted to access crypto exchange traded notes (cETNs), marking a significant shift from the current ban. This move is the latest step in the FCA's evolving approach to establishing a regulatory framework for crypto, in line with its crypto roadmap. To ensure investor protection, cETNs must be traded exclusively on an FCA-approved, UK-based Recognised Investment Exchange (RIE). Firms offering these products will be subject to financial promotion rules to avoid offering consumers inappropriate incentives to invest and to ensure consumers are provided with the right information. While the consumer duty will apply to firms offering these products to retail investors, the FCA clarifies that there will not be coverage from the Financial Services Compensation Scheme. Consumers should therefore ensure they understand the risks before deciding to invest. The existing ban on cryptoasset derivatives for retail clients remains in force.

The UK Financial Conduct Authority (FCA) has published the findings from its review on digital design in customers' online journeys when accessing consumer credit, with related press release, identifying good practices and areas for improvement. Although the findings relate to consumer credit providers, other firms with a digital presence may find the examples of good and poor practice useful. The FCA found that some firms' digital design supported good consumer outcomes, such as using simplified language and offering explainer videos. Other firms had less well-designed digital platforms. A particular issue was a lack of "positive friction", meaning consumers were driven towards making quick decisions that did not align with their best interests.

Read more.

The European Banking Authority (EBA) has published its fifth opinion on money laundering and terrorist financing (ML/TF) risks. In the report, the EBA highlights the growing vulnerabilities in the EU financial sector arising from the growth of technologies, new financial products such as crypto-assets, and the increasing interconnection of financial products and services across sectors. The EBA states that while tools such as RegTech and AI offer potential for enhanced compliance, their improper implementation (often due to lack of expertise and oversight) has led to serious compliance failures. Competent authorities have reported high or rising ML/TF risks in Fintech firms and crypto-asset service providers linked to weak AML/CFT controls and governance. Additionally, the use of AI by criminals to automate laundering and forge documents is outpacing institutional defences. The EBA notes that supervisory engagement has improved the capability of some sectors to fight financial crime. The EBA emphasises the importance for consistent application of the new EU AML/CFT legal framework.

The UK Office of Financial Sanctions Implementation (OFSI), part of HM Treasury, has published a sector-specific threat assessment report highlighting significant compliance risks facing UK cryptoasset firms in relation to financial sanctions. Covering the period from January 2022 to May of this year, the report concludes it is "almost certain" that UK cryptoasset firms have underreported suspected sanctions breaches since being designated as "relevant firms" under the UK sanctions regulations, in August 2022. OFSI identifies inadvertent non-compliance due to direct and indirect exposure to designated persons (DPs) and sanctioned entities such as the Russian exchange Garantex, cyber threats from DPRK-linked hackers exploiting cryptoassets to evade sanctions and transfers to Iranian cryptoasset firms with suspected links to DPs. The report emphasises the importance of timely and accurate reporting, enhanced due diligence and the use of blockchain analytics to detect and mitigate sanctions risks. OFSI urges firms to adopt a risk-based approach, conduct retrospective reviews and report any suspected breaches to OFSI, the UK Financial Conduct Authority and the National Crime Agency.

The National Crime Agency (NCA) and the UK Financial Conduct Authority (FCA) have jointly published a set of nine system priorities to combat economic crime in the UK, in line with the UK's second Economic Crime Plan and the National Risk Assessment. Backed by the Home Office, HM Treasury, the National Economic Crime Centre and UK Finance, the priorities seek to enhance public-private collaboration, enabling regulated firms to allocate resources more effectively while maintaining compliance. Key focus areas include money laundering through UK corporate structures linked to certain jurisdictions; fraud originating from international offenders; exploitation of money mules; and criminal cash consolidation via UK banking channels.

Additional priorities target terrorist financing; sanctions evasion by professional enablers; abuse of power by overseas Politically Exposed Persons; and the resilience of the cryptoasset ecosystem against criminal abuse. The only predicate offences explicitly listed in these priorities are those which fall under the definition of economic crimes—namely fraud, sanctions evasion and terrorist financing. However, the priorities concerning money laundering methods are intended to apply to all potential predicate offences, including but not limited to organised immigration crime, drug and firearms offences and human trafficking. A newly established System Prioritisation Governance Group will oversee governance of the priorities, with further guidance expected to be published in due course to support firms in aligning with these objectives.

The European Securities and Markets Authority (ESMA) has published two Q&As under the Markets in Crypto-assets Regulation (MiCAR), providing further guidance on the application of MiCAR to crypto-asset service providers (CASPs). ESMA_QA_2607 addresses whether MiCAR permits the staking of clients' crypto-assets by CASPs for their own account, and ESMA_QA_2608 considers whether MiCAR allows CASPs to use clients' crypto-assets for pre-funding client orders.

