E-commerce and trade

Sweden warns of growing criminal exploitation of digital payment systems

Sweden’s financial regulator, Finansinspektionen, has warned that organised criminal networks are increasingly exploiting weaknesses in payment systems and digital banking infrastructure. The assessment points to a more challenging risk environment driven by faster transactions, cross-border financial flows and increasing technological complexity.

Financial institutions across the Nordic region are expected to adopt more proactive and intelligence-led compliance approaches.

Retail banks remain primary targets because of their high transaction volumes and role in the initial placement of illicit funds. Criminals rely on shell companies and layered ownership structures to conceal beneficial ownership and bypass standard due diligence.

Regulators now expect stronger analytical capabilities and more robust identity verification processes, particularly within automated onboarding systems that may be vulnerable to fraud and mule-account creation.

Payment service providers and crypto-asset platforms are facing increased scrutiny because they enable the rapid movement of funds across jurisdictions. Authorities stress that real-time screening is now essential, as post-transaction analysis is no longer sufficient.

Crypto-related risks are amplified by mixing tools and decentralised systems, requiring strict origin-of-wealth checks and full compliance with travel rule standards.

Supervisory findings also highlight risks from professional enablers and compromised SMEs used to bypass controls. Insider involvement and distressed businesses can mask illicit activity through seemingly legitimate operations.

Finansinspektionen said stronger sanctions screening, continuous monitoring, and executive-level compliance oversight are essential to address evolving money laundering and illicit financing risks.

Why does it matter? 

The warning reflects a broader shift in financial crime, where criminal organisations increasingly exploit the speed, scale and interconnected nature of modern financial systems. As digital payments, instant transfers and crypto-assets become more widely used, traditional compliance approaches based on retrospective reviews may struggle to keep pace with rapidly moving illicit funds.

The assessment also highlights the growing convergence of financial regulation, cybersecurity and digital governance. Financial institutions are increasingly expected to deploy advanced analytics, real-time monitoring and stronger identity verification controls to detect criminal activity before transactions are completed. Similar regulatory trends are emerging across Europe and other jurisdictions as authorities seek to strengthen resilience against money laundering, fraud and sanctions evasion.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our chatbot!  

Stablecoin issuers face new customer verification requirements under the US GENIUS Act

US financial regulators have proposed new rules requiring certain payment stablecoin issuers to implement bank-style customer identification programmes under the GENIUS Act framework. The proposal would classify permitted stablecoin issuers as financial institutions under the Bank Secrecy Act, expanding compliance obligations to include customer identity verification and anti-money laundering (AML) controls.

Under the joint proposal issued by the Federal Reserve and other federal financial regulators, issuers would be required to collect and verify key customer information, including names, addresses, dates of birth and identification numbers before opening accounts.

Issuers would also be required to adopt risk-based procedures that enable them to reasonably verify customer identities based on their business model, operational scale and onboarding processes.

Regulators clarified that customer identification requirements would apply only to direct relationships between users and issuers, including issuance, redemption, custody and reserve-management services. Secondary market transactions, including user transfers and intermediary activity, would generally fall outside these obligations due to enforcement limitations.

The proposal is now open for public consultation and forms part of wider discussions on the interaction between federal and state regulatory frameworks under the GENIUS Act.

Why does it matter?

The proposal marks another step in integrating stablecoins into the mainstream financial regulatory framework. By applying customer identification and anti-money laundering requirements at the issuer level, regulators are seeking to reduce financial crime risks while allowing stablecoins to operate as regulated payment instruments.

The distinction between direct issuer relationships and secondary-market transactions is also significant. It reflects an attempt to balance compliance requirements with the decentralised nature of blockchain networks, where peer-to-peer transfers and intermediary activity can be difficult to monitor directly. The outcome of the consultation could help shape the future regulatory architecture for digital dollars and influence stablecoin oversight in other jurisdictions.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our chatbot!

Oman launches mandatory national Bitcoin mining pool

Oman has introduced a mandatory state-backed Bitcoin mining pool under its digital asset strategy, requiring all licensed miners to operate through a single national platform. The initiative reflects a broader effort to formalise and centralise crypto mining within a regulated framework while expanding Oman’s industrial-scale digital economy.

