This week’s fintech story is about infrastructure getting more real: stablecoins are moving from theory into live testing, payment and banking firms are using AI to defend margins and reshape operations, and cyber risk is looking more like an operational-resilience issue than a pure IT problem.

Macro & Micro Trends in Fintech

• UK stablecoin pilots move from policy talk to live experimentation. Revolut was selected to test a pound-backed stablecoin in the FCA’s sandbox, which suggests the UK is trying to build real payments and settlement use-cases while still keeping large-scale rollout tightly controlled. Source: Reuters. (Reuters)
• The ECB is putting numbers behind stablecoin risk to traditional banking. A new ECB paper warns that wider stablecoin use in the euro zone could weaken monetary-policy transmission, pull deposits out of banks, and force lenders toward more expensive funding. Source: Reuters. (Reuters)
• Crypto-to-core-finance convergence took a notable step forward. Kraken’s banking arm secured access to the Fed’s payments system, a milestone because direct connectivity to rails like Fedwire reduces reliance on intermediaries and pushes digital-asset firms closer to traditional financial infrastructure. Source: Reuters. (Reuters)
• Digital banking demand still looks durable. Chime guided 2026 revenue above expectations and said it expects profitability this year, reinforcing the idea that digital-first banking models are still taking share when they pair distribution with better unit economics. Source: Reuters. (Reuters)
• AI is no longer just a productivity story in payments—it is becoming a workforce design story. Block said it would cut more than 4,000 jobs as part of an AI-led overhaul, while also posting stronger profit and payment-volume commentary, showing how quickly “AI efficiency” is becoming a margin lever in fintech. Source: Reuters. (Reuters)

Security & Cyber Trends

• Banks are shifting into heightened defensive posture as geopolitics spill into cyber risk. U.S. financial institutions moved to higher alert amid fears of Iran-linked cyber retaliation, underscoring how quickly geopolitical conflict can become a payments, clearing, and market-infrastructure resilience issue. Source: Reuters. (Reuters)
• State-linked intrusion campaigns remain a downstream risk for fintech and banks. Google said it disrupted a China-linked hacking group that targeted 53 organizations across 42 countries, a reminder that attacks on telecom, government, and adjacent infrastructure can still cascade into financial-services exposure. Source: Reuters. (Reuters)
• Help-desk social engineering keeps proving it can bypass mature controls. Mandiant warned that threat actors were recruiting callers for vishing attacks against IT help desks, reinforcing a core fintech lesson: strong auth does not matter much if support workflows can be manipulated. Source: The Hacker News. (The Hacker News)
• Europe is hardening its legal response to foreign cyber threats. Germany drafted legislation that would give authorities stronger powers to intervene in hostile cyber activity and conduct proactive threat hunting, signaling a broader regulatory push toward resilience and earlier detection. Source: Reuters. (Reuters)
• Large consumer-data leaks are still creating fraud spillover risk far beyond the original victim. In the Dutch telecom Odido hack, attackers began leaking customer information that included bank details, highlighting how exposed identity and payment data can later feed phishing, account takeover, and recovery-fraud attempts. Source: Reuters. (Reuters)

Startups, Funding & Product Innovations

• UK SMB banking is still attracting real growth capital. Allica Bank raised $155 million in Series D funding, hit unicorn status, and said it will invest further in its tech stack while preparing to expand beyond the UK. Source: FinTech Futures. (FinTech Futures)
• Plaid’s latest liquidity event says something important about late-stage fintech. Employees were able to sell shares at an $8 billion valuation, suggesting that secondary liquidity—not just new primary rounds—is becoming a key retention and capital-structure tool for mature fintech platforms. Source: TechCrunch. (TechCrunch)
• Embedded lending continues to scale through capital partnerships, not just app growth. YouLend signed a financing deal with Värde Partners that could fund up to $225 million in receivables, giving it more lending capacity as it expands in the U.S. Source: FinTech Futures. (FinTech Futures)
• Digital-asset market infrastructure is still drawing targeted backing. STS Digital raised $30 million in strategic funding for its crypto spot-and-options platform, showing investors still see room in specialized trading infrastructure rather than only in consumer-facing crypto brands. Source: FinTech Futures. (FinTech Futures)
• Agentic commerce is moving from demos into live banking environments. Santander and Mastercard completed what they described as Europe’s first live AI-agent payment, a meaningful product signal because it combines regulated bank rails with delegated machine-initiated transactions. Source: FinTech Futures. (FinTech Futures)

Final Words

Fintech teams in 2026 are under pressure to move fast without losing control of risk. As stablecoins mature, AI changes operating models, and attackers keep targeting the weakest operational points, resilience is becoming a real competitive advantage.

If you’d like a practical view of where your business may be exposed—from APIs and auth flows to internal systems and third-party integrations—the ONSEC team would be glad to help. We’d be happy to set up a short call and discuss your current security priorities.