����žž

Catch up on some of the stories our payments compliance analysts have covered lately, and stay up-to-date on the latest news.

Norwegian Regulator Flags Serious Safeguarding Failings At Payments And E-Money Firms

A new report from the Norwegian Financial Supervisory Authority (Finanstilsynet) has identified areas of non-compliance in how payment and e-money institutions safeguard customer funds.

The report, based on a thematic review, that several firms have improperly commingled client funds with their own money, either on a temporary basis or for extended periods.

Finanstilsynet pointed out that this incurs serious risks to consumer protection, especially in the event of a firm bankruptcy.

Such practices, the regulator warned, may jeopardise customers’ right to reclaim their funds ahead of other creditors.

Finanstilsynet reviewed 25 institutions, asking them to detail their fund-handling procedures and provide evidence of compliance with safeguarding requirements under the Financial Institutions Act.

Although most firms acknowledged their obligations, the regulator found widespread shortcomings in how fees, interest and buffers are managed within client accounts.

Some institutions were found to be depositing fees into client accounts or deducting them directly from customer payments.

Others maintained so-called buffer funds, which involved using company money in client accounts to manage settlement delays, and many retained interest earned on these accounts without promptly transferring it to operational accounts.

FCA To Establish Presence In US And Asia-Pacific

Following through on intentions announced in its January 2025 letter to the Prime Minister, the Financial Conduct Authority (FCA) is to establish an overseas presence to support the UK’s drive for economic growth.

The FCA’s US office will be headed by Tash Miah, who will work closely with the Department for Business and Trade on US-UK financial services policy and regulatory cooperation, the regulator said.

Miah began working in the British Embassy in Washington in April 2025.

The regulator will also establish a regional office in Australia from July, headed by its Asia-Pacific director, Camille Blackburn.

The Australian presence will focus on helping financial services firms navigate regulation to enter the UK market, as well as raising capital and providing UK firms with support when expanding into the Asia-Pacific region.

Sarah Pritchard, the FCA’s executive director, supervision, policy, competition and international, said the appointments would help the regulator support growth through the export of UK financial services and by attracting more inward investment.

“The UK is a global hub for financial services. We recognise that major international investors want easier access to us, and having a presence in these key regions will help achieve that,” she said.

‍Thailand Emergency Decree Seeks To Counter Cybercrime And Mule Accounts

The , which came into force on April 13, 2025, lets Thai authorities speedily close unauthorised foreign asset business platforms.

Under the decree, which was enacted immediately and not after the customary 30-day pause, digital asset business operators are deemed to provide services in Thailand and require authorisation if they have a digital platform displayed, in whole or in part, in the Thai language.

The decree aims to clamp down on foreign-initiated cybercrime and money muling, both of which have become problems across the ASEAN region.

Prasad Thandapani, senior analyst at ����žž, said Thais have been keen adopters of crypto-assets, with millions holding crypto-assets.

He added that the decree means consumers should be better insulated against unregulated or less regulated exchanges.

“Although the Securities and Exchange Commission (SEC) has previously mandated the provision of information on the financial health of crypto exchanges, this new requirement to publish information in Thai and to be registered locally seems to be a step in the right direction to ensuring that any Thai who wants to use crypto, regardless of educational background, is well informed of the risks.”

E-Money Firm xpate Joins Latvia's Central Bank Payment System

Latvia has become the first country in the eurozone to allow a non-bank payment service provider (NBPSP) to participate directly in a central bank-operated payment system.

The follows a regulatory change introduced on October 17, 2024, enabling NBPSPs, including licensed payment and electronic money institutions, as well as credit unions, to become participants in the Electronic Clearing System (EKS).

The development is derived from changes to law in the EU’s Instant Payments Regulation (IPR), opening up direct access.  

It was intended by co-legislators to improve competition, and promote innovation, so that there is a more level playing field between incumbents and challengers in the payments space.

"The Bank of Latvia provides an innovation-supporting infrastructure so that companies can develop modern, convenient and user-friendly financial services,” said Mārtiņš Kazāks, the governor of the Bank of Latvia.

“The opportunity for non-bank payment service providers to become EKS participants is one of the Bank of Latvia's initiatives to promote the development of the FinTech sector in Latvia. Such an opportunity is currently available only in Latvia”.

Block Hit With $40m Fine For AML Breaches

New York’s Department for Financial Services has US payments firm Block $40m (£30.6m) for "significant" failures in its Bank Secrecy Act /anti-money laundering compliance programme.

The department said the firm breached its money transmitter and virtual currency regulations.

Block, which owns and operates Cash App, a peer-to-peer money transmission service that allows users to send and receive fiat currency, must now also retain an independent monitor to perform a comprehensive evaluation of its compliance with the department’s regulations.

Adrienne A Harris, superintendent of financial services, said all financial institutions had to adhere to rigorous standards to protect consumers and the integrity of the financial system.

“Compliance functions must keep pace with company growth or expansion,” she said. “The rapid growth of Block’s Cash App absent a robust compliance function created risk and vulnerabilities that violated the rules financial services companies operating in New York must adhere to.”

The department found inadequate customer due diligence at Block, as well as failures to implement sufficient risk-based controls designed to prevent money laundering and illicit activity, and failures to effectively and timely monitor transactions.

It said Block’s lax treatment of high-risk Bitcoin transactions allowed largely anonymous transactions to proceed without proper scrutiny.

According to the department, Block’s rapid growth between 2019 and 2020 contributed to a severe transaction alert backlog, which the company left unaddressed for a significant period of time.

In a statement, the company told ����žž that it “did not admit to any of the department’s findings”.

“We are pleased to put this matter behind us. As the Department has acknowledged, Cash App has devoted significant financial and other resources to compliance remediation and enhancements,” a spokesperson said. “This has been done while serving millions of customers with critical, affordable financial services.”

‍

Want to know more?

‍Request a demo with one of our experts today to gain full access to the stories we cover - and much more - and start learning how you can make compliance a competitive advantage for your organisation.

‍