Global Regulatory Pulse

The Q1 2025 Global Regulatory Pulse highlights key regulatory updates across regions, including AI guidelines in Hong Kong, AML/CFT initiatives in Singapore, MiCA and DORA regulations in the EU, FCA’s non-financial misconduct survey in the UK, and record SEC enforcement actions in the U.S.

APAC

Hong Kong

Guidance for the Use of Generative AI

Driven by increased use of artificial intelligence language models (AI LMs) by licensed corporations (LCs), the Securities and Futures Commission (SFC) issued a circular providing guidance obligations that LCs must adopt to mitigate and manage potential risks, highlighting that these technologies pose a heightened risk of cyberattacks or inadvertent leakage. The SFC issued four core principles around the use of AI LMs:

• Ensuring effective policies and internal controls to monitor and govern the entire model lifecycle of the AI LM.
• Mandatory model risk management, meaning significant additional burden for firms developing their own models.   
• Staying on top of changes to the cybersecurity threat landscape and how those threats relate to AI LMs. 
• Managing risk arising from the use of third-party providers and exercising due skill, care and diligence in selecting third-party providers.
  

HK Secrecy Provision Conviction

For the first time, a practicing Hong Kong solicitor was convicted for violating the SFC’s secrecy provision, which imposes an obligation on anyone assisting the SFC in a statutory inquiry or investigation to preserve the secrecy of that inquiry or investigation. The solicitor was found to have received confidential information regarding a restriction notice subject to the secrecy provision. The solicitor later disclosed this information to two individuals, in violation of the provision. The solicitor was fined HKD 25,000.

Bank Fined for Selling Practice Misconduct

Hang Seng Bank, Ltd., was fined HKD $66.4M in connection with serious regulatory failures relating to the firm’s sale of collective investment schemes and derivative products, as well as overcharging its clients and inadequately disclosing monetary benefits to those investors over a period of nine years. The action highlights a number of problematic selling practices that licensing corporations selling investment products should be aware of to ensure that internal policies and controls are in place to prevent this misconduct.

Singapore

In Q4 2024, the Monetary Authority of Singapore (MAS) initiated or continued its focus on a number of key regulatory developments in areas including anti-money laundering and countering the financing of terrorism, advancement of asset tokenization in financial services, and development and deployment of artificial intelligence technologies by financial institutions operating in Singapore.

Continued Focus on AML/CFT Initiatives in Singapore

In October 2024, the MAS, alongside key Singapore government ministries and law enforcement agencies, published a series of resources pertaining to the assessment of money laundering and terrorism financing risks in specific sectors, including the comprehensive National Risk Assessments on money laundering and terrorism financing. The relevant publications can be found here:

• Terrorism Financing National Risk Assessment
• Money Laundering National Risk Assessment
• National Anti-Money Laundering Strategy
• Money Laundering and Terrorism Financing Risk Assessment of Legal Arrangements
• Virtual Assets Risk Assessment
• Money Laundering and Terrorism Financing Risk Assessment of Legal Persons
• Proliferation Financing National Risk Assessment and Counter-PF Strategy

MAS Moves to Advance Digital Assets Sector in Singapore

In October 2024, the MAS published a consultation paper setting out a proposed regulatory licensing regime for digital token service providers, following a string of similar regulatory moves from regulators globally. In a similar vein, in November 2024, the MAS announced plans to advance tokenization in financial services, which include:

• Forming commercial networks to deepen liquidity of tokenized assets
• Developing an ecosystem of market infrastructures
• Fostering industry frameworks for tokenized asset implementation
• Enabling access to common settlement facility for tokenized assets

The move signals the regulator’s support for fostering growth and sophistication in the digital assets sector.

MAS Publishes Guidance for Artificial Intelligence Model Risk Management

In December 2024, the MAS published its observations from a thematic review of how banks in Singapore use, or plan to use, AI technologies, including generative AI built atop large language models (LLMs). From these observations, the MAS offered guidance on good practices for risk management for all financial institutions in Singapore.

