Search Results

On March 5, 2026, the Federal Deposit Insurance Corporation (FDIC), the Board of Governors of the Federal Reserve System (FRB), and the Office of the Comptroller of the Currency (OCC) jointly issued a set of Frequently Asked Questions (FAQs) clarifying the capital treatment of tokenized securities under the existing federal bank capital rule. The action is final and effective; it does not constitute proposed rulemaking and does not alter the text of existing capital regulations. The FAQs confirm the agencies' interpretation of current law as it applies to securities whose ownership rights are represented using distributed ledger technology (DLT). The controlling rule is the federal bank capital rule, implemented jointly by the three agencies at 12 C.F.R. part 3 (OCC), 12 C.F.R. part 217 (FRB), and 12 C.F.R. part 324 (FDIC). The FAQs address three specific questions. First, an eligible tokenized security — defined as a tokenized security that confers legal rights identical to those of the non-tokenized form — receives the same capital treatment as its non-tokenized equivalent under the capital rule. Second, an eligible tokenized security that satisfies the definition of "financial collateral" in 12 C.F.R. sections 3.2 (OCC), 217.2 (FRB), and 324.2 (FDIC) may be recognized as a credit risk mitigant, subject to the same haircuts applicable to the non-tokenized form, provided the banking organization holds a perfected, first-priority security interest per 12 C.F.R. sections 3.37, 3.132 (OCC), 217.37, 217.132 (FRB), and 324.37, 324.132 (FDIC). Third, the capital rule does not differentiate treatment based on whether tokens are issued on permissioned or permissionless blockchains. For banking organizations — including national banks, state member banks, state non-member banks, and federal savings associations — the FAQs remove the prior ambiguity about whether holding tokenized securities triggers higher capital charges than holding the equivalent traditional securities. Banks that already hold, or plan to hold, U.S. Treasury tokenized securities, tokenized corporate bonds, or other tokenized debt instruments subject to the capital rule may now apply the same risk weights and collateral haircuts as for the non-tokenized counterparts. Custodians evaluating tokenized securities as eligible collateral for secured transactions gain confirmation that blockchain issuance form does not disqualify the instrument from financial-collateral status, subject to the existing perfection and priority requirements. Tokenized-security issuers — whether operating on public permissionless networks or private permissioned networks — face no differential capital treatment for their instruments held by bank counterparties. The FAQs apply only to tokenized securities that confer legal rights identical to those of the non-tokenized form; instruments that do not meet this definition — including certain synthetic or re-hypothecated on-chain representations — fall outside the FAQs' scope and require separate analysis under applicable capital rule provisions. The guidance does not address the treatment of crypto-native assets, stablecoins, or other digital assets that are not tokenized forms of existing securities. Banks must still comply with applicable lending limits, investment authority constraints, and sound risk-management standards as stated in 12 C.F.R. parts 1, 32, 160, 252, and 362. Questions about smart-contract operational risk, custody arrangements, and counterparty credit risk for DLT-based settlement remain outside the scope of the FAQs. Sources: (1) Federal Deposit Insurance Corporation, Federal Reserve Board, and Office of the Comptroller of the Currency, Joint Press Release, "Agencies clarify the capital treatment of tokenized securities" (March 5, 2026), https://www.federalreserve.gov/newsevents/pressreleases/bcreg20260305a.htm ; (2) Federal Reserve Board, "Capital Treatment of Tokenized Securities Frequently Asked Questions" (March 5, 2026), https://www.federalreserve.gov/supervisionreg/capital-treatment-of-tokenized-securities-faqs.htm (both confirmed March 9, 2026). The information provided is not legal, tax, investment, or accounting advice and should not be used as such. It is for discussion purposes only. Seek guidance from your own legal counsel and advisors on any matters. The views presented are those of the author and not any other individual or organization. Some parts of the text may be automatically generated. The author of this material makes no guarantees or warranties about the accuracy or completeness of the information.

