As the global regulatory landscape continues to evolve, Week 18 of 2025 brought a diverse array of updates impacting financial institutions, data protection authorities, and digital innovation regulators. This blog offers a consolidated view of the latest policy proposals, consultation papers, revised technical standards, and collaborative initiatives across major jurisdictions. It highlights key developments in areas such as ESG, AI, crypto, AML/CFT, and data privacy—providing compliance professionals and regulatory stakeholders with timely insights to inform their strategies.
Business Line | Country | Regulator | Regulatory Update | Summary |
All | European Union | European Commission | The European Commission plans to revise the Sustainable Finance Disclosure Regulation (SFDR) by late 2025. This initiative aims to reduce complexity and compliance costs while improving clarity and effectiveness of ESG disclosures. The revision could introduce clearer definitions, streamlined requirements, and simplified sustainability product categories. These updates respond to stakeholder feedback highlighting legal ambiguities, data issues, and the risk of greenwashing. The goal is to enhance comparability of financial products, support sustainable investments, and better align with the EU’s green transition objectives. | |
European Union | ESMA | Draft Technical Standards for ESG Rating Regulation Implementation | The European Securities and Markets Authority (ESMA) opened consultation on technical standards under the new EU ESG Rating Regulation. These standards cover applications for authorisation or recognition, separation of activities, and disclosure obligations. They aim to ensure transparency, comparability, and independence in ESG ratings. Key measures include stricter conflict-of-interest safeguards, structured disclosures, and clarity on organisational requirements. The final standards will be submitted to the European Commission by October 2025. Public comments are invited until 20 June 2025. | |
Gurnsey | GFSC | The Guernsey Financial Services Commission (GFSC) has revised its AML/CFT handbook. It now provides updated rules for Virtual Asset Service Providers (VASPs). These rules align with FATF’s global standards. VASPs must hold a Part III license under the Lending, Credit and Finance Law 2022. New guidance also applies to businesses indirectly exposed to virtual assets. This includes cases where customers’ funds originate from crypto-related activities. The updates aim to address cross-border risks and anonymity features in the virtual asset sector | ||
Malaysia | PDP | Malaysia’s Personal Data Protection Commissioner has released Version 1.0 of the Cross-Border Personal Data Transfer Guidelines. The guidelines clarify compliance conditions under Section 129 of the Personal Data Protection Act 2010. They outline requirements for lawful data transfer abroad, including consent, adequacy assessments, contractual clauses, and certification. Data controllers must now document due diligence and maintain transfer records. These changes aim to strengthen Malaysia’s cross-border data protection standards. | ||
Mauritius | FSC | The Financial Services Commission of Mauritius has issued the 2025 Treasury Management Rules. These rules establish licensing requirements for entities managing treasury functions. Covered activities include liquidity management, FX risk hedging, strategic treasury advice, and intercompany loans. Only licensed entities may perform these tasks commercially. The rules also mandate weekly transaction reporting. The regulation prohibits unlicensed FX dealing, reinforcing compliance under the Banking Act 2004. | ||
South Africa | Reserve bank | Discussion Paper on the Proposed Approach to the Designation of Market Infrastructures, Exchanges and Payment Systems | The South African Reserve Bank has opened public consultation on its proposed approach to identifying systemically important financial institutions (SIFIs). The discussion paper outlines indicators and judgment criteria to assess the systemic risk posed by market infrastructures, exchanges, and payment systems. The framework aligns with the Financial Sector Regulation Act, which grants the SARB powers upon SIFI designation. Stakeholders have until 30 June 2025 to submit comments. | |
United Kingdom | BOE | The UK PRA has proposed stronger rules for managing climate-related risks. Firms must embed climate risks into governance, strategy, and capital planning. They must also improve scenario analysis and climate disclosures. These updates aim to make risk management more forward-looking and resilient to climate threats. The PRA plans to incorporate these expectations into supervisory assessments from 2026. | ||
United Kingdom | FCA | AI Live Testing to Accelerate Safe AI Adoption in Financial Services | The UK’s Financial Conduct Authority (FCA) has proposed “AI Live Testing” as part of its AI Lab to support responsible AI deployment. This initiative will help firms test AI models in live market settings under regulatory guidance. The FCA aims to foster innovation while ensuring consumer protection, fairness, and market integrity. It will offer regulatory support, including waivers and guidance, to eligible firms with proven AI solutions. The program seeks to build confidence in AI, mitigate risks like bias, and enhance transparency through shared evaluation frameworks. A final report will follow, after the initial 12-month testing phase. | |
United States | CPPA | The California Privacy Protection Agency (CPPA) and UK Information Commissioner’s Office (ICO) have formalised a new partnership to boost cross-border privacy enforcement. The agreement supports joint research, knowledge-sharing, and coordinated responses to emerging data protection issues. Both agencies aim to align practices in overseeing technologies that impact privacy rights. This move deepens CPPA’s growing network of international collaborations and reinforces its commitment to global privacy governance. The declaration enables mutual support to uphold consumer data rights across jurisdictions more effectively. | ||
