The Payments Newsletter including Digital Assets & Blockchain, August 2025

European Union: ECJ ruling on PSP liability for unauthorised transactions and late PSU notification

On 1 August 2025, the European Court of Justice (ECJ) ruled on the effect and interaction of Articles 56, 58, 60 and 61 of PSD1 that determine payment service provider (PSP) liability for unauthorised transactions (Case C‑665/23, IL v Veracash SAS).

The ECJ confirmed that a payment service user (PSU) is deprived of the right to reimbursement for an unauthorised transaction if:

• they fail to notify without undue delay upon becoming aware of it; or
• notification occurred outside the 13-month time limit after the debit date.

The 13-month long-stop doesn’t "cure" a late notification, rather it provides legal certainty as to the length of time for which a PSP is potentially liable. The "without undue delay" requirement serves a preventive purpose, encouraging prompt notification to minimise potential losses (the extent to which a notification is late will depend on the facts in the case).

However, in cases involving lost, stolen or misappropriated payment instruments, a payer cannot be penalised for delayed notification unless they acted fraudulently or with gross negligence (which must be "a serious breach of a duty of care" given the payer's circumstances).

In the case of successive unauthorised transactions, the Court held that the payer would only be deprived of reimbursement for specific transactions they delayed in notifying with intent or gross negligence, not all transactions.

In connection with this last point, the ECJ appears to have differed from the earlier Advocate General’s opinion in this case which provided that in the event of losses relating to unauthorised transactions which the payer notified late with intent or gross negligence, the payer is deprived of the right to reimbursement in relation to all unauthorised transactions (reasoning that the loss of such a right for only some transactions would undermine the objective of encouraging the payer to notify the PSP without undue delay, the "preventive" purpose connected to such notification, and there being "consequences" for such behaviour).

Whilst the ruling related to requirements introduced by PSD1, these requirements were retained in PSD2 and continue to remain in the drafts for the PSR as part of PSD3.

For more on the ECJ’s ruling, take a look at this Our Thinking article.

United States: CFPB to revise open banking rule

On 29 July 2025, the U.S. Consumer Financial Protection Bureau (CFPB) confirmed in a motion to stay filed in the U.S. District Court for the Eastern District of Kentucky that it will substantially revise the open banking rule adopted in 2024 under the Biden administration. The filing led the court to pause ongoing proceedings brought by banking associations to block the rule.

The 2024 rule was introduced under section 1033 of the Dodd-Frank Act. It was designed to give consumers greater control over their financial data by requiring banks to provide third parties with access, free of charge, when authorised by the consumer. The aim was to increase competition, reduce costs, and make it easier for customers to switch between providers.

In its filing, the CFPB said it would restart the rulemaking process under an accelerated timetable, with a new proposal expected within three weeks. The CFPB explained that a more detailed justification is needed and that recent market developments warrant reopening the rule. While the bureau did not set out which provisions will change, the original rule has been challenged on grounds including the allocation of liability for data misuse, the prohibition on charging fees for data access, and the scope of third-party data sharing. These issues are therefore expected to be central to the review.

The decision means that implementation timetables, which were due to begin in 2026 for the largest institutions, are likely to be delayed.

United Kingdom: FCA publishes policy statement on safeguarding regime for payments and e-money firms

On 7 August 2025, the FCA published policy statement PS25/12 setting out final rules and guidance on changes to the safeguarding regime for payments and e-money firms. The publication follows the FCA’s September 2024 consultation (CP24/20), which proposed a two-stage approach: a Supplementary Regime to improve compliance with existing requirements and a Post-Repeal Regime to be considered later.

Key changes in the Supplementary Regime include:

• Daily safeguarding reconciliations (excluding weekends and public holidays);
• A threshold of £100,000 in relevant funds below which firms are not required to arrange an annual safeguarding audit;
• Removal of limited assurance audits for firms holding no relevant funds; and
• An extended implementation period of nine months.

The Supplementary Regime rules are set out in the Payment and Electronic Money (Safeguarding) Instrument 2025 (FCA 2025/38), which will come into force on 7 May 2026. The FCA also published a draft version of its updated Payment Services and E-Money Approach Document to reflect the new regime.

The FCA has confirmed it will not proceed with proposals for the Post-Repeal Regime at this stage but will revisit the issue once the Supplementary Regime has been implemented and reviewed.

Take a look at this Our Thinking article for more on the FCA’s policy statement.

United Kingdom: FCA publishes feedback statement on design of Future Entity for open banking

On 8 August 2025, the FCA published a feedback statement FS25/4 following the Joint Regulatory Oversight Committee’s (JROC) 2024 proposals on the design of the Future Entity for UK open banking.

The FCA confirms that it no longer intends to establish an interim entity. Subject to future legislation, the Future Entity is expected to act as the primary standard-setting body for open banking APIs in the UK. Its responsibilities will include setting common standards to ensure interoperability, monitoring API performance, providing directory and certification services, and working with multilateral agreement operators to support commercial schemes.