On January 29, 2026, CFTC Chairman Michael S. Selig delivered inaugural public remarks at a joint CFTC-SEC event on harmonization, announcing Project Crypto as a joint SEC-CFTC policy initiative to modernize and harmonize U.S. federal oversight of digital asset markets. The initiative is in an early implementation stage: Chairman Selig directed CFTC staff to begin drafting rules across multiple subject areas, including decentralized finance safe harbors, tokenized collateral eligibility, perpetual derivative products, and a revised event contracts regime. No proposed rulemakings have yet been published in the Federal Register; the remarks represent a statement of regulatory intent and a set of staff directives at the agency-head level. The controlling authority for the initiative derives from the Commodity Exchange Act (CEA), 7 U.S.C. sections 1 through 27f, which vests rulemaking authority in the CFTC. Chairman Selig cited the agency's existing statutory powers as sufficient to proceed with several of the enumerated reforms without waiting for congressional action. The remarks specifically reference: (1) the "actual delivery" exception in CEA section 2(c)(2)(D) as the basis for clarifying off-exchange leveraged retail crypto commodity transactions; (2) the designated contract market (DCM) registration provisions in CEA section 5 as the vehicle for codifying requirements for on-exchange retail leveraged crypto trading; and (3) the Commission's general rulemaking authority as the basis for developing perpetual derivative product rules. The remarks also reference the 2024 Event Contracts Rule Proposal (89 Fed. Reg. 48968, June 10, 2024) and CFTC Staff Advisory 25-36 (September 30, 2025), both of which Chairman Selig directed staff to withdraw. The practical effect on crypto and Web3 market participants spans several categories. DeFi protocol operators and smart contract developers receive the clearest signal to date that the CFTC intends to create statutory safe harbors for on-chain software systems, including non-custodial wallets and user interfaces that route users to self-executing code. Spot and derivatives exchanges offering perpetual contracts, which currently have no U.S. onshore pathway, may gain a defined regulatory on-ramp under new DCM rules tailored to these products. Custodians and trading venues handling tokenized collateral should monitor forthcoming CFTC rules on eligible tokenized collateral for margin purposes. Cross-registered broker-dealers and futures commission merchants could benefit from substituted compliance provisions that eliminate duplicative SEC-CFTC registration requirements for economically similar products offered on a single platform. Prediction market operators gain certainty from the withdrawal of the 2024 proposed rule and the staff advisory, though a new event contract rulemaking remains pending. No final rules or proposed rules have been published as of March 9, 2026. All actions described in the remarks remain at the staff-directive stage, with no Federal Register publication dates announced. The Chairman's statements represent policy direction, not binding legal obligations. The scope of safe harbors for DeFi protocols — particularly whether automated market makers, liquidity pools, or DAO-governed protocols would qualify — is an open question that subsequent rulemaking will need to address. The remarks explicitly contemplate both centralized and decentralized markets as covered by forthcoming perpetual contract rules, but leave the precise decentralization threshold undefined. Market participants cannot rely on the remarks as a compliance defense until proposed or final rules take effect. Source: CFTC Chairman Michael S. Selig, "The Next Phase of Project Crypto: Unleashing Innovation for the New Frontier of Finance," Remarks at CFTC-SEC Event on Harmonization (January 29, 2026), https://www.cftc.gov/PressRoom/SpeechesTestimony/opaselig1 (confirmed March 9, 2026). The information provided is not legal, tax, investment, or accounting advice and should not be used as such. It is for discussion purposes only. Seek guidance from your own legal counsel and advisors on any matters. The views presented are those of the author and not any other individual or organization. Some parts of the text may be automatically generated. The author of this material makes no guarantees or warranties about the accuracy or completeness of the information.

