In this special edition of our regular update, we round-up FinTech-related regulatory developments for the period of 13 December 2021 to 7 January 2022.


ISDA: Contractual standards for digital asset derivatives

The International Swaps and Derivatives Association (ISDA) has published a paper exploring key issues in developing contractual standards for digital asset derivatives. In particular, the paper:

  • identifies novel technology and market-driven events that could disrupt the operation of a digital asset derivatives transaction and provides a framework for dealing with these events;
  • explores how digital assets (and the derivatives that reference them) can be valued and what happens when a valuation cannot be obtained; and
  • analyses how digital assets might interact with the existing ISDA documentation architecture, including the ISDA Master Agreement and industry standard collateral documentation.

ISDA has also published a supplement to the paper that sets out a granular, technical analysis of different ISDA product definitions and their potential applicability to digital asset derivatives. [14 Dec 2021]





BoE: Minutes of the CBDC Technology Forum – 30 November 2021

The Bank of England (BoE) has published the minutes of the Central Bank Digital Currency (CBDC) Technology Forum held on 30 November 2021. The minutes cover the Forum’s discussion of models of CBDC provision and privacy in a CBDC system. [6 Jan 2022]

FCA: Individual charged for failing to provide key passwords for seized devices

The FCA has published a statement confirming that an individual has appeared in court following an action it brought for his failing to provide passwords for various laptops and phones. The individual has been charged with failing to comply with a Statutory Notice issued under Section 49 of the Regulation of Investigatory Powers Act 2000 (RIPA 2000). This is the first prosecution by the FCA in relation to this offence. [22 Dec 2021]



HMT: UK-US Financial Regulatory Working Group

HMT has published a joint statement by the UK-US Financial Regulatory Working Group following its fifth meeting, which was held virtually on 15 December 2021. The Working Group meeting focused on seven themes: (1) international and bilateral cooperation, (2) sustainable finance, (3) crypto-assets and central bank digital currencies (CBDCs), (4) benchmark transition, (5) cross-border regimes, (6) critical third-party providers, and (7) banking and insurance. Participants will continue to engage bilaterally on the topics discussed at the meeting, as well as other topics of mutual interest ahead of the next Working Group meeting, which is expected to occur in the spring of 2022. [20 Dec 2021]



JMLSG: Revisions to guidance

The Joint Money Laundering Steering Group (JMLSG) has published amendments to Part I Chapter 5.7 (Monitoring customer activity) of its Guidance, together with an amendment for clarification purposes to Part II Sector 16. The new text is available under the ‘Revisions’ tab under ‘Guidance’, and has been submitted to HMT for Ministerial approval. [20 Dec 2021]

PSR: Updates to SDs on Pay.UK – lowering risks to NPA delivery

The Payment Systems Regulator (PSR) has published updates to Specific Directions (SDs) two and three on Pay.UK to implement decisions on lowering risks to new payments architecture (NPA) delivery. The updated SDs follow on from the PSR’s consultation paper (CP21/8) to which the PSR has also published its response.

The changes to the SDs come into force on 1 January 2022. [16 Dec 2021]



PRA: Statement on the 2022 cyber stress test on the retail payment system

The PRA has announced that it will invite a number of firms to participate in a voluntary cyber stress test. The stress test, which was announced in March 2021, will focus on a severe data integrity incident as the disruption scenario and will test firms’ ability to meet the impact tolerance for payments in a severe but plausible scenario.

The cyber stress test is a separate but complementary exercise to the PRA’s operational resilience policy. However, it is the PRA’s expectation that firms will be able to draw on their own preparations for the operational resilience policy for the purpose of the cyber stress test.

