The Payments Newsletter including Digital Assets and Blockchain, February 2025

STOP PRESS: EU payments: What's in the regulatory pipeline for 2025?

We have put together this publication looking at key topics that should be on the regulatory “to do” list for payments industry players in 2025. As well as highlighting upcoming compliance deadlines (for example under the European Accessibility Act and the Instant Payments Regulation), we also provide a snapshot of some existing areas of focus to be aware of – and some that are still taking shape (notably PSD3/PSR, the FiDA proposal and the digital euro project). 

Some other recent Hogan Lovells publications of particular relevance to digital assets developments include:

• The EU’s Markets in Crypto-Assets (MiCA) Regulation: a status update: We have produced an article summarising recently published Level 2 and Level 3 texts supplementing MiCA, as well as a tracker monitoring the status of all such texts. 
• A Tale of Two CBDCs: e-CNY v. Digital Euro: We have published an article that compares the People’s Bank of China’s digital yuan (e-CNY) with the digital Euro, its counterpart in the European Union, and explores the implications of the e-CNY’s current and planned use cases. It is the first in a series of articles exploring the development of CBDCs across the globe. 
• Comparative Guide: Regulating Staking: In our latest Comparative Guide, we give a brief overview of staking services, and relevant regulatory considerations.

You can sign up to receive our payments and digital assets related publications directly via the Our Thinking section of hoganlovells.com

United Kingdom: New Bill containing detailed new information and account direct deduction obligations for banks and EMIs introduced to Parliament

The Public Authorities (Fraud, Error and Recovery) Bill was introduced to Parliament on 22 January 2025.

The Bill includes powers for the Minister for the Cabinet Office and the Department of Work and Pensions (DWP) to issue ‘account information notices’, ‘general information notices’, ‘further information notices’ and ‘direct deduction orders’ to banks and e-money institutions (EMIs) in relation to recovery of fraudulent or erroneous payments from accounts.

There is also a DWP power to issue ‘eligibility verification notices’ to banks and EMIs regarding the checking of eligibility criteria for certain State benefits.

There would be fines (including daily default fines) for no, incorrect or late compliance with the proposed new requirements.

Key points for banks and EMIs to consider include:

• The impacts of the proposed new requirements to comply with information notices and account direct deduction orders on their policies, procedures and controls. For information notices, this includes:

• assessment of the accuracy and/or complexity of the requirements of the notice and the ability of the bank or EMI to comply within the timeframe prescribed in the notice; and
• consideration as to whether an appeal needs to be raised to amend or clarify the requirements of the notice, or to extend the prescribed deadline.

In relation to the direct deduction orders, this includes:

• amendments to account terms and conditions to reflect these restrictions; 
• processes and controls for managing risks arising in respect of these orders, including those relating to applying “inhibits” immediately upon receipt of the order and managing relationships with vulnerable customers; and 
• the effectiveness of complaints handling procedures to manage customer conversations relating to sensitive or severe financial hardship arising from direct deduction orders. 

• How they will be able to comply with the proposed eligibility verification notices’ requirements in practice, and how the information identified through these checks impacts existing financial crime control frameworks.

The Bill’s Committee stage in the House of Commons began on 25 February 2025.

If the Bill is passed, banks and EMIs will likely face material implementation costs and risks of reputational harm. For more on this development, take a look at our article.

United Kingdom: FCA Portfolio letter for payments portfolio firms

On 3 February 2025, the FCA published a portfolio letter setting out its supervisory and policy priorities for payments portfolio firms, including payment institutions (PIs), electronic money institutions (EMIs), and registered account information service providers (RAISPs).

The FCA states that since its letter of 16 March 2023 highlighting its priorities for payments firms, it has seen improvements by firms to deliver the outcomes it set, for example in some firms’ Board and governance arrangements, risk management frameworks and customer outcomes. However, there is still room for improvement. It sets out three key outcomes for firms which it believes are essential to good customer outcomes:

• Effective competition and innovation to meet customers’ needs, characteristics and objectives: Consumer Duty implementation remains subject to FCA ongoing monitoring and, where necessary, action.
• Firms do not compromise financial system integrity: FCA focus areas include, in particular, financial crime and operational resilience.
• Firms keep customers’ money safe: Areas of focus are safeguarding, prudential requirements and wind-down planning.

In addition, the FCA describes weaknesses in governance, oversight and leadership as the ‘root cause’ of many of the regulatory issues it sees in the portfolio. It expects firms, among other things, to ensure that their governance arrangements and systems and controls, including reporting mechanisms, are effective and proportionate to the nature, scale, and complexity of the business, and the risks to which it is exposed (also relevant to financial crime and operational resilience considerations).

United Kingdom: FCA and PSR publish joint feedback statement on BigTech and digital wallets

On 19 February 2025, the FCA and the Payment Systems Regulator (PSR) published a joint feedback statement (FS25/1) on responses to their July 2024 joint call for information (CfI) on big technology firms (BigTech) and digital wallets (see our article on the CfI).

Key points include:

• The majority of stakeholders view digital wallets as posing a significant benefit to consumers, including in respect of innovation and non-card forms of payment.
• Potential issues identified by stakeholders, together with proposed next steps, include:
  • Deficiencies in competition between digital wallets: The FCA and the PSR will work closely with the Competition and Markets Authority (CMA) as it reviews digital wallets within its investigations into two major mobile ecosystems (and they have shared their related findings in a letter to the CMA);
  • Barriers to effective competition between payment systems within digital wallets: The FCA and the PSR will work with the CMA to understand how any interventions to address competition between digital wallets could impact competition between payment systems.
  • The impact of operational failures of digital wallets on financial system resilience, as well as gaps in the current regulatory framework: Some stakeholders suggested that the provision of digital wallets could be brought within the FCA's regulatory perimeter, while others warned against prescriptive regulation. The FCA will seek to engage with HM Treasury (HMT) to consider these issues as part of its review of the Payment Services Regulations 2017 and the Electronic Money Regulations 2011.

The feedback statement also highlights opportunities that could be achieved through the wider adoption of other digital technologies (for example, digital identity verification services and a digital pound).

The FCA and the PSR are not planning new in-depth work, but will work with the CMA and HMT, among others, to monitor developments.