United Kingdom and Channel Islands

United Kingdom

FCA Culture and Non-Financial Misconduct Survey

The Financial Conduct Authority’s (FCA’s) survey of over 1,000 financial firms revealed a significant rise in non-financial misconduct allegations from 2021 to 2023. Reported issues include:

• Bullying and harassment (26%)
• Discrimination (23%)
• Other misconduct (41%)

Firms are encouraged to enhance their detection and reporting mechanisms to foster a safer and more inclusive work environment.

Updates to Short Selling Regulations (SSR)

Following HM Treasury’s Short Selling Review, the FCA has updated its webpages on the UK SSR. Key changes for firms include an increase in the reporting threshold for net short positions in shares to the FCA from 0.1% to 0.2% of total issued share capital. Public disclosures (over 0.5% of total issued share capital) are now published on an aggregated basis, and firms are anonymized.

Operational Resilience: CTPs to the UK Financial Sector

The FCA’s PS24/16, issued jointly with the Prudential Regulation Authority (PRA) and the Bank of England, outlines new rules for Critical Third Parties (CTPs) to enhance operational resilience in the UK financial sector. The FCA, PRA, and Bank of England will monitor and manage systemic risks posed by CTPs.

Firms should review their third-party arrangements to ensure compliance with the new requirements.

Research Payment Optionality for Fund Managers

The FCA’s CP24/21 proposes the extension of payment optionality for investment research to fund managers, including UCITS ManCos and Alternative Investment Fund Managers (AIFMs). This proposal follows the final rules on payment optionality for investment firms and institutional investors (PS24/9). CP24/21 extends optionality to pooled funds, enabling asset managers to choose how they pay for investment research. The final rules are expected in the first half of 2025.

Improving the UK Transaction Reporting Regime

The FCA’s DP24/2 explores options to improve the UK transaction reporting regime. The FCA aims to enhance data quality and reduce reporting burdens on market participants. The paper identifies opportunities for harmonization with other regulatory reporting requirements and seeks feedback on potential changes.

MiFID Organisational Regulation

The FCA’s CP24/24 proposes transferring the firm-facing requirements of the Markets in Financial Instruments Directive (MiFID) Organisational Regulation into the FCA Handbook. This move aims to provide continuity for firms as HM Treasury begins the repeal of the MiFID regulation. The consultation paper also discusses potential future reforms to better suit UK-authorized firms and clients, including improvements to client categorization rules.

Financial Crime Guide Updates

The FCA’s PS24/17 updates the Financial Crime Guide to help firms better understand regulatory expectations and improve their financial crime systems and controls. The updates focus on sanctions, proliferation financing and transaction monitoring, and they include references to crypto assets and the Consumer Duty. Firms are encouraged to review and adjust their internal policies, monitoring systems, training and governance to comply with the updated guide.

Admissions & Disclosures (A&D) and Market Abuse Regime for Crypto Assets (MARC)

The FCA’s DP24/4 focuses on developing rules for crypto-asset A&D and the MARC. The FCA seeks to improve regulatory clarity, ensure consumers have necessary information and promote fair trading conditions.

A New Product Information Framework for CCIs

The FCA’s CP24/30 proposes a new product information framework for Consumer Composite Investments (CCIs). This initiative aims to simplify and improve how investment product information is presented to consumers.

Private Intermittent Securities and Capital Exchange System (PISCES)

The FCA’s Consultation Paper CP24/29 proposes a regulatory framework for PISCES. This new trading platform will enable intermittent trading of private company shares using market infrastructure. The framework will be established under a Financial Market Infrastructure sandbox created by HM Treasury. The FCA aims to finalize the regulatory framework by May 2025, following HM Treasury’s statutory instrument.

Greater Transparency of FCA Enforcement Investigations

The FCA published CP24/2 Part 2, which includes proposed changes to its initial proposals to enhance transparency in enforcement investigations. The key changes include:

• The impact of an announcement on the relevant firm should be part of the public interest test conducted by the FCA.
• Firms would receive 10 business days’ notice before an announcement, with an additional two days if the FCA decides to proceed. 
• The potential for an announcement to disrupt public confidence in the financial system will also be considered.

Operational Incident and Third-Party Reporting

The FCA’s CP24/28 proposes new rules for reporting operational incidents and material third-party arrangements. These rules aim to enhance operational resilience by establishing a consistent framework for incident reporting.

