In this regular update, we round-up FinTech-related financial services regulatory developments for the week ending 16 September 2022.


Recent updates from Herbert Smith Freehills include:


BIS: Working paper on cyber risk in central banking

The Bank for International Settlements (BIS) has published a working paper on cyber risk in central banking. The paper sets out the results of a survey among members of the Global Cyber Resilience Group on cyber risk and its challenges for central banks. The results show that central banks have notably increased their cyber security-related investments since 2020, giving technical security control and resiliency priority. In particular, it highlights that central banks see phishing and social engineering as the most common methods of attack, and the potential losses from a systemically relevant cyber attack are deemed to be large, especially if the target is a big tech providing critical cloud infrastructures. [14 Sep 2022]

BCBS: Update on work on Basel III, climate-related financial risks and cryptoassets 

The Basel Committee on Banking Supervision (BCBS) has published an update following a meeting of the Group of Central Bank Governors and Heads of Supervision (GHOS) on 12 September 2022. In the update, the GHOS reaffirmed its expectations on the implementation of the Basel III framework and provided direction on priority areas of work by the BCBS, including climate-related financial risks and cryptoassets. [14 Sep 2022]




TSC: CfE on the crypto-asset industry – updated deadline

The Treasury Committee (TSC) has updated the deadline for responses to its call for evidence (CfE) on the crypto-asset industry from 12 September 2022 to 21 September 2022. The CfE will examine the potential risks and opportunities associated with the use of crypto-assets, their impact on social inclusivity and the possible need for regulatory change in the future. [13 Sep 2022]




ECB: Speech on impact of suptech on European banking supervision 

The European Central Bank (ECB) has published a speech by Elizabeth McCaul, Member of the Supervisory Board, on the impact of suptech on European banking supervision. In her speech, Ms McCaul explains how the ECB is using supervisory technology (suptech) to transform European banking supervision. In particular, she highlights the importance of:

  • the Single Supervisory Mechanism (SSM) Digitalisation Blueprint, an innovation model within the SSM and the central suptech hub;
  • fostering a digital culture;
  • nurturing innovation and supporting the growing global suptech community;
  • delivering and hosting innovative tools and systems; and
  • developing a shared IT landscape. [14 Sep 2022]



ESAs: Joint report on risks amid a deteriorating economic outlook

The European Supervisory Authorities (ESAs) have issued their Autumn 2022 joint risk report. The report highlights that the deteriorating economic outlook, high inflation and rising energy prices have increased vulnerabilities across the financial sectors. In light of the risks and vulnerabilities, the Joint Committee advises national competent authorities (NCAs), financial institutions and market participants to take the following policy actions:

  • financial institutions and supervisors should continue to be prepared for a deterioration in asset quality in the financial sector and monitor developments;
  • the impact of further increases in policy rates and of potential sudden increases in risk premia on financial institutions and market participants at large should be closely monitored;
  • financial institutions and supervisors should closely monitor the impact of inflation risks;
  • supervisors should continue to monitor risks to retail investors, in particular with regard to products where consumers may not fully realise the extent of the risks involved, such as crypto-assets; and
  • financial institutions and supervisors should continue to carefully manage environmental risks and cyber risks to address threats to information security and business continuity. [12 Sep 2022]



APRA outlines plans to modernise prudential architecture

APRA has outlined its approach to modernising, clarifying and simplifying the Australian prudential architecture in an information paper released on 12 September 2022. APRA’s plans foreshadow a multi-year program which will improve the prudential standards and guidance for banks, insurers and superannuation funds. APRA Chair Wayne Byres explained that APRA’s “end-goal is a digital framework that will be easier for industry to understand and comply with, and for APRA to supervise and maintain – and ultimately to better protect Australians’ financial interests”. APRA lists its focuses as being:

  1. better regulation – ensuring prudential standards and guidance are easier to navigate, understand and implement;
  2. digital first – exploring how to use technology to support better regulation; and
  3. new risks, new rules – developing new approaches to tackle emerging risks and new business models on the regulatory perimeter. [12 Sep 2022]



MAS launches Financial Services Industry Transformation Map 2025

Mr Lawrence Wong, Deputy Prime Minister and Minster for Finance, and Monetary Authority of Singapore (MAS) Deputy Chairman, has launched the Financial Services Industry Transformation Map (ITM) 2025. The ITM 2025 lays out the growth strategies to further develop Singapore as a leading international financial centre in Asia – to connect global markets, support Asia’s development, and serve Singapore’s economy.  MAS projects the financial sector to grow by an average 4% to 5% per annum during 2021 – 2025 and create 3,000 – 4,000 net jobs on average each year.