European Union: ECB decision on non-bank PSPs' access to central bank operated payment systems and central bank accounts published in OJ

On 6 February 2025, Decision (EU) 2025/222 of the European Central Bank (ECB) on access by non-bank payment service providers to ECB operated payment systems and central bank accounts was published in the Official Journal of the EU.

The ECB published a policy, in July 2024, developed with the Eurosystem to help it adopt a harmonised approach to access by non-bank payment service providers (NB-PSPs) (which include payment institutions (PIs) and electronic money institutions (EMIs)) to all central bank operated payment systems (that is, TARGET and retail payment systems operated by euro-area national central banks). The policy defined the approach on the access to accounts. The policy document noted the ECB's plans to publish a related ECB legal act.

The decision gives effect to that policy. Among other things, it:

• Sets out the conditions an NB-PSP must meet to qualify for access to Eurosystem central bank operated payment systems;
• States that Eurosystem central banks will not offer safeguarding accounts to NB-PSPs, as it is not a core function of central banks to act as a substitute for credit institutions in providing safeguarding services;
• Specifies rules relating to maximum balance on the account holder's settlement account at the close of each business day.

The ECB adopted the decision on 27 January 2025 and it will enter into force on 26 February 2025. It will apply in member states from 9 April 2025 (aligning with the date on which member states are required to transpose amendments to the Settlement Finality Directive and PSD2 effected by the Instant Payments Regulation).

European Union: EBA repeals guidelines on major incidents reporting under PSD2

On 17 January 2025, the European Banking Authority (EBA) announced in a press release that it has repealed its guidelines (EBA/GL/2021/03) on major incident reporting under the revised Payment Services Directive ((EU) 2015/2366) (PSD2).

The EBA explains that it is repealing the guidelines to simplify major incident reporting requirements and to ensure legal clarity for payment service providers (PSPs), given that the harmonised reporting requirements under the Regulation on digital operational resilience for the financial sector ((EU) 2022/2554) (DORA) apply from 17 January 2025. The incident reporting requirements under DORA apply to financial entities across the banking, securities, insurance and pensions sectors, and cover most PSPs. DORA also disapplies the incident reporting requirements under PSD2 for those PSPs.

In the UK, Payment Services Regulations (PSRs) 2017 requirements are still in force and refer to the 2017 incarnation of the EBA rules that have just been repealed. The Bank of England, PRA and FCA are consulting on incident reporting in the context of third party arrangements (closing 13 March 2025).

These consultations concern proposed arrangements for reporting certain “operational incidents” to the regulators which  are intended to be “interoperable” with DORA and the Financial Stability Board Format for Incident Reporting Exchange. However, the FCA consultation makes it clear that its proposed requirements do not replace firms obligations to make notifications under the PSRs 2017, which implemented PSD2. The FCA does not expect all PSD2 notifications will meet the thresholds for reporting incidents under its proposals. There may therefore be instances where firms will be required to report an incident under the current proposals in addition to a PSD2 notification.

European Union: European Commission confirms narrower scope of e-money acceptance under EMD2

In a recent response to an EBA Q&A, the European Commission has stated that the condition of acceptance in the definition of e-money in the second E-Money Directive (2009/110/EC) (EMD2) requires both (i) conversion of funds received by the e-money issuer into electronically or magnetically stored money (transferability) and (ii) a direct contractual arrangement between the third party payee and the issuer (voluntary acceptance).

In this response the Commission stated that the mere reception by the third-party payee of funds (‘scriptural money’) resulting from the redemption of e-money does not meet the acceptance criterion.

Whilst the response referenced existing ECJ case law, the Q&A appears to go a lot further. Taken at face value, it could change the way firms in this sector are regulated.

As a response in a Q&A, the Commission's view is not binding; however, we recommend this is something that firms should  keep under review.

For more on this development, take a look at this Our thinking article.

European Union: EBA final report and draft ITS on reporting of charges data for credit transfers under SEPA Regulation

On 4 February 2025, the EBA published its final report containing draft implementing technical standards (ITS) on uniform reporting templates relating to the level of charges for credit transfers and shares of rejected transactions under Article 15(5) of the SEPA Regulation ((EU) 260/2012). The EBA consulted on the draft ITS in July 2024.

The draft ITS, set out in section 3 of the report, standardise reporting from payment service providers (PSPs), requiring them to report to their national competent authorities (NCAs):

• The level of charges for regular credit transfers and instant credit transfers with breakdowns by type of transfer (national and cross-border), type of payment service users, type of payment initiation channels and by party that is subject to the charge; and
• Charges for payment accounts, as well as the share of instant transfers, both domestic and cross-border, that were rejected due to the application of EU-wide restrictive measures.

Annex I to the ITS contains the reporting templates, with accompanying instructions for PSPs in Annex II.

Given the responses it received, the EBA has decided to postpone the first harmonised reporting deadline by 12 months, to 9 April 2026, and subsequent reporting from NCAs to the EBA and the European Commission to 9 October 2026. This will allow sufficient time for the Commission to adopt the draft ITS and for the EBA to develop taxonomy, datapoint model and validation rules, which it will do by Q2 2025.

Until the first reporting deadline, NCAs should deprioritise collecting data from PSPs and discourage institutions from providing unharmonised data until the taxonomy, datapoint model and validation rules are available. NCAs should not take enforcement action against PSPs that do not report in 2025.

Australia: Banks urge Parliament to modernise payment system regulation

On 4 February 2025, the Australian Banking Association (ABA) published a press release urging Parliament to pass legislation to ensure digital payments are adequately regulated. The ABA notes that the current laws were made in 1998 when cash and cheques were the dominant methods of payment and Australia is lagging behind jurisdictions such as the European Union where steps have been taken to recognise that mobile wallets are part of the payments system.

According to the Reserve Bank of Australia, 500 million payments totalling over $20 billion are made with mobile wallets each month by Australians. The requested legislation will give the Reserve Bank of Australia powers to regulate all players within the payments system including global tech companies and ensure they are subject to the same oversight and consumer protection laws as the rest of the payments system.

United Kingdom: FCA letter on growth strategy

On 16 January 2025, the FCA published a letter written by Chief Executive, Nikhil Rathi, setting out ‘a new approach to ensure regulators and regulations support growth’ in response to a letter from the Prime Minister calling for regulators to come up with ideas to boost growth in the UK.

