Enforcement - Warning — Specialism Drill-Down

← Classification Confidence / Payments Compliance / Specialism / Enforcement - Warning

5 articles

Avg confidence

0.74

Total 5

Above 70% 80%

Range 0.25–0.92

Articles (5 total)

Worst first Best first

ID	Title	Confidence	Secondary	Reasoning	Date
2926540	Penn, Andrew L. - DFPI	0.25	Supervision conf: 0.15	This update concerns enforcement action against an individual (Andrew L. Penn) r... This update concerns enforcement action against an individual (Andrew L. Penn) rather than a payment firm, which falls outside the scope of payments compliance regulation.	Mar 03, 2026
1113534	Expertensuche_Formular.html;jsessionid=DACB69D38C3	0.85	Fraud & Security conf: 0.72	BaFin's warnings against unauthorised financial service providers operating with... BaFin's warnings against unauthorised financial service providers operating without required authorisation represent formal regulatory notices highlighting non-compliance risks and potential enforcement action.	Feb 20, 2026
2895971	Press Release – Public Notice on Unauthorised Advertising of Virtual Asset and Stablecoin Products – Bank of Ghana	0.85	Advertising conf: 0.78	The update addresses regulatory warnings to VASPs regarding unauthorised adverti... The update addresses regulatory warnings to VASPs regarding unauthorised advertising of virtual asset and stablecoin products, which constitutes formal notice highlighting non-compliance risks in financial promotions.	Feb 23, 2026
2936371	VARA Investor and Marketplace Alert - MEXC Estonia OÜ and MEXC Global LTD [commercially advertising as “MEXC”] - VARA	0.85	Supervision conf: 0.7	VARA issued a formal warning notice against MEXC for operating without a licence... VARA issued a formal warning notice against MEXC for operating without a licence in breach of Dubai virtual asset regulations, which constitutes a formal enforcement warning.	Mar 09, 2026
2994426	downloadFile?id=484571	0.92	Anti-Money Laundering/Counter-Terrorism Financing (AML/CTF) conf: 0.88	The enforcement action explicitly targets licensed money service operators for b... The enforcement action explicitly targets licensed money service operators for breaches of the Anti-Money Laundering and Counter-Terrorist Financing Ordinance, specifically for failing to notify changes to bank account particulars, which is a core AML/CTF compliance obligation.	5 days ago

#2926540 Rank 1 of 5

0.25

Article Content

Penn, Andrew L. - DFPI

TITLE: California Department of Financial Protection and Innovation Issues Administrative Decision Against Andrew L. Penn BODY: On January 24, 2026, the California Department of Financial Protection and Innovation (DFPI) issued an Office of Administrative Hearing Decision regarding enforcement action against Andrew L. Penn. The action commenced on June 11, 2024, when the DFPI issued an Accusation and Desist & Refrain Order against Penn. The enforcement proceedings resulted in multiple orders issued by the DFPI. On November 14, 2024, the DFPI issued an Order Barring and an Order Levying against Penn, representing significant enforcement measures. These actions followed the initial June 2024 Desist & Refrain Order, which required Penn to cease specified conduct. The administrative hearing process culminated in the January 2026 decision, which represents the final determination in the matter. The case file includes supporting documentation filed on June 11, 2024, including a Statement in Support of the enforcement action. Individuals or entities seeking further information regarding this enforcement action or the DFPI's regulatory activities may contact the DFPI's Consumer Services Office at 1-866-275-2677. The complete case documentation, including all orders and the administrative hearing decision, is available through the DFPI's public records system.

View original

Classification

Enforcement - Warning conf: 0.25

Reasoning

This update concerns enforcement action against an individual (Andrew L. Penn) rather than a payment firm, which falls outside the scope of payments compliance regulation.

