Latest Payments News: ESAs’ List Of Critical ICT Providers Marks A Key Milestone For DORA Implementation, and more

Catch up on some of the stories our payments compliance analysts have covered lately, and stay up-to-date on the latest news.

ESAs’ List Of Critical ICT Providers Marks A Key Milestone For DORA Implementation

The designation of systemic providers marks the beginning of a significant operational shift for financial institutions, which will need to strengthen their understanding of third-party dependencies and the risks that accompany them.

The European Supervisory Authorities’ (ESAs) November 2025 announcement of their first list of critical ICT third-party service providers (CTPPs) under the Digital Operational Resilience Act (DORA) is a significant milestone in the EU’s implementation of the regime.

It marks a shift from firm-level to systemic ICT risk management, with the ESAs aiming to address concentration risk in critical infrastructure.

DORA fundamentally reshapes how financial institutions manage ICT dependencies, as well as how ICT providers structure their governance, security and resilience frameworks.

The ESAs completed a multi-step assessment with national authorities and identified 19 providers whose services are systemically important and difficult to substitute. The designated organisations cover cloud, data, infrastructure and core banking technology services, and include big tech firms such as Amazon Web Services, Google and Microsoft.

DORA took effect in January 2025 and is designed to strengthen the operational resilience of the EU financial sector. Under the act, third-party ICT service providers identified as playing a critical role for financial entities in the EU are subject to direct oversight by the ESAs.

Visa–Mastercard US Fee Settlement Faces Strong Retailer Opposition

The proposed resolution to decades-old swipe-fee litigation is under fire from merchant groups, intensifying pressure on lawmakers and regulators to intervene in the card-payments market.

On November 10, 2025, Visa and Mastercard published the settlement agreement they have reached with counsel representing a group of merchants known as the “injunctive rules relief class”.

This class represents merchants seeking changes to the card networks’ rules. It was established after the courts ruled in 2016 that the monetary and injunctive claims could not be resolved within a single class.

The next stage of the process will see the settlement agreement go to Judge Brian Cogan of the Eastern District of New York for approval.

The proposed settlement offers four key changes to the card networks’ fees and rules:

• Interchange rate reduction – Both networks would reduce the average systemwide effective interchange rate on US domestic credit card transactions by 10 basis points.
• Five-year rate cap – The 10 basis point interchange reduction would stay in place for five years.
• Acceptance flexibility – Merchants would be given new powers to accept or reject transactions from different categories of credit card (“standard consumer”, “premium consumer”, “commercial”), but would not be allowed to discriminate between the same card type issued by different financial institutions.
• Simplified surcharging and discounting rules – Merchants would be given more flexibility to surcharge and discount for credit card transactions. Merchants that apply these measures would continue to be subject to notification, disclosure and reporting requirements.

Neither Visa, Mastercard nor the bank defendants named in the lawsuit admit any wrongdoing or liability with respect to the plaintiffs’ allegations.

BRICS and SCO Efforts To Build Alternative Payment Infrastructure Face Significant Obstacles

To establish functional and widely used independent payment services, the blocs of emerging economies must overcome a range of challenges, including inter-alliance disputes, variation in foreign policy priorities and geopolitical pressures.

Despite ambitious plans, several factors prevent emerging economies from achieving tangible progress in establishing a payment infrastructure that would serve as an alternative to Western financial institutions.

Following a summit of the Shanghai Cooperation Organization (SCO), a political and economic union of 10 emerging countries, including China, Russia, India and Iran, in September 2025, Russian Finance Minister Anton Siluanov outlined plans to establish an independent payment system based on the proposed SCO Development Bank.

"We discussed with our Chinese partners the possibility of this bank focusing on, first of all, new types of payments, digital payments, digital rubles, digital currencies, and digital financial assets, in order to be independent of Western infrastructure," Siluanov said.

This is not the first time an alliance of emerging economies has attempted to create infrastructure to facilitate payments between its members.

In October 2024, BRICS, a union of countries including China, India, Russia and Brazil, announced plans to establish the BRICS Bridge and the BRICS Cross-Border Payments Initiative (BCBPI).

The key declared goal was to expedite and simplify cross-border payments among the BRICS nations.

The public launch was initially scheduled for September 2025, but there have been no recent reports on the progress of the initiative.

Dmitry Dolgin, chief economist with ING Group, told Vixio that BRICS and the SCO want to reduce reliance on Western-centric payment systems, which currently expose them to sanctions and operational risks.

So far, national initiatives such as China's Cross-Border Interbank Payment System (CIPS) and Russia's Financial Messaging System of the Bank of Russia (SPFS), along with stronger bilateral trade ties, have been more successful than pan-BRICS integration projects, such as a single currency or a unified payment platform, Dolgin noted.

ASIC’s 2026 Enforcement Priorities Spotlight Pricing And Reporting Risks

As Australia moves towards a new regulatory regime for payment service providers (PSPs), the regulator’s focus on pricing, reporting and exploiting financial difficulty challenges organisations to embed stronger controls and forward-looking governance.

Announcing its 2026 enforcement priorities on November 13, 2025, the Australian Securities and Investments Commission (ASIC) reiterated that its goal is “to help all Australians through promoting market integrity and consumer protection in the Australian financial system”.

ASIC’s updated priorities comprise a mixture of new and continuing areas of focus.

Given the regulator’s broad responsibilities, which include oversight of organisations in the superannuation, managed funds and insurance sectors, not all of its priorities are relevant to PSPs.

However, payments firms will be affected by ASIC’s emphasis on tackling misleading pricing practices and financial reporting misconduct.

As in many countries, the cost of living is an issue in Australia, and ASIC intends to focus on ensuring fairness in the pricing of financial services. For PSPs, this will mean scrutiny of payment processing fees and surcharges, foreign exchange margins and spreads, and late payment fees and penalty charges.

The regulator’s clampdown on financial reporting misconduct will focus in particular on failures to lodge financial reports. PSPs will need to ensure they meet their obligations under their Australian Financial Services Licence (AFSL), including audited financial-statement requirements, ongoing disclosures for listed entities and timely regulatory-return submissions.

An ongoing priority for ASIC is addressing misconduct exploiting financial difficulty, particularly predatory credit practices. In the payments sector, this means focusing on areas such as buy now, pay later (BNPL) service terms and collections, debt collection through payment systems and hardship provisions for payment plans.

ASIC said that its enforcement priorities for 2026 are intended to send a clear signal to the market about where it plans to focus its resources and expertise next year.

Sarah Court, the regulator’s deputy chair, said the priorities have been designed to protect consumers from financial harm and uphold the integrity of Australia’s financial markets.

“We are continuing to deliver strong, visible and active enforcement outcomes,” she added. “We’re doing more investigations, taking more matters to court and securing record penalties.”

‍

Want to know more? 

Request a demo with one of our experts today to gain full access to the stories we cover - and much more - and start learning how you can make compliance a competitive advantage for your organisation.