The PRA will contact the firms selected for invitation, and they will receive more information about the test in due course. [14 Dec 2021]



BoE: Financial Policy Summary and Record December 2021

The Bank of England (BoE) has published the Financial Policy Committee’s (FPC) Financial Stability Report. The report addresses UK bank resilience, debt vulnerabilities, risk-taking in global financial markets, the UK countercyclical buffer rate, the FPC’s mortgage market recommendations, and building the resilience of the financial system. Additionally, the FPC discussed the risk of cryptoassets and noted that financial institutions should take an especially cautious and prudent approach to any adoption of these assets until a regulatory regime is in place. [14 Dec 2021]

HoL/HoC: Joint committees report of session on the draft OSB

The House of Lords (HoL) and House of Commons (HoC) Joint Committee on the draft Online Safety Bill (OSB) has published a report on the draft OSB. Amongst other comments and suggested amendments, the Committee welcomes the inclusion of fraud and scams within the draft Bill. The Committee believes that prevention must be prioritised and this requires platform operators to be proactive in stopping fraudulent material from appearing in the first instance and not simply removing it when reported. The Committee also suggested that the Bill should contain provisions requiring information-sharing and regulatory cooperation between relevant regulators and enforcement bodies. [14 Dec 2021]




ESMA: Call for Evidence on DLT Pilot Regime and review of MiFIR RTS on transparency and reporting

ESMA has published a call for evidence on the distributed ledger technology (DLT) pilot regime and the extent to which RTS developed under the Markets in Financial Instruments Regulation (MiFIR) in relation to regulatory reporting and transparency require changes so as to be applicable to securities issued, traded and recorded on DLT. The DLT Pilot Regulation is not yet finalised, although a political agreement between the European Parliament and the Council of the EU was reached on 24 November 2021. The DLT Pilot Regulation is expected to apply in early 2023.

Feedback is requested by 4 March 2022. Based on the feedback received, ESMA will consider whether amendments to the MiFIR RTS are necessary. If amendments are necessary, ESMA will consult on its proposal before submitting the final draft RTS to the European Commission for adoption. [4 Jan 2022]



EPC issues Brexit reminder to SEPA payment scheme participants

The European Payments Council (EPC) has issued a reminder to all Single European Payment Area (SEPA) payment scheme participants to include the required additional information when transactions involve a UK-based SEPA payment scheme participant. [21 Dec 2021]



EBA: Final report on draft RTS setting up AML/CFT central database

The EBA has published draft RTS setting up a central database on anti-money laundering and countering the financing of terrorism (AML/CFT) and specifying the materiality of weaknesses, the type of information collected, the practical implementation of the information collection and the analysis and dissemination of the information contained therein. The European Reporting system for material AML/CFT weaknesses (EuReCA) is expected to be a key tool in the coordination of AML/CFT efforts in the EU. EuReCA will start to receive data in Q1 2022. [20 Dec 2021]





EBA: Feasibility study on IRS

The EBA has published its final report on the feasibility study of an integrated reporting system (IRS). This study is part of a broader strategy of the EC to improve and modernise EU supervisory reporting while minimising the aggregate reporting burden for all parties.

The report identifies both feasible immediate next steps to move towards integration and areas that require further investigation. The report highlights a number of short-term actions which could be developed into a detailed roadmap, including: developing a common data dictionary; drawing best practices for data integration; and providing an estimate of the resources needed to achieve integration objectives. [16 Dec 2021]




EBA: Guidelines to strengthen AML/CFT supervision in the EU

The EBA has published its revised Guidelines on risk-based supervision of credit and financial institutions’ compliance with anti-money laundering and countering the financing of terrorism (AML/CFT) obligations. The Guidelines set out the steps supervisors should take to ensure adequate AML/CFT oversight of their sector and support the adoption, by credit and financial institutions, of effective ML/TF risk management policies and procedures.

The EBA has also published its final Guidelines setting out how prudential supervisors, AML/CFT supervisors and financial intelligence units (FIUs) should cooperate and exchange information in relation to AML/CFT, in line with provisions laid down in the Capital Requirements Directive (CRD). The Guidelines facilitate and support the cooperation and information exchange throughout the supervisory life cycle from authorisation, through on-going supervision to the imposition of supervisory measures and sanctions. [16 Dec 2021]

EC: Strategy on supervisory data in EU financial services

The EC has published a communication on its strategy on supervisory data in EU financial services. The strategy aims to modernise EU supervisory reporting and put in place a system that delivers accurate, consistent, and timely data to supervisory authorities at EU and national level. The communication sets out the current challenges in this area and how the strategy will help to resolve these. The EC has also published a set of question and answers (Q&As) on the strategy. [15 Dec 2021]






Quarterly Statement by the Council of Financial Regulators – December 2021

The Council of Financial Regulators held its quarterly meeting discussing the Council’s work on payments and crypto-assets, cyber security and the financial risks related to climate change. [16 Dec 2021]




Hong Kong

CGFin convenes first meeting discussing latest developments in fintech

The Coordination Group on Implementation of Fintech Initiatives (CGFin) convened its first meeting on 28 December 2021, where representatives of the government and financial regulators and representatives from the financial services sector, academia and research institutions exchanged views on the latest developments in fintech.