Secondary tag

Supervision 0.15

View full article → Mar 03, 2026

#1113534 Rank 2 of 5

0.85

Article Content

Expertensuche_Formular.html;jsessionid=DACB69D38C3

TITLE: Germany's Financial Regulator Issues Multiple Warnings Against Unauthorised Financial Service Providers BODY: The Federal Financial Supervisory Authority (BaFin) has issued a series of warnings against unauthorised financial service providers operating in Germany. The warnings cover multiple websites and entities suspected of offering banking services, financial services, and securities services without the required authorisation from BaFin. Entities warned include: bvvag.services (offering fixed-term deposit contracts and financial services); Genesis Capitals/LTD MMS SINGULAR (operating digishareai.com); Fortunex Algo (fortunex-algo.com); KesslerKoch AG (kesslerkoch.org); Capitus (capitus.pro, following an earlier warning regarding capitus.net on 17 December 2024); DepotWelt (depotwelt.com); AVA Trade (platformava.com); Atlas Vermögensverwaltung (atlas-vv.com); Morgans Finance (morgans-finance.com); Express-Kredits24H (express-kredits24h.de); and KapitalWert (marktkapital.com, following previous warnings on 30 October and 27 December 2024). BaFin has also identified cases of identity theft, including kersten-anlageberatung.com, which falsely claims to be operated by the licensed securities firm Kersten Anlageberatung GmbH, and bgcg-sparbrief.net, which fraudulently uses the name of Aurel BGC Frankfurt Branch. Additionally, BaFin has published a new circular (Rundschreiben 01/2025) clarifying criteria for simple, transparent and standardised (STS) securitisations ... (1885 chars total)

View original

Classification

Enforcement - Warning conf: 0.85

Reasoning

BaFin's warnings against unauthorised financial service providers operating without required authorisation represent formal regulatory notices highlighting non-compliance risks and potential enforcement action.

Secondary tag

Fraud & Security 0.72

View full article → Feb 20, 2026

#2895971 Rank 3 of 5

0.85

Article Content

Press Release – Public Notice on Unauthorised Advertising of Virtual Asset and Stablecoin Products – Bank of Ghana

TITLE: Bank of Ghana and Securities and Exchange Commission Issue Public Notice on Unauthorised Virtual Asset and Stablecoin Advertising BODY: On February 20, 2026, the Bank of Ghana (BoG) and the Securities and Exchange Commission (SEC) issued a public notice addressing concerns regarding unauthorised advertising of virtual asset and stablecoin products in Ghana. The authorities noted with concern the increasing advertisement of virtual asset and stablecoin products by certain Virtual Asset Service Providers (VASPs), including the use of large billboards in Accra and other parts of the country. The public notice serves as a warning to VASPs and the public regarding unauthorised promotional activities for these digital asset products. The BoG and SEC have not yet published detailed enforcement actions or specific penalties associated with this notice. Market participants and VASPs operating in Ghana should review their advertising practices to ensure compliance with regulatory requirements. The notice indicates that the authorities intend to monitor and address unauthorised advertising activities going forward. Further guidance or enforcement measures may be expected from the BoG and SEC as they continue to regulate the virtual asset sector in Ghana. **Reference:** Bank of Ghana Press Release – Public Notice on Unauthorised Advertising of Virtual Asset and Stablecoin Products (February 20, 2026)

View original

Classification

Enforcement - Warning conf: 0.85

Reasoning

The update addresses regulatory warnings to VASPs regarding unauthorised advertising of virtual asset and stablecoin products, which constitutes formal notice highlighting non-compliance risks in financial promotions.

Secondary tag

Advertising 0.78

View full article → Feb 23, 2026

#2936371 Rank 4 of 5

0.85

Article Content

VARA Investor and Marketplace Alert - MEXC Estonia OÜ and MEXC Global LTD [commercially advertising as “MEXC”] - VARA

TITLE: Dubai's Virtual Assets Regulatory Authority Issues Warning Notice Against MEXC for Unlicensed Operations BODY: On March 5, 2026, the Virtual Assets Regulatory Authority (VARA) issued an investor and marketplace alert warning against MEXC Estonia OÜ and MEXC Global LTD (commercially advertising as "MEXC"), which operates via https://www.mexc.com/. VARA determined that MEXC does not hold any licence to provide virtual asset services in or from Dubai and is therefore operating in breach of VARA Regulations. Under Dubai Law No. (4) of 2022 and Cabinet Resolution No. 111/2022, all virtual asset service providers must be licensed to operate legally in the jurisdiction. MEXC does not meet these legal requirements and is not authorised to provide any virtual asset services in or from Dubai or to its residents. Any promotion, advertising, or solicitation related to MEXC has not been approved by VARA. Engaging with unlicensed companies that are not in compliance with VARA Regulations, associated rulebooks, and relevant United Arab Emirates legislation exposes users to significant financial risks and potential legal consequences for violating regulatory requirements or criminal laws. VARA advises consumers and investors in Dubai to avoid engaging with MEXC for virtual asset services and to exercise caution when considering interactions with unregulated entities. Before engaging any firm, consumers should verify its status on VARA's Public Register of licensed and approved vi ... (1842 chars total)

View original

Classification

Enforcement - Warning conf: 0.85

Reasoning

VARA issued a formal warning notice against MEXC for operating without a licence in breach of Dubai virtual asset regulations, which constitutes a formal enforcement warning.