The Financial Conduct Authority (FCA) published Consultation Paper CP25/15, "A prudential regime for cryptoasset firms," in 2025. The consultation proposed a bespoke capital and liquidity regime for FCA-authorised cryptoasset businesses operating in the United Kingdom. The FCA issued the consultation under powers conferred by the Financial Services and Markets Act 2000 (FSMA 2000), as amended by the Financial Services and Markets Act 2023 (FSMA 2023), which created the UK cryptoasset regulatory perimeter. The consultation closed in July 2025; the FCA has not yet published final rules as of 9 March 2026. CP25/15 proposed that cryptoasset firms holding an FCA authorisation under the FSMA 2000 cryptoasset registration regime should be subject to minimum own funds requirements, including a fixed overhead requirement and a K-factor-based formula adapted from the Investment Firms Prudential Regime (IFPR) established by the Financial Services Act 2021 and the UK Investment Firm Prudential Regime rules in the FCA Handbook (MIFIDPRU). The paper also proposed liquidity requirements calibrated to the specific risk profile of cryptoasset business models, including requirements to hold adequate liquid assets against client money and assets held in custody. The proposed rules would apply to firms registered under the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 that receive full FCA authorisation under the new UK cryptoasset regulatory perimeter. UK-based cryptoasset exchanges, custodians, and cryptoasset issuers that seek or hold FCA authorisation must assess their anticipated capital base against the proposed minimum requirements. Firms currently registered with the FCA under the anti-money laundering registration regime that plan to apply for full authorisation under the FSMA 2023 cryptoasset perimeter should begin modelling their capital and liquidity positions against the CP25/15 proposals. Consumer-facing and institutional cryptoasset businesses must also assess client asset segregation obligations and reporting requirements proposed under CP25/15, which aligned the client money treatment with the FCA's existing Client Assets Sourcebook (CASS). The consultation period closed in July 2025. The FCA has not published a Policy Statement setting out final rules as of 9 March 2026. Until the FCA publishes final rules, the CP25/15 proposals remain proposals only and do not impose binding obligations. The FCA indicated in CP25/15 that transitional provisions would apply to give firms adequate time to meet the new requirements once final rules take effect; no transitional period length had been confirmed as of the consultation stage. Source: Financial Conduct Authority (FCA), Consultation Paper CP25/15 "A prudential regime for cryptoasset firms," available at https://www.fca.org.uk/publications/consultation-papers/cp25-15-prudential-regime-cryptoasset-firms . Consultation closed July 2025. Confirmed 9 March 2026. The information provided is not legal, tax, investment, or accounting advice and should not be used as such. It is for discussion purposes only. Seek guidance from your own legal counsel and advisors on any matters. The views presented are those of the author and not any other individual or organization. Some parts of the text may be automatically generated. The author of this material makes no guarantees or warranties about the accuracy or completeness of the information.

On 4 March 2026, SEC Chair Paul Atkins delivered remarks at the Financial Stability Oversight Council (FSOC) Artificial Intelligence Innovation Series Roundtable on Strategy and Governance Principles. The FSOC convened the roundtable under its mandate to identify risks to U.S. financial stability and to promote market discipline, as established under the Dodd-Frank Wall Street Reform and Consumer Protection Act, Title I, 12 U.S.C. § 5321–5394. Chair Atkins spoke in his capacity as a FSOC voting member, as provided by 12 U.S.C. § 5321(b)(1)(B). The remarks constitute a speech, not a rulemaking; no new rule, guidance, or enforcement action was issued on 4 March 2026. The controlling statutory authority for the FSOC's AI oversight activities is the Dodd-Frank Act, 12 U.S.C. § 5322(a), which empowers FSOC to collect information from member agencies and the public to assess threats to financial stability. The SEC's own authority to regulate AI use in securities markets derives from the Securities Exchange Act of 1934, 15 U.S.C. § 78c et seq., including Section 15(b) (broker-dealer registration) and Section 17 (recordkeeping), and from the Investment Advisers Act of 1940, 15 U.S.C. § 80b-1 et seq. Chair Atkins indicated at the roundtable that the SEC would use its existing statutory tools to address AI-related risks in securities markets rather than seek new AI-specific legislation. Broker-dealers, investment advisers, and registered investment companies that deploy AI in trading, order routing, compliance monitoring, or client-facing advisory functions should assess whether those applications fall within existing SEC rules on recordkeeping (Rule 17a-4), best execution, and conflicts of interest. Investment advisers using AI in portfolio management or client recommendations must assess compliance with their fiduciary duty under the Advisers Act and with existing Commission guidance on AI-related conflicts of interest. FSOC member agencies, including the SEC, the Federal Reserve, the OCC, and the FDIC, are expected to coordinate their AI oversight through FSOC's existing annual report and information-sharing mechanisms under 12 U.S.C. § 5322(a)(2). The 4 March 2026 roundtable did not produce binding FSOC guidance or a formal FSOC recommendation. FSOC issues formal recommendations under 12 U.S.C. § 5330 (regarding systemically important non-bank financial companies) and § 5329 (regarding systemic risk). No such recommendation was issued on 4 March 2026. The SEC has not published a proposed rule specifically addressing AI in securities regulation as of 9 March 2026, and Chair Atkins's remarks do not constitute a notice of proposed rulemaking under the Administrative Procedure Act, 5 U.S.C. § 553. Source: SEC Chair Paul S. Atkins, "Remarks at Financial Stability Oversight Council Artificial Intelligence Innovation Series Roundtable on Strategy and Governance Principles," delivered 4 March 2026, available at https://www.sec.gov/newsroom/speeches-statements/atkins-remarks-at-financial-stability-oversight-council-artificial-intelligence-innovation-series-roundtable-030426 . Confirmed 9 March 2026. The information provided is not legal, tax, investment, or accounting advice and should not be used as such. It is for discussion purposes only. Seek guidance from your own legal counsel and advisors on any matters. The views presented are those of the author and not any other individual or organization. Some parts of the text may be automatically generated. The author of this material makes no guarantees or warranties about the accuracy or completeness of the information.