The CGFin is chaired by the Secretary for Financial Services and the Treasury (currently, Mr Christopher Hui).  Its members include the Permanent Secretary for Financial Services and the Treasury (Financial Services) and the Under Secretary for Financial Services and the Treasury, as well as representatives of the HKMA, the SFC, the Insurance Authority, the Mandatory Provident Fund Schemes Authority, Invest Hong Kong, Cyberport and the Hong Kong Science and Technology Parks Corporation.

The CGFin has been established to holistically review and supervise fintech development in Hong Kong, covering key areas including collaboration with the Mainland and overseas markets, financial infrastructures, regulatory regimes, cybersecurity, promotion, talent development and other cross-sectoral fintech co-ordination, with a view to ensuring the government’s policy and regulations are proactive enough to promote the further development of fintech in Hong Kong.

The following are some of the developments discussed at the meeting:

  • The People’s Bank of China (PBoC) and the HKMA are actively building on a “one-stop platform” for fintech innovation supervisory co-operation in the form of a “network link-up” in the Guangdong-Hong Kong-Macao Greater Bay Area, with a view to finalising the implementation details as soon as possible.
  • The Commercial Data Interchange has now entered the pilot launch stage and is expected to officially launch by the end of 2022.
  • A new round of the Financial Practitioners FinTech Training Programme would be rolled out by the Financial Services and the Treasury Bureau and Cyberport soon.  Progress is being made on the development of professional qualification standards under the Qualifications Framework for the fintech sector.  [28 Dec 2021]


HKMA outlines progress made in developing CDI and encourages active participation by industry

The HKMA has issued a circular to outline the risk management benefits offered by the Commercial Data Interchange (CDI) and encourage active participation by authorised institutions (AIs).

Announced as part of the HKMA’s “Fintech 2025” strategy, the CDI is a next-generation financial data infrastructure that aims to promote efficient financial intermediation in the banking system.  AIs connected to the CDI will be able to safely and quickly access the business data of corporates and connect with new data providers with minimal effort.

The HKMA has recently completed a CDI Proof-of-Concept study on how alternative data can be used to facilitate the credit assessment process for lending to small and medium-sized enterprises (SMEs) (see our previous update).  The results are encouraging and the HKMA’s Fintech Facilitation Office will explore how the CDI can enhance AIs’ risk management processes in other areas, including linking up the CDI with a commercial credit rating agency to enable banks to access credit data, and onboarding the Companies Registry as a data provider to enable new know-your-customer use cases.

Given the CDI’s potential as a risk management tool, the HKMA strongly encourages AIs to develop plans to connect their systems to the CDI.  In particular, AIs with material SME financing business are expected to join the CDI by the end of 2022.  [23 Dec 2021]




HKMA consults on new SPM module OR-2 “Operational Resilience” and revisions to modules OR-1 “Operational Risk Management” and TM-G-2 “Business Continuity Planning”

The HKMA has released the following Supervisory Policy Manual (SPM) draft modules for industry consultation:

Comments are required to be submitted by 4 February 2021.

The new module OR-2 sets out the HKMA’s supervisory approach to operational resilience and provide authorised institutions (AIs) with guidance on the general principles which they are expected to consider when developing their operational resilience framework.  The HKMA expects all AIs in Hong Kong to be operationally resilient and will consider an AI to be so if it is able to satisfy the following requirements:

  • Identify and mitigate risks that may threaten delivery of critical operations;
  • Continue to deliver critical operations when disruptions occur, including under severe but plausible scenarios;
  • Resume normal operations in a timely manner after disruptions occur; and
  • Absorb learnings from disruptions or near-misses.