The FCA’s letter highlights that growth will be the cornerstone of the FCA’s strategy through to 2030, and also sets out work already planned for 2025 together with longer-term proposals.

Among other things, the letter addresses relevant payments and digital asset initiatives such as:

• plans to progress the digital securities sandbox;
• the suggestion of using powers anticipated under the Data (Use and Access) Bill to develop open finance. Notably, the FCA highlights that Government action in the area of digital identity authentication/verification can be a means to “unlock huge gains”;
• the suggestion of removing the £100 contactless payment limit.

Global: FATF publishes second consultation document on payment transparency

On 24 February 2025, the Financial Action Task Force (FATF) published a second consultation document on revisions to Recommendation 16 (R 16), its interpretive note (INR 16) and the related Glossary of specific terms.

The revisions are aimed at adapting these FATF standards to changes in payment business models and messaging standards, and to evolving risks and vulnerabilities.

The second consultation document includes updated proposals which take into account stakeholder feedback to the FATF's first consultation on revisions to R 16 and INR 16, published in February 2024. The consultation document also summarises concerns raised by respondents relating to speed and cost of payments, financial inclusion, data protection and privacy.

The consultation closes on 18 April 2025 and the FATF expects to finalise the revisions in June 2025, after which it will develop guidance on payment transparency to facilitate consistent implementation of the updated standards. It anticipates that most or all of the new requirements will be in effect by the end of 2030.

Global: Wolfsberg Group publishes guidance to supplement payment transparency standards

On 21 February 2025, the Wolfsberg Group published a document providing guidance to supplement its payment transparency standards. The latest version of the payment transparency standards was published in October 2023.

United Kingdom: FCA shares key findings from review of payment services and account providers’ use of National Fraud Database and money mule account detection tool

On 23 January 2025, the FCA published its key findings from its review of payment services and account providers’ use of the National Fraud Database (NFD) and a money mule account detection tool to tackle risks associated with money muling activities. Key points include:

• Money mules have been highlighted as an area for focus in the Government's Economic Crime Plan 2 (2023-2026), and 2023 Fraud Strategy. Using the NFD effectively, together with detection tools designed to trace the proceeds of fraud across payment networks, is critical in tackling mule activity.
• The FCA reviewed cases from 13 firms where accounts suspected of being money mule accounts were identified, and the effectiveness of a money mule account detection tool. Areas for improvement are that firms should:

• Conduct real-time checks of the NFD when onboarding customers, and periodic checks;
• Submit information to the NFD as it works on a reciprocal basis;
• Reply promptly to requests from other firms investigating potential money mule activities;
• Consider customers' vulnerabilities when documenting investigations into money mule activities; and
• Review and refine their thresholds for investigating alerts from fraud detection tools.

United Kingdom: PSR and BoE update CHAPS co-operation principles

On 27 January 2025, the Payment Systems Regulator (PSR) published correspondence exchanged with the Bank of England (BoE) relating to updating the principles concerning the areas for ongoing co-operation and co-ordination with respect to the operation of the CHAPS system.

The PSR sent a letter (dated 15 January 2025) to the BoE, which included a set of principles that were updated in 2024 following the introduction of the CHAPS reimbursement requirement for authorised push payment (APP) fraud.

In the letter, among other things, the PSR explains how it and the BoE, as the payment system operator of the CHAPS system, will share information and notify each other of proposed or potential changes to documents issued by the respective parties with regard to the CHAPS reimbursement requirement, by adding to the existing arrangements.

The PSR also sets out the key steps required to ensure co-operation and co-ordination in relation to the CHAPS reimbursement requirement. These concern the following:

• Sharing information, including compliance data that the BoE receives from CHAPS participants in respect of CHAPS APP scam claims;
• The BoE notifying the PSR of proposed or potential changes to the CHAPS reimbursement rules containing the CHAPS APP scams reimbursement policy;
• The PSR notifying the BoE of any proposed or potential changes to specific direction 21, or any other potential regulatory change (such as those for the reimbursement arrangements for Faster Payments), that may impact the operation of the CHAPS reimbursement rules or the CHAPS reimbursement policy and its objectives.

In the BoE's response (dated 22 January 2025), it agrees with the updated principles and notes its support for the three key steps outlined by the PSR.

United Kingdom: PSR publishes new compliance monitoring framework

On 4 February 2025, the Payment Systems Regulator (PSR) published a policy statement containing its new Compliance Monitoring Framework (PS25/2) which sets out how its Compliance Monitoring team's work is structured.

The Framework covers:

• The scope of the PSR’s monitoring work, which focuses on firms that are subject to directions (directed parties) to identify potential compliance issues and address them directly;
• Its approach to compliance monitoring, including the monitoring principles that inform its work. These require it to take a proportionate and risk-based approach, act quickly when it identifies a compliance failure and ensure clear and reciprocal engagement with firms;
• How it will monitor the parties that the PSR regulates in practice. It aims to ensure that firms are complying with the requirements it oversees through three stages: identification and assessment, action, and escalation of cases to the Enforcement team for further investigation and potential enforcement action;
• How it communicates and engages with firms, including through its annual plan, and how it co-ordinates with other regulatory bodies.

In an accompanying thought piece, the PSR announces that it is planning to make changes to its Process and Procedures Guide later in 2025. It will also be publishing a similar document to the Monitoring Framework relating to its enforcement work.

United Kingdom: PSR publishes statement of policy on cost benefit analysis framework

On 31 January 2025, the Payment Systems Regulator (PSR) published a statement of policy (SoP) on its cost benefit analysis (CBA) framework (PS25/1). This follows a September 2024 consultation on the SoP. The PSR is required by section 104H of the Financial Services (Banking Reform) Act 2013 (FSBRA), which was inserted by the Financial Services and Markets Act 2023 (FSMA 2023), to develop and maintain an SoP on its CBA framework.

In PS25/1, the PSR explains its approach to CBA and how the CBA framework helps it to develop policies with a positive impact. The PSR has made some amendments to the draft version of the SoP to reflect certain comments from the respondents to the consultation.

Global: BIS launches project to explore improving instant cross-border payments using central bank money settlement

On 13 February 2025, the Bank for International Settlements (BIS) launched Project Rialto to explore how instant cross-border payments could be improved using a modular foreign exchange (FX) component combined with settlement in tokenised wholesale central bank money.