The Future Entity will operate on a not-for-profit basis as a company limited by guarantee, with board appointments made by an independent committee. It will not be a public body and will not have enforcement powers, though its role could expand into open finance in future.

The FCA intends to hold workshops with industry during the summer and autumn and will provide an update on the establishment of the Future Entity by the end of 2025.

United Kingdom: Data (Use and Access) Act 2025 (Commencement No 1) Regulations 2025 made

The Data (Use and Access) Bill received Royal Assent on 19 June 2025 to become the Data (Use and Access) Act 2025. The Explanatory Notes to the Act have also been published. The Act provides powers to enable the establishment of “smart data” schemes to continue the UK Open Banking scheme and extend its benefits in an Open Finance scheme, with Part 1 (Access to customer data and business data) of the Act coming into force on 20 August 2025 under the Data (Use and Access) Act 2025 (Commencement No. 1) Regulations 2025 which were made on 21 July 2025.

United Kingdom: Government publishes updated guidance on exemptions from money laundering obligations in POCA

On 31 July 2025, the government published updated guidance setting out its position on exemptions relating to money laundering obligations in the Proceeds of Crime Act 2002 (POCA), as amended by the Serious Organised Crime and Police Act 2005, the Proceeds of Crime (Money Laundering) (Threshold Amount) Order 2022, the Economic Crime and Corporate Transparency Act 2023 (ECCTA), and the Proceeds of Crime (Money Laundering) (Threshold Amount) (Amendment) Order 2025.

A person may be liable for one of the three principal money laundering offences under sections 327-329 of POCA where they deal in certain ways with criminal property. There are exemptions for certain businesses in the regulated sector (as defined in Part 1 of Schedule 9 to POCA) in certain circumstances to the principal money laundering offences as set out in those sections:

• The operating an account exemption, which applies to a deposit-taking body, electronic money institution or payment institution, and can be found in s.327(2C); s.328(5); s329(2C).
• The paying away exemption, which applies to persons carrying on business in the regulated sector and can be found in s.327(2D); s.328(6); s.329(2D).
• The mixed property exemption, which applies to persons carrying on business in the regulated sector and can be found in s.327(2F)-(2G); s.328(8-9), s329(2F)-(2G).

Where these exemptions do not apply, a person can avoid committing money laundering offences by first submitting an authorised disclosure (a defence against money laundering (DAML) suspicious activity report (SAR)) to the National Crime Agency (NCA) and receiving consent or deemed consent to proceed.

The Proceeds of Crime (Money Laundering) (Threshold Amount) (Amendment) Order 2025 raised the threshold amount for two of these exemptions from £1,000 to £3,000. The threshold amount is the value of criminal property below which a regulated business can carry out a transaction without submitting a DAML. On 31 July 2025, the threshold amount specified in section 339A of POCA increased from £1,000 to £3,000 for acts by banks and payment institutions in operation of an account. The threshold amount also increased from £1,000 to £3,000 for acts carried out by all regulated businesses when they end a relationship with a customer and pay away property for this purpose below the threshold.

Take a look at this Our Thinking article for more on this development.

Canada: Real-Time Rail build enters testing phase

On 31 July 2025, Payments Canada confirmed that the technical build of its Real-Time Rail (RTR) payments system is close to completion, with testing due to begin in the autumn. RTR is part of the country’s multi-year payments modernisation programme and will enable 24/7 instant payments using ISO 20022 messaging standards.

Testing will cover operational readiness, user acceptance and security. No go-live date has been set, but the RTR launch will follow successful completion of these tests.

United Kingdom: Bank of England consults on longer RTGS and CHAPS operating hours

On 29 July 2025, the Bank of England (BoE) published a consultation paper (CP) on proposals to extend Real-Time Gross Settlement (RTGS) and CHAPS operating hours. The CP follows the BoE’s 2024 discussion paper on settlement hours, and June 2025 remarks at the UK Finance Digital Innovation Summit regarding the need to continue to transform the UK’s payments infrastructure to support innovation and resilience. Specifically, the CP focuses on the BoE’s proposal to open CHAPS for settlement at 01:30 UK time. However, the CP also seeks early views on expanding the CHAPS contingency window and offering settlement in the BoE’s re-designed RTGS system (known as RT2) during certain bank holiday weekends.

The deadline for responses to this Phase 1 CP is 21 October 2025. The BoE’s target implementation date for the Phase 1 CHAPS extension is, subject to consultation feedback, no earlier than H2 2027. The BoE also anticipates publishing a Phase 2 consultation paper during early 2026.

For more on this development, take a look at this Our Thinking article.

Singapore: MAS sets timeline to phase out corporate cheques

On 28 July 2025, the Association of Banks in Singapore (ABS) announced the launch of Electronic Deferred Payment (EDP) and EDP+ to support the transition from cheques to digital payments.

The solutions, developed with Singapore’s seven domestic systemically important banks, are designed for common deferred payment use cases such as supplier invoices, rental deposits and property option fees. Both products provide real time updates to payers and payees. EDP deducts funds only when the payee presents the payment request, while EDP+ deducts funds immediately upon issuance to give stronger assurance of settlement.