HM Treasury has published its latest 2025 National Risk Assessment (NRA) of Money Laundering and Terrorist Financing, offering a comprehensive review of the UK's exposure to financial crime. Building on the 2015, 2017, and 2020 assessments, the 2025 NRA evaluates: (i) the UK's AML/CFT framework and the government's response to the 2020 NRA; (ii) overarching money laundering (ML) risks; (iii) overarching terrorist financing (TF) risks; (iv) sector-specific ML/TF risks under the Money Laundering Regulations (MLRs); and (v) emerging cross-cutting risks outside MLR-regulated sectors.

Read more.

The European Central Bank (ECB) has published its final guide on outsourcing cloud services, following from a July 2024 consultation. Feedback on the consultation is set out in an accompanying feedback statement. The guide clarifies supervisory expectations for banks under the ECB's remit in relation to the Digital Operational Resilience Act (DORA). While not legally binding, the guide outlines good practices for effective cloud outsourcing risk management, particularly given growing reliance on a limited number of third-party providers. Key areas covered include governance and risk management strategy, pre-outsourcing analysis, contractual arrangements, exit strategies and termination rights, and ongoing monitoring and oversight. The guide emphasises a risk-based and proportionate approach to outsourcing cloud services, tailored to the diverse structures, activities and risk profiles of ECB-supervised banks. The final version distinguishes more clearly between DORA requirements and ECB-recommended practices.

HM Treasury has published a policy paper on the wholesale financial markets digital strategy. The purpose of the strategy is to ensure the UK benefits from opportunities to improve its wholesale financial markets, by using new technologies effectively. This policy spans trading venues, clearing houses, settlement systems, payment systems and other elements of the UK's financial ecosystem that support the operation of financial markets. The policy is structured as focusing on three areas: (i) market optimisation – which includes removing paper-based and manual processes, and using data effectively; (ii) market transformation – which centres on proactive innovation for new models across the range of market activities and includes taking forwards the issuance of the UK's digital gilt instrument (DIGIT) using distributed ledger technology (please see above for HM Treasury's policy paper for further detail); and (iii) market leadership – where the UK government has committed to working with the sector to develop a cross-cutting approach which will seek to reduce potential fragmentation and regulatory barriers, and to appointing an industry expert "Digital Markets Champion".

HM Treasury (HMT) has published a policy paper on its update on the digital gilt instrument (DIGIT) pilot. The paper follows the Preliminary Market Engagement Notice (PMEN), which closed in April and which was the first stage of the procurement process. The pilot, part of the UK's broader strategy to explore distributed ledger technology (DLT) in sovereign debt issuance, seeks to: (i) enable the UK government to explore applications of DLT across the UK sovereign debt issuance lifecycle; and (ii) support the growth of UK-based DLT infrastructure and its adoption in financial markets. To meet these aims, the PMEN outlined an initial set of designs, including that DIGIT will be digitally native, short-dated, issued on a platform within the Digital Securities Sandbox (DSS) and separate from the government's debt issuance programme. 

Read more.

The European Securities and Markets Authority (ESMA) has published its final guidelines under the Markets in Crypto-Assets Regulation (MiCAR) specifying the criteria for assessing the knowledge and competence of staff at crypto-asset service providers (CASPs). Aimed at enhancing investor protection and trust in the crypto-asset sector, the guidelines: (i) outline the minimum professional qualifications and experience required for staff providing information or advice on crypto-assets; (ii) set out the organisational requirements for assessment, maintenance and updating of knowledge and competence; and (iii) address specific risks associated with the crypto-asset market, such as high volatility and cybersecurity, by setting out the assessment criteria for staff knowledge and skills. The guidelines will be translated into all EU languages and will apply six months after publication. Competent authorities must notify ESMA within two months of publication whether they comply or intend to comply with guidelines.

The European Securities and Markets Authority (ESMA) has issued a public statement addressed to crypto-asset service providers (CASPs) that offer both regulated and unregulated services under the Markets in Crypto-Assets Regulation (MiCAR). ESMA calls on CASPs to avoid creating investor confusion about the regulatory protections that apply to unregulated products and services. To address this risk, ESMA reminds CASPs of their obligation to act fairly, professionally and in the best interests of their clients, to avoid any conduct that can mislead or confuse them. In the statement, ESMA also cautions against CASPs using their regulated status as a marketing tool to promote unregulated services, as this can further contribute to investor misunderstanding. To mitigate these risks, ESMA encourages CASPs to adopt all necessary measures and provides a practical table of "dos and don'ts". This includes measures such as maintaining clear and effective communication with clients at every stage of the sales process, ensuring marketing materials are fair, clear and not misleading and disclosing the absence of MiCAR protections for unregulated services, among others.