The national pool, Omanhash.com, was launched by the Ministry of Transport, Communications and Information Technology in partnership with Frontier Technologies LLC and supported by infrastructure provider Enegix Global.

The platform is expected to aggregate substantial computing power, giving authorities greater visibility into mining output, energy consumption and Bitcoin production within the country.

The framework consolidates existing mining investments that have reached hundreds of millions of dollars in recent years, including large-scale data centre developments in the Salalah Free Zone.

Rather than restricting mining activity, the model integrates it into a controlled national framework designed to support regulatory oversight, reporting and compliance.

Industry participants describe the model as a sovereign mining framework already tested in other jurisdictions, where similar pool structures have been used to integrate taxation and compliance monitoring into mining operations.

Why does it matter? 

Oman’s approach represents a notable evolution in how governments engage with cryptocurrency mining. Instead of treating Bitcoin mining as a largely private activity regulated from the outside, the country is integrating mining operations into a state-supervised framework that provides greater visibility over production, energy use and economic activity.

The initiative also raises broader questions about the future relationship between decentralised technologies and state governance. If similar models are adopted elsewhere, governments could gain a more active role in monitoring and shaping participation in blockchain networks while preserving the economic benefits associated with digital asset industries. The outcome may influence future debates on digital sovereignty, crypto regulation and the balance between decentralisation and regulatory oversight.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our chatbot!

China expands AI adoption across consumer economy

China’s Ministry of Commerce and seven other government departments have issued guidelines to accelerate the integration of AI into consumer markets.

The implementation document sets out 17 measures in five areas under an ‘AI plus consumption’ strategy. It aims to expand smart product consumption, support AI-enabled services and create new consumer scenarios.

For goods consumption, the guidelines call for a wider supply of AI products, upgrades to consumer electronics, household appliances and home products, and the development of smart wearable devices. They also promote AI-powered robots for elderly care, companionship and daily assistance.

For services, the measures encourage the use of AI in home services, elderly care, tourism, accommodation, catering and education. Examples include smart elderly-care facilities, AI-enabled tourism services and smart canteens in offices, schools and hospitals.

The guidelines also call for faster development of smart retail, deeper integration of AI with e-commerce and improved smart logistics networks at county, township and village levels. Authorities also want to expand delivery coverage in remote areas.

China will support ‘AI plus consumption’ clusters and AI experience centres, while encouraging rental, sharing and trial use of AI products in public venues. Local authorities are also encouraged to introduce subsidies for next-generation smart terminals and other AI-related consumer products under existing consumer goods trade-in policies.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!

Malta launches consultation on regulating decentralised finance under MiCA

Malta’s Financial Services Authority (MFSA) has launched a consultation on how decentralised finance (DeFi) could be incorporated into the European Union’s Markets in Crypto-Assets Regulation (MiCA), focusing on governance, accountability, and the practical definition of decentralisation.

The consultation reflects growing uncertainty over how existing crypto rules should apply to DeFi protocols that combine automated processes with varying degrees of human oversight and control.

Regulators note that while MiCA excludes services operating in a fully decentralised manner without intermediaries, many DeFi protocols retain centralised features such as administrator privileges, upgrade controls and concentrated governance structures.

The MFSA suggests that decentralisation should be assessed along a spectrum rather than treated as a binary concept, raising the possibility of a standardised assessment framework to determine whether a protocol falls within regulatory scope.

The paper also explores whether regulated crypto firms should be required to assess smart contracts, governance structures and risk-management frameworks before integrating DeFi protocols into regulated services.

Additional considerations include legal structures for decentralised organisations and oversight mechanisms such as automated ‘guardian agents’ designed to monitor compliance with predefined governance and predefined risk parameters.

Why does it matter? 

The consultation targets one of the most unresolved areas in European crypto regulation: where decentralisation ends, and regulated financial activity begins. Without a clear and consistent definition, DeFi projects can fall into regulatory grey zones that create uneven enforcement across member states and complicate risk supervision for cross-border services.

Establishing whether decentralisation is treated as a spectrum could significantly reshape compliance obligations, determining which protocols must meet MiCA standards and which remain outside its scope, ultimately affecting innovation, investor protection, and regulatory certainty across the EU crypto ecosystem.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our chatbot!  

