Financier Worldwide – Fintech Regulation

Author: Andrew J. Zammit

Reflecting on the last 12-18 months, what major trends would you highlight in the FinTech sector? What opportunities has the current market presented?

Over the past 12 to 18 months, Europe’s FinTech and payments landscape has seen rapid digitalisation, regulatory shifts and increased investment. Digital payments continue to rise, with card and mobile transactions gaining ground as cash use declines. Instant payment solutions, such as the European Payments Initiative’s ‘Wero’ wallet, are streamlining cross-border transactions, while regulators explore the digital euro to enhance monetary resilience. Meanwhile, the Malta Financial Services Authority (MFSA) continues to provide much-needed perimeter guidance in this sector. In two key 2025 circulars, the MFSA addressed terrorism financing risks in crypto services and highlighted some shortcomings in the manner in which financial institutions (FIs) manage outsourcing and safeguard client funds. These communications reflect Malta’s alignment with the Markets in Crypto-Assets Regulation (MiCA) and a more robust, risk-based supervisory approach. FIs are expected to adopt stronger governance, enhance due diligence and ensure proper segregation of client assets. Collectively, these developments signal heightened regulatory scrutiny and the maturing of Europe’s digital financial ecosystem.

How is technology assisting financial services firms to transform their operations and meet compliance requirements?

Technology is playing an increasingly critical role in enabling FIs to modernise operations and meet stringent compliance obligations under evolving EU regulatory frameworks. With the rapid proliferation of regulatory requirements under regimes such as the second Markets in Financial Instruments Directive, MiCA, the 6th Anti-Money Laundering Directive and the Digital Operational Resilience Act (DORA), FIs are turning to technology not merely for efficiency but as a strategic compliance enabler. In regulatory compliance and reporting, RegTech tools powered by AI and machine learning are automating data collection, transaction monitoring and real-time risk assessments – crucial for satisfying obligations under AML, know your customer and sanctions regimes. Client onboarding and digital identity verification have similarly been transformed through biometric authentication and electronic identification, authentication, and trust services-compliant digital signatures, reducing friction while maintaining regulatory rigour. Blockchain technology is being adopted to improve transaction transparency, settlement finality and auditability, particularly in payments and securities trading. Finally, cloud computing and cyber security frameworks aligned with DORA are facilitating secure, scalable infrastructure while enabling robust incident reporting and information and communication technologies (ICT) risk management. EU FIs embedding technology into their governance, risk and compliance frameworks are clearly setting themselves apart in the continuous struggle to adapt to supervisory expectations, mitigate risk and maintain competitive resilience in an increasingly regulated and digitalised market.

What do you consider to be the main risks and challenges facing FinTech companies as they assess their strategies? How are these factors influencing their business activities?

The main risks and challenges facing EU FinTech companies today are closely tied to the regulatory, operational and macroeconomic environment in which they operate. Chief among these is regulatory complexity and fragmentation, particularly as firms navigate new frameworks such as MiCA, DORA, and the evolving AML and CFT rulebook. While these regimes aim to create consistency across the EU, transitional periods, varying levels of national supervisory readiness and potential divergence in enforcement pose a significant compliance burden, especially for early-stage or scaling firms. Cyber security and operational resilience are also critical concerns, particularly under the stringent requirements of DORA. FinTechs are increasingly more pressured to invest heavily in ICT risk management and incident reporting frameworks or risk supervisory sanctions and reputational damage. Access to funding has also tightened, with rising interest rates and investor caution impacting the pace of innovation and expansion. These challenges are driving a shift in business strategies. Many firms are prioritising regulatory readiness, focusing on partnerships with established FIs, and adopting more sustainable, compliance-by-design models to ensure long-term viability.

Have any recent, notable banking and financial services regulations been introduced? How have they impacted the FinTech sector?

Several significant regulatory developments have recently emerged within the EU, with notable implications for the FinTech sector. Chief among them is the European Commission’s proposal for the third Payment Services Directive (PSD3) and accompanying Payment Services Regulation, published in June 2023. Together, these aim to modernise and consolidate the EU payments framework, address regulatory fragmentation under PSD2, and enhance consumer protection, fraud prevention and access to data. For FinTechs, particularly those operating as payment and e-money institutions, PSD3 introduces stricter authorisation requirements, stronger AML provisions and enhanced obligations around incident reporting and transaction transparency. In parallel, MiCA and DORA have now entered into force, imposing rigorous standards on cryptoasset service providers (CASPs) and digital infrastructure resilience, respectively. The cumulative effect of these measures is profound: FinTech firms are being driven to professionalise compliance functions, invest in cyber security and align their operations with EU-wide supervisory expectations – shaping both market entry strategies and long-term growth plans.

How do you expect FinTech to evolve over the coming years? What issues are set to influence FinTech development in the months and years ahead?

In the coming years, FinTech is expected to evolve with the continued integration of AI, blockchain and automation across FS. The rollout of MiCA, DORA and the proposed PSD3/PSR framework will be pivotal, setting a harmonised foundation for payments, cryptoassets and operational resilience. These regulations will likely accelerate market consolidation, as firms must meet increasingly sophisticated compliance and risk management standards. We expect that the rise of decentralised finance will continue to challenge traditional banking structures, while digital currencies, including central bank digital currencies, are likely to play a significant role in reshaping the payment landscape. Regulators will increasingly focus on consumer protection, privacy, cyber security and AML measures as FinTech companies expand their services. The growing adoption of open banking will drive more collaboration between banks, FinTech firms and non-financial companies, enabling more seamless, personalised financial experiences. Overall, FinTech firms that embed regulatory readiness, innovation and responsible governance into their strategic models will be best positioned to thrive in the next phase of Europe’s digital finance landscape.