The launch supports the phase out of Singapore dollar corporate cheques, with banks set to stop issuing cheque books from January 2026 and to stop processing cheques from January 2027.

India: New UPI rules take effect from 1 August 2025

From 1 August 2025, new rules on Unified Payments Interface (UPI) transactions apply, following guidance issued by the National Payments Corporation of India (NPCI) on 21 May 2025 that required implementation by 31 July 2025.

The measures introduce limits on the number of balance enquiries and account list requests that users can make per day, and restrict the timing and number of retries for autopay mandate executions. The NPCI has stated that non-compliance may lead to penalties, restrictions on API access, or suspension of new customer onboarding.

United Kingdom: Bank of England publishes new webpage on National Payments Vision

On 13 August 2025, the Bank of England (BoE) published a new webpage on the National Payments Vision (NPV).

The BoE sets out more information on the timings for the work to be undertaken by the Payments Vision Delivery Committee (PVDC) in H2 2025, expanding on the July 2025 announcements made by it and HM Treasury (see the July edition of the Newsletter). This includes the fact that in September this year the BoE will publish further communications on the establishment of the Retail Payments Infrastructure Board (RPIB) and the application process for membership of the RPIB. In the same month, the BoE, HM Treasury, the FCA and the Payment Systems Regulator (PSR) will engage with members of the Vision Engagement Group (VEG) to discuss the PVDC's strategy.

The BoE has also published a new webpage on the VEG, which provides information on the VEG's membership.

United Kingdom: PSR publishes policy statements setting out its decisions to revoke Specific Directions 2 and 2a, and 4 and 4a

On 14 August 2025, the Payment Systems Regulator (PSR) published two policy statements:

• PS25/7, which sets out its decision to revoke Specific Direction 2 and 2a; and
• PS25/6, which sets out its decision to revoke Specific Direction 4 and 4a.

Following consultations in May 2025, the PSR has decided to revoke Specific Directions 2 (and 2a, which varies 2) and 4 (and 4a, which varies 4), requiring all central infrastructure relating to Bacs and LINK respectively, to be procured through a competitive process.

The PSR has justified revoking Specific Directions 2 and 2a by referring to creating a better environment for delivering the National Payments Vision, as it will enable better flexibility in procurement. This comes into effect from 27 August 2025. See the relevant Specific Direction here.

The PSR has justified revoking Specific Directions 4 and 4a through its analysis that such a structure is unlikely to produce good outcomes for the operation of the UK ATM network. Continuing with a competitive procurement process is likely to increase costs and creates uncertainty. Removing this uncertainty will encourage LINK and its members to invest and innovate more. This comes into effect from 25 August 2025. See the relevant Specific Direction here.

The Payments Vision Delivery Committee (PVDC) is due to publish a strategy for retail payments in Q3 2025, and the Payments Forward Plan by the end of the year. The revocation of these Specific Directions should enable the PVDC to have more freedom to innovate in its plans.

United Kingdom: CMA consults on proposal to release retained SME banking undertakings

On 13 August 2025, the Competition and Markets Authority (CMA) published a consultation on its proposed decision that the limitation on bundling provisions in the 2002 small and medium-sized enterprises banking undertakings (SME Undertakings), which are the only provisions in the undertakings that remain in force, is no longer appropriate and should be released.

On 2 April 2025, the CMA launched a review of this limitation. It has provisionally concluded that, since the SME Undertakings were introduced, there have been changes to the competitive landscape, customer behaviour and regulation (enabling the granting of more banking licences, the introduction of Open Banking, and the introduction of the Small and Medium Sized Business (Credit Information) Regulations 2015). Taken together, these changes indicate a greater degree of competition and availability of choice for consumers in relevant SME banking markets than in 2002, and would prevent any of the bound banks from materially adversely affecting competition in relevant SME banking markets were the limitation on bundling provisions to be released and any of the bound banks to engage in the conduct currently prohibited by it.

The consultation closes on 3 September 2025. The CMA plans to publish its final decision in autumn 2025.

United Kingdom: FCA publishes findings from review of digital design in customers’ online journeys

As part of the FCA's ongoing commitment to share more information on how firms are embedding the Consumer Duty, on 31 July 2025 it published the results of its multi-firm review of digital design in customers' online journeys. The findings relate to consumer credit providers, but the FCA makes it clear that they are relevant to all regulated firms with a digital presence. Some key themes are:

• the importance of designing digital customer journeys to meet target customers’ needs (including identification and support of vulnerable customers);
• use of positive friction to drive good outcomes; and
• use of testing and analysis of the ‘significant amounts of data’ generated by digital journeys to help improve their design and customer outcomes.

The FCA intends to continue to monitor firms' approaches to digital journeys and app design. It will also consider how the design of digital products and services offers the required level of support and customer understanding when it engages with firms about the Consumer Duty.

For more on this development, take a look at this Our Thinking article.