On 28 January 2026, the Financial Conduct Authority (FCA) announced a long-term review into the use of artificial intelligence in retail financial services. The FCA delivered the announcement through a speech by a senior official, framing the review as a multi-year programme to assess how AI deployment by regulated firms affects consumer outcomes, firm risk management, and systemic stability. The review is at an early stage; the FCA has not yet issued a call for input, consultation paper, or policy statement. The FCA is conducting the review under its general statutory functions set out in the Financial Services and Markets Act 2000 (FSMA 2000). The FCA's primary regulatory mandate derives from FSMA 2000, sections 1B–1E, which require the FCA to act to advance its operational objectives: securing appropriate protection for consumers (section 1C), protecting and enhancing the integrity of the UK financial system (section 1D), and promoting effective competition in the interests of consumers (section 1E). The speech also referenced the FCA's cross-sector AI approach, which expects firms to comply with existing principles-based rules in the FCA Handbook—including Principle 6 (treating customers fairly), Principle 11 (relations with regulators), and SYSC 3 (systems and controls)—when deploying AI. No new binding rules were introduced on 28 January 2026. Retail financial services firms authorised by the FCA—including banks, insurers, investment managers, mortgage lenders, and consumer credit providers—should expect the FCA to seek information about their AI use cases and governance structures as the review progresses. Firms using AI in customer-facing processes, credit decisioning, fraud detection, or advice tools face the highest scrutiny given the FCA's consumer protection objective. Firms should document how existing SYSC governance requirements apply to AI systems and how their AI outputs are tested for fairness and accuracy before deployment. The FCA has indicated it will design the review to accommodate the pace of AI development and may issue discussion papers before any formal consultation. The review covers retail financial services only. Wholesale markets AI regulation falls under a separate FCA workstream. No deadline for the review's completion or for any subsequent rulemaking has been published. The FCA has not announced whether the review will lead to dedicated AI-specific rules or will instead result in guidance clarifying the application of existing Handbook obligations to AI use cases. Source: Financial Conduct Authority (FCA), "The FCA's long-term review of AI in retail financial services: designing for the unknown," speech delivered 28 January 2026, available at https://www.fca.org.uk/news/speeches/fca-long-term-review-ai-retail-financial-services-designing-unknown . Confirmed 9 March 2026. The information provided is not legal, tax, investment, or accounting advice and should not be used as such. It is for discussion purposes only. Seek guidance from your own legal counsel and advisors on any matters. The views presented are those of the author and not any other individual or organization. Some parts of the text may be automatically generated. The author of this material makes no guarantees or warranties about the accuracy or completeness of the information.