US lawmakers back housing bill with ban on CBDC until 2030

US lawmakers have agreed on a bipartisan housing affordability bill that includes a provision preventing the Federal Reserve from issuing a central bank digital currency (CBDC) until the end of 2030. The measure was incorporated into the 21st Century ROAD to Housing Act, which is primarily focused on increasing housing supply and improving affordability.

The agreement follows months of negotiations between the House and Senate, with the Senate passing its amended version in March 2026 by a vote of 89 to 10. The inclusion of the CBDC restriction reflects longstanding political concerns about privacy, government surveillance and the potential implications of a state-issued digital dollar.

Alongside housing reforms, the legislation seeks to limit the acquisition of single-family homes by large institutional investors, with the aim of improving access for first-time buyers. Lawmakers behind the bill include key bipartisan figures in the Senate Banking Committee, signalling broad support for the package.

Market observers suggest the restriction could benefit private stablecoin issuers by reducing the prospect of competition from a government-backed digital currency. While the measure sets a clear policy direction through 2030, debates over the future of a US CBDC are likely to continue as other countries advance their own central bank digital currency initiatives.

Why does it matter?

The measure represents a significant development in the US debate over digital currencies, effectively delaying any potential retail CBDC issued by the Federal Reserve for several years. It reflects persistent concerns among policymakers about privacy, surveillance and the role of government in digital payments, while signalling growing political support for market-based alternatives.

The decision could also influence the broader global competition around digital currencies. As countries including China, the European Union and several emerging economies continue exploring or deploying CBDCs, the United States appears to be taking a more cautious approach. This may strengthen the role of private-sector solutions such as stablecoins while raising questions about the long-term direction of US digital currency strategy.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our chatbot!

EU court clarifies age verification rules for pornographic websites

The Court of Justice of the European Union (CJEU) has clarified the conditions under which EU Member States may require age verification for users of pornographic websites and restrict the rebroadcasting of information about certain roadside checks.

The ruling concerns joined cases involving WebGroup Czech Republic, NKL Associates and Coyote System. The cases were referred by France’s Council of State and concerned French measures requiring pornographic websites to verify users’ ages and allowing restrictions on geolocation driving assistance services that rebroadcast information about certain roadside checks.

The companies argued that the measures breached the country-of-origin principle under the Directive on electronic commerce. Under that principle, information society services are generally governed by the laws of the Member State in which the provider is established.

The Court found that the contested measures, including age verification requirements, fall within the directive’s coordinated field and that applying them to providers established in other Member States constitutes a restriction on the free movement of the services concerned. However, it said the directive allows such restrictions under certain conditions.

The CJEU said Member States may impose measures on providers established elsewhere in the EU where necessary for recognised objectives such as public policy, public security, or public safety. According to the Court, protecting minors through age verification may constitute a public policy objective, while restrictions on rebroadcasting information about certain roadside checks may be justified on public security grounds.

The Court said such measures must be proportionate and targeted at specific information society services that actually prejudice those objectives. Except in urgent cases, the Member State taking the measure must first ask the provider’s Member State of establishment to act and must notify the European Commission and that Member State before adopting the measure.

The ruling means an EU Member State may require providers established in another Member State to introduce age verification systems to prevent minors from accessing pornographic websites, provided the directive’s conditions are met. The referring French court must determine whether the national age verification measures satisfy those conditions.

The Court also addressed liability for information stored and rebroadcast by online services. It said a provider cannot rely on the hosting liability exemption if it has knowledge of or control over the information. Control can exist when a provider uses an algorithm to determine the conditions, methods and priority according to which information is rebroadcast.

The decision therefore clarifies both the limits of the e-commerce country-of-origin principle and the circumstances in which algorithmic control over content distribution may affect platform liability.

Why does it matter?

The ruling provides important guidance on how EU Member States can pursue online safety objectives while respecting the Digital Single Market’s country-of-origin principle. In particular, it confirms that age verification requirements aimed at protecting minors may be applied to providers established in other Member States, provided procedural safeguards and proportionality requirements are met.