United Kingdom: HM Treasury publishes policy statement on appointed representatives regime

On 11 August 2025, HM Treasury (HMT) published a policy statement setting out the government's overall policy approach for regulation of appointed representatives (ARs) carrying on regulated financial services activity in the UK and outlining two ‘targeted' reform proposals that will be taken forward which are:

• Introduction of a principal permission: Authorised firms wishing to use ARs will need to first obtain permission from the FCA – that is, obtain a formal permission from the FCA to act as principal. Section 39 of the Financial Services and Markets Act 2000 (FSMA) would be amended to make the exemption for ARs conditional on the principal first having obtained the FCA’s permission. Firms who already act as principal will not be required to apply for the new permission – which suggests that there will be some kind of grandfathering arrangement.
• Extension of FOS' compulsory jurisdiction to ARs: Consumers will be able to take a complaint to the Financial Ombudsman Service (FOS) if they are unable to resolve a dispute involving an AR in a situation where the authorised firm is not responsible for the issue in dispute (e.g. because the scope of the AR’s appointment by the principal does not cover the activities complained of).

The section 39 FSMA amendment will require primary legislation, so exact timing will be subject to Parliamentary priorities in the legislative programme. The government, working with the FCA, will develop a detailed proposal for design and implementation of the principal permission and will consult on the proposal in due course. The government will also consult on a detailed proposal for the extension of the FOS jurisdiction to ARs in due course.

Take a look at this Our Thinking article for more on this development.

Italy: Bank of Italy extends AML Regulations to CASPs

On 25 July 2025, the Bank of Italy adopted a Provvedimento amending its Regulation on customer due diligence and its Regulation on organisation, procedures and internal controls, formally extending their scope to cryptoasset service providers (CASPs). This means CASPs are now subject to the same anti-money laundering (AML) obligations as banks and financial intermediaries, covering governance, customer due diligence, internal procedures and controls, and periodic reporting to the Bank of Italy. The amendments will enter into force 60 days after their publication in the Official Journal.

See this Our Thinking article for further analysis.

This latest step follows a series of developments at EU and national level:

• May 2023 – Regulation (EU) 2023/1113 on information accompanying transfers of funds and certain cryptoassets (the TFR) was adopted, extending the “Travel Rule” to crypto transfers and bringing CASPs within the EU AML framework.
• December 2024 – Italy amended Legislative Decree 231/2007 (the Italian AML Decree) to implement the TFR, designating the Bank of Italy as AML supervisor for CASPs.
• January 2025 – the Bank of Italy launched a public consultation on extending its AML Regulations to CASPs, seeking feedback on how best to adapt rules on customer due diligence, governance, internal controls, and reporting to this new category of entities. See our previous Our Thinking article for details of the consultation.
• 25 July 2025 – the Bank of Italy adopted the amending measure following the consultation.

United Kingdom: HM Treasury publishes response to consultation on improving effectiveness of Money Laundering Regulations

On 17 July 2025, HM Treasury (HMT) published a response to its March 2024 consultation paper on improving the effectiveness of the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 (MLRs). In the response, HMT confirms that it intends to make changes to a number of areas including registration and change of control for cryptoasset service providers (CASPs). HMT plans to publish the draft statutory instrument (SI) in the coming months for technical feedback before laying the SI in Parliament later in 2025, if parliamentary time allows. HMT also sets out why it considers it more appropriate to pursue non-legislative means (eg improvements to sectoral guidance) to address other issues on which it consulted.

United Kingdom: OFSI publishes cryptoassets threat assessment

On 21 July 2025, the United Kingdom Office of Financial Sanctions Implementation (OFSI) published a threat assessment on cryptoassets, covering compliance risks observed between January 2022 and May 2025. The report aims to help cryptoasset firms apply a risk-based approach to sanctions compliance and highlights common vulnerabilities.

Key findings are:

• OFSI assesses it is almost certain United Kingdom cryptoasset firms have under reported suspected sanctions breaches since August 2022, when they became obliged to report.
• Most non-compliance is inadvertent, arising from direct or indirect exposures to designated persons and delays in attribution, which in turn have led to failures to implement asset freezes.
• United Kingdom firms are highly likely to have been exposed to the Russian exchange Garantex, designated in 2023, and continue to face risks from its successor platforms.
• There is a high risk of targeting by Democratic People’s Republic of Korea linked hackers and information technology workers, including attempts to steal or launder cryptoassets.
• United Kingdom firms are also likely to be facilitating transfers to Iranian cryptoasset firms with suspected designated person links.

The report includes red flags and recommendations to strengthen compliance, emphasising the need for timely reporting to OFSI and, where relevant, to the FCA and the National Crime Agency.

Russia accounts for over 90 per cent of cryptoasset related suspected breach reports made to OFSI since 2022, with Iran accounting for the remaining 10 per cent.

This assessment is part of OFSI’s series of sector specific publications on sanctions compliance risks.

