Latest Payments News: Bank of Russia’s Crypto Policy Shift Reshapes Cross-Border Payments Risk, and more

Catch up on some of the stories our payments compliance analysts have covered lately, and stay up-to-date on the latest news.

Bank of Russia’s Crypto Policy Shift Reshapes Cross-Border Payments Risk

The central bank’s new development concept permits tightly controlled crypto investment and foreign trade use while preserving a domestic payments ban, reshaping compliance exposure for payments firms with Russian-linked activity.

Under the proposal, announced by the Bank of Russia in December 2025, digital currencies would be legal for investment and cross-border transactions, while remaining strictly banned from domestic payments.

For the Bank of Russia, this represents an attempt to reconcile the realities of foreign trade under sanctions with its insistence on preserving monetary sovereignty.

Non-qualified investors will be allowed to buy the most liquid cryptocurrencies, subject to criteria stipulated by law. Access will be conditional on passing a mandatory test and capped at RUB300,000 ($3,960) per year via a single intermediary.

Cryptocurrency transactions may be conducted through existing market infrastructure, and exchanges, brokers and trustees will be allowed to operate under their respective licences.

The central bank stated that the related legal framework is to be drafted before July 1, 2026. In parallel, it plans to introduce liability for intermediaries’ illicit operations in the cryptocurrency market, similar to that for illegal banking, including substantial fines and imprisonment.

The strategy marks a significant liberalisation of the Russian cryptocurrency market, at a level exceeding many prior expectations.

Even so, the Bank of Russia is yet to grant cryptocurrency the status of a means of payment within the country.

Dmitry Solomnikov, director of 1Capital, a Moscow-based financial market consultancy, stated, “This fits in with the current sovereignty model: the ruble, and potentially, a digital ruble, is the only legal tender in the country”.

Allowing cryptocurrency into internal settlements could fuel inflation and undermine monetary control, triggering an increase in grey market transactions, Solomnikov added.

Observers suggest that sanctions pressure has been a key factor in the Bank of Russia’s decision to liberalise crypto assets. The central bank's proposal is a compromise to facilitate foreign trade without affecting the national financial system’s stability, given that it continues to consider cryptocurrencies a high-risk instrument.

According to Kirill Pistsov, head of product development at Moscow-based financial advisory firm Finam, if domestic settlements are allowed, the central bank in effect loses control over part of the money supply, and with it, inflation and price stability.

“This is a red line for the regulator, and under the current circumstances, it's certainly not one it will cross,” Pistsov said.

G7 Roadmap for the Transition to Post-Quantum Cryptography Signals the Need to Move Early

The G7 Cyber Expert Group (CEG) anticipates a secure transition to post-quantum cryptography beginning as early as 2027, reshaping future compliance, operational resilience and supervisory expectations for payments providers.

In mid-January 2026, the group, which advises G7 finance ministers and central bank governors on cyber risks to financial stability, published a coordination roadmap and urged G7 authorities to move from awareness-raising to concrete implementation.

This follows a September 2024 statement highlighting the benefits and risks associated with quantum computing.

Quantum computing uses the laws of quantum mechanics to perform computations in quantum bits (qubits), allowing it to examine multiple possibilities simultaneously, compared to classical computing which processes problems sequentially. This allows quantum computers to process highly complex problems by considering vast numbers of possibilities at once.

The roadmap builds on a September 2024 statement that acknowledged both the long-term benefits of quantum computing and the near-term risks it poses to financial system security.

Regulators across major jurisdictions are increasingly assessing the risks quantum computing poses to financial system resilience, with several authorities signalling the need for an eventual transition to post-quantum security environments, particularly for payment-related data.

Other authorities, including the Bank of England, have emphasised the need to balance defensive planning with an assessment of the longer-term opportunities quantum computing may offer, such as computational efficiencies and new financial products.

Outside the G7, the Monetary Authority of Singapore’s Cyber and Technology Resilience Experts (CTREX) panel has recommended that institutions begin cataloguing cryptographic assets and prioritising the replacement of those most vulnerable to quantum attack

At an industry level, the European Payments Council’s (EPC) annual update of its Guidelines on Cryptographic Algorithms Usage and Key Management provides insights for payment service providers (PSPs) on security protocols, data integrity and encryption best practices.

Delay to Australia’s Key AML Requirements a Response to Friction Rather Than a Retreat

By granting organisations extra time to adapt to certain elements of the country’s overhauled anti-money laundering and counter-terrorism financing (AML/CTF) framework, AUSTRAC is acknowledging the scale and complexity of the reforms.

Announcing the change in mid-January 2026, the regulator stated that existing reporting entities will be granted an extended transition period to comply with initial customer due diligence (CDD) requirements.

Under these arrangements, relevant entities will have a three-year transition period to complete initial CDD checks required under the AML/CTF Amendment Act 2024.

The transition period will run from March 31, 2026 to March 30, 2029; during this time, firms may choose between two compliance paths when onboarding new customers.

Under the first option, firms may continue to apply their existing applicable customer identification procedures (ACIP) until the end of the transition period.

Alternatively, firms may transition early to the reformed initial CDD regime at any point during the transition period.

In effect, the first option allows firms to retain their current onboarding model for a further three years, while the second allows earlier compliance with the new initial CDD requirements, rather than adherence to the original fixed deadline.

Under the AML/CTF Amendment Act 2024 as enacted by the Australian parliament, the initial CDD requirements were due to take effect for existing reporting entities from March 31, 2026.

Although AUSTRAC has not publicly attributed the extension to compliance difficulties, Australian media have reported that regulators privately acknowledge widespread “implementation issues” across industry.

The change, as well as others detailed in AUSTRAC’s update, will be formalised in an exposure draft to be published by the Department of Home Affairs in the coming weeks.

Once the exposure draft is published, firms will be able to submit feedback on the changes.

The transitional rules will be enacted by the Minister for Home Affairs under Schedule 12 of the AML/CTF Amendment Act 2024.

‍

Want to know more? 

Request a demo with one of our experts today to gain full access to the stories we cover - and much more - and start learning how you can make compliance a competitive advantage for your organisation.