Project Rialto is a collaboration of the BIS Innovation Hub, Eurosystem and Singapore Centres in partnership with the Bank of France, the Bank of Italy, Bank Negara Malaysia (Central Bank of Malaysia) and the Monetary Authority of Singapore.

Australia: BNPL providers must apply for a credit licence

On 17 January 2025, the Australian Securities and Investments Commission (ASIC) published a press release announcing that buy-now, pay-later (BNPL) product providers must now apply for a credit licence after the National Credit Code was extended to BNPL contracts by the Treasury Laws Amendments (Responsible Buy Now Pay Later and Other Measures) Act 2024 (the BNPL Act) following royal assent on 10 December 2024.

From 10 June 2025, providers of BNPL contracts will need to hold a credit licence that authorises them to engage in credit activities as a credit provider. This is subject to transitional arrangements which allow a provider to continue to provide BNPL contracts where they have applied and had their application accepted for the appropriate Australian credit licence or variation of their existing credit licence.

Licensing steps for BNPL providers are as follows:

• Those who do not have a credit licence must apply for a credit licence, have ASIC accept the application and become a member of the Australian Financial Complaints Authority (AFCA).
• Those who have a credit licence that authorises them to engage in credit activities in relation to credit contracts will not need to change anything. This authorisation now also applies to BNPL contracts.
• Those who have a credit licence but the licence does not authorise them to engage in credit activities as a credit provider will need to apply for a variation.

ASIC states that it is important for providers to act early to apply for or vary a credit licence due to the time it takes to complete and process applications. To minimise the risk that the application is not accepted before 10 June 2025, ASIC encourages providers to lodge their applications by 11 May 2025.

Papua New Guinea: CBDC Proof of Concept study results announced

On 28 January 2025, the Bank of Papua New Guinea announced the results of its Proof of Concept study on central bank digital currencies (CBDCs), a first step towards a CBDC in the country.

The study involved the central bank and Japanese companies Soramitsu and Mitsubishi, as well as funding and input from the Japanese government. It examined how a CBDC could be integrated into the Papua New Guinea payment system. The study stems from the rapid advancement in CBDCs globally which aim to improve payment systems and financial inclusion. The results note that a CBDC could reduce reliance on physical currency, reduce cash-handling and distribution costs, and improve transaction efficiency.

In terms of next steps, the central bank is mindful of challenges such as legal and regulatory gaps that currently exist, the need for robust digital infrastructure to support the CBDC and the need for a well-defined policy framework to support innovation. A roadmap will be needed to balance technological, legal, regulatory and infrastructure considerations. Further studies will be needed to engage more stakeholders and explore cross-border payments.

United States: President Trump signs Executive Order on digital assets and Congress presents drafts of legislation regulating stablecoins

On 23 January 2025, President Donald Trump signed an Executive Order on digital assets.

The Executive Order sets out the policy of the Administration to support the digital asset industry, including by:

• promoting use of public blockchain network;
• promoting the sovereignty of the United States dollar, including through actions to promote the development of dollar-backed stablecoins worldwide;
• protecting and promoting fair and open access to banking; and
• providing regulatory clarity and certainty on technology-neutral regulations.

It also establishes a Presidential Working Group on Digital Asset Markets, which is tasked with submitting a report to the President (within 180 days) recommending regulatory and legislative proposals, including: (i) proposing a regulatory framework for the issuance and operation of digital assets, including stablecoins; and (ii) evaluating the potential creation and maintenance of a national digital asset stockpile and proposing criteria for establishing such a stockpile (e.g. from cryptocurrencies seized by law enforcement).

In addition, the Executive Order prohibits the issuance, circulation or use of central bank digital currencies (CBDCs) and terminates any plans or initiatives to create a CBDC in the United States. Also of note is that recently both chambers of Congress presented drafts of legislation for regulating stablecoins in the U.S.:

• On 4 February 2025: the GENIUS Act, presented by Sens. Tim Scott, Bill Hagerty, Cynthia Lummis and Kirsten Gillibrand. A one-page overview of the legislation can be found here.
• On 6 February 2025:  the STABLE Act, introduced by House Financial Services Committee Chairman French Hill and Digital Assets, Financial Technology, and Artificial Intelligence Subcommittee Chairman Bryan Steil.

El Salvador: Government increases cryptocurrency reserves while passing legislation to comply with IMF deal to scale back Bitcoin activities

On 29 January 2025, El Salvador’s Congress passed a bill to amend its Bitcoin law in order to comply with a $1.4 billion financing agreement that it entered into with the International Monetary Fund (IMF) in December 2024, in which it was agreed that the government would step back from some of its Bitcoin activities (see the January 2025 edition of this Newsletter). Under the terms of the new law, Bitcoin is no longer “currency” so acceptance of Bitcoin is voluntary for private sector businesses. The state will also no longer accept Bitcoin as a form of payment for taxes and debts and is scaling back investment in the “Chivo Wallet,” the state-backed crypto-wallet.

Recent activities show El Salvador’s strategy to continue to buy Bitcoin despite scale-back of other Bitcoin activities. On 5 February 2025, it was reported that El Salvador had added 12 Bitcoin to its stock amid a dip in the crypto markets. In total, in the past 30 days starting from 5 February, it had added 60 Bitcoin to its reserves. It brings the Central American country’s holdings to a total of 6,068 BTC, valued at over $554 million.

Czech Republic: Central Bank approves proposal to explore Bitcoin reserves

On 30 January 2025, the Czech National Bank (CNB) published a press release confirming that they will analyse the options of holding alternative asset classes, such as cryptocurrency, in their reserves in line with CNB Governor Aleš Michl’s proposal to hold reserves in Bitcoin.

If the Board approves the results of the analysis and moves forward with Michl’s proposal, the CNB could hold as much as 5% of its foreign exchange reserves in alternative asset classes, such as Bitcoin, equating to €140bn. The central bank’s €140bn in foreign exchange reserves are equivalent to about 45% of the Czech Republic’s GDP.

Michl, speaking to the Financial Times in an article published on 29 January, stated that he likes the chance of profitability and has “a totally different philosophy” about Bitcoin to his counterparts. While acknowledging the “extreme volatility” and limited record of Bitcoin, Michl highlighted wider investor interest in Bitcoin, Donald Trump’s pledges on deregulation and the growing influence of cryptocurrency executives in Trump’s administration, and the fact that a large investment by a central bank in Bitcoin could itself impact the coin’s price.