European Union: Delegated Regulation on RTS on market abuse under MiCA published in OJ

On 20 August 2025, Commission Delegated Regulation 2025/885, supplementing the Regulation on markets in cryptoassets ((EU) 2023/1114) (MiCA) with regard to regulatory technical standards (RTS) relating to market abuse, was published in the Official Journal of the European Union (OJ). The RTS specify:

• The arrangements, systems and procedures to prevent, detect and report market abuse;
• The templates to use for reporting suspected market abuse; and
• The co-ordination procedures between the competent authorities for the detection and sanctioning of market abuse in cross-border market abuse situations.

The Delegated Regulation will enter into force on 9 September 2025 (ie, 20 days after its publication in the OJ).

European Union: EBA publishes opinion on money laundering and terrorist financing risks affecting EU financial sector

On 28 July 2025, the EBA published its fifth opinion on the risks of money laundering (ML) and terrorist financing (TF) that are affecting the EU's financial sector. Points of interest include:

• Since the EBA's fourth opinion was published in 2023, the rapid development of financial technologies and new financial products (such as cryptoassets), together with the growing interconnectedness of financial products and services across different sectors, have introduced new vulnerabilities into the ML/TF risk landscape for the financial sector.
• Many FinTech firms lack the expertise and governance structures needed to identify and deal with ML/TF risks effectively. Key concerns include exposure to cybercrimes, outsourcing without effective oversight and inadequate customer due diligence controls.
• The risk of cryptoasset services being abused for financial crime purposes remains high during the transition to the new regulatory framework for cryptoasset service providers under the Regulation on markets in cryptoassets (MiCA).
• New risks have arisen from the use of AI for ML and fraud. Financial institutions face challenges in detecting AI-driven attacks and will need to consider their own use of advanced technologies and specialised expertise. The EBA emphasises the need for responsible AI deployment, supported by robust governance, staff training and real-time monitoring capabilities.

Hong Kong: Stablecoin licensing regime takes effect

On 1 August 2025, Hong Kong’s Stablecoins Ordinance came into force, formally commencing the mandatory licensing regime for fiat-referenced stablecoin issuers. The Ordinance requires issuers to obtain a licence from the Hong Kong Monetary Authority (HKMA) and comply with requirements on reserves, redemption, governance and anti-money laundering. It is now also a criminal offence to issue, offer or promote unlicensed stablecoins to the public, punishable by fines of up to HK$50,000 and six months’ imprisonment.

As highlighted in our July edition, the licensing regime is a core element of Hong Kong’s broader digital asset strategy. The HKMA has confirmed that approvals will follow a cautious, phased approach, with only a handful of licences expected to be granted initially and no approvals likely before 2026. Applicants will need to demonstrate strong governance, robust reserve and redemption arrangements, and effective anti-money laundering compliance.

Indonesia: New crypto tax rules take effect

On 1 August 2025, Indonesia’s Ministry of Finance Regulation No. 50/2025 entered into force, overhauling the tax framework for cryptoasset transactions. The new regime removes VAT on the transfer of crypto (reclassified as securities), but requires service providers such as exchanges and wallets to collect VAT on their services.

At the same time, the final income tax rate on crypto sales has more than quadrupled: domestic transactions now attract 0.21 per cent of transaction value (up from 0.05 per cent), while offshore transactions are subject to a 1 per cent rate (up from 0.1 per cent). Starting in the fiscal year 2026, crypto miners will transition from a 0.1% final income tax to being taxed under normal individual or corporate income tax rates.

United Kingdom: FCA opens retail access to crypto ETNs

On 1 August 2025, the FCA confirmed that retail consumers will be able to access crypto exchange traded notes (cETNs), reversing the ban first introduced in January 2021.

From 8 October 2025, firms will be permitted to offer cETNs to retail investors, provided the products are traded on an FCA-approved UK Recognised Investment Exchange. Financial promotion rules and the Consumer Duty will apply, although the Financial Services Compensation Scheme will not cover such products.

The FCA explained that the market for cETNs has matured and products are now better understood, which justifies allowing retail access subject to safeguards. The ban on retail access to crypto derivatives remains in place.

This follows the FCA’s June 2025 consultation on lifting the ban, highlighted in our June edition, and forms part of the authority’s wider roadmap for crypto regulation alongside recent proposals on stablecoins.

South Korea: Bank of Korea creates new crypto unit and restructures CBDC department

According to a local news report, the Bank of Korea (BOK) has established a dedicated Cryptoassets Department within its Payment and Settlement Bureau as part of a broader organisational reshuffle. The move comes amid growing debate around the potential introduction of a won-denominated stablecoin.

As of 31 July 2025, the BOK has also renamed its Digital Currency Research Department to the Digital Currency Department, signalling a shift from research to operational responsibilities. The department’s internal teams have been restructured: the Technology Team will oversee digital currency research and data protection measures, while the new Infrastructure Team will manage initiatives such as deposit-token-based voucher platforms and testbeds for tokenised payments.

The creation of the Cryptoassets Department is intended to strengthen monitoring of the stablecoin market and legislative developments. The reorganisation reflects the BOK’s dual focus on continuing central bank digital currency (CBDC) work while preparing for policy debates around privately issued stablecoins.

