This month's newsletter reflects the continued pace of regulatory development across Asia, spanning cybersecurity, AI, digital assets, digital platforms and digital transformation. From Singapore's updated Model AI Governance Framework for Agentic AI to Hong Kong's evolving virtual asset framework, the velocity of change across the region’s tech landscape shows no sign of slowing.
This year also marks a milestone close to our hearts, as Linklaters celebrate our 50th anniversary in Hong Kong and in Asia. To mark the occasion, we have a series of events planned across the city this month and throughout the year, reflecting our deep roots in this market. We very much look forward to seeing many of you at these events as we celebrate this landmark together with our clients, friends and colleagues. As always, we hope you find this edition a useful and timely resource.
Cybersecurity
Australia: ASIC and APRA issue open letters on AI-related risk (June 2026)
The Australian Securities and Investments Commission (“ASIC”) and the Australian Prudential Regulation Authority (“APRA”) have each issued letters to their regulated entities on addressing AI-related risks, including increased cyber threats. APRA outlined its expectations for boards and executives, including managing AI‑related exposures, while ASIC has called on entities to urgently uplift cyber security fundamentals.
Singapore: Advisory on cybersecurity risks of Agentic AI
The Cyber Security Agency of Singapore has published an advisory highlighting key cybersecurity risks associated with agentic AI systems, including unpatched vulnerabilities, weak access controls and memory poisoning. Recommended measures include running such systems under least-privileged accounts and enforcing human approval for high-stakes or irreversible actions.
Digital Platform Services
Australia: Tech company fined for non-compliance with online safety notice
Australia's Federal Court has fined a tech company AUD 650,000 (roughly USD 465,000) for contravening the Online Safety Act 2021 (Cth) by failing to adequately comply with a reporting notice issued by the eSafety Commissioner seeking information about steps taken to combat child sexual exploitation material. The company was also ordered to pay AUD 100,000 (roughly USD 70,000) in costs.
China: New rules on multi-channel internet content distribution
Five PRC regulators have jointly issued measures governing multi-channel internet content distribution service providers, effective 1 September 2026. The measures require business registration, registration of platform agreements with authorities, and, among others, prohibiting fabricated content, traffic fraud, and the provision of live-streaming services for minors under 16.
China: Two-year crackdown on illegal cross-border securities trading
Eight PRC authorities have launched a two-year rectification campaign against illegal cross-border securities, futures and fund business. Domestic internet platforms and self-media accounts are prohibited from providing marketing, promotional or account-opening channels for offshore financial services.
Artificial Intelligence
Hong Kong: PCPD completes AI-related compliance checks
The Office of the Privacy Commissioner for Personal Data (“PCPD”) completed compliance checks on 60 organisations in relation to their AI use, focusing on personal data handling, risk assessments and governance measures, highlighting expectations for transparency, accountability and mitigation of privacy risks in AI deployment.
Singapore: Updated model AI Governance Framework for Agentic AI
The Infocomm Media Development Authority (“IMDA”) has updated its Model AI Governance Framework for Agentic AI, which provides guidance to organisations on how to deploy agents responsibly. This update adds real-world case studies and new best practices on how to operationalise the Framework, incorporating feedback from over 60 organisations including AWS, DBS and Google.
Digital Assets
Hong Kong: HKMA issues guidance on custodial services and stable-coin related activities for digital assets
The Hong Kong Monetary Authority (HKMA) issued guidance on custodial services and virtual asset activities involving licensed stablecoin issuers, setting out requirements on governance, asset segregation, private key management, cybersecurity, intermediary conduct, risk management, client protection and intermediary conduct, risk management, client protection and compliance with applicable regulatory and anti-money laundering frameworks.
Digital Transformation
Singapore: Refreshed Retail Industry Digital Plan launched to guide small and medium-sized retailers on digital transformation
EnterpriseSG and the IMDA launched a refreshed Retail Industry Digital Plan to guide over 2,000 small and medium-sized retailers on their digital transformation efforts. The plan includes AI-powered solutions across retail operations (e.g. GenAI chatbots, demand forecasting and AI marketing tools) as well as a new Cybersecurity and Data Protection Roadmap to help businesses safely digitise.
Vietnam: Programme approved for developing population data, electronic identification and authentication applications
On 11 May 2026, the Prime Minister issued Decision No. 826/QD-TTg which approves the Programme for developing population data, electronic identification and authentication for national digital transformation (2026–2030). Key targets include completing 12 national databases and enabling 90% of public administrative services to be performed online by 2030.
Vietnam: Draft Law on Electronic Identification and Authentication open for public consultation
On 28 May 2026, the National Assembly released the draft Law on Electronic Identification and Authentication for public consultation. The draft proposes assigning unique electronic identifiers to individuals, organisations, assets and transactions, supported by a national identification system, interoperable databases and traceability mechanisms to facilitate secure digital interactions.
Thailand: Consultation on amending the Electronic Transactions Ac
The Electronic Transactions Development Agency is conducting a public consultation on a draft Electronic Transactions Act to replace the current Act B.E. 2544 (2001), introducing provisions on electronic transferable records, electronic seals, identity proofing and authentication, and aligning Thai law with UNCITRAL model laws.
Thailand: New regulation on returning funds to victims of technology crime
A Ministerial Regulation issued under the Emergency Decree on Prevention and Suppression of Technology Crime B.E. 2566 (2023) (as amended) was gazetted on 14 May 2026, establishing procedures for reporting, claiming and returning seized funds and digital assets in frozen accounts to victims of technology crime.
Digital Economy
Hong Kong: HKMA issues guidance on virtual asset dealing and financing activities
The HKMA issued guidance covering virtual asset dealing services, financing arrangements, shared order book models and client withdrawal processes. It clarifies expectations on due diligence, transaction controls, client asset handling and risk disclosure to address financial crime and investor protection risks.
/Passle/5c4b4157989b6f1634166cf2/MediaLibrary/Images/2026-06-17-09-39-12-659-6a326b40c1395307a6470c77.jpg)
/Passle/5c4b4157989b6f1634166cf2/SearchServiceImages/2026-06-17-14-02-01-868-6a32a8d96f715bb75a804fb3.jpg)
/Passle/5c4b4157989b6f1634166cf2/SearchServiceImages/2026-06-11-09-42-21-060-6a2a82fdfc79659f23b17f38.jpg)
/Passle/5c4b4157989b6f1634166cf2/MediaLibrary/Images/2026-06-16-10-20-58-265-6a31238a705a1110f2d0f949.jpg)
