Business & Technology
MiCA goes beyond compliance. For payment firms, it is a strategic shift
SERHII ZAKHAROV
CEO and Founder
PayDo
Having worked with businesses navigating cross-border payments and digital asset infrastructure over the years, I have seen first-hand how Europe’s differing regulatory approaches influenced the way companies built and managed their operating models. Before MiCA digital asset businesses in Europe operated across a patchwork of national licensing regimes, each with its own standards, timelines and requirements. A firm authorised in Germany faced different obligations than one operating under Malta’s regime. Regulatory status reflected jurisdictional choice as much as operational standards, and the market absorbed that inconsistency because there was no single framework to replace it.
MiCA has fundamentally changed that picture. With stablecoin rules applicable since June 2024 and the full crypto-asset service provider regime since December 2024, the EU now operates under a consistent standard across all 27 member states. The transitional grandfathering period that allowed existing providers to continue under national regimes closed on 1 July 2026, and several member states had already ended their windows earlier. The result is a clearer distinction between authorised and non-authorised providers.
The instinct for many firms has been to approach this as a documentation exercise: gather the requirements, complete the checklist and move on. That approach misreads what MiCA actually does. The real value of regulatory consistency is not only in meeting new requirements, but in giving businesses the confidence to build long-term strategies across European markets.
How regulation reshapes the product itself
For many payment firms working with digital assets, operations have evolved in layers. Accounts sit with one provider, compliance with another, settlement somewhere else. That structure developed because the regulatory environment was fragmented, and businesses adapted to it. Every additional layer brought cost, reconciliation work and operational risk, but it was manageable because volumes and expectations were lower.
Under MiCA, consistent obligations around reserves, governance, AML controls, custody and consumer disclosure now cut across all of those layers at the same time. The compliance framework and the product architecture are no longer separate problems. Firms that have been managing them independently will find that separation increasingly difficult to sustain, because the regulation is designed around how the product actually operates, not how it is organisationally structured.
Where regulatory clarity runs into operational reality
Greater regulatory clarity for digital assets does not solve the deeper operational challenge that most payment firms in this space already recognise. Businesses can receive digital assets quickly, but they still need to pay suppliers, manage treasury positions, handle fiat settlement and meet reporting obligations. If the infrastructure supporting those functions remains fragmented across different providers, the friction is simply pushed elsewhere. It builds up in reconciliation delays and exceptions that become harder to manage at scale.
This is where the real preparation gap sits. The conversion rate tells the story: of the more than 1,200 entities that held national registrations across the EU before MiCA, fewer than one in five had obtained full authorisation by mid-2026. Market activity is concentrating around the providers that cleared the bar. The advantage therefore goes to firms whose underlying payment infrastructure was already capable of supporting this shift, rather than simply those that crossed the authorisation threshold.
What readiness looks like in practice
For payment firms, being operationally ready now means going beyond having the right policies in place. It means being able to connect digital asset flows with fiat accounts, settlement, reconciliation, customer due diligence, transaction monitoring and reporting in a way that works consistently across markets. Compliance creates the foundation. Operational infrastructure determines whether firms can scale on top of it.
That distinction matters because MiCA does not remove the need to operate across both digital asset and traditional payment environments. A business may receive value through a regulated digital asset, but it still needs to convert, hold, settle and report that value through banking and payment rails. The firms best positioned to benefit from this regulatory clarity will be those that can bring those steps into a single financial workflow instead of relying on a sequence of manual handovers between systems.
A higher baseline for growth
Now that the transitional period has closed, payment firms that approached MiCA as an infrastructure question rather than simply a compliance milestone find themselves in a different position. The reserve management, governance structures and operational controls that authorisation requires are not peripheral to the business. They are what makes a payment product reliable enough to scale across multiple jurisdictions.
So far, much of the discussion around MiCA has centred on what firms must do to achieve compliance. The more useful question is what becomes possible once that infrastructure is properly in place. A regulatory passport covering all 27 EU member states, backed by coherent operational architecture, opens a path to serve institutional clients and enterprise businesses for whom regulatory stability has always been a precondition of engagement. MiCA does more than raise the compliance bar. It creates a higher baseline from which serious firms can build.
Business & Technology
Creditspring tops GBP £1 billion in loan disbursements
KAREN JOY BACUDO
Finance Editor
Creditspring has surpassed £1 billion in total loan disbursements, a milestone that marks a turning point for the lender’s subscription-based credit model.