Vietnam: E-wallets recognised as official means of payment

From 1 July 2025, electronic wallets have been formally recognised in Vietnam as an official means of payment, equivalent to bank accounts, cards and cash. According to a local media report, the announcement was made by the Director of the Payment Department at the State Bank of Vietnam during a press briefing in Ho Chi Minh City.

Reportedly, the change follows revisions to Circular No. 40 on intermediary payment services, intended to provide greater flexibility for providers and support the expansion of digital payments. Users will be able to transfer funds between wallets and between wallets and bank accounts without transactions needing to be routed through a linked account. A further revised version of Circular No. 40 is expected to take effect on 1 September 2025.

South Korea: Regulators to issue guidelines on crypto lending services

On 31 July 2025, a local news website reported that South Korea’s Financial Services Commission (FSC) and Financial Supervisory Service (FSS) had set up a task force with the Digital Asset eXchange Alliance and five domestic exchanges to develop guidelines for cryptoasset lending services.

The guidelines, expected in August, will cover matters such as leverage limits, eligible users and assets, disclosure and risk warnings, suitability principles, transparency of lending activity, and minimum internal control standards. The authorities have also asked exchanges to review high-risk or legally uncertain services. The framework will form part of the next phase of South Korea’s digital asset legislation.

Nigeria: SEC signals openness to stablecoin businesses

On 24 July 2025, TheCable reported remarks by the Director-General of the Securities and Exchange Commission (SEC), delivered at the Nigeria Stablecoin Summit in Lagos. Although TheCable attributes the content to the News Agency of Nigeria (NAN), no NAN article is currently accessible.

According to the report, the Director-General said Nigeria is prepared to accommodate stablecoin businesses, provided they comply with the country’s regulatory framework. He referred to the Investment and Securities Act 2025 as the legal basis for oversight of stablecoins and other digital assets, and noted that the SEC has already admitted firms into its regulatory sandbox to test stablecoin applications.

Philippines: SEC warns against unregistered crypto platforms

On 4 August 2025, the Securities and Exchange Commission of the Philippines (SEC) published an advisory warning that a number of offshore platforms continue to provide cryptoasset services to local users without the required registration.

The SEC highlighted that under Memorandum Circulars No. 4 and No. 5 (2025), any person or entity offering, promoting or facilitating access to cryptoasset trading venues or intermediation services must be duly authorised. It cautioned that operating without approval is unlawful and exposes investors to significant risk.

The regulator said it would pursue enforcement measures, including cease and desist orders and criminal complaints, and confirmed that it is working with technology companies to restrict the availability of unlicensed services.

United States: Digital assets regulation – latest developments

GENIUS Act signed into law

As we report in our July edition, on 18 July 2025 the Guiding and Establishing National Innovation for U.S. Stablecoins (GENIUS) Act was signed into law, creating the first federal regime for payment stablecoins. It introduces a dual federal-state framework, reserve and disclosure requirements, eligibility for issuers and restrictions on marketing and yield. Implementation will follow through agency rulemaking. See this Our Thinking article for more detail.

House passes CLARITY Act; Senate consideration next

On 17 July 2025 the House of Representatives approved the Digital Asset Market Clarity (CLARITY) Act. The legislation would set out a clearer framework for digital asset markets and delineate agency roles. It now awaits consideration in the Senate.

House passes CBDC Anti-Surveillance State Act

On 17 July 2025, the House of Representatives also passed the CBDC Anti-Surveillance State Act, which would prohibit the Federal Reserve from issuing a central bank digital currency (CBDC) without explicit congressional approval. The bill now proceeds to the Senate.

White House issues report on crypto regulation

On 30 July 2025, the President’s Working Group on Digital Assets released its long-promised policy report setting out recommendations for the regulation of cryptocurrencies.

The report proposes:

• establishing a taxonomy of digital assets to distinguish between securities and commodities;
• dividing regulatory responsibilities so that the Commodity Futures Trading Commission (CFTC) oversees spot crypto markets, while the Securities and Exchange Commission (SEC) supervises securities-related activity;
• allowing banks to provide custody and digital asset services, with a streamlined process for bank charter applications;
• supporting the use of stablecoins to protect the role of the U.S. dollar in global finance, while urging Congress to pass the CBDC Anti-Surveillance State Act to prohibit central bank digital currency development; and
• creating tailored tax rules for cryptocurrencies, including staking, by recognising digital assets as a distinct asset class.

As part of the report, the Working Group also issued 18 recommendations directed at the CFTC. Four are specific to the agency: to clarify when cryptocurrencies are considered commodities; how registration requirements apply to decentralised finance platforms; what crypto activities CFTC-regulated entities may undertake; and whether to amend rules to accommodate blockchain-based derivatives. A further 16 recommendations involve joint action with other regulators, including the SEC and the Treasury.