At minimum, an AI should include the following components within its operational resilience framework:

  • Mechanism for determining the operational resilience parameters;
  • Mapping exercises;
  • Risk management policies and frameworks;
  • Scenario testing; and
  • An incident management programme.

It is proposed that by one year after module OR-2 is issued, the HKMA expects an AI to have developed its operational resilience framework, and determined the timeline by which it will have implemented the framework and become operationally resilient.

Revisions to modules OR-1 and TM-G-2 have been proposed to (among others) introduce operational resilience elements and align with the new module OR-2.  [22 Dec 2021]

HKMA issues circular on updated FX Global Code

The HKMA has issued a circular to provide guidance to authorised institutions (AIs) on complying with the latest version of the FX Global Code published by the Global Foreign Exchange Committee on 15 July 2021.

The FX Global Code was first published in May 2017 and most in-scope AIs (or the banking groups they belong to) have issued a statement of commitment to the code.  The latest version strengthens the guidance on areas including anonymous trading, algorithmic trading and transaction cost analysis, disclosures and settlement risk.

In accordance with the HKMA’s Supervisory Policy Manual module CG-6 “Competence and Ethical Behaviour”, AIs should maintain adequate systems of control to ensure that their staff members observe any codes of conduct or standards issued by the professional bodies of which they are members or associates, including the Treasury Markets Association Code of Conduct and Practice (TMA Code).  Since the FX Global Code has been incorporated as part of the TMA Code since 2017, the HKMA expects all AIs to take appropriate steps to:

  • review their practices in light of the updated FX Global Code and ensure that they maintain adequate systems of control to support their observance of the code; and
  • demonstrate such status by issuing or renewing the statement of commitment as provided in Annex 3 of the FX Global Code and providing it to the Treasury Markets Association at on or before 15 July 2022.  [17 Dec 2021]


SFC to launch next generation digital licensing platform on WINGS on 3 January 2022

The SFC has issued a circular to inform intermediaries that it will launch its next generation licensing platform (with fully digitalised licensing functions) on WINGS on 3 January 2022.

The digitalised functions will include web-based licensing forms with auto-fill and pre-set validation features, electronic signatures, expanded administration capabilities (such as tracking the progress of applications) and more electronic payment methods.  A new, secure two-way communication channel – WINGS Mail – will allow the industry to conveniently interact with the SFC.

In addition, a companion mobile app – the WINGS Mobile App – will be available for download on Google Play and the Apple App Store in late January 2022.

The SFC Online Portal will be closed at 6:00pm on 30 December 2021.  Certain licensing applications, annual returns and notifications submitted via the Online Portal will be available on WINGS, but draft applications and submissions stored on the Online Portal will not be transferred to WINGS.  Users should therefore review their records and documents currently stored on the Online Portal and keep a copy of them if necessary.  Licensees whose annual returns become due between 30 December 2021 to 2 January 2022 should submit their annual returns via the Online Portal prior to 6:00pm on 30 December 2021.

The SFC will continue to accept paper corporate application forms until 31 March 2022.  A videouser guides and online demo clips are available on the SFC website to help the industry understand the new features.  [15 Dec 2021]



HKMA announces enhancements to Code of Banking Practice implemented on 10 December 2021

The HKMA has announced enhancements to Code of Banking Practice, jointly issued by the Hong Kong Association of Banks and the DTC Association with the HKMA’s endorsement.  The revised code took effect on 10 December 2021.

Authorised Institutions are expected to comply with the new provisions as soon as possible within 6 months of 10 December 2021, with an extension of up to 12 months for provisions requiring more extensive system enhancements.

The pandemic has accelerated the industry’s use of digital channels to deliver services and increased consumer demand for digital banking services.  The Code of Banking Practice Committee, comprising representatives of the industry associations and the HKMA, has therefore formulated enhancement measures to ensure that protection to customers will not be affected due to provision of digital services or services via new digital channels by banks.