Central banks usually hold conservative assets such as U.S. Treasuries and other forms of highly rated bonds in reserve. The CNB already stands out from other central banks, given it holds 22% of its portfolio in equities. Almost no other central banks have publicly ventured into crypto, and if the CNB do take this step, the Czech Republic would become the first western central bank to do so.

European Union: Summary of recent MiCA developments

The following Markets in Crypto-Assets Regulation (MiCA) related documents have been published recently:

• On 17 January 2025, ESMA published a statement on the provision of certain cryptoasset services in relation to asset-referenced tokens (ARTs) and electronic money tokens (EMTs) that are non-compliant under MiCA. Alongside the statement, the European Commission has published a Q&A providing guidance on the obligations contained in Titles III and IV of MiCA and how these obligations should apply to cryptoasset service providers (CASPs). It clarifies that certain cryptoasset services may constitute an offer to the public or an admission to trading in the EU and should therefore comply with Titles III and IV of MiCA.
• On 24 January 2025, ESMA published an opinion on draft regulatory technical standards (RTS) specifying certain requirements relating to conflicts of interest for CASPs under Article 72 of MiCA.
• On 31 January 2025, ESMA published a supervisory briefing providing guidance on the expectations on applicant CASPs and national competent authorities (NCAs) when they are processing authorisation requests under MiCA. NCAs are expected to apply the principles in the briefing as part of their authorisation procedures, as well as ensuring continued adherence for CASPs once they are authorised.
• On 5 February 2025, the EBA published an opinion (dated 24 January 2025) on the European Commission's proposed amendments to its draft RTS on conflicts of interest for issuers of ARTs under Article 32(5) of MiCA.
• On 13 February 2025, the following Delegated Regulations supplementing MiCA were published in the Official Journal of the EU and will enter into force on 5 March 2025:
  • Commission Delegated Regulation (EU) 2025/292 supplementing MiCA with regard to RTS establishing a template document for co-operation arrangements between competent authorities and supervisory authorities of third countries under Article 107(3).
  • Commission Delegated Regulation (EU) 2025/293 supplementing MiCA with regard to RTS specifying the requirements, templates and procedures for the handling of complaints relating to ARTs under Article 31(5).
  • Commission Delegated Regulation (EU) 2025/294 supplementing MiCA with regard to RTS specifying the requirements, templates and procedures for the handling of complaints by CASPs under Article 71(5).
  • Commission Delegated Regulation (EU) 2025/296 supplementing MiCA with regard to RTS specifying the procedure for the approval of a cryptoasset white paper under Article 17(8).
  • Commission Delegated Regulation (EU) 2025/297 supplementing MiCA with regard to RTS specifying the conditions for the establishment and functioning of consultative supervisory colleges under Article 119(8).
  • Commission Delegated Regulation (EU) 2025/298 supplementing MiCA with regard to RTS specifying the methodology to estimate the number and value of transactions associated to uses of ARTs and of EMTs denominated in a currency that is not an official currency of a member state as a means of exchange under Article 22(6).
  • Commission Delegated Regulation (EU) 2025/299 supplementing MiCA with regard to RTS on continuity and regularity in the performance of cryptoasset services under Article 68(10).
• On 17 February 2025, ESMA published a consultation paper on guidelines for the criteria to assess knowledge and competence under MiCA. The deadline for responses is 22 April 2025. ESMA intends to publish a final report and guidelines in Q3 2025.
• On 20 February 2025, the following Delegated and Implementing Regulations supplementing MiCA were published in the Official Journal of the EU and will enter into force on 12 March 2025:
  • Commission Delegated Regulation (EU) 2025/303 supplementing MiCA with regard to RTS specifying the information to be included by certain financial entities in the notification of their intention to provide cryptoasset services.
  • Commission Implementing Regulation (EU) 2025/304 supplementing MiCA by laying down implementing technical standards (ITS) with regard to standard forms, templates and procedures for the notification by certain financial entities of their intention to provide cryptoasset services.
• On 26 February 2025, ESMA published the official translations of its guidelines on the procedures and policies in the context of transfer services for cryptoassets. The guidelines apply from 27 April 2025. NCAs must notify ESMA by 26 April 2025 whether they comply, do not comply but intend to comply or do not intend to comply with the guidelines. CASPs are not required to report whether they comply with the guidelines.
• On 26 February 2025, ESMA published the official translations of its guidelines on situations in which a third-country firm is deemed to solicit clients established or situated in the EU and the supervision practices to detect and prevent circumvention of the reverse solicitation exemption. The guidelines apply from 27 April 2025. NCAs must notify ESMA by 26 April 2025 whether they comply, do not comply but intend to comply or do not intend to comply with the guidelines.

European Union: EBA and ESMA joint report on crypto-asset developments

On 16 January 2025, the EBA and ESMA published a Joint Report on the recent developments in crypto-assets. Article 142 of the Markets in Crypto-Assets Regulation (MiCA) mandates the European Commission, after consulting the EBA and ESMA, to submit a report to the European Parliament and Council of the EU on recent developments in crypto-assets. This publication is the EBA and ESMA’s contribution to the European Commission’s report to the European Parliament and Council.

The joint report covers:

• Decentralised finance (DeFi): the report finds that DeFi remains a niche phenomenon. EU adoption of DeFi, while above the global average, is lower than other developed economies such as the United States and South Korea. The report also discusses, among other things, AML/CTF risks of DeFi, and implications of maximal extractable value (MEV) on DeFi markets; and
• Crypto lending, borrowing and staking: the report contains an analysis of the main types and typical features of the business models observed in the market, as well as associated risks. The report also finds that there appears to be limited engagement of EU consumers and financial institutions with these services.

Following the joint report, ESMA and the EBA also published factsheets on DeFi and on Crypto lending, borrowing and staking.

Luxembourg: Law implementing MiCA enters into force

On 17 February 2025, the CSSF (Commission de Surveillance du Secteur Financier) announced that the law of 6 February 2025 regarding digital finance (Law) had been published in the Official Journal of Luxembourg on 10 February 2025 and had entered into force on the same day.

The Law sets out rules relating to the national implementation of the Markets in Crypto-Assets Regulation (MiCA) and officially designates the CSSF as the competent authority under MiCA.