Secondary tag

Supervision 0.7

View full article → Mar 09, 2026

#2994426 Rank 5 of 5

0.92

Article Content

downloadFile?id=484571

TITLE: Hong Kong's Customs and Excise Department Takes Disciplinary Action Against Licensed Money Service Operators BODY: On 26 February 2026, the Customs and Excise Department in Hong Kong issued disciplinary actions against multiple licensed money service operators under the Anti-Money Laundering and Counter-Terrorist Financing Ordinance (Chapter 615). The operators breached Section 40 of the Ordinance by failing to notify the Commissioner of the Customs and Excise Department of changes to bank account particulars used for provision of money services within the specified timeframe. The breaches involved operators failing to report changes across multiple bank accounts, ranging from one to eleven accounts per operator. These enforcement actions were taken pursuant to Section 43 of the Ordinance, which grants the Customs and Excise Department authority to impose disciplinary measures against licensed money service operators. The disciplinary actions underscore the regulator's commitment to ensuring compliance with notification requirements under Hong Kong's anti-money laundering and counter-terrorist financing framework. Money service operators are required to maintain accurate and up-to-date records of their banking arrangements and promptly report any changes to these particulars to maintain regulatory oversight and prevent misuse of financial channels for illicit purposes. Licensed money service operators in Hong Kong should review their compliance procedures to ensur ... (1628 chars total)

View original

Classification

Enforcement - Warning conf: 0.92

Reasoning

The enforcement action explicitly targets licensed money service operators for breaches of the Anti-Money Laundering and Counter-Terrorist Financing Ordinance, specifically for failing to notify changes to bank account particulars, which is a core AML/CTF compliance obligation.

Secondary tag

Anti-Money Laundering/Counter-Terrorism Financing (AML/CTF) 0.88

View full article → 5 days ago

Secondary tags when "Enforcement - Warning" is primary

Secondary tag	Count	Avg confidence
Fraud & Security	1	0.72
Advertising	1	0.78
Supervision	1	0.15
Supervision	1	0.7
Anti-Money Laundering/Counter-Terrorism Financing (AML/CTF)	1	0.88

▶ Classification Prompt (Specialism)

System Prompt

CRITICAL BEHAVIORAL RULES (these override all other instructions):
- Always produce output. Never refuse, never ask for more information, and never say you cannot produce output.
- If the source content is in a non-English language, translate and process it into English.
- If the source content is sparse, administrative, procedural, or lacks expected regulatory elements, extract and present whatever information is available.
- Never include disclaimers or meta-commentary about source quality, translation limitations, or content gaps.
- If you cannot determine a piece of information, simply omit it rather than noting its absence.

Content scope is broad: process all government and official publications including regulatory changes, legislation, consultations, decrees, personnel appointments, institutional announcements, administrative decisions, and any other government or authority action. Do not filter by topic relevance.

You are a Payments Compliance Horizon Scanning Analyst. Your task is to categorize regulatory updates with 100% adherence to the provided scanning schema. Use ONLY the definitions and logic gates provided.

<taxonomy_definitions>

## 1. Anti-Money Laundering/Counter-Terrorism Financing (AML/CTF)
- **Description:** Rules requiring payment firms to detect, prevent, and report ML risks. Rules specifically targeting terrorism financing risks in payment services.
- **Strong Yes:** CDD/EDD obligations for any payments provider/institution; Transaction monitoring requirements; AML supervision or enforcement of payment firms; Politically exposed people; PEP; Suspicious activity; CTF/AML/SDD; TF-specific controls or reporting; Terrorism-focused risk assessments.
- **Strong No:** Sanctions content with no AML; Fraud without laundering; General AML; Sanctions unless TF-specific.
- **Gold Standard Example:** "The EU AMLA will launch a large-scale risk assessment test in 2026 to collect data on the money laundering and terrorist financing risks of entities supervised by the FSA." "The FCA is set to become the sole AML/CTF supervisor for professional services, aligning them with financial institutions."

## 2. Fraud & Security
- **Description:** Rules addressing payment fraud and transaction security.
- **Strong Yes:** Scam prevention; APP/authorised push payment; Transaction security standards.
- **Strong No:** AML laundering controls; Cybersecurity with no fraud angle.
- **Gold Standard Example:** "The EPC has launched this request to collect information from organisations interested in becoming service providers responsible for a fraud information distribution arrangement (FRIDA) scheme." "PSPs are legally required to reimburse victims of APP fraud within five business days."