Jersey

In December 2024, Jersey issued its first Deferred Prosecution Agreement (DPA) judgment. Jersey follows the lead of the UK, which has approved 15 DPAs since 2014. This step represents a significant advancement in Jersey’s legal framework. DPAs will bolster Jersey’s efforts to combat financial crime and foster greater compliance and transparency within financial institutions by allowing corporations to admit wrongdoing without facing immediate prosecution. By adopting the use of DPAs, Jersey aims to enhance its reputation as a jurisdiction committed to upholding the highest standards of financial integrity and regulatory enforcement.

North America

Record Enforcement Actions for Q1 of the 2025 FY

The U.S. Securities and Exchange Commission (SEC) staff continued the trend to accomplish as much as possible on the outgoing administration’s agenda before the new administration took control. A few days before former Chairman Gary Gensler officially stepped down, the SEC’s Division of Enforcement announced a record number of enforcement actions filed in the first quarter of the fiscal year. Specifically, the SEC filed 200 enforcement actions, of which 75 were filed in October 2024 alone, exceeding the SEC Enforcement Division’s trends since at least 2000. The nature of the actions varied considerably and involved, for example, allegations concerning financial misstatements, misleading disclosures, advisory firms’ failures to disclose conflicts of interest, bribery schemes, misleading statements about artificial intelligence, and fraud. In connection with the announcement, Sanjay Wadhwa, the acting director of the Division of Enforcement, stated: “The division has not taken its foot off the pedal in the new fiscal year.” On the same day, the SEC announced Mr. Wadhwa’s departure from the agency effective January 31, 2025. Some of the actions reflected continuation of sweeps under Chairman Gensler’s administration, such as off-channel communications cases against 12 firms paying over USD 63 mn in combined civil penalties.

Administration Changes; New SEC Crypto Taskforce

Who will serve as the enforcement director under the incoming administration and how that will impact the Division of Enforcement’s agenda in 2025 is still to be determined. There is speculation, however, that prominent enforcement sweeps in the past administration—such as off-channel communications—will likely shift in nature under the new administration. It is also unclear if the 2025 Examination Priorities announced last fall will continue, including examinations focusing on specific registrants such as registered crowdfunding portals.

Pending confirmation of the nominated Paul Atkins to serve as SEC chair, President Trump designated SEC Commissioner Mark T. Uyeda to serve as acting chairman of the agency. Although such an appointment is not permanent, Acting Chairman Uyeda announced the first day in his new role the formation of a new Crypto Task Force led by Commissioner Hester Peirce. The purpose of the Crypto Task Force will be to help the SEC “draw clear regulatory lines, provide realistic paths to registration, craft sensible disclosure frameworks, and deploy enforcement resources judiciously.” This announcement is the first tangible sign that the SEC is taking more steps to develop regulatory frameworks in the crypto space outside of the enforcement context. All market participants should closely watch how the administration sets and pursues these or other priorities after the permanent chair and related SEC division appointments are confirmed.

SEC Risk Alert for Municipal Advisor

In December 2024 the SEC’s Division of Examinations (EXAMS) published a Risk Alert outlining the examination process for municipal advisors. The Risk Alert describes the exam selection process for municipal advisors and the types of documents and information that may be requested during an examination.

Municipal advisors are individuals or firms that provide advice to municipal entities or persons regarding municipal financial products or the issuance of municipal securities. Since 2010, it has been mandatory for municipal advisors to register with the SEC before providing such advice. As of November 2024, there were over 400 municipal advisors registered with the SEC.

The division employs a risk-based approach to select firms for examination, reflecting changes in market conditions and industry practices. Examinations may focus on compliance with statutory fiduciary obligations, standards of conduct, professional qualifications, filings, recordkeeping, advertising and supervisory requirements.

In 2024 the SEC charged several firms for failing to register as municipal advisors. Other recent enforcement actions involved failures to maintain and preserve certain electronic communications by municipal firms and their personnel. And in December 2024 a municipal advisor was charged with failing to establish, implement and enforce policies and procedures to prevent the misuse of material nonpublic information related to its participation on creditors’ committees.