It reached the figure in July after a period of rapid growth following its strongest full year to date. Since launching in 2016, Creditspring has provided more than 2.2 million loans and supported more than 1 million people across the UK.
The development highlights changes in the consumer lending market as households continue to face pressure on day-to-day finances. Lenders are trying to meet demand for borrowing that is easier to understand and less exposed to the variable charges and repayment uncertainty often associated with short-term credit.
Creditspring’s model differs from conventional short-term lending because customers pay a fixed subscription fee rather than interest on individual loans. In return, members can access no-interest loans when they face unexpected costs, a structure the company says gives borrowers more certainty over repayments.
The £1 billion mark was reached less than a year after the end of 2025, which Creditspring described as its strongest year on record. By the close of that year, it had 350,000 active paid subscribers.
Growth model
Founded in 2016, Creditspring has built its offer around small-sum lending with fixed costs disclosed in advance. It says this approach reduces the risk of hidden fees and makes budgeting easier for customers who need to borrow to cover gaps in household spending.
That pitch has gained traction at a time when regulators, consumer groups and lenders are all facing questions about how to provide access to credit without pushing borrowers into greater financial difficulty. For companies in the sector, the central challenge remains how to widen access while maintaining affordability checks and support for customers under stress.
Creditspring uses data from TransUnion and Equifax during the customer journey and verifies applicants through Open Banking. It says the process helps assess affordability and identity while expanding access for some people whom other lenders may have turned down.
It has also developed a separate product, Creditspring Go, which it describes as a credit trainer designed to help members improve their financial profile before qualifying for full access to loans. Alongside that, the group says it has focused on repayment flexibility, customer support and internal operations.
Wider support
The lender has sought to position its offering as broader than credit alone. According to Creditspring, 83% of members used its Benefits Finder tool to identify an average of £1,208 a month in benefits they had not previously claimed.
That points to a wider trend among consumer finance providers, many of which are trying to combine lending with budgeting, eligibility checking and other forms of financial assistance. The aim is partly commercial, but it also reflects pressure on providers to show that their role extends beyond issuing loans.
As of June 2026, Creditspring employed 146 people. It has continued to invest in processes and AI-powered support tools to improve response times and service availability while maintaining customer support.
Customer satisfaction has also been a focus as volumes have increased. Creditspring says it has received more than 11,000 five-star reviews on Trustpilot since January 2025, while customer service satisfaction remained between 83% and 93% during the year despite higher contact levels.
Consumer pressure
The company’s expansion comes as many households remain exposed to higher essential costs and limited savings buffers. In that environment, demand for short-term borrowing does not disappear, but scrutiny of the form that borrowing takes becomes more intense.
For lenders seeking to position themselves as alternatives to high-cost credit, scale matters because it suggests a model can operate beyond a niche customer base. Creditspring is likely to use the £1 billion threshold to argue that fixed-fee lending can grow while retaining a structure distinct from interest-based products.
“Reaching £1 billion in loan disbursements in our 10th year is a significant moment for Creditspring, but we are focused on the reality behind that number: millions of moments when people needed a safer, clearer way to manage unexpected costs. Our mission has always been to make credit fairer and more predictable for borrowers. Too many people in the UK are still forced towards expensive, confusing or harmful forms of borrowing when life throws something at them. This milestone shows that a different model, built on transparency, control and long-term financial stability, is not only deeply needed but also truly scalable,” said Neil Kadagathur, Chief Executive Officer of Creditspring.
Business & Technology
UK travel firm dissolved with bosses living in Spain
Bosses at the Chipping Norton-based firm have voluntarily struck it off, the legal process where directors proactively apply to remove an unwanted or inactive company from the official register
On the Content Ltd was incorporated in November 2022 but was dissolved almost four years later in April 2026.
READ MORE: 80s singing legend ‘absolutely gutted’ in honest admission
Described as a travel agency when open, no reason has been given for the company being dissolved by its directors.
In practice, voluntary dissolution usually means the directors decided the company was no longer needed or no longer trading, but that inference is not stated on the register itself.
There were two active directors recorded throughout: Anna Louise Cole and Roma Cots Cole, both British nationals living in Spain and appointed on incorporation.