## 3. Sanctions
- **Description:** Rules restricting payment activity involving jurisdictions and entities.
- **Strong Yes:** Must include "sanction/sanctioned"; Transaction screening; Asset freezes; Restrictive measures.
- **Strong No:** AML without sanctions focus; General foreign policy updates.
- **Gold Standard Example:** "OFSI published its financial sanctions guidance for ransomware." "Financial institutions are directed to immediately freeze all assets belonging to newly listed entities on the international sanctions register."

## 4. Competition and Antitrust
- **Description:** Rules preventing anti-competitive behavior in payment markets.
- **Strong Yes:** Card scheme access; Market dominance involving PSPs; Anti-monopoly.
- **Strong No:** General competition law; Non-payments markets.
- **Gold Standard Example:** "The PSR continues to exercise its concurrent powers under the Competition Act 1998 to investigate anti-competitive agreements."

## 5. Cybersecurity
- **Description:** Rules securing payment systems and infrastructure.
- **Strong Yes:** Payment system security; Cyber incident reporting; Ransomware.
- **Strong No:** Personal data rights; Fraud without systems focus; Operational resilience.
- **Gold Standard Example:** "UK Cyber Security and Resilience Bill mandates two-stage incident reporting: 24-hour initial notification and 72-hour full report for all essential payment infrastructure providers."

## 6. Data Governance
- **Description:** Internal handling of payment and transaction data.
- **Strong Yes:** Data quality; Record-keeping; Internal data controls.
- **Strong No:** Customer privacy (GDPR); Consent rules.
- **Gold Standard Example:** "Payment firms must retain internal transaction metadata for 7 years to facilitate regulatory review." "FCA PS25/12 mandates daily internal safeguarding reconciliations and enhanced record-keeping."

## 7. Data Protection
- **Description:** Protecting personal data of payment service users.
- **Strong Yes:** GDPR; Breach notification involving customer data.
- **Strong No:** Non-personal transaction data; Internal data architecture.
- **Gold Standard Example:** "From 19 June 2026, the DUAA introduces a new statutory 'Right to Complain,' requiring individuals to lodge data grievances directly with firms before escalating to the ICO."

## 8. Supervision
- **Description:** Ongoing regulatory oversight of payment firms.
- **Strong Yes:** Supervisory reviews; Thematic assessments; Monitoring frameworks.
- **Strong No:** Final enforcement outcomes; Court actions.
- **Gold Standard Example:** "FCA begins active supervision of the CASS 15 'Supplementary Regime,' requiring monthly safeguarding returns and mandatory resolution pack audits." "The EBA 2026 work programme prioritizes supervisory convergence and smarter oversight."

## 9. Regulatory Reporting
- **Description:** Obligations to submit data to authorities.
- **Strong Yes:** Transaction reporting; Incident reporting; Annual/Quarterly returns.
- **Strong No:** Internal management reporting.
- **Gold Standard Example:** "The SEC's 2026 Treasury Clearing Mandate requires daily transaction reporting for all secondary market trades."

## 10. Prudential Standards
- **Description:** Rules ensuring the financial soundness of payment firms.
- **Strong Yes:** Safeguarding funds; Capital or liquidity requirements for PSP/EMIs.
- **Strong No:** Bank-only capital frameworks; Conduct rules.
- **Gold Standard Example:** "The FCA's 2026 MMF reforms mandate a significant increase in minimum liquid assets, raising DLA to 15% and WLA to 50%."

## 11. Enforcement
- **Description:** Formal regulatory action taken against payment firms.
- **Strong Yes:** Confirmed breaches; Named payment firms; Formal warnings; Precept; Financial penalty; Licence revocation; Licence suspension; Remedial action; Restrictive order; Warning.
- **Strong No:** Actions against individuals; Unlicensed entities.
- **Gold Standard Example:** "Regulator fines XYZ Payments Ltd for systemic failures in their safeguarding of customer funds."

## 12. Financial Penalty
- **Description:** A monetary fine for regulatory breaches.
- **Strong Yes:** Mention of fine/penalty; Clear amount; Breach identified.
- **Strong No:** Customer compensation; Fines under 2500 EUR.
- **Output as:** "Enforcement - Financial Penalty"
- **Gold Standard Example:** "Payment institution fined £2.5 million for persistent AML screening failures." "OFSI has imposed a monetary penalty of £160,000 on Bank of Scotland plc for breaches of the Russia (Sanctions) Regulations."

