May – June 2025 Regulatory Round-Up

I. FCA & HMT Proposals for Simplifying the Alternative Investment Fund Managers (AIFM) Regime

II. Navigating AI Risk: UK Regulators Publish Baseline Guidance for Generative AI Adoption

III. FCA Secures Convictions for £1 Million Insider Trading and Money Laundering Scheme

IV. IOSCO report and guidance on liquidity risk management for Collective Investment Schemes

V. ESMA’s Principles on Supervising Third-Party Risks

VI. The European Commission Seeks Views on Overhauling the SFDR

VII. FCA AI Lab & live testing service

FCA & HMT Proposals for Simplifying the Alternative Investment Fund Managers (AIFM) Regime

HM Treasury (HMT) and the Financial Conduct Authority (FCA) have launched consultations proposing a streamlined regulatory framework for UK AIFMs. The key proposals include:

• Shifting from assets under management (AUM) to net asset value (NAV) for regulatory categorisation calculations allowing for the offsetting of liabilities and excluding leverage
• "Large" AIFMs managing over £5 billion NAV would be subject to a comprehensive regime, similar to current full-scope rules but with some modifications.
• "Mid-sized" AIFMs would operate under a simpler, more flexible regulatory layer.
• "Small" AIFMs would have lighter-touch requirements albeit that the new NAV-based threshold of £100 million will bring in scope of more comprehensive regulation managers that currently operate on an unregulated or very light-touch regulatory basis.
• Responses to the consultations were due by 9 June 2025, and the FCA plans to publish detailed rules in the first half of 2026, contingent on feedback.

These reforms aim to introduce a more proportional and simplified regulatory approach, aligning obligations with fund scale and complexity, and reducing the compliance burden for the fund management industry. For more information, please see Akin's alerts on the proposals.

Navigating AI Risk: UK Regulators Publish Baseline Guidance for Generative AI Adoption

The UK’s financial regulators have released new guidance to help firms manage the risks of generative AI. Issued by the Cross Market Operational Resilience Group (CMORG) and supported by the FCA, Bank of England, PRA, and industry bodies, the guidance outlines practical steps for responsible AI adoption in financial services.

The guidance clarifies how existing regulatory frameworks, such as the FCA’s Systems and Controls (SYSC), operational resilience requirements, and the Senior Managers & Certification Regime (SM&CR), apply to AI technologies. This aligns with the UK Government’s principles-based approach, balancing innovation with safety, fairness, and accountability.

Key Risk Areas for Firms

• Governance & Oversight: Senior management must ensure clear accountability for AI systems. Boards should oversee AI risk and align deployments with existing risk and resilience frameworks.
• Risk Management & Testing: Conduct thorough risk assessments before deployment, covering data quality, bias, cybersecurity, and model reliability. Ongoing monitoring and scenario testing are essential.
• Third-Party Risk & Outsourcing: Perform strong vendor due diligence, establish clear contractual safeguards, and actively monitor performance, especially for providers outside the UK.
• Human Oversight: Maintain human accountability for critical AI-driven decisions affecting consumers or markets.
• Education & Culture: Equip staff with the skills and awareness to safely integrate AI, including ethical considerations and misuse scenarios.

Looking Ahead

The FCA and Bank of England will monitor AI adoption through surveys and market engagement. They are considering including AI-driven risks in future financial stability stress testing, aligning with international efforts by IOSCO and the Basel Committee.

What This Means for Firms

The message from regulators is clear: firms must integrate generative AI into existing governance and risk frameworks, not treat it as an experimental project. Proactive risk management and clear accountability are crucial for protecting consumers, markets, and financial stability. Now is the time to build robust controls and embed responsible innovation.

FCA Secures Convictions for £1 Million Insider Trading and Money Laundering Scheme

The Financial Conduct Authority (FCA) has successfully prosecuted Redinel Korfuzi and his sister, Oerta Korfuzi, for insider trading and money laundering offences, which netted them over £1 million.

Redinel Korfuzi, a research analyst at an asset management company, had access to confidential, market-sensitive information. Between 17 December 2019 and 25 March 2021, he and his sister misused this information by trading shares in at least 13 companies before official market updates were released.

The trades were conducted using accounts held by Oerta Korfuzi, personal trainer Rogerio de Aquino, and his partner Dema Almeziad. They used Contracts for Difference (CFDs) to bet on share price drops and closed these positions once the market reacted. Despite efforts to conceal Redinel’s involvement, the FCA’s market monitoring systems detected the suspicious activity.

