Regulatory Updates Newsletter: February 2025
- Staff Correspondent
- Mar 4
- 5 min read
Updated: Mar 6
February was a month dominated by AI governance as various regulatory bodies scrambled to put in place some ground-rules, in the face of a slew of headline grabbing LLM model releases. Notably, Japan came out with a cautious stance on AI risks, just as the first rules under the EU AI Act regulations started to apply. On the other hand, the AI action summit at Paris provided the first glimpses of the divergence in views surrounding AI regulations that could get more pronounced in the future.
In other developments, the SEC has started signaling a major revision in crypto enforcement actions, while enhancing focus on cybersecurity and fraud in the digital assets space. The Fed kickstarted its annual CCAR exercise by releasing hypothetical scenarios, while OSFI (Canada) decided to defer Basel III capital buffer applicability to 2026, and the EU proposed shorter settlement periods for securities transactions.
Dive into some of these important updates below.
In the end, we also enclose a summary table for additional updates with links to all original source material.
EU initiatives on AI and other Regulations
EU publishes guidelines on prohibited artificial intelligence practices
Certain provisions under the EU AI Act have started to apply, including the AI system definition, certain AI literacy requirements, and a very limited number of prohibited AI use cases that pose unacceptable risks in the EU.
Regulators are taking concrete steps to ensure adherence by releasing guidelines surrounding prohibited AI practices and unacceptable risks. The guidelines provide legal explanations and practical examples to help stakeholders understand and comply with the AI Act's requirements.
Source: https://digital-strategy.ec.europa.eu/en/library/commission-publishes-guidelines-ai-system-definition-facilitate-first-ai-acts-rules-applicationEU Commission publishes Work Programme 2025
The European Commission’s 2025 Work Programme prioritizes advancing AI governance and digital infrastructure including focus on a Single Market Strategy, a revision of the Sustainable Finance Disclosure Regulation, Digital Networks Act and investment simplification.
Source: https://commission.europa.eu/document/download/f80922dd-932d-4c4a-a18c-d800837fbb23_en?filename=COM_2025_45_1_EN.pdfEU Transactions in Transferrable Securities
The EU Commission has proposed amending the Central Securities Depositories Regulation (CSDR) to shorten the settlement period for securities transactions from T+2 to T+1, effective October 11, 2027. The transition timeline aims to allow time for testing, and coordination ensuring a smooth implementation.
Source: https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX%3A52025PC0038Paris AI Action Summit Update
Divergent views on AI Regulation
The summit highlighted differing approaches to AI governance. The United States and the United Kingdom declined to sign a declaration advocating for ethical and sustainable AI, emphasizing concerns over potential over-regulation stifling innovation. In contrast, countries like France, China, and India supported the declaration.
Launch of AI Initiatives
France announced a $400 million endowment for "Current AI," a foundation aimed at developing AI public goods, including high-quality datasets and open-source tools.
Source: https://en.wikipedia.org/wiki/AI_Action_SummitSEC’s February 2025 Crypto Shake-Up
Dismissal of Enforcement actions
In a remarkable turnaround, the SEC has dramatically scaled back its enforcement actions in the crypto space this February. The agency dismissed its longstanding lawsuit against Coinbase and paused its case against Binance, alongside the closure of the investigation into OpenSea, marking a clear pivot under the Trump administration’s crypto-friendly policies.
Source: https://www.reuters.com/technology/us-sec-announces-dismissal-civil-enforcement-action-against-coinbase-2025-02-27/https://www.forbes.com/sites/tonyaevans/2025/02/24/electing-crypto-coinbase-robinhood-win-sec-relief-policy-or-politics/Launch of CETU
The SEC announced the launch of its new Cyber and Emerging Technologies Unit (CETU), replacing the former Crypto Assets and Cyber Unit. This reorganization, effective as of February 20, is intended to enhance the agency’s focus on fraud and cyber‑related misconduct in the digital asset space.
Source: https://www.sec.gov/newsroom/press-releases/2025-42Canada’s OSFI’s Final Quarterly Release Pilot
On February 20, 2025, OSFI unveiled its final Quarterly Release pilot, setting in motion a series of initiatives aimed at enhancing the transparency and robustness of Canada’s financial system.