The Law also provides details on the transitional measures targeting virtual asset service providers (VASPs). VASPs registered with the CSSF before 30 December 2024 in accordance with Article 7-1 of the amended Law of 12 November 2004 on the fight against money laundering and the financing of terrorism as in force as of 30 December 2024, shall remain registered in the VASP register established by the CSSF until 1 July 2026 or until they are granted or refused authorisation under Article 63 of MiCA, whichever is sooner.

Italy: Bank of Italy issues public consultation proposing to extend controls on CASPs

On 15 January 2025, the Bank of Italy issued a public consultation proposing to extend the Regulation on customer due diligence and the Regulation on organisation, procedures and internal controls to crypto-asset service providers (CASPs).

Regulation (EU) 2023/1113 on information accompanying transfers of funds and certain crypto-assets (TFR) included CASPs among financial institutions obliged to comply with anti-money laundering (AML) obligations, in order to subject them to the more intensive AML controls provided for this category of entities. This differs from the previous legal framework, where virtual asset service providers (VASPs) were subject to less intense requirements and level of supervision, and is coupled with the adoption of Regulation (EU) 2023/1114 on markets in crypto-assets (MiCA) which sets a harmonized regulatory framework for CASPs.

The Italian implementation of the TFR amended the Legislative Decree 231/2007 (Italian AML Decree), assigning the role of AML supervisory authority for CASPs to the Bank of Italy.

The Bank of Italy has now issued a public consultation proposing to extend to this new category of market players both the Regulation on customer due diligence and the Regulation on organization, procedures and internal controls, which would entail CASPs being subject to rules already applicable to banks and other financial intermediaries, including but not limited to self-risk assessment exercises, reporting obligations to the Bank of Italy, the adoption of detailed policies and procedures, and the appointment of a senior manager responsible for AML.

We have published an article on this development.

Global: Wolfsberg Group publishes FAQs on defining digital assets for AML and CTF purposes

On 21 February 2025, the Wolfsberg Group published FAQs to help financial institutions assess the risks generated by the emergence of digital assets for anti-money laundering (AML) and counter-terrorist financing (CTF) purposes. The group intends to provide periodic updates through FAQs, guidance, case studies and deep dives to support the continued risk profiling and treatment as the use of digital assets continues to evolve.

United Kingdom: Crypto-asset staking exempted from meaning of ‘collective investment schemes’ under FSMA 2000

On 31 January 2025, the widely anticipated statutory instrument exempting crypto-asset staking from the meaning of “collective investment schemes” (CIS) as defined under the Financial Services and Markets Act 2000 (FSMA 2000) came into force.

In the UK, although crypto-asset staking is not expressly regulated under financial services legislation, under the previous rules certain staking arrangements (depending on the exact operating model) had the potential to meet the definition of CIS and therefore fall within the applicable regulatory perimeter. This has caused concerns in the industry regarding the ability to offer staking services without being in breach of existing regulatory requirements that were not developed with such new business models in mind.

To address these concerns, the Financial Services and Markets Act 2000 (Collective Investment Schemes) (Amendment) Order 2025inserts a new paragraph 22 into the Schedule to the Financial Services and Markets Act 2000 (Collective Investment Schemes) Order 2001, which states that “arrangements for qualifying crypto-asset staking” are excluded from the meaning of CIS as defined under FSMA 2000.

For more on this development, see our article.

United Kingdom: Financial Services and Markets Act 2023 (Digital Securities Sandbox) (Amendment) Regulations 2025 published

On 30 January 2025, the Financial Services and Markets Act 2023 (Digital Securities Sandbox) (Amendment) Regulations 2025 (SI 2025/93) were published on legislation.gov.uk, together with an explanatory memorandum.

The Regulations amend the Financial Services and Markets Act 2023 (Digital Securities Sandbox) Regulations 2023 (SI 2023/1398) (the DSS Regulations). They modify the effect of the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 (SI 2017/692) (MLRs 2017) by temporarily disapplying provisions of the MLRs 2017 that apply to cryptoassets (and other related terms defined in regulation 14A of the MLRs 2017) in relation to activities in scope of the Digital Securities Sandbox (DSS).

The Regulations also make other minor amendments to the DSS Regulations.

The DSS Regulations create the framework that will enable the Bank of England (BoE) and the FCA to operate the DSS, which allows firms and regulators to test the use of developing technology (such as distributed ledger technology (DLT) or technology that facilitates digital assets). The activities that are within scope of the DSS are certain activities relating to a central securities depository (CSD) (specifically, notary, settlement and maintenance) and the operation of a trading venue (specifically, a multilateral trading facility (MTF), an organised trading facility (OTF) or a recognised investment exchange (RIE)).

The Regulations come into force on 3 March 2025. They were not consulted on as the changes are based on stakeholder feedback received from other consultations.

Japan: FSA considering significant regulatory changes for cryptocurrency

On 10 February 2025, it was reported that Japan’s Financial Services Agency (FSA) is considering significant regulatory changes for the crypto-asset sector. Reportedly the FSA is considering classifying crypto-assets as financial products similar to securities in a move to enhance investor protection by requiring businesses to disclose more information. Other proposed changes include a reduction in the tax rate on crypto earnings from 55% to 20% and the potential approval of Bitcoin spot ETFs which is expected to enhance Japan’s competitiveness in the global digital asset market.

The FSA is apparently conducting a closed study session with experts to analyse current regulations. The reforms are expected to be formally announced by June 2025, with legislative changes expected to become effective in 2026.

South Korea: Financial Services Commission announces roadmap on corporate participation in virtual asset market

On 13 February 2025, the Financial Services Commission (FSC) announced a roadmap for allowing corporate participation in the virtual asset market. This will lift the ban introduced in 2017 on corporate entities transacting in virtual assets. This development follows on from the implementation of the Virtual Asset User Protection Act of 19 July 2024.

South Korea: Crypto crime task force to be upgraded into full investigation unit

On 28 January 2025, it was reported that South Korea’s crypto crime task force unit is being upgraded to become a permanent unit at the Seoul Prosecutor’s Office. The task force - known as the Joint Investigation Unit (JIU) for Virtual Asset Crimes - was initially launched as a temporary unit in mid-2023.