The Proceeds of Crime (Money Laundering) (Threshold Amount) (Amendment) Order 2025 has been made and published with an accompanying explanatory memorandum. The legislation increases the financial threshold under sections 339A(2) and 339A(6A) of the Proceeds of Crime Act 2002 (POCA) from GBP1,000 to GBP3,000. These thresholds apply to two key exemptions for regulated businesses, such as banks, electronic money institutions and payment institutions, among others set out in schedule 9 of POCA, enabling them to (i) operate a customer account; or (ii) return funds when terminating a customer relationship, without committing a money laundering offence, even where criminal property is suspected (i.e., property believed to represent the proceeds of crime), provided the amount involved is below the threshold. The change aims to reduce the volume of low-value Defence Against Money Laundering (DAML) Suspicious Activity Reports (SAR), which in 2024 accounted for 23,000 submissions but only 0.1% of assets denied. A DAML SAR can be submitted for transactions above the threshold, which means a criminal offence will not be committed by the regulated entity, although the transaction is frozen pending the outcome of the review of the transaction or the lapse of three months. A review of the exit and pay away exemption introduced via the Economic Crime and Corporate Transparency Act 2023 is scheduled for 2026.

The European Securities and Markets Authority (ESMA) has published a peer review report assessing the authorisation and supervision of a crypto-asset service providers (CASPs) under the Markets in Crypto-Assets Regulation (MiCAR). While the peer review was conducted in Malta and sets out specific recommendations addressed to the Malta Financial Services Authority (MFSA), ESMA also makes broader recommendations which apply to all national competent authorities (NCAs).

Read more.

The Bank of England's Financial Policy Committee (FPC) has published its July financial stability report alongside the record of its 27 June meeting. After assessing the risks to the UK financial system, the FPC reports that global financial markets remain vulnerable, with elevated risks stemming from geopolitical tensions, trade fragmentation and sovereign debt pressures.

Read more.

The European Securities and Markets Authority (ESMA) has published official translations of its guidelines on supervisory practices to prevent and detect market abuse under the Markets in Crypto-Assets Regulation (MiCAR). The guidelines, initially released in April through a final report, outline general principles to promote high-quality and effective supervision of market abuse in crypto-assets, alongside more targeted practices to support national competent authorities (NCAs) in detecting and preventing such abuse. The guidelines will now apply from 9 October, being three months after their publication in all official EU languages. NCA's shall confirm by 9 September whether they comply or intend to comply with the guidelines. If an NCA does not comply or does not plan to comply, it must notify ESMA, providing the reasons for its position. ESMA will subsequently publish this information on its website.

The European Central Bank (ECB) has published a Memorandum of Understanding (MoU) (dated 27 June) that the ECB has entered into with the European Union's Anti-Money Laundering Authority (AMLA) to enhance cooperation between prudential and anti-money laundering supervision. The MoU establishes practical arrangements for cooperation and information exchange, aiming to enhance supervisory effectiveness, maximise efficiency and avoid duplication of efforts. Under the MoU, the AMLA will directly supervise certain high-risk financial institutions (referred to as "selected obliged entities") that are particularly exposed to cross-border money laundering. These include payment institutions, crypto-asset service providers and, in some cases, banks that also fall under the ECB's prudential supervision. Article 92(3) of the AMLA Regulation requires the AMLA and the ECB to conclude a MoU setting out the practical modalities for cooperation and for exchanging information in the performance of their respective tasks by 27 June.

The European Commission has adopted a Delegated Regulation supplementing Regulation (EU) 2023/1114 (Markets in Crypto Assets Regulation) (MiCAR), regarding regulatory technical standards (RTS) specifying the minimum contents of the liquidity management policy and procedures for issuers of asset-referenced tokens (ARTs) and e-money tokens (EMTs). The RTS aim to ensure that issuers maintain robust liquidity frameworks capable of withstanding both normal and stressed market conditions.

Read more.

The Financial Action Task Force (FATF) has published its sixth targeted update on the implementation of its standards for virtual assets (VAs) and virtual asset service providers (VASPs), alongside an updated webpage. The report assesses global progress in applying anti-money laundering and counter-terrorist financing (AML/CFT) measures to VAs and VASPs, noting improvements in regulation and enforcement. However, challenges remain and the report sets out key recommendations on: (i) risk assessment and policy approach to VASPs; (ii) licensing/registering and supervising VASPs; (iii) implementation of the Travel Rule; (iv) addressing emerging and increasing risks related to stablecoins and decentralised finance arrangements; and (v) recommendations for the private sector.