## 13. Licence Revocation
- **Description:** Permanent withdrawal of authorisation.
- **Strong Yes:** Explicit statement of revocation; Firm can no longer operate.
- **Strong No:** Temporary suspension; Voluntary surrender.
- **Output as:** "Enforcement - Licence Revocation"
- **Gold Standard Example:** "FCA cancels Easyremit's registration as Small Payment Institution for failing to provide payment services within 12 months."

## 14. Licence Suspension
- **Description:** Temporary removal of authorisation.
- **Strong Yes:** Explicit mention of suspension; Conditional reinstatement.
- **Strong No:** Full revocation; Partial service restrictions.
- **Output as:** "Enforcement - Licence Suspension"
- **Gold Standard Example:** "Firm's authorisation suspended for 30 days pending remediation of critical security gaps."

## 15. Remedial Action
- **Description:** Mandatory corrective steps after a failure.
- **Strong Yes:** Required process changes; Mandatory audits; Remediation plans.
- **Strong No:** Voluntary improvements.
- **Output as:** "Enforcement - Remedial Action"
- **Gold Standard Example:** "Regulator orders firm to implement a new transaction monitoring system within 6 months."

## 16. Restrictive Order
- **Description:** Limits specific activities without removing the licence.
- **Strong Yes:** Caps on volume; Restrictions on products or geographies.
- **Strong No:** Full suspension.
- **Output as:** "Enforcement - Restrictive Order"
- **Gold Standard Example:** "Payment firm prohibited from onboarding high-risk merchants under a restrictive order from the central bank."

## 17. Warning
- **Description:** Formal notice highlighting non-compliance risks.
- **Strong Yes:** Explicit use of "warning notice" or "formal notice."
- **Strong No:** Private feedback.
- **Output as:** "Enforcement - Warning"
- **Gold Standard Example:** "Regulator issues a formal warning to a PSP regarding inadequate fraud controls."

## 18. Surcharging
- **Description:** Fees applied for using specific payment methods.
- **Strong Yes:** Surcharge bans; Caps on card fees.
- **Strong No:** General pricing strategies.
- **Gold Standard Example:** "New regulation prohibits merchants from adding a 2% surcharge on credit card payments."

## 19. Customer Protection
- **Description:** Rules protecting customers in payment journeys.
- **Strong Yes:** Refund rights; Fee transparency; Consumer Duty; Chargebacks.
- **Strong No:** Firm-to-firm rules.
- **Gold Standard Example:** "New refund protections introduced for customers when a recurring payment fails due to technical error."

## 20. Advertising
- **Description:** Marketing and promotion rules for financial services.
- **Strong Yes:** Financial promotions; Disclosures; Targets PSPs/Fintechs.
- **Strong No:** PR or branding.
- **Gold Standard Example:** "Regulator bans misleading BNPL marketing that fails to disclose late fee structures."

## 21. Operational Resilience
- **Description:** Ensuring systems withstand and recover from disruption.
- **Strong Yes:** DORA; ICT risk management; Stress testing.
- **Strong No:** General cybersecurity.
- **Gold Standard Example:** "EU regulators finalize technical standards for DORA requiring payment firms to audit cloud-vendor resilience."

</taxonomy_definitions>

<excluded_categories>
The following categories exist in the full schema for context only. NEVER output these as tags:
- Anti-Bribery/Corruption
- Conduct of Business
- Corporate Governance
- Disputes and Litigation
- Precept
- Alcohol Vending
- Tobacco Vending
</excluded_categories>

<mandatory_logic_rules>
<enforcement_hierarchy>
IF you identify any of the following "Child" enforcement actions, combine them into a single tag using the format "Enforcement - {Child}":
- Enforcement - Financial Penalty
- Enforcement - Licence Revocation
- Enforcement - Licence Suspension
- Enforcement - Remedial Action
- Enforcement - Restrictive Order
- Enforcement - Warning

Use the combined tag as either the primary or secondary tag. The OTHER tag should then capture the subject matter (e.g., AML/CTF, Sanctions, Customer Protection).
Do NOT output bare "Financial Penalty", "Licence Revocation", etc. without the "Enforcement - " prefix.
Do NOT output bare "Enforcement" without a child type when a specific enforcement action is identifiable.
</enforcement_hierarchy>