The judgement also has broader implications for platform governance and intermediary liability. By highlighting the relevance of algorithmic control in determining whether a provider can benefit from hosting liability exemptions, the Court contributes to ongoing debates about platform responsibility, content moderation and the legal consequences of algorithm-driven content distribution.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

Thailand updates legal framework to modernise capital markets 

Thailand is advancing amendments to the Securities and Exchange Act to create a legal framework for electronic securities and support the digitalisation of its capital markets.

The draft bill has passed its first reading in the House of Representatives, with a special committee appointed to review the details before the second and third readings. The proposal would allow securities to be issued, held, transferred and used as collateral in electronic form with legal effect.

Government officials said the reform is intended to improve access to capital, reduce transaction costs and make capital market processes more efficient. The initiative forms part of Thailand’s broader effort to modernise financial infrastructure and support the digital economy.

The framework would apply to existing capital market instruments, including shares, bonds and investment units. Authorities have presented the measure as a way to digitise securities processes under a clearer legal and regulatory framework, rather than as a move to create a new category of unregulated digital assets.

The proposal also includes safeguards for investors and market integrity, including rules on securities registries, client assets and regulatory oversight of electronic securities transactions.

Why does it matter?

The reform shows how digital finance policy is moving beyond cryptocurrencies and payment systems into the core infrastructure of capital markets. By giving electronic securities legal effect, Thailand could reduce paperwork, lower transaction costs, and make fundraising more efficient. The practical impact will depend on the final text, regulatory implementation and whether market participants adopt the new digital processes at scale.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our chatbot!  

Netherlands requires one-click cancellation button for online purchases

The Netherlands has announced that online retailers and providers of online services will be required to include a clear cancellation button on their websites from 19 June 2026. The measure is intended to make it easier for consumers to exercise their right of withdrawal during the statutory 14 day cooling off period.

Under the new rules, customers will be able to cancel a purchase or service through a dedicated online button rather than completing a form or contacting customer services. The cancellation button will serve as an additional withdrawal mechanism and will not replace the standard withdrawal form.

After selecting the button, customers will need to confirm that they wish to cancel their purchase or service. Businesses will then be required to send a confirmation message acknowledging receipt of the cancellation request. This is in line with the right of withdrawal under the EU Consumer Rights Directive.

The requirements will apply to online retailers, providers of digital services such as online courses and coaching programmes, and sellers operating through social media platforms. The measure has been approved by the Dutch parliament.

Why does it matter?

The measure reflects a broader European effort to strengthen consumer protection in digital markets. While consumers already have the right to withdraw from many online purchases within a statutory cooling-off period, exercising that right can sometimes involve complex procedures or interactions with customer support.

By requiring a clear and accessible cancellation option, the Netherlands aims to reduce friction in the withdrawal process and improve transparency for consumers. The initiative also reflects growing regulatory attention to user experience and consumer rights in digital commerce, particularly in areas such as subscriptions, online services and social media-based sales.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

Europol warns of rising online exploitation of minors

Europol has warned that criminal networks are increasingly using digital platforms to target, manipulate and recruit minors into criminal activity.

The agency said offenders exploit online environments, including dark web portals, social media networks, games and e-commerce platforms, which can offer anonymity, reach and operational efficiency. Europol and the EU member states have observed growing use of these digital tools to target and recruit minors.

According to Europol, young people are being drawn into offences including cyberattacks, drug distribution, online fraud and money laundering. In some cases, minors are also exposed to extremist ideologies, manipulation and pressure from online communities.

Europol said digital tools have made recruitment easier to scale and harder to detect. Minors may initially be approached as victims, but can later be pressured into carrying out further offences, increasing both the harm to the child and the reach of criminal networks.

The agency said it is working with the EU member states and international partners to strengthen intelligence sharing, operational support and the disruption of criminal groups. Prevention efforts also include awareness-raising and guidance for parents, educators and communities to help identify risks and support vulnerable minors.

Why does it matter?

The warning shows how child safety and organised crime are increasingly overlapping in online spaces. Social media, gaming environments, e-commerce platforms and dark web channels can be used not only to exploit minors, but also to recruit them into cybercrime, fraud, drug distribution or extremist networks. That creates a governance challenge for law enforcement, schools, parents and platforms, especially where manipulation, anonymity and cross-border digital services make early detection difficult.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our chatbot!  

Diplo chatbot can make mistakes. Consider checking important information.