On 18 February 2026, Spain's Agencia Española de Protección de Datos (AEPD) published a non-binding guide titled "Agentic Artificial Intelligence from the perspective of Data Protection." The guide addresses data protection obligations that apply when organizations deploy autonomous AI agent systems capable of planning, executing multi-step tasks, and acting without continuous human direction. The AEPD issued the guide in its capacity as Spain's national supervisory authority under Regulation (EU) 2016/679 (GDPR). The guide does not amend existing law; it clarifies how existing GDPR obligations apply to agentic AI deployments. The AEPD identifies the data protection principles under GDPR Article 5 as the primary controlling authority. The guide focuses on Article 5(1)(b) (purpose limitation), Article 5(1)(c) (data minimisation), and Article 5(2) (accountability), together with Article 6 (lawfulness of processing), Article 25 (data protection by design and by default), and Articles 13–14 (transparency obligations toward data subjects). Where an agentic AI system involves multiple agents, each processing step must have a documented lawful basis under Article 6. Controllers must designate responsibility across multi-agent chains and record those designations under Article 30. Organizations deploying agentic AI systems that process personal data must take specific practical steps. They must identify the controller and any processors at each stage of the agent pipeline and document those roles before deployment. They must restrict the agent's memory and context window to data strictly necessary for the defined task, applying Article 5(1)(c) data minimisation at the design stage. They must define the specific purpose for each agent action and not allow agents to repurpose data beyond that scope. Where agents interact with data subjects directly, controllers must provide transparency notices under Articles 13–14. Human oversight mechanisms must be built in at decision points where agents produce outputs that affect natural persons. The guide is non-binding. It does not create new legal obligations beyond those already set out in the GDPR. The AEPD notes that agentic AI systems classified as high-risk under Annex III of the EU AI Act (Regulation (EU) 2024/1689) will be subject to additional requirements under that regulation, including conformity assessments and registration in the EU database, and that GDPR and the EU AI Act apply concurrently where both are triggered. The AEPD has been designated as Spain's competent authority for AI Act market surveillance in the areas within its existing supervisory mandate. Source: Agencia Española de Protección de Datos (AEPD), "Agentic Artificial Intelligence from the perspective of Data Protection," published 18 February 2026, available at https://www.aepd.es/en/guides/agentic-artificial-intelligence.pdf . Confirmed 9 March 2026. The information provided is not legal, tax, investment, or accounting advice and should not be used as such. It is for discussion purposes only. Seek guidance from your own legal counsel and advisors on any matters. The views presented are those of the author and not any other individual or organization. Some parts of the text may be automatically generated. The author of this material makes no guarantees or warranties about the accuracy or completeness of the information.

On 18 February 2026, SEC Chairman Paul S. Atkins and Commissioner Hester M. Peirce delivered remarks at the ETHDenver conference in Denver, Colorado. The speech — delivered in the form of a public dialogue — constituted an official statement by Chairman Atkins in his capacity as the 34th Chairman of the Securities and Exchange Commission. Chairman Atkins confirmed that the SEC has ended regulation by enforcement of crypto assets and described a detailed 2026 regulatory agenda for digital assets, to be pursued through Project Crypto, a joint initiative with the Commodity Futures Trading Commission (CFTC), with CFTC Chairman Mike Selig formerly serving on the SEC Crypto Task Force. The SEC's statutory authority to regulate securities, including investment contracts, derives from the Securities Exchange Act of 1934 (15 U.S.C. § 78a et seq.) and the Securities Act of 1933 (15 U.S.C. § 77a et seq.). Chairman Atkins stated that the SEC plans to issue, in 2026, the following items: a Commission framework for how crypto assets subject to investment contracts are formed and terminated; an innovation exemption for limited trading of tokenised securities on novel platforms; a rulemaking proposal for capital-raising pathways involving crypto assets; no-action letters and exemptive orders addressing wallets and user interfaces; rulemaking on custody of non-security crypto assets including payment stablecoins by broker-dealers; and a transfer agent modernisation rulemaking accommodating blockchain-based recordkeeping. For crypto exchanges, DeFi protocol operators, tokenisation platforms, stablecoin issuers, custodians, and broker-dealers engaging in crypto activities, the Chairman's statement signals that formal rulemaking and exemptive relief — rather than enforcement actions — will define SEC regulatory action in 2026. The proposed innovation exemption would limit trading volume and provide relief from certain rules while allowing temporary operation; participants would undergo a white-listing process. Decentralised applications on public, permissionless blockchains and DeFi participants appear within scope of the proposed relief. The Chairman noted that the SEC has already: rescinded Staff Accounting Bulletin 121; published staff statements on crypto asset custody by broker-dealers and a taxonomy for tokenised securities; approved generic listing standards for crypto ETPs; and issued no-action letters on tokenisation and DePIN. The innovation exemption and custody rulemaking timelines were not specified. Rulemakings require notice-and-comment under the Administrative Procedure Act (5 U.S.C. § 553), and no formal rulemaking dockets have yet been opened for the items described. Source: Paul S. Atkins, Chairman, and Hester M. Peirce, Commissioner, "Number Go Down and Other Schadenfreude — Remarks at ETHDenver," U.S. Securities and Exchange Commission, Denver, CO, 18 February 2026. Available at: https://www.sec.gov/newsroom/speeches-statements/atkins-peirce-021826-number-go-down-other-schadenfreude . Confirmed current as of 9 March 2026. The information provided is not legal, tax, investment, or accounting advice and should not be used as such. It is for discussion purposes only. Seek guidance from your own legal counsel and advisors on any matters. The views presented are those of the author and not any other individual or organization. Some parts of the text may be automatically generated. The author of this material makes no guarantees or warranties about the accuracy or completeness of the information.

