Inside FinTech blog
UK data protection reform: what you need to know and do
August 14, 2025
The Data (Use and Access) Act (DUAA) received Royal Assent on 19 June 2025. The DUAA enacts the changes to the UK’s data protection regime that have been contemplated since the Data: a new direction consultation in 2021.
Sanctions compliance in the cryptoassets sector
August 14, 2025
On 21 July 2025, HM Treasury published a report which outlines the Office of Financial Sanctions Implementation’s (OFSI) assessment of threats to sanctions compliance involving UK cryptoasset firms since January 2022.
White House unveils AI Action Plan in artificial intelligence
August 14, 2025
On July 23, 2025, the White House released a sweeping new policy framework titled “Winning the AI Race: America’s AI Action Plan” (the “Plan”), describing the federal government’s approach to artificial intelligence (“AI”).
Where Do Crypto ETPs Go From Here? Approvals, Stays, and In-Kind Redemptions
August 14, 2025
Over the past month, the SEC has taken a mixed approach to crypto exchange-traded products signaling both openness and ongoing caution. Through its public statements, delayed approvals, and procedural stays, the agency is clearly evaluating how crypto funds are structured and brought to market
Technology contracts in the ADGM: New requirements under the Cyber Risk Management Framework
August 13, 2025
Regulated financial services sector firms in the Abu Dhabi Global Market (ADGM) have six months to comply with the new Cyber Risk Management Framework announced by the Financial Services Regulatory Authority (FSRA) on 29 July 2025.
Cyber risk management in the ADGM: an analysis of the new regulatory framework
August 13, 2025
On 29 July 2025, the Financial Services Regulatory Authority (FSRA) of the Abu Dhabi Global Market (ADGM) announced the implementation of a new Cyber Risk Management Framework that will apply to financial sector firms under its supervision.
Another contract remediation exercise for EU financial entities?
August 12, 2025
The European Banking Authority (EBA) is currently consulting on its draft guidelines on the sound management of third party risk (Draft Guidelines), which are intended to replace the 2019 guidelines on outsourcing arrangements (2019 Guidelines).
Banks outsourcing to the cloud: The economic drivers and regulatory implications
August 11, 2025
The financial services sector is becoming increasingly reliant on cloud service providers (CSPs) to fulfil its growing data processing and storage needs. Financial services providers in the United States have reportedly had the highest levels of adoption, operating 54% of their workloads in the cloud; and according to the European Central Bank, banks spent 13.5% more on cloud outsourcing in 2024 than in 2023.
AI regulation: Global Guide
July 22, 2025
As organisations continue with their roll-out of AI, the global regulatory landscape is becoming increasingly complex. AI-specific laws like the EU AI Act already applicable and new AI-specific laws are proposed, adding to the range of existing laws and regulations applicable to AI.
Published in OJ: Commission Delegated Regulation (EU) 2025/532 supplementing DORA with regard to RTS specifying the elements that a financial entity has to determine and assess when subcontracting ICT services supporting critical or important functions
July 21, 2025
On 2 July 2025, there was published in the Official Journal of the EU (OJ), Commission Delegated Regulation (EU) 2025/532 of 24 March 2025 supplementing Regulation (EU) 2022/2554 of the European Parliament and of the Council with regard to regulatory technical standards specifying the elements that a financial entity has to determine and assess when subcontracting ICT services supporting critical or important functions.