Regulatory Updates

APAC

Hong Kong

This past quarter, the Securities and Futures Commission’s (SFC) Enforcement Division remained active, focusing on senior management accountability and cracking down on cybersecurity scams targeting investors.

Senior Management Accountability

The SFC continues to prioritize enforcement against senior executives, specifically Responsible Officers (ROs) and Managers-in-Charge (MICs), for misconduct. This enforcement trend underscores the SFC’s commitment to strengthening accountability at the top levels of regulated firms.

• In October 2024, the SFC issued a circular following its thematic review of asset managers, signaling a tougher stance on individual breaches and misconduct.
• As an example of this in action, in August the SFC revoked the licenses of two asset management firms (Nerico Brothers Limited and Amber Hill Capital Limited) for serious violations, including facilitating the misappropriation of client assets.
• The SFC also imposed lifetime bans on the firms’ directors, beneficial owners and MICs, holding them personally accountable for failing to discharge their duties and acting against client interests for personal gain.

Cybersecurity

In its latest Enforcement Reporter, the SFC highlighted a sharp rise in scam-related complaints this year. Fraudsters are leveraging:

• Instant messaging, social media, short message service (SMS), deepfake and AI technologies to target Hong Kong’s retail investors
• Social media for impersonation scams involving licensed firms or government officials, and to spread false information that manipulates illiquid stock prices
• SMS phishing, where victims are lured to fake websites resembling licensed corporations via embedded links

To counter these threats, the SFC has deployed SENSOR, its proprietary social media monitoring system, to detect financial scams and market manipulation across digital platforms.

Singapore

Impending Consultation Paper on Revisions to Monetary Authority of Singapore (MAS) Liquidity Risk Management Framework for Fund Management Companies (Expected Late 2025)

In a keynote speech at the Investment Management Association of Singapore 11th Regulatory Forum on July 2, 2025, MAS announced plans to consult the industry on revisions to its 2018 Liquidity Risk Management Guidelines for fund management companies. The initiative aligns with Financial Stability Board and International Organization of Securities Commissions guidance and aims to enhance market resilience.

The consultation is expected to focus on three key areas:

• Fund categorization: Introduction of asset-liquidity-based fund categories to better align redemption terms and dealing frequency with portfolio liquidity
• Liquidity risk management tools: Expanded access to tools such as swing pricing, anti-dilution levies, gates and side pockets, with clearer criteria for activation and use
• Governance and disclosures: Strengthened board oversight, enhanced stress testing, documented decision-making when deploying tools and transparent investor communications

Amended MAS AML/CFT Framework for Capital Markets Intermediaries Became Effective

MAS’s revised AML/CFT framework for capital markets intermediaries (Notice SFA04-N02 and related guidelines) introduces three key changes:

• Expanded scope: Proliferation financing (PF) risk is now explicitly included under money laundering risk. Firms must assess PF either as a stand-alone risk or within enterprise-wide money laundering/terrorism financing assessments.
• Enhanced due diligence: Stricter requirements apply to customer due diligence, particularly for legal entities, arrangements and trusts.
• Accelerated suspicious transaction report (STR) timelines: STRs must be filed promptly, generally within five business days of suspicion and within one business day for sanctions-related concerns. Firms are expected to prioritize, escalate and mitigate high-risk cases accordingly.

Firms should update their enterprise-wide risk assessments to include PF, strengthen controls around trusts and shell entities, enhance source-of-wealth verification for high-risk clients, align investigation protocols with new STR timelines, and revise internal policies and training programs.

Middle East

ADGM’s Financial Services Regulatory Authority (FSRA) Implements Regulatory Reporting Requirements for Funds

The FSRA of ADGM has finalized amendments to its regulatory framework, requiring fund managers to submit periodic fund returns for each fund they manage. The reporting frequency and content will vary depending on the type of fund. Implementation will be phased, with further guidance to be issued via a “Dear SEO” letter.

ADGM’s FSRA Issues Cyber Risk Management Framework 

The FSRA has introduced amendments requiring authorized persons and recognized bodies to integrate cyber risk management into their existing risk frameworks. These changes aim to enhance operational resilience and protect the financial sector from cyber threats. The amendments are effective from January 31, 2026, with a six-month transition period for compliance. Key features include:

• Integration of cyber risk into overall risk management 
• Updated guidance on assessing cyber incident materiality 
• Revised notification templates and IT service provider requirements

ADGM Amendments to Prudential Frameworks

ADGM finalized amendments to its prudential framework for lower-risk firms in Categories 3B, 3C and 4. These changes include revised capital requirements, updated reporting obligations and new professional indemnity insurance (PII) standards. While most amendments take immediate effect, the minimum PII standards will apply from January 1, 2026. The FSRA will issue a Dear SEO letter to clarify the impact on regulatory reporting.

Dubai Financial Services Authority (DFSA) Thematic Review on High-Growth Firms

The DFSA has released a thematic review examining high-growth firms in the Dubai International Financial Centre (DIFC), focusing on expansion drivers and associated risks. Key challenges identified include insufficient compliance resourcing relative to growth and limited management data to effectively monitor new business areas. The review also highlighted certain good practices, such as firms undertaking early engagement, phased product launches, strengthened governance and proactive resource planning to support growth. This review supports DFSA’s strategy to promote sustainable and well-managed growth, and encourages firms to apply the findings to their own operations.