Canada: Office of Superintendent of Financial Institutions issues guidance on capital and liquidity treatment of crypto-assets

On 20 February 2025, the Office of the Superintendent of Financial Institutions issued the following guidance on capital and liquidity treatment of crypto-assets for banking and insurance:

• Capital and Liquidity Treatment of Crypto-asset Exposures (Banking) – Guideline; and
• Capital Treatment of Crypto-asset Exposures (Insurance) – Guideline.

There is an advisory note for both Guidelines stating that the Interim Arrangement for the Regulatory Capital and Liquidity Treatment of Cryptoasset Exposures remains the effective crypto-asset guidance until the end of fiscal Q4 2025.

Hong Kong: SFC outlines virtual assets strategy

On 21 February 2025, the Securities and Futures Commission (SFC) outlined a 12-point strategy to boost Hong Kong’s virtual asset market.

The ‘ASPIRe’ roadmap for a resilient virtual asset ecosystem comprises five pillars:

• Pillar A (Access) – Streamlining market entry through regulatory clarity;
• Pillar S (Safeguards): Optimising compliance burdens without compromising security;
• Pillar P (Products) – Expanding product offerings and services based on investor categorisation;
• Pillar I (Infrastructure) – Modernising reporting, surveillance and cross-agency collaboration; and
• Pillar Re (Relationships) – Empowering investors and industry through education, engagement and transparency.

The SFC notes that the rapid maturation of virtual assets demands forward-looking regulation that anticipates systemic risks to future-proof the ecosystem. The roadmap, therefore, aims to streamline global liquidity, strengthen security compliance and product frameworks, and modernise financial infrastructure to leverage blockchain efficiency.

European Union: ECB announces expansion of initiative to settle DLT-based transactions in central bank money

On 20 February 2025, the European Central Bank (ECB) announced in a press release that the Eurosystem intends to expand its initiative to settle transactions recorded on distributed ledger technology (DLT) in central bank money.

There will be a two-track approach. Firstly, the Eurosystem will develop and implement a safe platform for settlements in central bank money via an interoperability link with the existing TARGET Services. Secondly, the Eurosystem will look at an integrated, long-term solution for settling DLT-based transactions in central bank money that will also include international operations such as foreign exchange settlement.

This builds on the Eurosystem’s exploratory work and trials on new technologies for wholesale central bank money settlement conducted between May and November 2024.

The initiative will contribute to establishing an integrated European market for digital assets, in line with the ECB Governing Council’s call for promoting a digital capital markets union in its statement of 7 March 2024.

Global: FSB publishes consultation and terms of reference for thematic peer review on global regulatory framework for cryptoassets

On 21 February 2025, the Financial Stability Board (FSB) published summary terms of reference for its thematic peer review on its global regulatory framework for cryptoasset activities. The framework consists of two sets of high-level recommendations for the regulation, supervision and oversight of both cryptoasset activities and markets and global stablecoin arrangements.

An accompanying press release explains that the FSB is seeking feedback from stakeholders as part of its thematic peer review of implementation of the global regulatory framework by FSB member and certain non-member jurisdictions. The summary terms of reference provide more detail on the objectives, scope and process of the review.

The FSB has sent a questionnaire to relevant jurisdictions and also invites feedback from stakeholders on a number of issues set out in the press release.

Feedback is requested by 28 March 2025. The FSB expects to publish the peer review report in October 2025.

United States: IRS regulatory reporting requirements on “DeFi brokers” could be repealed

In December 2024, the Internal Revenue Service (IRS) released regulatory reporting requirements on trading front-end service providers interacting directly with customers on digital asset transactions (so-called “DeFi brokers).

In light of the new administration, the rule containing the requirements may be repealed following a resolution by Senator Ted Cruz, a move that is supported by key industry players according to a letter (dated 19 February 2025) from the Blockchain Association to Members of Congress.

South Sudan: Bank of South Sudan launches National Instant Payment System

On 3 February 2025, the Bank of South Sudan launched the country’s first National Instant Payment System (NIPS) in collaboration with AfricaNenda Foundation. NIPS is designed to enable real-time, secure, and cost-effective transactions, promoting interoperability between banks, mobile money providers, and other financial institutions. 

The project marks a milestone in the modernisation of South Sudan’s financial and payment infrastructure. The initiative aligns with broader efforts to integrate.

United States: BNY send largest instant payment in United States history

On 10 February 2025, it was announced that the Bank of New York Mellon Corporation (BNY), using The Clearing House’s RTP Network, had sent the largest instant payment in United States history. The transaction was a $10 million inter-company liquidity management payment to Bank of America on behalf of a client. The record-breaking payment was made possible after The Clearing House increased the RTP network’s transaction limit from $1 million to $10 million, effective 9 February 2025.

Sweden: Riksbank calls for more action on TIPS cross-currency project

On 17 January 2025, Sweden’s central bank, Riksbank, published a press release encouraging other Swedish banks to participate in the Target Instant Payment Settlement (TIPS) system. Participation in the initiative would involve joining discussions on the design and testing of the TIPS cross-currency service. For some time, the ECB, the Riksbank and Denmark’s central bank, Danmarks Nationalbank, have been working together on the initiative to make instant payments possible between euros, Swedish krona and Danish krone. These central banks provide the underlying infrastructure to facilitate TIPS, but banks and businesses must develop services to enable payments to be made cross-currency.

Banks can express their interest in participating until 28 February 2025 by signing a Letter of Intent, a template for which is linked to the press release.

Canada: Progress on Real-Time Rail

On 29 January 2025, Jude Pinto, Chief Delivery Officer at Payments Canada, provided an update on the Real-Time Rail (RTR). The RTR is a multi-year, multi-system payments modernisation initiative which will allow Canadians to initiate instant payments 24/7/365. The system will use the ISO 20022 messaging standard to support payment information accompanying every payment.

Pinto stated that Payments Canada has made “substantial progress” alongside its partners IBM Canada, CGI and Interac. The new team is more than halfway through the technical build, which encompasses the installation of hardware in data centres and the development of software. The build will continue over the next quarter. Pinto added that progress has been made on an integrated fraud solution, with consensus reached with members and participants on a fraud strategy and high-level requirements for a fraud mitigation system.