Banking | Chile | CMF | Chile’s Financial Market Commission (CMF) launched a public consultation on revised rules for banking customer service channels. The proposal aligns regulations with updates from the Fintech Law (Law No. 21.521) to Articles 37 and 38 of the General Banking Law. It outlines minimum service hours, operational requirements, and standards for physical and digital attention channels. Banks can extend service hours based on internal cost-benefit analysis. The update also enforces the removal of the December 31st bank holiday. This move supports regulatory modernization and improved customer service standards. | |
European Union | EBA | Technical Amendments to Real Estate Risk Weight and LGD Standards | The European Banking Authority (EBA) launched a consultation on draft technical standards under Article 124(11) of the CRR. The proposal updates Delegated Regulation (EU) 2023/206 to align with the new CRR3 legal framework. It clarifies references and terminology but keeps the core risk assessment factors and methodologies unchanged. This ensures regulatory consistency while adjusting to terms like “LGD input floor values” for individual exposures. The amendments maintain robust macroprudential oversight of property-secured lending risk. | |
European Union | European Union | Stable Funding Rules Preserved to Safeguard Liquidity in Securities Financing Markets | The Council of the EU approved a mandate to amend CRR (Regulation 575/2013), maintaining current Net Stable Funding Ratio (NSFR) requirements for short-term securities financing transactions (SFTs). Originally, stable funding factors were set to rise by June 2025. However, concerns about market liquidity—especially for sovereign debt—prompted a reversal. The amendment avoids unintended costs, preserves a level playing field with global peers, and mandates EBA to reassess every five years. This ensures continued regulatory stability without disrupting collateral markets. | |
Global | UNEPFI | The UN Environment Programme Finance Initiative (UNEP FI) published new guidance to help banks engage responsibly in policy making. The document outlines best practices for aligning policy engagement with sustainability goals under Principle 4 of the Principles for Responsible Banking. It emphasizes transparency, governance, and proactive engagement to support sustainable finance. Key recommendations include disclosing lobbying activities, managing trade association alignment, and integrating policy engagement across governance structures. The guidance supports banks in shaping enabling policy environments for sustainable and inclusive economies. | ||
Hong Kong | HKMA | Second Cohort of Generative A.I. Sandbox for Banking Innovation | The Hong Kong Monetary Authority (HKMA) has opened applications for its second Generative A.I. Sandbox. The initiative supports banks in testing A.I. solutions under controlled conditions. A new “Collaboratory” feature will pair banks with fintech firms to co-create prototypes. This aims to solve real-world banking challenges using A.I. Selected projects must embed strong A.I. safety validations and governance mechanisms. Applications close on 31 August 2025, with announcements expected in Q4. | |
New Zealand | RBNZ | The Reserve Bank of New Zealand has published exposure drafts for five core prudential standards under the Deposit Takers Act 2023. These standards cover capital adequacy, liquidity, governance, risk management, and disclosure. The aim is to enhance resilience and transparency across all licensed deposit takers. The drafts introduce a single integrated framework, replacing multiple existing regimes. The Bank seeks feedback on the proposals by July 2025, with phased implementation starting mid-2028. | ||
Investment | European Union | ESMA | Final Guidelines to Combat Market Abuse in Crypto Under MiCA | ESMA published final guidelines to help national authorities prevent and detect market abuse under the Markets in Crypto-Assets Regulation (MiCA). The guidance outlines risk-based supervision, proportionality, and consistent practices across EU jurisdictions. It also addresses crypto-specific risks like social media manipulation and cross-border abuse. Authorities must enhance surveillance, promote market integrity, and improve coordination with other regulators. These measures aim to build a robust, harmonised supervisory culture for crypto asset markets under MiCA. |
European Union | European Commission | The European Commission adopted technical standards under MiCA to combat market abuse in crypto-asset trading. These rules mandate crypto firms to monitor transactions, detect irregularities, and submit suspicious transaction and order reports (STORs). Firms must implement proportionate systems, train staff, and ensure human oversight in surveillance. The standards also cover procedures for cross-border coordination between regulators to manage abuse in decentralized markets. | ||
United Kingdom | FCA | The UK Financial Conduct Authority (FCA) released a Discussion Paper (DP25/1) detailing its evolving regulatory approach to crypto assets. It explores future rules for trading platforms, intermediaries, lending, borrowing, staking, and DeFi. The FCA aims to ensure market integrity, consumer protection, and international competitiveness. Feedback is invited on proposals including best execution standards, trading admission rules, and conduct obligations. This work lays groundwork for a formal consultation in Q2 and Q3 2025, aiming to bring crypto activities under the Regulated Activities Order (RAO) regime |
Staying on top of these rapidly shifting regulatory priorities is no small task, especially when updates span multiple regions and policy domains. FinregE simplifies this complexity through AI-driven compliance solutions that deliver real-time regulatory intelligence, automate horizon scanning, and streamline impact analysis. Our tools empower compliance teams to stay proactive, reduce manual effort, and align internal processes with evolving legal obligations—ensuring confident, future-ready compliance management. Book a demo today.
