FinTech

The Property (Digital Assets etc) Act 2025 has become law, amounting to a significant step towards cementing the UK as the leading legal jurisdiction to underpin the digital asset economy.

Happy October and Cyber Awareness Month! While October ends with ghosts and goblins and other scary monsters for Halloween, the entire month of October is dedicated to raising awareness of cyber security and preventing (and if necessary responding to) cyber security incidents.

Thailand is once again moving forward with AI regulation in an effort to establish a comprehensive framework for the use of artificial intelligence in the country. On 1 October 2025, the National Cyber Security Agency, the agency under the Ministry of Digital Economy and Society, published the “AI Securities Guideline” (the Guideline).

The Cybersecurity Information Sharing Act of 2015 (CISA 2015) expired on September 30, 2025, after Congress missed the reauthorization deadline. That lapse removes the decade-old legal framework that encouraged and protected cyber threat information sharing among companies, Information Sharing and Analysis Organizations and Centers (ISAOs/ISACs), and the federal government.

In a significant regulatory development, the Cyberspace Administration of China (CAC) has officially issued the Measures for the Administration of National Cybersecurity Incident Reporting (the Final Reporting Measures), which will take effect on 1 November 2025.

September 8th marked the entry into force of several provisions of the Retail Payment Activities Act1 (RPAA) and the mandate given to the Bank of Canada to supervise payment services providers (PSPs).

On September 1, 2025, Texas amended its telephone solicitation law to include text messages and to add several new requirements, including a registration requirement with the Texas Secretary of State, plus a form of security (such as a bond) in the amount of $10,000.

On September 23, 2025, Italy adopted Law no. 132/2025 on Artificial Intelligence (AI). The law will enter into force on 10 October 2025 and aims, inter alia, to complement the Regulation EU 2024/1689 (EU AI Act).

On 5 September 2025, the Australian Securities and Investments Commission (ASIC) issued a media release announcing that the High Court had granted it special leave to appeal a Full Federal Court decision that a digital asset service provider did not need a financial services licence to offer a fixed-yield digital asset-related product.

The financial services sector is becoming increasingly reliant on cloud service providers (CSPs) to fulfil its growing data processing and storage needs. Financial services providers in the United States have reportedly had the highest levels of adoption, operating 54 percent of their workloads in the cloud; and according to the European Central Bank, banks spent 13.5 percent more on cloud outsourcing in 2024 than in 2023.