In parallel, FATF has also released Best Practices on Travel Rule Supervision, providing more detailed guidance to assist jurisdictions in effectively supervising compliance with the Travel Rule for VASPs. The guidance offers practical examples and supervisory approaches to address common implementation challenges.

The European Securities and Markets Authority (ESMA) has published a report, accompanied by a press release, on the functioning and review of the Distributed Ledger Technology (DLT) pilot regime. The DLT pilot regime allows certain DLT market infrastructures to operate with exemptions from some EU financial services legislation. The regime has so far received limited uptake, with only three authorised infrastructures and minimal live trading activity. The report identifies operational and legal challenges, such as interoperability issues and restricted access to central bank money and refers to industry feedback, that the thresholds for financial instruments that may be admitted to trading or recorded on DLT market infrastructures may be too restrictive.

Read more.

The UK Government has published a policy paper outlining its industrial strategy. The strategy centres around eight priority sectors (the IS-8), including financial services. The UK government's ambition is to establish the UK as the world's most innovative full-service financial centre by 2035. A dedicated sector plan is expected to be published alongside the mansion house speech on 15 July.

Key measures to achieve this objective include:

• Ensuring financial services enables growth across the real economy, with retail banks and wholesale markets providing credit and liquidity.
• Mobilising pensions capital into the UK.

Read more.

The European Banking Authority (EBA) has issued an opinion (referred to as the No Action letter) in response to a request from the European Commission (EC) in December 2024, on the interplay between Payment Services Directive (PSD2/3) and Markets in Crypto-Assets Regulation (MiCAR) in relation to electronic money tokens (EMTs). It seeks to clarify how national competent authorities (NCAs) should approach the authorisation and supervision of crypto-asset service providers (CASPs) that engage in EMT-related activities during the transitional period before PSD3 and the Payment Services Regulation (PSR) come into effect. The EBA advises the EC, European Council and European Parliament to avoid long-term dual authorisation requirements and advises NCAs to require PSD2 authorisation only after a transition period ending on 2 March 2026, and only for a defined subset of CASPs—specifically those providing services such as the custody and administration of EMTs or facilitating EMT transfers on behalf of clients. NCAs are encouraged to adopt streamlined authorisation procedures that leverage information already submitted during the MiCAR process. Post-transition, NCAs must ensure entities who are not licensed as a payment service provider (PSP) or have not entered partnership with a PSP, are prevented from providing EMT related services that qualify as a payment service.

Read more.

Three Commission Delegated Regulations supplementing Regulation (EU) 2023/1114 (the EU Markets in Crypto Assets Regulation) (MiCAR) have been published in the Official Journal of the European Union, namely:

• Commission Delegated Regulation - 2025/1141 supplementing MiCAR with regards to regulatory technical standards specifying the requirements for policies and procedures on conflicts of interest for issuers of asset-referenced tokens.
• Commission Delegated Regulation - 2025/1140 supplementing MiCAR with regards to regulatory technical standards specifying records to be kept of all crypto-asset services, activities, orders and transactions undertaken.

Read more.

The UK Financial Conduct Authority (FCA) has published quarterly consultation paper No 48, accompanied by a press release, inviting feedback on proposed amendments to its Handbook. Key proposals include:

• Amending guidance in SUP 6.4 to reflect legislative changes introduced in section 415AA of the Financial Services and Markets Act 2000 (FSMA); the deadline for comments is 14 July.
• Streamlining data reporting by decommissioning certain requirements, including changes to REP009 (consumer buy-to-let mortgage aggregated data) reporting frequency and removing nil return requirements for REP008 (notification of disciplinary actions relating to conduct rules staff other than SMF managers); the deadline for comments is 30 June.

Read more.

The UK Financial Conduct Authority (FCA) has published a press release on its leading international crackdown on illegal financial influencers (finfluencers) in collaboration with regulators from Australia, Canada, Hong Kong, Italy and the UAE. This operation, which commenced on 2 June and was led by the FCA, resulted in three arrests, criminal proceedings against three individuals, the issuance of fifty warning alerts and seven cease and desist letters in the UK. The warning alerts will result in over 650 takedown requests for unauthorised financial promotions on social media platforms and websites. The FCA warns finfluencers that they must act responsibly and only promote financial products if authorised, otherwise they will face serious consequences for non-compliance.

The UK Law Commission has published a consultation on reforms to private international law necessitated by emerging technologies such as decentralised ledger technology (DLT). The Law Commissions state that their project has a particular focus on crypto-tokens, electronic bills of lading and electronic bills of exchange because these assets are prevalent in market practice while also posing novel theoretical challenges to the methods by which issues of private international law have traditionally been resolved. The consultation focuses primarily on wholly decentralised applications of DLT. Among other things, the Law Commission proposes:
 

1. To create a new free-standing information order to help claimants who have lost crypto-tokens through fraud or hacking, obtain information about the perpetrators or the whereabouts of their tokens without having to go through the existing gateways.