The Korfuzis were also found guilty of laundering criminal proceeds. Between January 2019 and March 2021, they deposited £198,210 in cash across 176 transactions, unrelated to the insider trading offences.

Rogerio de Aquino and Dema Almeziad, who were charged alongside the Korfuzis, were acquitted of all charges.

IOSCO report and guidance on liquidity risk management for Collective Investment Schemes

The International Organisation of Securities Commissions (IOSCO) released updated recommendations and guidance on liquidity risk management for Open-Ended Funds on 26 June 2025.

IOSCO's final report, "Revised Recommendations for Liquidity Risk Management for Collective Investment Schemes (CIS)," and a companion guide, "Guidance for Open-Ended Funds for the Effective Implementation of the Recommendations," replace the 2018 framework and incorporate the Financial Stability Board’s (FSB) December 2023 “Revised Policy Recommendations to Address Structural Vulnerabilities from Liquidity Mismatch in Open-Ended Funds.”

The revised framework introduces 17 updated recommendations across six key areas:

• Product design
• Liquidity management tools
• Routine practices
• Stress testing
• Governance
• Disclosures

A significant change is the new classification system that assigns funds to one of four liquidity profiles, from primarily liquid to highly illiquid. However, the industry has raised concerns about oversimplification and the potential underestimation of investor behaviour and market conditions.

The guidance now explicitly supports tools like soft fund closures and deferred redemptions to manage liquidity and clarifies key terms in open-ended fund structures.

UK Developments and Next Steps

IOSCO plans to review implementation by the end of 2026. In the UK, the Financial Conduct Authority (FCA) will consult in 2025 on changes to the Collective Investment Schemes Sourcebook (COLL) to align with the updated IOSCO and FSB guidance, particularly addressing issues surrounding daily-dealt open-ended property funds.

These changes could significantly impact UK authorised fund managers, especially those dealing with less liquid assets, and may also affect managers of unauthorised funds.

ESMA’s Principles on Supervising Third-Party Risks

In June 2025, the European Securities and Markets Authority (ESMA) published new principles to strengthen the supervision of third-party risks in the financial services sector. These "Principles on Supervisory Oversight of Third-Party Risk" are not binding but signal a significant shift in how EU regulators will approach outsourcing, delegation, and broader third-party reliance. While the principles do not introduce new requirements for regulated firms directly, they set clear expectations for national competent authorities (NCAs) and their supervisory methods. This guidance is particularly relevant for relationships between platform AIFMs and their delegated investment managers, potentially pushing for greater substance and transparency from these managers.

Why Now?

Third-party risk has grown in importance as financial firms increasingly rely on external providers for services ranging from fund administration and custody to cloud computing and operational support. While the EU’s Digital Operational Resilience Act (DORA) addresses ICT-related outsourcing, ESMA’s initiative fills a gap for non-ICT third-party arrangements, such as fund management delegation and valuation services. ESMA is concerned about "empty shells"—licensed entities that outsource so much that they lose meaningful control. The principles aim to ensure firms remain operationally resilient and capable of overseeing outsourced tasks, even when providers are highly specialised or based in third countries.

Core Principles at a Glance

The principles cover several key areas:

• Governance and Control: Firms must retain full responsibility for outsourced functions, with senior management actively overseeing and intervening if necessary.
• Risk Assessment and Due Diligence: Firms and regulators must thoroughly assess and monitor the risks associated with third-party providers, including their financial health, data practices, and operational resilience.
• Contractual Protections: Robust contracts are essential, defining service levels, audit rights, termination clauses, and contingency plans. Exit strategies for critical services are also encouraged.
• Monitoring and Performance Management: Firms should closely monitor third-party performance using KPIs, audits, and scenario planning.
• Audit and Termination Rights: Firms must maintain the right to audit providers and have clear exit strategies, especially in cases of concentration risks or cross-border outsourcing.

A Risk-Based and Proportionate Approach

ESMA advocates a risk-based and proportionate approach, considering the nature, scale, and criticality of the outsourcing arrangement. High reliance on non-EU providers or a concentration of services with a single vendor warrants deeper scrutiny.

Strategic Context and Implications

This guidance aligns with global efforts by IOSCO, the FSB, and the Basel Committee to manage systemic vulnerabilities from third-party dependencies. It complements DORA and supports ESMA’s goal of fostering supervisory convergence across the EU. ESMA plans to review the implementation of these principles by the end of 2026, indicating closer scrutiny in the coming years.

What This Means for Regulated Firms

While the principles target supervisors, they send a clear message to regulated entities. Expect tougher questions from regulators about outsourcing arrangements, especially critical functions, governance structures, and exit plans. Firms must demonstrate active risk management, not just compliance.