1. Capital Adequacy Updates:
OSFI’s consultation on the CAR Guideline (targeting 2026) and the deferral of Basel III output floor increases aim to ease the immediate regulatory burden. This move gives banks breathing room to build capital buffers aiming to reduce financial stress in the short term while ensuring long-term resilience.
Crypto-asset Exposure Guidelines:
By introducing new banking and insurance guidelines, along with mandatory Pillar 3 disclosures starting in Q1 2026, OSFI is intended to improve transparency, reduce volatility, and align domestic practices with global standards—thereby mitigating risks associated with crypto exposures
Climate Risk Management Enhancements:
OSFI is updating Guideline B-15 to harmonize domestic climate disclosures with new sustainability standards. A related consultation on off-balance sheet greenhouse gas emissions is underway. This should lead to more consistent disclosures and better risk preparedness across the financial sector.
Source: https://www.osfi-bsif.gc.ca/en/news/osfis-final-quarterly-release-pilot-strengthening-trust-resilience-canadas-financial-systemRBI releases regulatory handbook- “Regulations at a Glance”
In February 2025, the Reserve Bank of India (RBI) released "Regulations at a Glance," a concise regulatory handbook compiled by the Department of Regulation (DoR). It offers an overview of the regulatory framework for financial entities in six chapters with tabular summaries.
Key Areas and Implications
Licensing and Branch Expansion: Simplifies capital and branch opening rules for cooperative bank, easing expansion and boosting banking access.
Governance Standards: Requires Audit Committees and Chief Risk Officers for larger banks which enhances oversight and risk management.
Credit Risk Management: Limits investments in shares, bonds, and debentures lowering risk and strengthening financial stability.
Source: https://www.rbi.org.in/Scripts/BS_PressReleaseDisplay.aspx?prid=59862Federal Reserve Board releases the hypothetical scenarios for its annual stress test
The Federal Reserve unveiled its annual stress test scenarios, designed to evaluate the resilience of 22 major banks under hypothetical adverse economic conditions introducing an exploratory market shock element, assessing banks' preparedness for sudden disruptions originating from the non-bank financial sector, such as large hedge funds.
Source: https://www.federalreserve.gov/publications/2025-stress-test-scenarios.htmJapan’s AI Regulation: Balancing Innovation and Risk
On February 4, 2025, the Japanese government’s Cabinet Office released the interim report of its AI Policy Study Group.
Businesses, Startups and AI Risks
Unlike earlier proposals for sweeping AI regulations, Japan’s Interim Report (Feb 2025) opts for a cautious, sector-specific approach by using existing laws and voluntary risk mitigation by businesses, while the government continuously monitors emerging risks. It recommends forming a strategic leadership body to coordinate policy and incident information—without imposing legal sanctions—highlighting the complex nature of AI risks.
Japan’s response on DeepSeek Shock
On February 6, 2025, the Japanese government issued an advisory regarding the use of DeepSeek. This notice primarily highlighted that data acquired by DeepSeek is stored on servers in China. Hence, subject to Chinese legal jurisdiction.
Business-led AI Governance
The Interim Report reveals that Japan plans to lean on voluntary business measures to manage AI risks under current laws. However, this approach may not be sufficient for all companies—especially startups, which often lack the resources needed for robust safety and governance.
Source: https://www.csis.org/analysis/new-government-policy-shows-japan-favors-light-touch-ai-regulationSummary table of additional updates
Regulator | Update | Source |
SFC (Hong Kong) | Reported major cyber incidents (2021–2024) and plans industry-wide framework post-2025 review. | |
MAS(Singapore) |
| |
CSSF (Luxembourg) | Clarified sustainability reporting fee caps under CSRD, excluding assurance engagements from audit limits. | |
Luxembourg Parliament | Implementing MiFID3/MiFIR2 (transparency, PFOF bans) and ESAP Directive (investor data access). | |
PRA (UK) | Streamlined Pillar 2A capital communications for UK banks (effective 31 March 2025). | |
Bank of England (UK) | Reduced interest rates by 0.25 percentage points to 4.5%, aiming to support economic growth | |
Bank for International Settlements (BIS) | Published a research paper on the interaction between banks' adoption of AI in credit scoring and relationship lending. | |
RBI (India) | launched RBIDATA, a mobile app that offers macroeconomic and financial statistics relating to the Indian economy. |
For feedback or regional coverage requests, contact us at info@riskinfo.ai.
Best regards,
The RiskInfo.ai Team
Comments