Looking for the latest insights and trends from the Financial Services and Gambling industry?

In February 2026, the Australian Federal Court ordered FIIG Securities Limited (FIIG), an investment firm, to pay A$2.5m in civil penalties, plus A$500,000 in costs, following the Australian Securities and Investment Commission’s (ASIC) proceedings due to sustained cybersecurity failures at FIIG. The court found that, over a four-year period, FIIG breached core Australian Financial Services Licence (AFSL) obligations under the Corporations Act 2001, including failing to provide services efficiently, honestly and fairly, to maintain adequate resources, and to implement effective risk management systems. These failures were exposed by a 2023 cyber intrusion that resulted in the theft of approximately 385GB of sensitive data, affecting around 18,000 customers, with some of the information later appearing on the dark web. FIIG failed to: Allocate sufficient financial and technological resources to ensure suitably qualified and experienced personnel were available to manage cybersecurity. Implement adequate cybersecurity measures, including multi-factor authentication for remote access users, strong passwords and access controls for privileged accounts, appropriate firewall and security

By scrutinising the digital wallet provider’s arrangements with US payment networks, the UK Financial Conduct Authority (FCA) is aligning with the Competition and Markets Authority (CMA) in challenging global giants.

A transition period is looming as regulators seek to redefine the structure and governance of account-to-account (A2A) payments, aiming to update the country’s ageing infrastructure and embed competition and interoperability requirements.

On April 17, 2026, the European Securities and Markets Authority (ESMA) published a statement on the end of transitional periods under Regulation (EU) 2023/1114 (Markets in Crypto-Assets – MiCA). Given the July 1, 2026 ending of the MiCA transition period, and the finalisation of the state of interplay between MiCA and PSD2, this Vixio’s Verdict will examine the implications of the regulators’ statements.

The proposed overhaul, currently under review, would require crypto-asset service providers (CASPs) to integrate real-time tax withholding into their operations, a move that could trigger capital flight to non-custodial or offshore venues.

The increasing focus on the activity of so-called “finfluencers” means payments and financial services firms should review their promotional content carefully, as regulators look to extend accountability beyond the individuals themselves to the organisations commissioning them.

New Zealand’s new anti-money laundering (AML) levy signals a global shift towards “club-good” regulation, with developed markets increasingly treating supervisors as industry-funded service providers rather than state-funded public goods, impacting jurisdictions’ competitiveness.

The scale, speed and accessibility of modern payments have fundamentally altered the risk landscape, shifting fraud from an isolated criminal activity to a systemic challenge embedded in everyday financial services. European regulators are increasingly reframing fraud as a core consumer protection challenge rather than simply a financial crime risk. This is not limited to one segment of the market: banks, payment institutions, electronic money (e-money) firms and investment platforms are all exposed. Fraud comprises a spectrum of typologies that continue to evolve alongside technological and behavioural changes. Most prevalent forms across Europe include: Authorised push payment (APP) fraud. Social engineering and impersonation scams. Phishing and smishing attacks. Account takeover fraud. Romance scams. Artificial intelligence (AI) fraud. As payment journeys become more seamless and embedded, often designed to minimise friction, fraudsters are exploiting the same efficiencies to execute scams at scale, with reduced detection windows and greater cross-border reach. Several structural drivers that are involved in fraud acceleration include: Mobile wallets. Online banking and embedded

Payment service providers (PSPs), fintechs, and digital asset firms have traditionally scaled by obtaining money transmitter licenses (MTLs) across many US states, each with its own rules and oversight. That model is now being challenged.

The newly proposed legislation represents one of the most ambitious attempts to date to break banks’ monopoly over US payments infrastructure by extending direct access to federal payment systems to qualified nonbank firms.