Read more.

The UK Financial Conduct Authority (FCA) has published consultation paper CP25/14 (CP) on stablecoin issuance and cryptoasset custody, accompanied by an updated webpage. This follows the FCA's discussion paper published in November 2023, which outlines the proposed approach to regulating stablecoins. This new CP is part of the FCA's roadmap for crypto regulation and is intended to be read alongside CP25/15, which sets out the proposed prudential regime for cryptoasset firms (and which we discuss here). In CP25/14, the FCA has proposed rules and guidance for the issuance of qualifying stablecoins and the safeguarding of qualifying cryptoassets, including stablecoins. These activities are expected to become regulated activities under the HM Treasury's draft legislation, the Financial Services and Markets Act 2000 (Regulated Activities and Miscellaneous Provisions) (Cryptoassets) Order 2025 subject to its finalisation.

Read more.

The UK Financial Conduct Authority (FCA) has published consultation paper CP25/15 on its proposed prudential regime for cryptoasset firms, also accompanied by an updated webpage. This is intended to be read together with CP25/14 on stablecoin issuance and cryptoasset custody, which we discuss here. In this consultation paper, the FCA has proposed prudential rules and guidance for cryptoasset firms, including those issuing qualifying stablecoins and safeguarding qualifying cryptoassets, including stablecoins. The proposals introduce a new prudential regime to be integrated through two new sourcebooks: (i) COREPRU which will initially apply to firms carrying on regulated cryptoasset activities; and (ii) CRYPTOPRU, which will contain other sector-specific requirements for firms doing regulated cryptoasset activities, with these firms referred to as CRYPTOPRU firms.

Read more.

The International Organization of Securities Commissions (IOSCO) has issued a statement calling for platform providers to take stronger action against rising investment fraud, driven by increased retail investor activity on digital platforms. It encourages platform providers to leverage the IOSCO International Securities and Commodities Alerts Network (I-SCAN)—a database launched in March that identifies unlicensed firms or those engaging in illegal activities—to block, warn against or remove illegal investment offerings from their platforms. In the statement, IOSCO has also highlighted effective measures used in some jurisdictions to combat online harm involving financial misconduct, including due diligence on unauthorised offerings, rigorous enforcement of compliance with terms of service, strong processes for detecting scams and proactive engagement with financial regulators and government authorities, including referrals of fraudulent activity.

The European Banking Authority (EBA) has published part 1 of its 2024 annual report, with a press release, reflecting on key regulatory and supervisory achievements under its work programme over the past year. These include: (i) progress in the implementation of the Basel III reforms; (ii) the further integration of ESG considerations into regulatory frameworks, via the issuance of guidelines and reports on ESG risks, greenwashing and scenario analysis; (iii) the assessment of financial stability amid high interest rates and geopolitical uncertainties, supported by two risk assessment reports; (iv) the enhancement of regulatory data infrastructure through the EUCLID platform; (v) the development of oversight and supervisory capacity for firms subject to the EU Digital Operational Resilience Act (DORA) and the EU Markets in Crypto-Assets Regulation (MiCAR); and (vi) an enhanced focus on innovation and consumers (including access to financial services) while preparing for the transition to the new anti-money laundering and counter-terrorist financing (AML/CFT) framework.

HM Treasury (HMT) has published a response to its 2024 consultation on regulating Buy-Now, Pay-Later (BNPL) products and laid the draft secondary legislation (Financial Services and Markets Act 2000 (Regulated Activities etc) (Amendment) Order 2025), to implement the proposed regime before Parliament. The consultation response is accompanied by an updated webpage and press release. The proposed regulatory framework aims to bring BNPL products under the UK Financial Conduct Authority's (FCA) oversight, ensuring consumers receive clear information, undergo affordability checks, have access to the Financial Ombudsman Service and benefit from the protections of section 75 of the Consumer Credit Act (CCA)—which imposes liability upon a creditor for breaches by a supplier—should something go wrong with their purchases.

Read more.

The International Organization of Securities Commissions (IOSCO) has published final reports on finfluencers, online imitative trading practices and digital engagement practices, accompanied by a press release. These reports are part of IOSCO's Roadmap for Retail Investor Online Safety to enhance retail investor protection from fraud, excessive risk taking and misinformation, in the digital age.

Read more.