Global: PayPal partners with Verifone to push in-person payments

On 26 February 2025, it was reported that PayPal is partnering with Verifone to boost its in-person payments presence. The partnership will combine Verifone’s hardware with PayPal’s enterprise payment processing and e-commerce capabilities, to provide enterprise merchants with an omnichannel solution. This solution will be part of PayPal Open, which allows merchants of all sizes to access the entire PayPal ecosystem. The partnership will launch in the U.S. soon, followed by the UK and Germany later this year.

United Kingdom: Government invites bidders to bring open banking to Gov.UK Pay

On 21 February 2025, it was reported that the UK government is inviting bidders for a £49 million contract to implement open banking technology into its Gov.UK Pay payment platform. The UK government is seeking a payment services provider to process credit and debit card payments and open banking payments. The chosen provider will have a 12-month onboarding period, before commencing service delivery in 2026.

Jordan: Fintech Galaxy approved to test Open Banking

On 29 January 2025, it was reported that Fintech Galaxy has received approval from the Central Bank of Jordan to participate in the JoRegBox regulatory sandbox. The approval, which is the first of its kind for an Open Banking company in Jordan, allows the company to test and deploy Open Banking in a controlled real-market environment.

Global: Kraken launches crypto payment service

On 31 January 2025, it was reported that crypto exchange Kraken had launched its payment service, Kraken Pay, allowing users to send 300 different fiat and digital currencies to family and friends across the world. The service will also convert assets, for example from Bitcoin to Swiss francs. Both payee and payer will require Kraken Pay accounts. Accounts will be assigned a @Kraktag unique identifier that senders enter instead of needing to enter bank account details. Funds are sent using a paylink URL.

United States: Trump Media launches fintech brand  

On 29 January 2025, it was reported that Donald Trump’s media brand, Trump Media and Technology Group (TMTG) has launched a financial services and fintech brand, Truth.FI, to push into crypto and customised exchange-traded funds.

TMTG, which already has a social media platform and streaming service, had a rise in share price by more than 10% in early trading after the announcement.

TMTG says that the fintech brand will have up to $250 million kept in custody by Charles Schwab and allocated to separately managed accounts, customised ETFS, bitcoin and similar crypto-assets.

Brazil: Bybit Pay launches to enable crypto and fiat payments

On 27 January 2025, Bybit announced that Bybit Pay is now live in Brazil. Bybit Pay is a blockchain-powered payment solution enabling cryptocurrency and fiat currency payments, that integrates with the Brazilian Pix instant payment system developed by the Central Bank of Brazil.

Bybit Pay allows users to connect their crypto wallets for transactions across websites, mobile applications and point-of-sale systems, offering an interface for deposits, withdrawals and payments. The platform supports various cryptocurrencies such as bitcoin, ethereum, tether (USDT) and USD coin. It is available to users in Brazil via the Bybit app and website.

The press release states that this platform will also benefit merchants by enabling them to accept payments from Bybit’s global user base of over 60 million individuals. This will expand their customer reach while offering an integrated fiat-crypto payment experience.

Argentina: Coinbase approved to launch

On 28 January 2025, it was reported that Coinbase, the U.S. based cryptocurrency exchange, was given approval by Argentinian regulators to debut in the country. Coinbase has secured a Virtual Asset Service Provider (VASP) registration from the National Securities Commission (CNV) which will allow Coinbase to operate within the country’s legal framework for virtual assets.

According to Coinbase, 5 million Argentinians use crypto daily, 87% believe that crypto can boost financial independence, and 76% see crypto as a solution to some of their financial frustrations, such as inflation and high transaction costs.

Coinbase will offer localised services in Spanish, including local payment methods and customer support. It also plans to launch educational initiatives to enhance financial literacy for its users.

Global: Klarna to embrace crypto

On 8 February 2025, Klarna stated in a post on X, stated that the buy-now pay-later firm will embrace crypto. It has been reported that following the post, Klarna has been inundated with suggestions, with many urging a compliance-first approach and others suggesting Klarna add Bitcoin as a payment option, enabling merchants to accept payments of crypto through the Klarna platform.

Nigeria: Coinbase partners with Onboard Global to offer crypto P2P payments

On 26 February 2025, it was reported that Coinbase is partnering with Onboard Global to enable Nigerian users to buy and sell cryptocurrencies efficiently. The partnership will allow Coinbase Wallet customers to buy crypto using local currency from a network of seller merchants without the need for ID verification if the purchase is under USD 100. Coinbase did not previously offer crypto buying and selling in Nigeria as governing bodies prohibit transactions with certain high-risk regions. The partnership will allow for this risk to be handled by Onboard, which will provide verification and a secure P2P expense platform for trades to take place.

Global: Cryptorefills launches two new apps within the World App

On 13 February 2025, it was reported that Cryptorefills, a blockchain gift card and commerce platform, has launched two new apps, namely Cryptorefills Flights and Cryptorefills Hotels. These apps aim to support over 23 million World App users in booking flights and hotels using Worldcoin (WLD) and USDC.e. This will allow World App customers to benefit from a crypto-enabled experience that meets their needs, demands and preferences.

Asia-Pacific: MasterCard launches anti-money laundering service “TRACE”

On 13 February 2025, it was reported that Mastercard had launched its TRACE (Trace Financial Crime) service in Asia Pacific. TRACE incorporates critical data points across an entire domestic network to identify money mules involved in financial crime.  This will give financial institutions a network-level perspective they wouldn’t otherwise have. Mastercard’s first Asia Pacific rollout of TRACE was in the Philippines in collaboration with the local interbank network BancNet. The only other market in the world to have implemented TRACE is the United Kingdom.

India: Introduction of exclusive domains for banks  

On 10 February 2025, it was reported that the Reserve Bank of India has announced that it intends to introduce new domains for banks in order to reduce cyber security threats, malicious activities such as phishing, and enhance trust in digital banking and payments. The country’s banks will use “.bank.in” from April this year. This will be followed by non-bank financial firms using “.fin.in”. The Institute for Development and Research in Banking Technology will be the exclusive registrar for the new domains.

India: Paytm collaboration with Indian government to promote fintech

On 25 February 2025, it was reported that Paytm has signed a Memorandum of Understanding with the Indian government’s Department for Promotion of Industry and Internal Trade (DPIIT). The partnership will aim to give startups regulatory and compliance assistance via workshops featuring industry and government bodies. Paytm will also provide mentorship, infrastructure support, market access and funding opportunities to startups. DPIIT views the partnership as a crucial step in strengthening India’s startup ecosystem.