Regulatory Updates Newsletter : August 2025

On 1 August 2025, the European Central Bank (ECB) published the results of its 2025 stress test, conducted across major euro-area banks under baseline and adverse macroeconomic scenarios. The exercise is a key supervisory tool for assessing resilience, capital adequacy, and sector vulnerabilities.

Key findings include:

• The average Common Equity Tier 1 (CET1) ratio fell by –4.5 percentage points under the adverse scenario.

• Banks with higher exposures to commercial real estate and leveraged finance experienced the steepest projected declines.

• Compared to the last EU-wide stress test, banks differentiate better the impact of adverse scenarios across sectors but still need to further improve their modelling efforts.

• Stress-test results will directly feed into the Supervisory Review and Evaluation Process (SREP) later in 2025.

Implications:

Risk and finance teams should cross-check their own internal stress-test results against the ECB’s published sensitivities to validate assumptions and calibrate ICAAP models. Banks with material CRE and leveraged loan portfolios should anticipate closer supervisory scrutiny and possible requests for enhanced data submissions during the SREP cycle. As the use of models improves risk sensitivity, banks should further develop their statistical capabilities to project sectoral losses. These capabilities would enhance their risk management of vulnerabilities that may hide in parts of their corporate portfolios.

On Aug 1, 2025, the U.S. Securities and Exchange Commission (SEC) announced the creation of an agency-wide Artificial Intelligence (AI) Task Force, led by newly appointed Chief AI Officer Valerie Szczepanik. The task force will coordinate efforts across the SEC to integrate AI into rulemaking, enforcement, compliance, and internal operations. Its mandate includes breaking down silos, centralizing AI initiatives, and ensuring that applications remain responsible, explainable, and mission-driven.

The SEC highlighted that AI will be deployed to enhance efficiency, accuracy, and innovation across divisions. Chairman Paul S. Atkins emphasized that embedding AI into SEC culture will strengthen the Commission’s threefold mission: investor protection, fair and orderly markets, and capital formation. Szczepanik, who previously directed the SEC’s Strategic Hub for Innovation and Financial Technology, underscored the goal of building enterprise-wide AI capacity and implementing trustworthy AI tools to support staff and improve oversight.

Background on Leadership

Szczepanik brings extensive regulatory and enforcement experience, having served in senior roles across Corporation Finance, Enforcement, and FinTech strategy. Her background in digital assets and prior service as Special Assistant U.S. Attorney positions her as a bridge between cutting-edge technology and supervisory rigor.

Implications

1. Regulators are moving from setting AI rules to actively using AI, raising the bar for oversight.

2. Financial firms should anticipate AI-driven supervisory tools in surveillance, enforcement, and filings review.

3. Market participants may need to strengthen their own AI governance to align with emerging regulatory expectations.

The European Banking Authority (EBA) published on the 5^th August in its final draft Regulatory Technical Standards (RTS)  the technical elements necessary for institutions to calculate and aggregate crypto-asset exposures in relation to the prudential treatment of such exposures. The RTS address implementation aspects and will ensure harmonisation of the capital requirements on crypto-asset exposures by institutions across the EU.

These draft RTS further develop the relevant capital treatment for credit risk, counterparty credit risk, market risk, and credit valuation adjustment risk for asset reference tokens (ARTs) that reference one or more traditional asset(s) and ‘other’ crypto-asset exposures - including for example ARTs referencing a crypto-asset – and – unbacked crypto-assets, such as Bitcoin.

These draft RTS also include all the relevant technical elements on the use of netting, aggregating of long and short positions, criteria to allow hedge recognition for other crypto-assets, and the underlying formulas relevant for calculating the exposure value of crypto-assets for the CCR and market risk treatment.

Implications

The transitional provisions in CRR 3 and these draft RTS provide institutions with a method to capitalise crypto-asset exposures until a permanent prudential framework is implemented, enabling institutions to participate in evolving crypto markets

On 13 August 2025, the Reserve Bank of India (RBI) unveiled its FREE‑AI Framework — a forward-looking blueprint aimed at guiding the ethical, inclusive, and secure adoption of AI in the financial sector. Developed by a high-level committee, the report is structured around seven foundational “sutras” (Trust, People First, Innovation over Restraint, Fairness and Equity, Accountability, Understandable by Design, Safety/Resilience/Sustainability) and delivers 26 actionable recommendations across six strategic pillars: Infrastructure, Policy, Capacity, Governance, Protection, and Assurance.

Key elements include:

• Establish shared digital infrastructure and an AI Innovation Sandbox.

• Develop indigenous, financial-sector-specific AI models.

• Implement board-approved AI policies, strong governance frameworks, incident reporting, and cybersecurity.

Implications:

Financial institutions should begin embedding AI governance into board oversight, build capacity around explainability, fairness and auditability, and explore sandbox participation. The framework could also pave the way for risk‑informed deployment of AI in credit underwriting, fraud detection, and financial inclusion models.

On 20 August 2025, the Financial Conduct Authority (FCA) closed its application window for AI Live Testing, a new programme designed to allow firms to trial AI-driven products and services with real customers in controlled environments. The initiative extends the FCA’s sandbox model into AI deployment, offering regulators insights into risks while allowing firms to validate models under supervision.

Key elements of the programme:

• Firms admitted to the cohort will face enhanced safeguards, including harm assessments.

• Testing will focus on retail finance use cases, such as AI-driven investment advice and credit scoring.

• Findings will inform the FCA’s future AI governance rules.

Implications:

Even firms outside the programme should monitor FCA outcomes closely. Adopting comparable guardrails — bias audits, red-teaming, performance monitoring — will help anticipate supervisory standards.

On 31 July 2025, the Prudential Regulation Authority (PRA) published Discussion Paper DP 1/25 — 'Residential mortgages: Loss Given Default (LGD) and Probability of Default (PD) estimation'. The paper considers introducing a Foundation IRB (FIRB) route for mortgages, allowing firms to model PD while applying regulator-prescribed LGDs/EADs. The aim is to make IRB more accessible for medium-sized firms while maintaining prudential integrity.

Key proposals:

• Introduce FIRB for mortgages (model PD, use standard LGDs/EADs).

• Simplify PD calibration, with scope for Through-the-Cycle models.

• Maintain proportionality and competitiveness while preserving prudential outcomes.

Implications:

Firms unable to build advanced LGD models may now have a pathway to IRB usage. Risk and modelling teams should assess readiness, with consultation responses due by 31 October 2025.

In August 2025, regulators issued notable enforcement actions targeting AML/CFT and KYC compliance.

• The Central Bank of the UAE fined an exchange house AED 10.7 million on 1 August, and on 20 August revoked Malik Exchange’s licence with a further AED 2 million penalty.

• The Reserve Bank of India on 25 August announced penalties across several entities for KYC and cybersecurity failures.

• The Monetary Authority of Singapore on 26 August updated its Investor Alert List, warning consumers of unlicensed entities.

Key developments:

• UAE: escalating sanctions highlight zero tolerance for AML breaches.

• India: penalties reinforce strict supervision of cooperative/regional banks.

• Singapore: investor alerts reflect focus on consumer protection.

Implications:

Global enforcement trends point to tighter scrutiny and parallel oversight. Compliance teams should ensure periodic reviews, strong STR governance, and robust KYC controls are embedded across entities.

Sources: CBUAE, RBI, MAS – Enforcement notices (Aug 2025)

Link UAE : CBUAE Official AML/CFT Enforcement

Link India: Reserve Bank of India Press Releases Page

Link Singapore : MAS Investor Alert List

The following developments were also noted this month and are included for situational awareness. These are captured in summary rather than full articles: