On 9 April 2025, the Commission de Surveillance du Secteur Financier issued several new circulars related to information and communication technologies risk management and the use of ICT third parties, aiming to align existing circulars and practices with the Digital Operational Resilience Act.
The Central Bank of the Argentine Republic continues its policy of foreign exchange deregulation. This time, through Communication “A” 8230, changes are introduced to the regime for the payment of financial debts with related companies, the repatriation of nonresident investments, and the reduction of minimum holding periods for certain financial investments.
On 7 April 2025, the Hong Kong Monetary Authority (HKMA) and the Securities and Futures Commission (SFC) issued guidance for authorized institutions (and subsidiaries of locally incorporated authorized institutions) and SFC-licensed virtual asset trading platforms respectively, who are interested in providing Staking Services. The guidance outlines the regulatory framework and expected standards for providing Staking Services.
On the same day, the SFC revised its “Circular on SFC-authorized funds with exposure to virtual assets” issued on 22 December 2023 to facilitate SFC-authorized virtual asset funds (SFC-authorized VA Funds) which wish to engage in staking and other virtual asset-related activities.
Over the past week there have been two significant announcements by US Financial Crimes Enforcement Network and the US Department of the Treasury with respect to the filing of beneficial ownership information (BOI) reports under the Corporate Transparency Act (CTA). Based on these announcements, foreign reporting companies should technically continue complying with the BOI requirements, though there will be no consequences for failing to do so until new regulations are issued. As to domestic reporting companies, there should not be any enforcement of the CTA against such companies or consequences if such companies fail to file BOI reports.
On 19 February 2025, the Securities and Futures Commission (SFC) issued a regulatory roadmap for Hong Kong’s virtual asset market. Entitled “‘A-S-P-I-Re’ Roadmap for a Resilient Virtual Asset Ecosystem”, it sets out a five-pillar framework (Access, Safeguards, Products, Infrastructure, and Relationships) that is intended to serve as a strategic action plan for addressing emerging new priorities in the virtual asset space (e.g., managing liquidity fragmentation and ensuring investor protection across decentralized and centralized platforms) and, in the SFC’s words, “future-proof[ing] Hong Kong’s VA ecosystem”.
ASIC has released a draft regulatory guide alongside a consultation paper intended to help providers of Buy Now Pay Later services understand the modified responsible lending obligations and requirements.
On 10 March 2025, the Health Sciences Authority launched its public consultation for the draft on the Best Practices Guide for Medical Device Cybersecurity. The document provides medical device manufacturers and healthcare providers with best practice recommendations and considerations on general cybersecurity principles to protect the security of medical devices for their entire product life cycle.
On 7 March 2025, the Ministry of Health announced a host of changes to the healthcare system to address the shifting needs of the Singapore population. These changes included a review of advertising regulations for certain healthcare professionals, the recognition of family medicine as a medical specialty and the introduction of registration requirements for psychologists.
On 18 February 2025, ASIC commenced consultation on proposals to:
1. provide additional relief for Australian financial services and credit licensees from reporting certain breaches of the misleading and deceptive conduct (MDC) provisions and certain contraventions of civil penalty provisions (CPPs); and
2. consolidate this additional relief and the relief in ASIC Corporations and Credit (Breach Reporting — Reportable Situations) Instrument 2024/620 (ASIC Instrument 2024/620) into a single instrument.
The proposals, as further described in CS 16, aim to reduce the reporting burden on Australian financial services and credit licensees. ASIC’s rationale for the changes is, under the current reportable situations regime, some reports of MDC and CPP breaches have been of minimal intelligence value to ASIC.
The European Supervisory Authorities are preparing to designate critical third-party service providers under the Digital Operational Resilience Act (DORA). DORA, which came into force on 17 January 2025, enables the ESAs to designate key ICT providers to the EU financial services sector as critical, subjecting them to direct supervisory and oversight obligations. The ESAs have recently published a roadmap indicating their expected timeline for designations – with the final designations expected to be in place by the end of this year.