UAE Federal Decree-Law Enhances Financial Sector Regulation

Effective September 16, 2025, the UAE’s Federal Decree-Law No. 6 of 2025 introduces a comprehensive overhaul of the nation’s financial regulatory framework. The law enhances the Central Bank of the UAE’s authority and independence, consolidating oversight of all licensed financial institutions, including banks, brokers, insurers, takaful operators, payment service providers, fintechs and Islamic finance entities, excluding those operating within DIFC, ADGM and other financial free zones. 

Key provisions include:

• Digital Asset Oversight: Strengthens regulation of digital asset firms outside free zones while preserving the Virtual Assets Regulatory Authority’s jurisdiction in Dubai
• Innovation Enablement: Supports digital finance through sandbox regulations, open finance frameworks and payment token services
• Consumer Protection: Establishes Sanadak, a centralized platform for handling complaints and resolving disputes up to AED 100K, supported by specialized judicial committees
• ESG and Sharia Governance: Aligns financial practices with ESG principles and introduces new audit standards to reinforce sharia compliance
• Unified Insurance Regulation: Transfers insurance oversight to the Central Bank, requiring insurers and takaful operators to meet updated standards for compliance, governance and consumer protection

This landmark legislation modernizes the UAE’s financial sector, fosters innovation and aligns regulatory practices with international standards.

UAE and Hong Kong Strengthen Financial Ties through Strategic Regulatory Alliances 

In September 2025, UAE regulators, ADGM’s FSRA, Dubai’s DFSA and the Securities and Commodities Authority (SCA) each advanced strategic partnerships with Hong Kong’s SFC to enhance cross-border investment management and fund distribution: 

• ADGM FSRA and SFC cohosted a high-level roundtable in Hong Kong to explore asset management opportunities and cross-border fund distribution via the UAE’s fund passporting regime.
• DFSA and SFC signed a Memorandum of Understanding to deepen cooperation in supervising collective investment scheme managers, enabling better regulatory alignment and oversight.
• SCA and SFC launched a Mutual Recognition Framework for public investment funds, streamlining cross-border access, reducing duplication and promoting sustainable financial collaboration between the UAE and Hong Kong.

These initiatives collectively reinforce the UAE’s position as a global financial hub and open new pathways for Hong Kong asset managers to engage with Middle Eastern markets.

UAE’s Crypto Regulatory Proposals 

UAE regulators published three key consultation papers in 2025 aimed at strengthening its regulatory oversight of digital assets:

• DFSA Enhancements to the Regulation of Crypto Tokens – CP No. 168
  proposes enhancements to its regulatory framework for crypto tokens. The updates aim to bolster consumer protection and market integrity by expanding the scope of recognized crypto tokens and refining the criteria for their recognition. The paper introduces new requirements for custody, disclosure and risk management, and provides clarifications on emerging areas such as staking, decentralized finance and tokenized securities. 
• FSRA Fiat-Referenced Tokens (FRTs) – CP No. 9 of 2025
  proposes a broader framework for activities involving FRTs, including custody, intermediation and payment services. It outlines acceptance criteria for foreign FRTs, introduces new rules for authorized persons handling client FRTs and updates issuance requirements, such as a ban on dirham-denominated FRTs.
• FSRA Virtual Asset Staking – CP No. 10 of 2025
  introduces a regulatory framework for staking client-held virtual assets. Only authorized persons licensed for custody or asset management may conduct staking, subject to FSRA approval and compliance obligations. Solo staking and yield farming are excluded.

If you would like to request additional information or discuss these insights, please do not hesitate to reach out to our experts.

United States

Securities and Exchange Commission (SEC) Update

The U.S. SEC held its first of three compliance outreach events regarding the 2024 adoption of amendments to Regulation S-P focusing on large firms.  The compliance deadline remains December 3, 2025. 

• The SEC concluded its fiscal year on September 30, 2025, with fewer enforcement actions than under the prior administration. Most cases involved fraud and insider trading. The TZP Management Associates, LLC case drew attention from private fund advisers over fee offset practices and disclosure obligations. The Division of Examinations remained active, launching corrective action reviews to ensure registrants addressed prior deficiencies.
• As of October 1, 2025, the U.S. government shutdown has suspended all noncritical SEC examination and enforcement activities until further notice.
• The SEC has not yet appointed a permanent director for the Division of Examinations. The 2026 examination priorities are expected soon, though uncertainty remains around how they may evolve under current leadership.

Commodity Futures Trading Commission (CFTC) Update

The White House withdrew the nomination of Brian Quintenz before Senate review, and Commissioner Kristin N. Johnson has departed. Acting Chair Caroline Pham remains the sole commissioner and has announced her intention to step down once a new chair is confirmed. In the interim, she retains authority to approve or reject rules unilaterally. No substantive rule changes are currently pending final approval.

On September 29, 2025, the CFTC and SEC held a joint roundtable focused on regulatory harmonization. Despite speculation, SEC Chair Paul Atkins denied any plans for the SEC to absorb the CFTC. Discussions shifted toward digital asset regulation, including:

• Clarifying agency roles under pending digital markets legislation
• Evaluating the CFTC’s self-certification process
• Exploring the rise of event contracts as alternatives to sports betting
• Considering the implications of 24-hour trading markets

The agencies anticipate that congressional action on digital asset frameworks will help define their respective regulatory mandates.