The UK Property (Digital Assets etc) Bill has completed its third reading in the House of Lords with no further amendments and passed to the House of Commons for consideration. The Bill will give effect to recommendations of the Law Commission to confirm in statute that a thing that is digital or electronic in nature is not prevented from being personal property. The Bill had its first reading in the House of Commons on 12 May and it has now been referred to a Second Reading Committee.

The Bank of England (BoE) has published a speech by Sarah Breeden, Deputy Governor for Financial Stability, at the Point Zero Forum. The subject of the speech was the digitalisation of money and assets, and in particular the BoE's focus on interoperability. In terms of general commentary, Ms Breeden highlighted the need to collaborate closely with international partners to ensure safe innovation and support for firms with cross-border transactions. She also emphasised the importance of enabling users to switch seamlessly between different forms of money and across asset classes. To drive interoperability, harmonised technical standards and working with the public sector is needed to understand further how to integrate these new, digital forms of assets and money into the wider financial system.

Read more.

The UK Financial Conduct Authority (FCA) has published a discussion paper (DP25/1) on proposals for regulating cryptoasset activities, with a new webpage and press release. The FCA is seeking to develop a safe, competitive and sustainable crypto sector in the UK that enables innovation and is underpinned by market integrity, in light of the increasing popularity of cryptoassets with UK consumers. The proposals cover the following areas being brought within the FCA's regulatory remit, in line with the draft statutory instrument (SI) and policy note published previously:

• Cryptoasset trading platform. These are entities that will be authorised to operate a qualifying cryptoasset trading platform. The proposed policy has been informed by the current rules and obligations applied to trading venues in traditional financial markets.

Read more.

The European Securities and Markets Authority (ESMA) has published its 2024 report, along with a press release, on the quality and use of data, showcasing significant increase in data use by authorities. The report covers datasets from the European Market Infrastructure Regulation (648/2012) (EMIR), the Securities Financing Transactions Regulation ((EU) 2015/2365) (SFTR), the Markets in Financial Instruments Regulation (600/2014) (MiFIR), the Securitisation Regulation (2017/2402/EU), the Alternative Investment Fund Managers Directive (2011/61/EU) (AIFMD) and the Money Market Funds Regulation ((EU) 2017/1131) (MMF Regulation). This edition also expands the scope to include the European Single Electronic Format (ESEF) data and short-selling data. The report is divided into different sections.

Read more.

The European Securities and Markets Authority (ESMA) has published its final report on the guidelines on supervisory practices for National Competent Authorities (NCAs) to prevent and detect market abuse under the Market in Crypto Assets Regulation (MiCAR), together with a press release. The guidelines are based on Article 92(3) of MiCAR and outline general principles for supervisory practices, drawing on the experience gained under the Market Abuse Regulation. They require supervisory activity to be risk-based and proportionate, aiming for NCAs to foster a common supervisory culture specific to cryptoassets through open dialogue with the industry and collaboration among other NCAs. The guidelines also consider the specific features of crypto trading, such as its cross-border nature and the intensive use of social media. The guidelines will be translated into all EU languages and published by ESMA, becoming effective three months later. ESMA advises NCAs to begin implementing the principles immediately. Competent authorities must notify ESMA within two months of the guidelines being published in all EU languages, on whether they (i) comply, (ii) do not comply, but intend to comply or (iii) do not comply and do not intend to comply with the guidelines.

The European Commission (EC) has adopted a Delegated Regulation supplementing Regulation (EU) 2023/1114 on markets in cryptoassets (MiCAR), with regard to regulatory technical standards (RTS) specifying the arrangements, systems and procedures for persons to prevent, detect and report market abuse, the templates to be used for reporting suspected market abuse and the coordination procedures between competent authorities for the detection and sanctioning of market abuse in cross-border market abuse situations. Article 92(1) of MiCAR mandates that persons professionally arranging or executing transactions (PPAETs) in cryptoassets must have effective arrangements, systems and procedures to prevent and detect market abuse. These persons are required to report any reasonable suspicion of market abuse to the competent authority. This includes suspicions regarding an order or transaction, as well as other aspects of the functioning of the distributed ledger technology, where there may be indications that market abuse has been committed, is being committed or is likely to be committed. The Council of the EU and the European Parliament will now scrutinise the Delegated Regulation. The Delegated Regulation will enter into force on the twentieth day following its publication in the Official Journal of the European Union.

The HM Treasury (HMT) has published a draft of The Financial Services and Markets Act 2000 (Regulated Activities and Miscellaneous Provisions) (Cryptoassets) Order 2025, together with an accompanying policy note. The policy note explains that the draft statutory instrument:

• Amends the Financial Services and Markets Act 2000 (Regulated Activities) Order 2001 ("the RAO") to (i) define "qualifying cryptoassets" and "qualifying stablecoin", and classify them as specified investments under the Financial Services and Markets Act 2000 ("FSMA"); and (ii) specify certain activities related to these assets as regulated activities, such that persons carrying on those activities need to be authorised for that activity by the FCA.

