Regulatory news
Q2 2025 enforcement update: New signals emerge from the new administration
Douglas Moffat
•
Senior Vice President, Americas
July 9, 2025
A flurry of notable regulatory actions came through in Q2 of 2025, from record fines to unprecedented AI guidance. The enforcement landscape is shifting under a new administration in the US, while the EU, UK, and Asia continue to tighten their approach to market abuse, greenwashing, and compliance governance.
Here are the key developments you need to know.
In June 2025, the Securities and Exchange Commission (SEC) began publishing AI-related interpretive guidance, marking the first formal attempt by the agency to set expectations for how regulated entities use artificial intelligence in areas like trading, compliance, and risk management. The guidance, which emerged through staff bulletins rather than formal rulemaking, focuses on disclosure obligations and fiduciary responsibilities when AI tools are deployed in advisory or execution contexts. This signals that the SEC views AI as falling within existing regulatory frameworks, rather than requiring entirely new rules. Firms using AI in trading or compliance should assess whether their current disclosures and governance structures are sufficient to meet these expectations.
In April 2025, the Commodity Futures Trading Commission (CFTC) imposed a $55 million penalty on a major US bank for spoofing in the Treasury futures market. The case involved multiple desks engaging in a pattern of placing and cancelling large orders to manipulate the appearance of supply and demand. The CFTC highlighted failures in the bank’s surveillance systems and internal controls as key contributing factors. The order required the firm to implement enhanced monitoring systems and submit to a three-year compliance review. This case reinforces the regulator’s position that spoofing enforcement remains a top priority and that institutions with inadequate surveillance will face significant consequences.
Under new SEC Chair Paul Atkins, enforcement activity in Q2 declined compared to previous quarters. Fewer new cases were initiated, and several ongoing investigations are reported to have been deprioritised or scaled back, particularly in areas relating to ESG disclosures and crypto asset enforcement. This shift reflects the new administration’s stated goal of reducing what it considers regulatory overreach. While this may reduce compliance burdens in some areas, firms should be cautious about interpreting reduced enforcement as reduced risk. Regulatory pendulums swing, and firms that lower their standards now may find themselves exposed when enforcement priorities shift again.
In April 2025, the FCA fined Citigroup Global Markets Ltd £27.76 million for market manipulation in the UK government bond market between 2017 and 2020. Traders at the firm used futures contracts to artificially influence the price of related government bonds, engaging in a pattern of cross-product manipulation. The FCA highlighted that Citigroup’s surveillance systems failed to detect the abusive trading behaviour, and the firm’s internal controls were insufficient to prevent the misconduct. This case underscores the FCA’s willingness to act against sophisticated manipulation strategies in sovereign debt markets, and serves as a stark reminder that firms must ensure their surveillance systems are capable of monitoring for cross-product abuse.
In Q2, the FCA published its five-year strategy, which explicitly includes trade surveillance and market integrity as strategic priorities. The strategy calls for greater use of data analytics and technology by the regulator itself, and sets expectations for firms to maintain “fit-for-purpose” surveillance capabilities. Firms should expect the FCA to invest in its own analytical capabilities and to hold market participants to a higher standard in terms of their systems and controls.
In May 2025, the European Securities and Markets Authority (ESMA) finalised its revised guidelines under the Market Abuse Regulation (MAR), with a particular focus on cross-border surveillance obligations and the use of algorithmic trading. The updated guidelines clarify expectations for firms operating across multiple EU jurisdictions and introduce more explicit requirements for monitoring automated trading strategies. Firms with cross-border operations should review their surveillance arrangements to ensure they align with the revised expectations.
In Q2, Germany’s Federal Financial Supervisory Authority (BaFin) opened a formal investigation into a subsidiary of Deutsche Börse following allegations of insider dealing linked to pre-arranged trades ahead of index rebalancing events. While the investigation is ongoing and no formal charges have been filed, the case illustrates the heightened regulatory attention being paid to information asymmetries surrounding index changes. Firms involved in index-related trading should ensure their compliance frameworks address the specific risks associated with rebalancing events.
In May 2025, Japan’s Financial Services Agency (FSA) issued an administrative order against Nomura Securities for market manipulation involving government bond futures. The case involved the use of non-genuine orders to artificially influence prices, and the FSA identified systemic weaknesses in Nomura’s compliance infrastructure. While the action did not include a monetary fine, the reputational impact is significant. This marks one of the FSA’s most high-profile enforcement actions in recent years, and sends a clear message about the need for robust surveillance in Japan’s sovereign debt markets.
The Securities and Futures Commission of Hong Kong imposed a record HK$108 million fine on China Galaxy International Securities in March 2025 for failures in supervising client trading activities. The SFC found that the firm’s internal controls were inadequate to detect and manage the risks associated with complex client order flow. The scale of the fine reflects the SFC’s increasingly assertive enforcement posture and its expectation that intermediaries must maintain robust oversight of their surveillance operations.
The enforcement landscape in Q2 2025 reveals both continuity and change. In the US, a new administration is recalibrating the SEC’s approach, prioritising a lighter regulatory touch in some areas while the CFTC continues to pursue aggressive spoofing enforcement. In the UK, the Citigroup case and the FCA’s new strategy indicate that cross-product surveillance and market integrity will remain areas of intense focus. In Europe, ESMA’s revised MAR guidelines are raising the bar for cross-border compliance. And across Asia-Pacific, major enforcement actions in Japan and Hong Kong signal that regulatory expectations are rising rapidly.
For firms, the message is consistent: compliance is not a static exercise. Surveillance systems, governance frameworks, and internal controls must evolve in step with regulatory expectations and market developments.
If you’d like to discuss your regulatory requirements in further detail, feel free to book a consultation or get in touch using a contact form.