SEC launches “Project Crypto” to update securities rules

On 31 July 2025, following the release of the above report, the U.S. Securities and Exchange Commission (SEC) published a speech by SEC Chairman Paul S. Atkins announcing the launch of “Project Crypto,” a Commission-wide initiative to modernise securities rules so that American financial markets can operate on-chain.

Speaking in Washington, D.C., Chairman Atkins said the project supports President Donald Trump’s ambition for the United States to become the “crypto capital of the world”.

Under the initiative, SEC staff will draft rules on the distribution, custody and trading of cryptoassets. The Commission also intends to use its interpretive and exemptive powers to remove outdated provisions and to revise its rulebook.

Chairman Atkins compared the move to earlier turning points in U.S. market infrastructure, such as the creation of central clearing systems and the shift to electronic trading. He emphasised that the U.S. must not only adapt to the digital asset revolution but actively lead it.

CFTC begins “crypto sprint” with SEC

On 1 August 2025, the Commodity Futures Trading Commission (CFTC) announced the launch of a “crypto sprint” to begin implementing the President’s Working Group recommendations on digital asset markets.

Acting Chairperson Caroline D. Pham said the CFTC would work closely with SEC Chairman Paul Atkins and Commissioner Hester Peirce to support “Project Crypto” and deliver regulatory clarity.

The agency highlighted steps already taken, including hosting a first-ever Crypto CEO Forum, withdrawing outdated staff advisories, issuing updated guidance, and consulting on 24/7 trading and perpetual derivatives (both of which have since gone live on CFTC-registered markets).

Acting Chairperson Pham stated that these initiatives form part of the Administration’s objective to make the United States “the crypto capital of the world”.

CFTC launches consultation on spot crypto trading on registered exchanges

On 4 August 2025, the Commodity Futures Trading Commission (CFTC) announced an initiative to permit the listing of “spot crypto asset contracts” on CFTC-registered designated contract markets (DCMs), as part of the crypto sprint.

The CFTC is seeking public input on how existing requirements under section 2(c)(2)(D) of the Commodity Exchange Act and Part 40 of CFTC regulations apply to listing spot crypto contracts on a DCM. These provisions concern the regulation of leveraged retail commodity transactions and the rulemaking process for exchanges.

The consultation also invites comments on possible implications under securities law, in particular whether aspects of the SEC framework could apply to trading non-security assets that may fall within investment-contract analysis.

Stakeholders had until 18 August 2025 to submit feedback via the CFTC’s website.

United Arab Emirates: Mastercard and Zand partner on cross-border payments

On 14 August 2025, it was announced in a press release that Mastercard has entered into a strategic collaboration with Zand, an AI-powered FinTech and financial services group based in the United Arab Emirates (UAE).

The partnership will leverage Mastercard Move to support a range of cross-border transfers, including deposits into bank accounts and wallets, as well as cash pick-up services across multiple markets. Mastercard highlighted that the initiative will enhance financial inclusion and expand digital economy opportunities in the region.

Zand stated that the collaboration marks a milestone in its ambition to accelerate the use of AI, blockchain and payments technology in the UAE's financial services landscape.

Asia-Pacific: Payoneer partners with Stripe to expand online checkout offering

On 18 August 2025, according to a press release, Payoneer announced a partnership with Stripe to expand its online checkout offering for small- and medium-sized businesses (SMBs).

The collaboration will launch first in China and Hong Kong, and will enable SMBs to accept a wider range of payment methods, including Google Pay and Buy Now Pay Later options such as Klarna and Affirm.

Payoneer stated that the partnership builds on the growth of its Checkout product, which has reached nearly USD 1 billion in annual run-rate volume and USD 30 million in revenue over the past year.

United Kingdom: Bitpanda launches largest cryptoasset offering

On 14 August 2025, it was reported that European digital asset platform Bitpanda has launched in the UK, making more than 600 cryptoassets available to investors.

The launch follows regulatory approval from the FCA in February 2025 and gives UK users access to the platform's full suite of assets, including cryptocurrencies, tokens, indices and stablecoins. Bitpanda, which has over seven million users across Europe, has also introduced its B2B arm, Bitpanda Technology Solutions, to the UK market.

As part of the expansion, Bitpanda has signed a global partnership with Arsenal FC, naming the company as the club's official crypto trading partner.

Jordan: Jordan Islamic Bank partners with Mastercard on digital payments

On 21 July 2025, according to a press release, Jordan Islamic Bank (JIB) announced a collaboration with Mastercard to expand access to Shari'ah-compliant digital payment solutions.

Under the partnership, JIB will use Mastercard's payment technologies and advisory services to enhance its consumer card portfolio and strengthen its digital service channels. The initiative is intended to improve customer engagement and provide more accessible, secure and compliant payment options.

Both parties highlighted that the collaboration is designed to support financial inclusion in Jordan and contribute to the country's wider digital transformation efforts.

Zambia: Western Union partners with Chipper Cash on international money transfers

On 30 July 2025, Western Union Holdings, Inc. announced, via a press release, that it has partnered with Chipper Cash and its subsidiary Zoona Transactions to expand international money transfer services in Zambia.

