Supervisors tighten AI metrics and sanctions at end of October

Executive Summary

Asian and European regulators converged this week to demand greater transparency on governance of AI models applied to KYC, with MAS and FCA exchanging pre-supervisory audit frameworks. In parallel, OFAC and the EU Sanctions Directorate coordinated the inclusion of a Russian instant payments consortium on the SDN list, affecting correspondent banks in the US, Germany, and the United Arab Emirates. Singapore's Financial Intelligence Unit published recent cases of laundering via tokenized remittance platforms, reinforcing focus on high-value flows. For compliance teams, the next quarter will require model inventories, adjustments to beneficial owner lists, and alignment with product teams to monitor exposures in BNPL and instant payments.

Top Signals

1. MAS launches pre-supervisory assessment of AI models

The Monetary Authority of Singapore published a 48-point questionnaire to assess machine learning models used in onboarding and transaction monitoring, requiring data traceability and bias metrics.

Why it matters: banks with hubs in Singapore will need to register model inventories and demonstrate human review processes or face direct inspections in 2026.

2. FCA and BoE create joint sandbox for RegTech in KYC

In the United Kingdom, the sandbox will combine data from open bank accounts, beneficial owner records, and reputational risk indicators in a single infrastructure with auditable data lineage.

Why it matters: providers that want to join will need to present clear data sharing contracts and export controls, strengthening due diligence in vendor chains.

3. OFAC blocks Russian instant payments consortium

Sanctions target the KoronaPay System and nine intermediary banks that process instant payments for expatriates, with immediate effect on correspondent banks in Europe and the Middle East.

Why it matters: institutions must update lists of clients linked to KoronaPay and review cross-border payment filters within 24 hours.

4. Singapore UIF alerts on token use in corporate remittances

The UIF reported 37% growth in attempts to mask corporate payments via stable tokens hosted in third-party wallets without documented identification.

Why it matters: risk areas need to cross-reference beneficiary data with smart contract addresses listed by the UIF to avoid late blocks.

Deep Dives

Regulation & Supervision

MAS and FCA are aligning AI governance checklists focusing on explainability, continuous monitoring, and decision logs. The goal is to allow inspectors to reconstruct how models classified high-risk clients in less than four hours. Authorities suggest that banks maintain dashboards with drift and bias metrics by segment. At the same time, European supervisors request remediation plans for generative AI used in client communications, requiring clear limits for automatic responses.

Practical impact: Banks must map critical models and update explainability playbooks. Fintechs need to document third-party data pipelines. Vendors must anticipate questions about datasets and bias controls. Regulators gain visibility for coordinated inspections starting in 2026.

Tech & Typologies

KoronaPay has been used to circumvent P2P payment limits in Europe, fragmenting transactions below monitoring thresholds. In OFAC's view, this constitutes facilitation of revenues for sanctioned entities. Investigations show that tokenized wallets in Singapore mirror similar volumes, but with dollar-indexed stablecoins. Blockchain analysis tools identified clusters with intermediation of unlicensed PSPs in Hong Kong and Cyprus, suggesting coordinated operations.

Practical impact: Banks need to apply dynamic sanctions lists to PSPs and counterparties linked to KoronaPay. Remittance fintechs must strengthen screening of beneficial owners even in fractional payments. Monitoring vendors must integrate on-chain data with correspondent alerts. Regulators receive new indicators for joint enforcement actions.

Data Points

48 questions in the AI governance framework published by MAS.
37% increase in laundering attempts via corporate tokens according to the UIF.
24 hours is the maximum deadline suggested by OFAC for updating sanctions filters.

Watchlist

FCA public consultation on minimum explainability requirements in screening models scheduled for November 12.
Extraordinary Egmont Group meeting on November 4 to discuss stablecoins in corporate flows.