Read more.

The European Banking Authority (EBA) has issued its final report on draft regulatory technical standards (RTS) amending Commission Delegated Regulation (EU) 2018/1108, on the criteria for the appointment of central contact points for electronic money issuers and payment service providers and with rules on their functions under Article 45(10) of Directive (EU) 2015/849 (MLD4). The draft RTS extend the amended Delegated Regulation to define when cryptoasset service providers (CASPs) must appoint a central contact point. A central point contact can help to ensure compliance with local Anti-Money Laundering/Countering the Financing of Terrorism (AML/CFT) obligations in cases where a CASP authorised in one EU Member State is providing services to another EU member state. The RTS set out: (i) the conditions under which CASPs should appoint a central contact point; and (ii) the roles and responsibilities of that central contact point. The draft RTS will be submitted to the Commission for endorsement, following which it will be put to the European Parliament and the Council for scrutiny, before being published in the Official Journal of the European Union.

The Financial Services Regulatory Initiatives Forum (the Forum) has published the Regulatory Initiatives Forum Grid (the Grid), with the UK Financial Conduct Authority (FCA) also updating its webpage. The previous Grid was due to be published in May 2024 but was postponed due to the General Election, meaning the Forum published only an interim update in October 2024.

The 2025 Grid sets out the regulatory pipeline for the next 24 months and reflects the reprioritisation that has taken place since the new government came into power. Notable initiatives include:

• motor finance commission review: the FCA intends to confirm, within six weeks of the Supreme Court's decision on past use of discretionary commission arrangements by motor finance firms, whether it will propose a redress scheme;
• liquidity risk management in funds: the FCA will consult on refined proposals regarding liquidity risk management in funds to implement FSB and IOSCO guidelines;
• Consumer Composite Investments (CCI) Regulation: the FCA published a second consultation paper on the new CCI regime on 16 April (see our update) and plans to issue a Policy Statement with final rules in late 2025;

Read more.

The UK Financial Conduct Authority (FCA) has published a webpage summarising the findings from its multi-firm review of trading apps, together with a press release. The FCA notes that this is a growing sector allowing more retail investors easier access to a wider range of investments which can help to improve financial lives. Some trading apps, though, offer high-risk investments that were traditionally aimed at wholesale markets. The FCA's review made a series of findings, including on:

• business models: trading app firms operate in various ways. The FCA stresses that regulated firms must ensure they understand the Handbook's requirements for manufacturers and distributors, regardless of their business model, and that firms with overseas affiliates must clearly inform customers that their trading agreement is with the overseas entity and disclose any potential loss of asset protection.
• target markets: firms are likely to be both manufacturers of a trading app and distributors of products sold on it, and therefore should consider the relevant rules under PRIN 2A.3 and PROD 3 on the need to identify a target market for the products and services they manufacture and distribute. The FCA found some firms had not specified their target market at a sufficiently granular level and, in some cases, offered lower-risk and less complex products alongside more complex or high-risk ones.

Read more.

The Bank of England (BoE) has published a series of documents regarding its work on implementing the digital pound. The Digital Pound Experiment Report on Offline Payments assesses the technical feasibility of implementing an offline payment functionality for a digital pound to ensure that the digital pound can be used without an internet connection, enhancing its accessibility and resilience. While it might be technically feasible, there are trade-offs, particularly around user experience and preventing double spending and counterfeiting, that make implementing it challenging. No final decision has been made yet on whether an offline payment functionality will be implemented. The minutes of the CBDC Engagement Forum (November 2024) sets out continued stakeholder discussions on the progress of the digital pound, highlighting the benefits for consumers and merchants, such as innovation and cost efficiency, but also the challenges, including ensuring strong performance at all levels of payment volume, operational costs and security and network connectivity issues. The Intermediary Roles and Scheme Rulebook Design Note outlines the roles and responsibilities of digital pound intermediaries and a preliminary conceptual framework for a digital pound rulebook (or similar document) to support the proper management of the digital pound if launched.

Six Commission Delegated Regulations supplementing Regulation 2023/114 (the EU Markets in Crypto Assets Regulation) (MiCAR) have been published in the Official Journal of the European Union (OJ), namely:

• Commission Delegated Regulation – 2025/300 supplementing MiCAR with regard to regulatory technical standards (RTS) on information to be exchanged between competent authorities.
• Commission Delegated Regulation – 2025/305 supplementing MiCAR with regard to RTS specifying information to be included in an application for authorisation as a crypto-asset service provider (CASP).
• Commission Delegated Regulation – 2025/413 supplementing MiCAR with regard to RTS specifying the detailed content of information necessary to carry out the assessment of a proposed acquisition of a qualifying holding in an issuer of an asset-referenced token.