On 5 March 2026, the Scottish Parliament passed the Digital Assets (Scotland) Bill by 114 votes to 0, with 15 members not voting. The Bill, a Government Bill introduced on 30 September 2025, completed all three parliamentary stages and now awaits Royal Assent before becoming an Act of the Scottish Parliament. Stage 1 (general principles) was agreed on 22 January 2026, Stage 2 amendments were decided on 18 February 2026, and Stage 3 final debate and vote took place on 5 March 2026. The Bill's passage does not depend on Westminster legislation; it operates within the Scottish Parliament's existing legislative competence over Scots private law. The Bill amends Scots private law to confirm that certain digital assets — including cryptocurrencies and other assets existing in digital format that can be identified, stored, and traded electronically — can be objects of property under Scots law. The Bill establishes how such assets are acquired and owned, and confirms that general Scots private law principles apply to them. The Scottish Government introduced the Bill following the report of the Digital Assets in Scots Private Law Expert Reference Group. The lead parliamentary committee was the Economy and Fair Work Committee, which published its Stage 1 report on 15 January 2026. For digital asset owners, custodians, exchanges, lenders, and technology start-ups operating under Scots law, the Act — once it receives Royal Assent — eliminates the current legal uncertainty about whether digital assets qualify as property. Courts applying Scots law will be able to recognise ownership claims, enforce security interests, and resolve insolvency disputes involving cryptocurrencies and similar assets. Businesses that previously governed their digital asset dealings under English law or a foreign jurisdiction to obtain legal certainty will be able to choose Scots law instead. The Bill's transfer provisions favour an acquirer acting in good faith over the original owner of a digital asset in certain circumstances, a point debated at committee stage. Royal Assent timing is subject to the standard parliamentary timetable; no date has been announced. The Bill does not cover the regulation of digital asset markets or services, which remain reserved to the UK Parliament. It does not itself create a financial services licensing regime for digital asset businesses in Scotland. Source: Digital Assets (Scotland) Bill, Scottish Parliament Session 6, Government Bill introduced 30 September 2025, passed 5 March 2026 (Motion S6M-20944). Bill as passed available at: https://www.parliament.scot/bills-and-laws/bills/s6/digital-assets-scotland-bill . Confirmed current as of 9 March 2026. The information provided is not legal, tax, investment, or accounting advice and should not be used as such. It is for discussion purposes only. Seek guidance from your own legal counsel and advisors on any matters. The views presented are those of the author and not any other individual or organization. Some parts of the text may be automatically generated. The author of this material makes no guarantees or warranties about the accuracy or completeness of the information.

On 12 February 2026, the European Banking Authority (EBA) published an Opinion addressed to national competent authorities (NCAs) under the Revised Payment Services Directive (PSD2). The Opinion advises NCAs on how to proceed once the nine-month transition period set in the EBA's No-Action Letter of 2 June 2025 (EBA/Op/2025/08) expired on 2 March 2026. That transition period permitted crypto-asset service providers (CASPs) authorised under the Markets in Crypto-Assets Regulation (MiCAR) to continue providing electronic money tokens (EMTs) qualifying as payment services without holding a concurrent PSD2 licence, provided the CASPs had submitted or were preparing a PSD2 authorisation application. The Opinion is final and addressed to NCAs; it is not a consultation. The controlling authority is Article 29(1)(a) of Regulation (EU) No 1093/2010 (EBA Founding Regulation), which empowers the EBA to issue opinions to NCAs to build a common supervisory culture and ensure uniform procedures across the European Union. The Opinion operates alongside Regulation (EU) 2023/1114 (MiCAR) and Directive (EU) 2015/2366 (PSD2). The EBA advises NCAs to allow a CASP to continue EMT-related payment services after 2 March 2026 only where: the CASP submitted a complete PSD2 authorisation application before that date; the NCA has not yet decided on the application; and the CASP actively cooperates with the NCA. Where any of these conditions is absent, NCAs are advised to require the CASP to cease the relevant services immediately. For CASPs that issue or facilitate transactions in fiat-referenced stablecoins qualifying as EMTs — including exchanges, on-and-off ramp operators, and