The enhancements to the code aim to:

  • enhance customer experience and protection in digital banking services, including requiring banks to clearly disclose product information when undertaking promotions through social media and provide information to customers in a storable digital format to facilitate retention for future reference, providing channels for the public to authenticate digital promotional activities of banks, and issuing warnings on specific security risk events (such as cyber fraud) to customers;
  • strengthen protection and transparency of banking services, such as providing more information on credit card chargeback mechanisms, enhancing information disclosure on local and cross-boundary transfers, and strengthening the procedures for handling mis-transfers of funds by customers; and
  • further promote financial inclusion to ensure that customers with different needs are provided with appropriate banking services, such as requiring banks to take into account the needs of customers for physical banking services when modifying their branch networks.

The HKMA and the industry are reviewing other parts of the code and will announce the details in due course.  [10 Dec 2021]






SNDGO, IMDA and MAS joint letter to the editor: Impact of digitalisation on seniors

In a joint letter to the editor, the Smart Nation and Digital Government Office (SNDGO), Infocomm Media Development Authority (IMDA) and the Monetary Authority of Singapore (MAS) addressed matters regarding the impact of digitalisation on seniors which had been raised in letters published in The Straits Times.  The letter explains how the authors, while promoting digitalisation, are also supporting users that need help.  [6 Jan 2022]

MAS: New financial cooperation initiatives between Singapore and China

In a press release, MAS has highlighted a number of new initiatives to expand and strengthen financial cooperation between Singapore and China, particularly in capital markets and green finance. These initiatives were discussed at the 17th Joint Council for Bilateral Cooperation (JCBC) between Singapore and China.  The new initiatives include:

  • ETF Connect – Singapore Exchange (SGX) and Shenzhen Stock Exchange have signed a Memorandum of Understanding (MoU) to establish an Exchange Traded Funds (ETF) Product Link to enable eligible fund managers to offer ETF products to investors in each other’s markets.
  • Bond platform linkage – SGX and China Foreign Exchange Trade System (CFETS) are in discussions to establish connectivity between their bond trading platforms.
  • Green Finance – MAS and the People’s Bank of China (PBC) will explore deeper public-private sector collaboration in green finance, particularly in key areas, such as taxonomies and green FinTech.  [29 Dec 2021]
MAS keynote: ‘Building Talent to Fuel the Future of Financial Services’

MAS has published the keynote speech delivered by Dr Tan See Leng, Minister for Manpower at the Institute of Banking and Finance Distinction Evening 2021. The Minister highlighted that the shifting growth patterns in the financial services sector will have profound impact on skills needs. He raised three examples – the increasing role for Smart Capital, the continued rise of the Digital Economy, and greater emphasis placed on Sustainability.  [16 Dec 2021]




BNM MyFinTech Week 2022

In a press release, Bank Negara Malaysia (BNM) has set out details of the forthcoming MyFinTech Week 2022, which will take place from 24 to 28 January 2022.  The theme of this year’s event is ‘Advancing Digitalisation for Recovery, Sustainability, Inclusion’; it will also see the launch of Malaysia’s Financial Sector Blueprint 2022-2026.  [6 Jan 2022]

BNM exposure draft: Payment Cards Framework

BNM has published an exposure draft which sets out proposed measures to foster a safe, efficient and transparent payment card industry in Malaysia. The measures also aim to ensure the cost of accepting payment cards remains fair and reasonable, which will help promote wider acceptance and usage of payment cards. Alongside the exposure draft, BNM has published a list of frequently asked questions (FAQs).

Feedback is requested by 15 February 2022.  [6 Jan 2022]

BNM consults on licensing framework for DITOs

BNM has published its Discussion Paper on Licensing Framework for Digital Insurers and Takaful Operators (DITOs) which outlines the proposed framework for licensing new digital insurers and takaful operators (DITOs) to encourage digital innovation.  The Discussion Paper covers the requirements for entry, such as criteria in assessing an application and capital requirement, and explores new business models such as risk-sharing.

BNM aims to issue an Exposure Draft upon obtaining feedback from the Discussion Paper. This will be followed by a Policy Document on prudential and business conduct requirements for DITOs in 2022. The applications for a DITO licence will be open at a later date. Feedback on the Discussion Paper is requested by 28 February 2022.  [4 Jan 2022]

BNM exposure draft – Payment System Operator

The Bank Negara Malaysia (BNM) has released an exposure draft setting out proposed requirements and guidance for payment system operators approved pursuant to section 11 of the Financial Services Act 2013 (FSA) or the Islamic Financial Services Act 2013 (IFSA).