Business & Technology
Intruder launches AI web app pentesting at lower cost
Intruder has launched an AI pentesting product for web applications, offering customers on-demand penetration testing through its platform.
Organisations can connect code repositories through GitHub or GitLab, allowing tests to be scoped and started automatically, with results and reporting delivered within hours, according to Intruder.
The launch builds on Intruder’s earlier use of AI for issue-level investigations, where autonomous agents validated scanner findings and reduced false positives. This release moves beyond checking individual issues to analysing a broader web application environment using source code access.
The system is designed as a white-box test, giving the software visibility into the application codebase while it assesses weaknesses. Intruder says the agents were built and trained by CREST-certified pentesters and are intended to mirror the methods used in manual testing engagements.
The move comes as security teams face pressure to review software more often while engineering teams ship updates faster. Intruder cited its own survey of security leaders, which found that 49% named AI and automation as their top investment priority for 2026, while 42% described their teams as stretched, overwhelmed, or consistently behind.
Intruder also pointed to a narrowing window between the disclosure of flaws and their exploitation, arguing that annual penetration tests no longer match the pace of modern software releases. Major deployments are now taking place weekly, increasing the need for more frequent application testing, it said.
Cost pressure
Intruder is pitching the product to small and medium-sized businesses, as well as existing customers already using its broader security platform. The company says the web application pentest costs 25% or less than a traditional manual engagement, with prices starting at USD $3,500 per test.
Existing customers can view pentest findings alongside attack surface, cloud, and vulnerability data in the same platform. New customers can also scope and run a test through the company’s free plan, according to Intruder.
Audit reporting is also part of the launch. Each test produces a full pentest report that can be used as evidence for compliance frameworks including SOC 2 and ISO 27001, the company said.
Andy Hornegold, Chief Security Technologist at Intruder, outlined the rationale for adding web application testing to the product line.
“Our mission at Intruder has always been to make robust cybersecurity accessible to everyone,” said Andy Hornegold, Chief Security Technologist at Intruder. “Providing web application testing marks an exciting step on that journey. By delivering the depth of a pentest on demand and at a fraction of the price, we’re helping businesses keep up with an accelerating threat environment.”
Founded in 2015 by former ethical hacker Chris Wallis, Intruder says it now protects more than 3,000 companies worldwide. Its platform combines attack surface monitoring, cloud security, vulnerability management, and now AI-led penetration testing.
Human comparison
Intruder framed the product as a way to replicate some elements of manual security testing without the scheduling delays and fees associated with consultant-led work. Traditional pentests often take weeks or months to arrange and complete, while Intruder says its automated version can begin in minutes and finish in hours, depending on the complexity of the application.
Chris Wallis, Chief Executive Officer and Founder at Intruder, said the economics of traditional testing no longer fit the current security environment.
“Historically, the cost of a pentest has been very high and has taken a long time,” said Chris Wallis, Chief Executive Officer and Founder at Intruder. “In today’s accelerated threat environment, that timeline and cost don’t hold up. We’re ensuring that resource-constrained small and medium-sized businesses aren’t excluded from good security purely based on budget.”
One customer, Yembo, said the product is being used to narrow the gap between periodic human-led assessments. The company, which develops an AI platform, said annual reviews can leave systems exposed between tests.
“Securing a global AI platform requires continuous defence,” said Zach Rattner, Chief Technology Officer and Co-Founder at Yembo. “While Yembo continues to leverage human pentesters, annual assessments alone leave dangerous windows of exposure. Intruder’s AI pentesting bridges that gap by delivering human-grade depth at machine speed to keep our platform permanently hardened.”
-
Student Life4 weeks agoHome Office proposes doubling of Campsfield capacity
-
Oxford News3 weeks agoJune heatwave would be ‘virtually impossible’ in 1976
-
Oxford Events3 weeks agoStage Watch: ‘I think we need much more laughter in the world’ says John Cleese
-
Student Life4 weeks agoOxford Union holds “This House Believes the West is Right to be Suspicious of Islam” Debate
-
UK News4 weeks agoUS to review benefits of having troops in Europe with ‘era of free-riding’ over – Europe live | World news
-
UK News4 weeks agoDriver killed in Bedford train crash named
-
UK News4 weeks agoCCTV shows moments leading up to arrest in anti-Muslim attacks probe
-
Business & Technology4 weeks agoCyberCube & Affinity Marketplace streamline SME cyber quotes