The partnership allows users of the Chipper Cash app to send and receive funds through Western Union's global network covering more than 200 countries and territories. Zoona, acquired by Chipper Cash in 2022, already supports over five million customers across Africa and will integrate the service into its existing infrastructure.

Western Union noted that the initiative responds to increasing demand in Zambia for mobile-first financial services and is intended to broaden access to cross-border payment options.

Australia: Finmo goes live with Confirmation of Payee

On 4 August 2025, according to a press release, Finmo announced that it has gone live with Confirmation of Payee (CoP) in Australia.

The service, enabled by Australian Settlements Limited, allows Finmo to validate recipient account details at the point of initiation, checking the account name, number and BSB (which is a six-digit code identifying the recipient's bank and branch in Australia) before a payment is processed. The initiative aligns with the industry-wide CoP rollout led by Australian Payments Plus and supported by the New Payments Platform.

Finmo stated that adopting CoP reflects a proactive approach to compliance and fraud prevention, giving businesses greater confidence in payment processes. The launch follows the company's approval as a UK electronic money institution in July 2025, which expanded its ability to issue e-money and provide cross-border payment services.

United States: Verifone and PagBrasil launch International Pix payment solution

On 22 July 2025, according to a joint press release from Verifone and PagBrasil, the companies announced the launch of an in-store alternative payment method (APM) allowing Brazilian shoppers in the United States to pay in Brazilian reais using Pix.

The initiative follows an exclusive agreement granting Verifone the rights to offer PagBrasil's International Pix solution in the U.S. The integration, delivered through Verifone's hardware-agnostic APM API, enables merchants to accept Pix payments without upgrading existing systems.

The partners highlighted that the solution allows Brazilian customers to avoid foreign exchange fees and supports U.S. retailers by reducing processing costs and chargeback risk. The development comes as cross-border retail seeks to capture increased tourist spending from Brazil, one of the largest overseas visitor groups to the U.S. each year.

United Arab Emirates: RAKBANK launches retail crypto brokerage with Bitpanda

On 29 July 2025, RAKBANK announced that it has become the first conventional bank in the United Arab Emirates (UAE) to launch a retail crypto brokerage service, delivered in partnership with Bitpanda. The service, accessible via the RAKBANK mobile app, enables customers to buy, sell, and swap cryptocurrencies directly in UAE dirhams (AED).

The feature is operated through Bitpanda's platform, regulated in Dubai by the Virtual Assets Regulatory Authority (VARA) under Bitpanda Broker MENA DMCC, with additional authorisations in Europe. Transactions are executed in AED directly from customers' RAKBANK accounts, removing the need for foreign currency transfers or external exchanges.

The service is initially available by invitation only and will be expanded to more customers in the coming months.

Hungary: Revolut restores partial crypto services

On 29 July 2025, it was reported that Revolut has resumed limited cryptocurrency services in Hungary after suspending all activity earlier in the year due to stricter local rules.

Hungarian users can now stake digital assets and withdraw existing holdings to external wallets. However, core features such as new purchases, deposits, and transfers into the platform remain unavailable.

The move follows new legislation effective from 1 July 2025, which requires national licensing for all crypto services and introduces criminal penalties for unauthorised activity. According to the report, Revolut stated that it continues to monitor the regulatory environment while aligning its operations with forthcoming MiCA standards.

Revolut has also reportedly restricted access to new crypto services in several other EU markets, including the Netherlands, Finland, Latvia, and Slovenia, pending licensing approvals.

United States: PayPal unveils ‘Pay with Crypto' feature

On 28 July 2025, PayPal announced the launch of ‘Pay with Crypto', a new service that enables U.S. merchants to accept payments in more than 100 cryptocurrencies, including bitcoin, ethereum and stablecoins such as USDC.

The service allows instant conversion of crypto into fiat or stablecoin, with PayPal highlighting savings of up to 90% compared to traditional credit card processing fees. Merchants will also have the option to hold balances in PayPal USD (PYUSD) and earn 4% on funds kept on the platform.

The company said the feature aims to simplify cross-border commerce by connecting merchants to over 650 million crypto users worldwide, while reducing costs and improving settlement times. ‘Pay with Crypto' will be rolled out to U.S. businesses in the coming weeks.

United States: BNY uses Goldman Sachs blockchain platform to tokenize money market funds

On 23 July 2025, BNY and Goldman Sachs announced in a joint press release that BNY will use Goldman Sachs' GS DAP® blockchain to create mirrored tokenized records of ownership for select money market fund (MMF) shares, with subscriptions enabled via BNY's LiquidityDirect and Digital Asset platforms. Initial participants include BlackRock, BNY Investments Dreyfus, Federated Hermes, Fidelity Investments and Goldman Sachs Asset Management.

BNY will continue to maintain the official books, records and settlements for the funds while issuing mirror tokens on GS DAP®, a step the firms said is intended to expand MMFs' future utility (e.g., as collateral) and improve transferability.