The ITM comprises five key strategies:

  • enhance asset class strengths;
  • digitalise financial infrastructure;
  • catalyse Asia’s net-zero transition;
  • shape the future of financial networks; and
  • foster a skilled and adaptable workforce.  [15 Sep 2022]
MAS: Reply to Parliamentary Question – Digital payment token service providers

MAS has published the response to a Parliamentary Question about the Singapore public’s retail exposure to digital payment token service providers licensed by MAS.  Mr Tharman Shanmugaratnam, Senior Minister and Minister in charge of MAS, replied that the data on total cryptocurrency holdings of the Singapore public is not available as transactions involve both Singapore-based and overseas service providers.  The Minister noted that MAS has continued to reiterate its warnings that retail investors should not trade in cryptocurrencies as the prices fluctuate wildly and investors stand to lose all the money they have invested.  [12 Sep 2022]





BoT issues new directions for the development of payment systems

The Bank of Thailand (BoT) has released a new directional paper, Directions for Development of Payment Systems Under the New Financial Sector Landscape of Thailand. The paper sets out Thailand’s three-year payment systems development strategy which will be implemented under three key principles: openness; inclusivity; and resilience.  [15 Sep 2022]

SECT digital asset consultations

The Securities and Exchange Commission, Thailand (SECT) has published two consultations on proposed rules for digital asset business operators:

  • proposed rules to prohibit digital asset business operators from providing crypto deposit taking and lending services; and
  • proposed rules to obligate digital asset business operators to provide risk information to users and setting minimum purchase value per transaction.

Responses to both consultations are requested by 17 October 2022. [15 Sep 2022]




IFSCA issues guidelines and application form for FinTech Incentive Scheme

The Indian Financial Services Centres Authority (IFSCA) has launched the FinTech Incentive Scheme to provide financial support for FinTech activities; IFSCA has issued guidelines and the application form for the scheme.  [12 Sep 2022]




DoJ announces that three Iranian nationals charged with engaging in computer intrusions and ransomware-style extortion against US critical infrastructure providers

The Department of Justice (DoJ) has announced that an indictment was unsealed charging three Iranian nationals with allegedly orchestrating a scheme to hack into the computer networks of multiple US victims. As alleged in the indictment, from October 2020 through to the present, the defendants engaged in a scheme to gain unauthorized access to the computer systems of hundreds of victims in the US, the UK, Israel, Iran, and elsewhere, causing damage and losses to the victims.

The defendants’ hacking campaign exploited known vulnerabilities in commonly used network devices and software applications to gain access and exfiltrate data and information from victims’ computer systems. The defendants and others also conducted encryption attacks against victims’ computer systems, denying victims access to their systems and data unless a ransom payment was made. [14 Sep 2022]



SEC Division of Corporation Finance to add industry offices focused on crypto assets and industrial applications and services

The Securities and Exchange Commission (SEC) has announced plans to add an Office of Crypto Assets and an Office of Industrial Applications and Services to the Division of Corporation Finance’s Disclosure Review Program (DRP). The two new offices will join the seven existing offices that provide focused review of issuer filings and that are grouped by industry expertise to further the Division’s work to promote capital formation and protect investors. The DRP anticipates the new offices will be established later this fall. [9 Sep 2022]



Ukraine-related sanctions information

Regular updates on sanctions and other developments that may impact businesses with interests or operations in Ukraine and/or Russia are available on our FSR and Corporate Crime Notes blog here.



Herbert Smith Freehills LLP is licensed to operate as a foreign law practice in Singapore. Where advice on Singapore law is required, we will refer the matter to and work with licensed Singapore law practices where necessary.