May 2026 Global Regulatory Brief: Digital finance (Prediction markets, digital collateral and cryptoasset capital rules)

As technology continues to reshape financial services, regulators and policy setters are embarking on a range of digital-finance initiatives to manage risks and set appropriate standards. The following digital finance policy developments represent a sample of wider regulatory and policy coverage available to Bloomberg Terminal customers. Run REGS <GO> to find out more or contact your Bloomberg representative to learn more:

• US: CFTC steps up actions on prediction markets
• Japan: JPX tests digital JGB collateral via blockchain
• Singapore: MAS consults on prudential treatment of permissionless cryptoassets
• UK: FCA publishes summary of 2025 Cyber Coordination Group insights

CFTC steps up actions on prediction markets

Summary:
The U.S. Commodity Futures Trading Commission (CFTC) has recently taken a series of steps to assert and defend its role as the federal regulator of prediction markets.

Chairman Michael Selig’s approach to prediction markets combines support for federally regulated prediction markets with active enforcement against misconduct.

Federal versus state supervision:

• In April 2026, the CFTC filed lawsuits against New York and Wisconsin seeking to prevent those states from applying gambling laws to CFTC-regulated event contract markets, arguing that federal law gives the CFTC exclusive authority over prediction markets. 
• The agency has also supported similar arguments in other proceedings through amicus filings. 
• While some states, including Wisconsin, have brought actions alleging violations of state law, Chairman Selig takes the view that “states cannot circumvent the clear directive of Congress” and that the CFTC will act where state measures interfere with the federal regulation of financial markets.
• Chairman Selig has emphasized that prediction markets operate under the Commodity Exchange Act as federally regulated exchanges, with clearing and investor protection frameworks.
• He has also highlighted the potential benefits of these markets to the broader economy, and considers the CFTC the best placed agency to oversee their integrity and growth.

Enforcement: 

• In parallel, the CFTC has begun bringing enforcement actions in this space, including what it described as its first insider-trading case involving event contracts.
• The case alleges that an active-duty service member in the U.S. Army engaged in insider trading using classified material non-public information (MNPI) regarding the capture of former Venezuelan President Nicolás Maduro to generate more than $404,000 in profits.
• CFTC Director of Enforcement David Miller has stated that exchanges should act as a “first line of defense” in detecting and preventing misconduct, and that there should be no doubt as to the prohibition on insider trading in commodity markets.

Looking ahead:
The CFTC has indicated that it is working to further clarify the regulatory framework for prediction markets, including through guidance and continued enforcement.

JPX tests digital JGB collateral via blockchain

Summary:

Japan Exchange Group (JPX), through its clearing subsidiary Japan Securities Clearing Corporation (JSCC), announced the launch of a proof of concept to modernize JGB collateral management using blockchain technology, in collaboration with Mizuho Financial Group, Nomura Holdings, and Digital Asset Holdings. The project brings together core market infrastructure and leading financial institutions to test real-time, 24/7 digital collateral transactions, including cross-border use cases, while preserving the legal status of JGBs. Supported by the JFSA, the initiative underscores a coordinated industry effort to enhance collateral efficiency, reduce operational costs, and strengthen Japan’s financial market competitiveness.

Context:

As digital asset adoption accelerates globally, establishing digital collateral management using Japanese Government Bonds (JGBs)—highly valued eligible collateral among institutional investors—has become an urgent priority for Japan. This proof of concept combines existing JGB infrastructure with blockchain technology to enable 24/7, real time collateral transactions, including cross border use cases. By maintaining JGBs’ legal status while enhancing efficiency, the initiative aims to reduce operational burdens, lower costs for financial institutions and investors, strengthen JGB liquidity in digital markets, and enhance the international competitiveness of Japan’s financial system.

Key Takeaways:

• Mizuho, Nomura, JSCC, and Digital Asset Holdings launched a proof of concept using the Canton Network to advance digital collateral management for Japanese Government Bonds (JGBs).
• The experiment tests whether blockchain can support legally compliant transfer of JGB rights and account book updates across multiple custodians under Japan’s Book Entry Transfer Act.
• The proof of concept aims to enable 24/7, real-time collateral transactions while preserving JGBs’ legal status as issued securities by integrating blockchain technology with existing infrastructure. 
• Cross-border collateral use cases are included, covering interactions among clearing houses, institutional investors, clients, and agents across domestic and international markets.
• Legal and regulatory compatibility is assessed, including potential needs for rule amendments and functional enhancements toward future commercialization.
• The project is part of the JFSA supported Payment Innovation Project (PIP), which approved the initiative in February 2026.
• JGBs are viewed as highly valued eligible collateral globally, making digital collateralization a priority amid accelerating digital asset adoption.
• Expected benefits include significant operational efficiency gains, reduced collateral management costs, and improved liquidity through real time substitution and allocation.
• Digitally managing JGBs on blockchain may enable deeper integration with other digital assets, supporting new transaction models and financial innovation.
• The initiative aims to strengthen JGB utilization by global institutional investors and enhance the international competitiveness of Japan’s financial markets.

Next step:

The participating institutions are expected to continue assessing scalability, legal frameworks, operational integration, and regulatory considerations as the proof of concept develops. Further industry engagement and testing may inform future commercialization efforts.

MAS consults on prudential treatment of permissionless cryptoassets

Summary

The Monetary Authority of Singapore (MAS) has launched a consultation proposing a more risk‑sensitive prudential treatment for cryptoassets issued on permissionless blockchains. The proposals would allow certain permissionless cryptoassets to qualify for Group 1 prudential treatment, subject to principle‑based safeguards and interim exposure and issuance caps for banks.