Read more.

The UK Financial Conduct Authority (FCA) has published its Handbook Notice 128 which (among other things) confirms Handbook changes made by the Digital Securities Depositories Instrument 2025 (FCA 2025/14). The instrument makes changes to the glossary and market conduct sourcebook sections of the FCA handbook confirming how the FCA Handbook applies to authorised persons carrying out digital securities depository and ancillary activities in the FCA's digital securities sandbox. In summary, the core functions of a digital securities depository and category 1 ancillary activities (being activities which are carried on for the purpose of enabling those core functions) will be treated as unregulated activities, while category 2 ancillary activities (being other ancillary activities not classed as category 1) will continue to be subject to relevant parts of the FCA Handbook, as applicable.

This change was made in conjunction with updates to the UK Bank of England and FCA guidance on the operation of the digital securities sandbox (on 27 March) confirming how ancillary services would be included in a participant firm's sandbox approval notice. The updates also clarify that banking-type ancillary service providers would need to hold Part 4A permission to accept deposits, and other relevant permissions, to carry on any other regulated activity for both core cash settlement and other ancillary banking services.

Official translations of the guidelines on certain aspects of the suitability requirements and format of the periodic statement for portfolio management activities under the EU Markets in Crypto Assets Regulation (MiCAR) have been published on the European Securities and Market Authority's (ESMA's) website. These guidelines apply to competent authorities and cryptoasset service providers (CASPs) where they provide advice on cryptoassets or portfolio management of cryptoassets. They specify the suitability requirements under Article 81(1), (7), (8), (10), (11) and (12) of MiCAR and the requirements applicable to the format of the periodic statement to be provided by CASPs in accordance with Article 81(14) of MiCAR. The guidelines apply from 25 May. Competent authorities must notify ESMA by 25 May whether they (i) comply, (ii) do not comply, but intend to comply, or (iii) do not comply and do not intend to comply with the guidelines, with their reasons for not complying. Financial market participants are not required to report whether they comply with these guidelines.

Four Commission Delegated Regulations supplementing Regulation 2023/1114 (MiCAR) have been published in the Official Journal of the EU, namely:

• Commission Delegated Regulation - 2025/415 supplementing the EU Markets in Crypto Assets Regulation (MiCAR) with regard to regulatory technical standards specifying adjustment of own funds requirement and minimum features of stress-testing programmes of issuers of asset-referenced tokens or of e-money tokens.
• Commission Delegated Regulation - 2025/418 supplementing MiCAR with regard to regulatory technical standards specifying the minimum content of the governance arrangements on the remuneration policy of issuers of significant asset-referenced or e-money tokens.
• Commission Delegated Regulation - 2025/419 supplementing MiCAR with regard to regulatory technical standards specifying the procedure and timeframe for an issuer of asset-referenced tokens or of e-money tokens to adjust the amount of its own funds.
• Commission Delegated Regulation - 2025/421 supplementing MiCAR with regard to regulatory technical standards specifying the data necessary for the classification of crypto-asset white papers and the practical arrangements to ensure that such data is machine-readable.

Each of these delegated regulations will enter into force on 13 April.

The European Securities and Markets Authority (ESMA) has published official translations of its guidelines on the conditions and criteria for the qualification of cryptoassets as financial instruments under Article 2(5) of the Markets in Cryptoassets Regulation (MiCAR). The guidelines will now apply from 18 May to competent authorities and financial market participants including issuers, offerors, cryptoasset service providers, investors and all persons engaging in activities relating to cryptoassets. National competent authorities must notify ESMA whether they comply, do not comply but intend to comply, or do not intend to comply with the joint guidelines by 18 May. Financial market participants are not required to report whether they comply.

The UK Chancellor of the Exchequer has announced details of the launch of the procurement process for the pilot digital gilt instrument (DIGIT) issuance. The pilot aims to: (i) enable the government to explore how distributed ledger technology (DLT) can be applied across the lifecycle of the UK sovereign debt issuance process; and (ii) catalyse the development of UK based DLT infrastructure and the adoption of DLT in UK financial markets. It is expected that:

• DIGIT will be issued on a platform within the Digital Securities Sandbox (DSS), and suppliers will need to obtain any necessary permissions from the Bank of England and the FCA to operate in the DSS before they will be eligible for selection under the associated procurement.
• Given that the use of 'unbacked cryptocurrencies' or stablecoins are not within the scope of the DSS, these solutions will not be available for the purposes of the payment leg of any DIGIT transaction.

Read more.