The proposals outline the regulatory requirements that approved payment system operators must fulfil to ensure the safety, efficiency and reliability of payment systems; preserve public confidence in the payment systems and the payment instruments; and ensure payment systems are aligned with relevant international standards, such as the international Principles for Financial Market Infrastructures (PFMI).

Comments on the exposure draft are requested by 31 March 2022.  [15 Dec 2021]




RBI framework for offline, small value digital payments

The RBI has published a framework for facilitating small value digital payments in offline mode. An offline digital payment means a transaction which does not require internet or telecom connectivity. Under this new framework, such payments can be carried out face-to-face (proximity mode) using any channel or instrument like cards, wallets, mobile devices, etc.

Offline transactions are expected to give a push to digital transactions in areas with poor or weak internet or telecom connectivity, particularly in semi-urban and rural areas. The new framework is immediately applicable.  [3 Jan 2022]

RBI notification – Storage of actual card data

The RBI has issued a notification to all payment system providers and participants regarding the restriction on the storage of actual card data, i.e., card-on-file (CoF). The notification advises that the RBI has extended the timeline for storing CoF data by six months (i.e., to June 30, 2022); after this date, such data shall be purged.  Further, in addition to tokenisation, stakeholders may devise alternate mechanisms to handle any use case or post-transaction activity that currently involves storage of CoF data by entities other than card issuers and card networks.  [23 Dec 2021]



RBI speech: ‘Ownership & Governance – Building the Edifice for Digital Innovations’

The RBI has published the remarks delivered by its Deputy Governor, Shri M. Rajeshwar Raoin, at the Mint Annual Banking Conclave in Mumbai.  The Deputy Governor focused on how business conduct and governance assume greater relevance in times of innovation, change and business disruption.  [15 Dec 2021]





BSP launches Open Finance Framework

​The Bangko Sentral ng Pilipinas (BSP) has announced the formal launch of the Open Finance Framework, which aims to promote collaborative partnerships and digital transformation as key enablers towards economic resilience and financial inclusion. The BSP explains that Open Finance is the extension of data sharing principles, assigning greater control to customers over their own data and enabling them to allow third party providers access to their data across multiple financial products and services.

In establishing a more defined program for the implementation of Open Finance, the BSP has adopted the three-year Open Finance Roadmap 2021-2024. The roadmap outlines priority actions that would require capacity building, development, and adoption of industry-accepted standards under a test-and-learn approach, and the implementation of a robust and scalable framework fundamental to establishing an Open Finance ecosystem.  [5 Jan 2022]



BSP encourages use of alternative data

In a press release, the BSP called on the industry to explore the use of alternative or non-traditional consumer data in its efforts to design, improve, and deliver financial services. The BSP’s communication highlights as one example, the use of alternative data in credit scoring which may benefit consumers.  [2 Jan 2022]





Fed issues update to Payments Study

The Federal Reserve (Fed) has issued an update to the Federal Reserve Payments Study (FRPS) to include findings from recent survey data. The findings highlight changes in card payments and increased adoption of innovative payment methods following the emergence of Covid-19. [22 Dec 2021]

SEC Charges Five Russians in $80 Million Hacking and Trading Scheme

The SEC has announced fraud charges against five Russian nationals for engaging in a multi-year scheme to profit from stolen corporate earnings announcements obtained by hacking into the systems of two US-based filing agent companies.

The SEC’s complaint alleges use of deceptive hacking techniques to access the filing agents’ systems and theft of not-yet-public corporate earnings announcements stolen from those systems to his co-defendants.

The SEC’s complaint charges each of the defendants with violating the antifraud provisions of the federal securities laws and related SEC antifraud rules and seeks a final judgment ordering the defendants to pay penalties, return their ill-gotten gains with prejudgment interest, and enjoining them from committing future violations of the antifraud laws. [20 Dec 2021]






Herbert Smith Freehills LLP is licensed to operate as a foreign law practice in Singapore. Where advice on Singapore law is required, we will refer the matter to and work with licensed Singapore law practices where necessary.