Context:

In its March 2025 consultation on the prudential treatment of cryptoasset exposures, MAS proposed that permissionless cryptoassets be classified as Group 2 due to governance, technology, settlement finality and AML/CFT risks. Industry feedback argued this approach was overly restrictive and not technology‑neutral given developments such as layer‑2 solutions and enhanced risk controls. MAS has since reconsidered its position and now proposes an interim framework ahead of finalising the broader cryptoasset prudential regime.

Key takeaways:

• MAS proposes to allow permissionless cryptoassets to be classified as Group 1 where banks can demonstrate that key risks are adequately mitigated, rather than automatically assigning them to Group 2.
• Certain classification conditions relating to validator regulation, network traceability and governance would be disapplied for permissionless cryptoassets, provided new principle‑based requirements are met.
• The principle‑based requirements focus on mitigating governance risk, technology and settlement finality risk, and AML/CFT risk, with deeming provisions setting out examples of acceptable safeguards.
• During the interim period, exposure and issuance caps would apply to permissionless cryptoassets treated as Group 1:
  • For locally incorporated banks, exposures would be capped at 2% of Tier 1 capital and issuances at 5% of Tier 1 capital.
  • For Singapore branches of foreign banks, exposures would be capped at 0.2% of total branch assets and issuances at 1% of total branch assets.
• Banks would be required to notify MAS at least one month before classifying a permissionless cryptoasset as Group 1 and provide senior risk management confirmation that all requirements are met. MAS retains the right to override a bank’s classification.

Next steps:
MAS is seeking feedback from banks and other stakeholders on the proposed principle‑based requirements, deeming provisions, AML/CFT safeguards, and the use and calibration of exposure and issuance caps.

The consultation closes on 18 May 2026.

FCA publishes summary of 2025 Cyber Coordination Group insights

Summary:

The UK Financial Conduct Authority (FCA) has published a summary of 2025 discussions from its Cyber Coordination Group (CCG), highlighting industry practices on cyber resilience. The publication provides insights across incident response, emerging technologies, and insider risk, without introducing new regulatory requirements.

Context:

The CCG programme, established in 2017, brings together around 140 firms to share cyber resilience insights with regulators and the National Cyber Security Centre (NCSC). The FCA continues to use the forum to support firms in meeting existing operational resilience and cyber risk expectations.

Key takeaways:

Incident response and recovery

• Members discussed how firms prepare for, respond to and recover from large-scale incidents, with a focus on testing, stakeholder readiness and recovery planning following severe disruption.
• Detailed service mapping across people, technology assets and third parties was seen as critical to effective response and recovery. It helps firms understand interdependencies, prioritise recovery actions and support minimum viable services, although maintaining accurate maps can be difficult in large, complex and multinational organisations.
• Firms emphasised the importance of clearer contractual obligations, greater supply chain transparency, particularly in relation to AI, and involving key suppliers in response and recovery testing. However, defining, testing and embedding third-party roles during incidents often remains challenging.
• Firms noted that combining sandbox and live-system testing can challenge assumptions more effectively than tabletop exercises alone.
• Developing severe but plausible scenarios was seen as a useful way to strengthen testing of important business services, with more realistic exercises often revealing practical issues such as network configurations and firewall dependencies.
• Early board and senior management engagement was seen as improving incident decision-making, escalation and communication, although securing that engagement can be difficult where relationships are less established.
• The NCSC Early Warning service was viewed as a useful tool for improving threat intelligence, earlier detection and exposure assessment.

Emerging technologies

• Members discussed firms’ approaches to adopting emerging technologies, including AI, and the implications for cyber resilience.
• Firms generally said they are integrating AI-related risks into existing governance frameworks rather than creating standalone processes.
• Good cryptographic hygiene was seen as the foundation for effective preparation for post-quantum cryptography (PQC), while risk-based planning helps firms prioritise which assets to address first in any migration programme.
• Firms also reported practical challenges. Many lack sufficient visibility into how third-party suppliers are using AI.
• Members noted that threat actors are increasingly using AI to enhance phishing, vishing and deepfake-enabled attacks.
• Some firms are developing role-specific training and broader technology literacy programmes covering AI and PQC, but maintaining senior sponsorship can be difficult where boards view PQC as a distant issue.
• Members also observed that PQC training is often too technical and not easily translated into practical business actions.

Insider risk

• Members discussed their experiences of managing insider risk from a cyber resilience perspective, including examples of good practice and common detection challenges.
• Insider risk management was consistently described as a cross-functional issue requiring coordination between cyber, HR, legal, operations, conduct, ethics and financial crime teams.
• Firms highlighted the importance of balancing effective security controls with a culture of trust.
• Joint operating forums and cross-functional triage groups were seen as useful mechanisms for improving the identification of and response to insider risks.
• Properly configured behavioural analytics and data loss prevention tools can strengthen detection capabilities, while insider risk scenarios can add value in both red team and tabletop exercises.
• Strong identity and access controls, including privileged access management, were also highlighted as important risk mitigants.
• Implementation can, however, be complex. Privacy and employment laws, particularly in the EU, may restrict monitoring and require different approaches across jurisdictions.
• Controls may also be perceived as punitive if they are not clearly governed and communicated.
• Monitoring tools can generate very high volumes of alerts, and AI-based tools may be of limited value unless carefully calibrated with sufficient context and mature baselines.
• Some firms also reported that they still lack a clear and consistent definition of who should be treated as an insider.

Next steps:

Firms are expected to consider the insights within the context of existing FCA expectations on operational resilience and cyber risk management.

Ongoing engagement through the CCG programme will continue to inform supervisory dialogue and industry practices.