In the UK, which is outside the EU but closely aligned in regulatory areas, the FCA has also been focusing on outsourcing and operational resilience. Although the ESMA principles won’t apply directly, they could influence best practices and cross-border supervisory expectations.

ESMA’s principles reflect the growing recognition that third-party risk is a systemic issue. Firms must understand, manage, and own these risks, regardless of the service provider. Supervisors are being called on to lead, and firms should expect higher standards for oversight and accountability.

Revised Stewardship Code scope

The FRC plans to remove explicit “environment and society” obligations from its stewardship code. While not directed at fund managers only, it may influence stewardship expectations and ESG integration.

ESG & Sustainability Regime

The FCA has paused the Sustainability Disclosure Requirements (SDR) regime extension to portfolio/wealth managers.

The Financial Conduct Authority (FCA) has announced a second pause in extending its UK SDR and investment labelling regime to portfolio management, including model, customised, and bespoke portfolios. This decision follows the FCA’s April 2024 consultation (CP 24/8), which sought feedback on applying the same SDR and labelling rules used for fund managers to portfolio managers.

Despite broad support for the consultation, respondents highlighted several key concerns:

• Scope: Complications around tailored portfolios and adviser-as-client models.
• Timelines: The originally proposed December 2024 implementation was deemed too rushed, given ongoing adjustments in the UK funds regime and overseas funds rules.
• Labelling Criteria: Practical challenges in achieving the 70% sustainability threshold and clarity on the meaning of labels.
• Naming & Marketing: Need for more guidance on rules across different portfolio types and client relationships.
• Disclosures: Questions over how tiered disclosure requirements would operate in practice, particularly in consumer- and entity-level reporting.

The FCA will reconsider these issues before setting a new timetable. Meanwhile, it plans to prioritise a multi-firm review of model portfolio services under its Consumer Duty and has issued a reminder that the anti-greenwashing rule, effective from 31 May 2024, remains fully in force.

The European Commission Seeks Views on Overhauling the SFDR

On 2 May 2025, the European Commission launched a Call for Evidence on the future of the Sustainable Finance Disclosure Regulation (SFDR), closing on 30 May 2025. The consultation aimed to address concerns over clarity, usability, and coherence with other sustainability laws.

Since its implementation, SFDR has faced criticism for creating market confusion. Key terms like “sustainable investment” lack legal certainty, and disclosure requirements are seen as overly complex and duplicative, often disconnected from investor needs. The interaction with the EU Taxonomy and the Corporate Sustainability Reporting Directive (CSRD) has also led to reporting overlaps and compliance burdens.

The Commission, supported by the European Supervisory Authorities (ESAs) including ESMA, sought feedback on streamlining disclosures, improving transparency, and combating greenwashing. A key question was whether SFDR should evolve into a labelling regime with defined product categories such as “sustainable” or “transition.”

Stakeholders, including Eurosif and IIGCC, called for a clearer framework that better distinguishes between products actively contributing to sustainability goals and those supporting the transition. They emphasised the need to align definitions and disclosures with the CSRD and EU Taxonomy.

The Commission is expected to present a legislative proposal in Q4 2025, potentially leading to “SFDR 2.0.” This could shift the focus from disclosure to a more robust classification system for sustainable investment products.

The outcome will be closely watched by asset managers, insurers, and pension providers across Europe, as it will significantly shape the EU sustainable finance market.

FCA AI Lab & live testing service

The FCA will launch its AI testing service in September 2025, allowing asset managers to trial consumer-facing AI tools under regulatory supervision. This follows the AI Lab announcement on 29 April. The FCA issued an engagement paper to gather input from firms on how the live AI testing service can help deploy safe and responsible AI, benefiting UK consumers and markets.

The live testing service, part of the FCA’s AI Lab, aims to support firms in developing and deploying AI by filling a testing gap that hinders AI adoption. It will enable firms to collaborate with the FCA to ensure their AI tools are ready for use and provide the FCA with insights into AI’s impact on UK financial markets.

The service will offer regulatory support to firms deploying consumer or market-facing AI models and is set to run for 12 to 18 months. It aligns with the FCA’s 5-year strategy to support growth through innovation and maintain the UK’s competitive edge in financial services with a tech-positive approach. The FCA also aims to become a smarter regulator by embracing data and technology.

Jessica Rusu, the FCA’s chief data, intelligence, and information officer, said: "Under our new strategy, we’re committed to being increasingly tech-positive to support growth. We want financial firms and their customers to benefit from AI, so we’re providing a safe space to test how they plan to use it."