payment-focused protocols — the expiry of the transition period removes the regulatory bridge that allowed continued operation under MiCAR alone. Any CASP that did not lodge a PSD2 application before 2 March 2026 faces an immediate obligation to wind down the EMT payment-services component of its business. NCAs retain discretion on enforcement timelines but are advised to cooperate with the relevant MiCAR NCA and, where necessary, national enforcement bodies to ensure compliance. More than 100 CASPs approached NCAs informally or submitted PSD2 applications during the transition period. Application volumes vary significantly across Member States, which the EBA cited as the primary reason for issuing the Opinion — to help NCAs prioritise authorisation reviews when the transition period ended. The Opinion does not affect CASPs whose EMT activities fall outside the definition of payment services under PSD2; the EBA reiterated its June 2025 position that only a subset of EMT-related crypto services qualify as payment services requiring dual authorisation. Source: EBA Opinion on the end of the No-Action Letter transition period on the interplay between PSD2 and MiCA, EBA/Op/2026/02, 12 February 2026. Press release and document available at: https://www.eba.europa.eu/publications-and-media/press-releases/eba-advises-national-authorities-actions-take-end-transition-period-under-its-no-action-letter . Confirmed current as of 9 March 2026. The information provided is not legal, tax, investment, or accounting advice and should not be used as such. It is for discussion purposes only. Seek guidance from your own legal counsel and advisors on any matters. The views presented are those of the author and not any other individual or organization. Some parts of the text may be automatically generated. The author of this material makes no guarantees or warranties about the accuracy or completeness of the information.

The Japan Fair Trade Commission (JFTC) announced on March 4, 2026 that it has opened a formal investigation into suspected violations of the Act on Prohibition of Private Monopolization and Maintenance of Fair Trade (Antimonopoly Act) by Microsoft Corporation, Microsoft Japan Co., Ltd., and Microsoft Ireland Operations Limited. The JFTC simultaneously issued a public call for information and comments from third parties to support the investigation. The controlling authority is the Act on Prohibition of Private Monopolization and Maintenance of Fair Trade (Act No. 54 of 1947, as amended). The JFTC's investigation focuses on conduct related to Microsoft's Azure cloud computing services. The suspected violation involves tying or bundling practices in which Microsoft is alleged to condition access to certain software products or services on customers' use of Azure, potentially constituting private monopolization or unfair trade practices under Articles 3 and 19 of the Antimonopoly Act. Cloud computing providers, enterprise software licensees, and AI service operators doing business in Japan and relying on Microsoft products should assess whether their agreements or operational dependencies fall within the scope of conduct under investigation. A finding of violation could affect Microsoft's ability to maintain existing commercial terms in Japan and may require unbundling of software from cloud platform subscriptions. Businesses that have faced restrictions or conditions tied to Azure adoption may wish to respond to the JFTC's public call for third-party submissions. The investigation is at an early stage; no charges or cease-and-desist orders have been issued as of March 6, 2026. The JFTC has not set a public deadline for the investigation's conclusion. Third parties may submit information and comments through the JFTC's designated submission process. Outcomes of JFTC investigations may include cease-and-desist orders, surcharge payment orders, or negotiated remedies under the Antimonopoly Act. Source: Japan Fair Trade Commission, Press Release, "JFTC Opens an Investigation and Seeks Information and Comments from Third Parties Concerning the Suspected Violation of the Antimonopoly Act by Microsoft Corporation, Microsoft Japan Co., Ltd., and Microsoft Ireland Operations Limited" (Mar. 4, 2026). Available at: https://www.jftc.go.jp/en/pressreleases/yearly-2026/March/260304.html . Confirmed: March 6, 2026. The information provided is not legal, tax, investment, or accounting advice and should not be used as such. It is for discussion purposes only. Seek guidance from your own legal counsel and advisors on any matters. The views presented are those of the author and not any other individual or organization. Some parts of the text may be automatically generated. The author of this material makes no guarantees or warranties about the accuracy or completeness of the information.