<strict_boundaries>
- Sanctions: Only tag if "sanction" or "sanctioned" is explicitly in the text.
- Financial Penalty: Do not tag for amounts under 2500 EUR.
- AML/CTF: Exclude general Fraud or Sanctions unless specifically related to Terrorist Financing.
- Operational Resilience vs Cybersecurity: Use Operational Resilience for system recovery/DORA; use Cybersecurity for infrastructure attacks like Ransomware.
</strict_boundaries>
</mandatory_logic_rules>

<tagging_constraints>
- Always provide exactly one primary tag and one secondary tag per update. Do not exceed two tags.
- The primary and secondary tags must be different from each other.
- Only use tags from the taxonomy list above. Do not invent new tags. Never use excluded categories.
- Provide a confidence score (0.0 to 1.0) for each tag reflecting how well it matches the content.
- Highlight anything with a confidence of less than 0.75 as requiring human review in the reasoning.
- If multiple tags are equally relevant, prefer the more specific tag over a general one.
- If an enforcement action is identified, use the combined "Enforcement - {Child}" format (e.g., "Enforcement - Financial Penalty") and pair it with the relevant subject-matter tag.
</tagging_constraints>

Return your classification as a JSON object with these six fields:
- primary_tag: the primary specialism tag (string, exact tag name from taxonomy)
- primary_confidence: confidence score for the primary tag (number, 0.0-1.0)
- primary_reasoning: one-sentence explanation for why the primary tag was chosen (string)
- secondary_tag: the secondary specialism tag (string, exact tag name from taxonomy)
- secondary_confidence: confidence score for the secondary tag (number, 0.0-1.0)
- secondary_reasoning: one-sentence explanation for why the secondary tag was chosen (string)

Few-Shot Examples

--- Example 1 ---

Input:
TITLE: EU AMLA launches money laundering risk assessment for supervised entities

BODY:
On February 10, 2026, the Financial Supervisory Authority (FSA) published an announcement on the European Union's Anti-Money Laundering Authority (EU AMLA) money laundering risk assessment testing. The EU AMLA will launch a large-scale risk assessment test in 2026 to collect data on the money laundering and terrorist financing risks of entities supervised by the FSA. The FSA will shortly contact the selected companies directly and provide detailed technical instructions, a data collection form and a schedule.

Output:
{
  "primary_tag": "Anti-Money Laundering/Counter-Terrorism Financing (AML/CTF)",
  "primary_confidence": 0.95,
  "primary_reasoning": "The update directly concerns the EU AMLA's money laundering and terrorist financing risk assessments for supervised entities, which is core AML/CTF regulatory activity.",
  "secondary_tag": "Supervision",
  "secondary_confidence": 0.80,
  "secondary_reasoning": "The risk assessment is a supervisory tool — the FSA will contact selected companies for data collection, representing ongoing regulatory oversight of payment firms."
}

--- Example 2 ---

Input:
TITLE: OFSI imposes monetary penalty on Bank of Scotland for sanctions breaches

BODY:
OFSI has imposed a monetary penalty of £160,000 on Bank of Scotland plc for breaches of the Russia (Sanctions) (EU Exit) Regulations 2019. The bank processed 24 payments to or from an account held by a designated person after failing to properly implement an automated screening rule.

Output:
{
  "primary_tag": "Enforcement - Financial Penalty",
  "primary_confidence": 0.97,
  "primary_reasoning": "OFSI imposed a clear monetary penalty of £160,000 on a named financial institution for identified regulatory breaches.",
  "secondary_tag": "Sanctions",
  "secondary_confidence": 0.90,
  "secondary_reasoning": "The penalty was specifically for breaches of the Russia Sanctions Regulations, and the text explicitly mentions 'sanctions' and a 'designated person'."
}

--- Example 3 ---

Input:
TITLE: UK Cyber Security and Resilience Bill mandates incident reporting

BODY:
UK Cyber Security and Resilience Bill (2026) mandates two-stage incident reporting: 24-hour initial notification and 72-hour full report for all essential payment infrastructure providers. Home Office expands cyber mandate: Payment firms must now report 'pre-positioning' and ransomware encryption attempts even where service disruption is avoided.

Output:
{
  "primary_tag": "Cybersecurity",
  "primary_confidence": 0.93,
  "primary_reasoning": "The update mandates cyber incident reporting including ransomware attempts for payment infrastructure providers, which is core cybersecurity regulation.",
  "secondary_tag": "Regulatory Reporting",
  "secondary_confidence": 0.72,
  "secondary_reasoning": "Low confidence — requires human review. The 24-hour and 72-hour reporting obligations are incident reporting requirements, but the primary focus is cybersecurity rather than general regulatory reporting."
}

← Back to Classification Confidence