The United States Supreme Court denied certiorari in Thaler v. Perlmutter, No. 25-449, on March 2, 2026. The denial leaves intact the D.C. Circuit's ruling in Thaler v. Vidal (No. 23-5233), which held that copyright registration requires human authorship and that a work generated entirely by an AI system without human creative contribution does not qualify for copyright protection under the Copyright Act, 17 U.S.C. § 102(a). The controlling statutory authority is 17 U.S.C. § 102(a), which extends copyright protection to "original works of authorship fixed in any tangible medium of expression." The Copyright Office and the D.C. Circuit both construed "authorship" as requiring a human author. The D.C. Circuit's opinion in Thaler v. Vidal affirmed the Copyright Office's refusal to register "A Recent Entrance to Paradise," a two-dimensional artwork that petitioner Stephen Thaler asserted was autonomously created by his "Creativity Machine" AI without any human creative input. The denial of certiorari means that, in all U.S. jurisdictions, purely AI-generated works remain ineligible for copyright registration absent a sufficient showing of human creative expression in the selection, arrangement, or modification of the AI output. Entities developing or commercializing AI-generated content — including generative AI platforms, training dataset providers, and media companies — cannot rely on copyright to protect works produced by AI without human authorship. Licensing strategies, terms of service, and product documentation should reflect this limitation. The Supreme Court's refusal to hear the case does not constitute a ruling on the merits and does not resolve all open questions, including the degree of human input sufficient to satisfy the authorship requirement for partially AI-assisted works. The Copyright Office has issued guidance stating it will assess copyright claims in AI-generated material on a case-by-case basis, requiring disclosure of AI assistance and evaluating the extent of human creative control. Source: Supreme Court of the United States, Docket No. 25-449, Thaler v. Perlmutter (cert. denied Mar. 2, 2026). Available at: https://www.supremecourt.gov/docket/docketfiles/html/public/25-449.html . Confirmed: March 6, 2026. The information provided is not legal, tax, investment, or accounting advice and should not be used as such. It is for discussion purposes only. Seek guidance from your own legal counsel and advisors on any matters. The views presented are those of the author and not any other individual or organization. Some parts of the text may be automatically generated. The author of this material makes no guarantees or warranties about the accuracy or completeness of the information.

Colorado Governor Jared Polis signed SB24-205 (Consumer Protections for Artificial Intelligence) on May 17, 2024. The act's operative obligations for developers and deployers of high-risk AI systems took effect on February 1, 2026. Colorado is the first U.S. state to enact a broadly applicable consumer protection statute governing high-risk AI systems. The controlling authority is Colorado Revised Statutes §§ 6-1-1701 through 6-1-1711, as enacted by SB24-205, Colo. Session Laws 2024, Chapter 198. The act defines "high-risk artificial intelligence system" as one that makes or substantially contributes to a consequential decision affecting a consumer in education, employment, financial services, or housing, among other enumerated domains. Developers bear duties of disclosure, technical documentation, and risk notification to deployers. Deployers must maintain a written risk management policy, conduct algorithmic impact assessments, complete annual reviews, provide consumers with notice of high-risk AI use in consequential decisions, and offer a meaningful opportunity to correct data inputs and appeal adverse outcomes. Developers and deployers operating in Colorado must audit their AI systems to determine whether any system meets the "high-risk" definition. Where a system qualifies, developers must disclose known risks of algorithmic discrimination to deployers within 90 days of discovery. Deployers must publish a clear public statement describing the types of high-risk AI systems in use. Entities that deploy high-risk AI to issue consequential decisions must build consumer-facing correction and appeal mechanisms into their workflows. The act provides several exemptions: entities subject to examination by a state or federal prudential regulator under published AI-specific guidance (including banks and credit unions) may qualify for safe harbor; insurers subject to applicable state insurance commissioner regulations on algorithmic models are similarly carved out. An affirmative defense is available to deployers that substantially comply with a nationally or internationally recognized AI risk management framework. The Colorado Attorney General holds exclusive enforcement authority; violations are treated as deceptive trade practices under the Colorado Consumer Protection Act, C.R.S. § 6-1-105. Source: Colorado General Assembly, SB24-205 Consumer Protections for Artificial Intelligence, Colo. Session Laws 2024, Chapter 198 (signed May 17, 2024; operative Feb. 1, 2026). Available at: https://leg.colorado.gov/bills/sb24-205 . Confirmed: March 6, 2026. The information provided is not legal, tax, investment, or accounting advice and should not be used as such. It is for discussion purposes only. Seek guidance from your own legal counsel and advisors on any matters. The views presented are those of the author and not any other individual or organization. Some parts of the text may be automatically generated. The author of this material makes no guarantees or warranties about the accuracy or completeness of the information.