DoorDash puts 40 countries on stablecoins via Tempo, the UK folds payments + stablecoins + tokenized deposits + Open Banking under a single regulator, and the MCP protocol that agentic commerce is built on has spent a week with an unpatched RCE flaw Anthropic refuses to fix.

[HIGH] Central Bank of Brazil activates MED 2.0 Pix rules: Nubank, Itaú and Caixa apply automatic limits and blocks. Estado de Minas (Apr 22) reports IN BCB 491/2024 enters into force forcing 72h precautionary holds on suspicious transactions and limits of R$200 per operation, R$1,000 daily for unregistered devices. The new MED 2.0 architecture is BCB's answer to the 2025 Pix-fraud epidemic. The structural data point: Brazil privileges the preventive mechanism (automatic limit) over the reactive one (post-fraud refund) — opposite model to European PSR3. Estado de Minas (Apr 22)

[HIGH] Block and Uber expand global partnership: Cash App Pay lands on Uber and Uber Eats USA — 59M Cash App MAU. PYMNTS (Apr 22) covers the deal: Cash App Pay checkout on Uber, coordinated promotions, 59M Cash App MAU as accepting base. Susan Anderson (Uber) positions it as access to "younger, more diverse consumers". The meaningful piece: Cash App becomes a commerce-wallet in one of the most consolidated US super-apps — Block turns its P2P into a payment-method for real-world spend. PYMNTS (Apr 22)

[HIGH] FCA launches AI Live Testing cohort 2: Barclays, UBS, Experian, GoCardless, Lloyds among the 8 consortia. FCA (Apr 22) confirms the second AI Live Testing round running probes with small-language models and neurosymbolic architectures on agentic payment initiation, automated KYC, predictive AML detection and retail credit modeling. Cohort 2 operationalizes the framework announced the same day by HM Treasury — the UK synchronizes regulator and government around agentic commerce. FCA (Apr 22)

[HIGH] Infinite launches dedicated FDIC bank accounts with embedded stablecoin + fiat, backed by Erebor Bank. Manila Times / PR Newswire (Apr 22) reports Infinite Accounts' debut: FDIC accounts with proprietary routing operating ACH, wire, RTP and stablecoins over a single API. Integrates mint/burn against fiat flows + smart routing between rails. Circle, Paxos and Brale as initial providers. It's the first US FDIC bank account with native stablecoin on the balance sheet — changing the KYC/AML workflow for cross-currency payments. Manila Times (Apr 22)

[HIGH] PACE Act introduced in US Congress: non-bank FinTechs get access to Fedwire, FedNow and ACH with 1:1 reserve under OCC supervision. MENA Fintech Association (Apr 22) covers the bipartisan introduction of the Payments Access and Consumer Efficiency Act by Young Kim (R-CA) and Sam Liccardo (D-CA). Entities holding 40+ state money-transmitter licenses could register as "covered providers" — eliminating dependence on the sponsor-bank model. 100% reserves in cash / Fed deposits / T-bills. Structural disruption for the US depository monopoly over Fed rails. MENA Fintech (Apr 22)

[MEDIUM] Help Net Security: 90% of banking breaches in 2025 financially motivated, 20% involve Shadow AI, 97% of affected organizations without adequate controls. Help Net Security (Apr 22) synthesizes 2025 financial-sector data: ransomware = 36% of incidents, average breach cost $5.56M, third-party breaches = 30%. JPMorgan, Citigroup and Morgan Stanley evaluated joint exposure from a shared third party. The critical number: 97% of organizations affected by Shadow AI lacked AI-specific controls — the precondition for the MCP risk of TOP 3. Help Net Security (Apr 22)

[MEDIUM] Bank of Korea's new governor backs CBDCs and deposit tokens — explicitly omits stablecoins. Cointelegraph (Apr 21) covers the new BOK governor's first formal address: Project Hangang (CBDC) + deposit tokens as core digital ecosystem, no mention of private stablecoins. Reflects the post-election policy line: South Korea goes CBDC-first, with Samsung Pay + KakaoPay as institutional wallets — opposite to the UK approach (stablecoin-friendly) announced on the same day. Cointelegraph (Apr 21)

[MEDIUM] Banco de la República evaluates expanding Bre-B Colombia to corporate payroll — 12.67M active keys, only 8.6% corporate. Infobae (Apr 21) reports the Colombian central bank's intent to bring Bre-B to real-time payroll. Colombia has 34.58M registered customers but only 8.6% of keys belong to legal entities — the structural gap the system aims to close by eliminating banking hours + file-loading windows. Replicates the Pix-Brazil model in corporate payroll before larger economies. Infobae (Apr 21)

[MEDIUM] Fime launches FACT framework in Singapore — security middleware for agentic commerce that validates AI intents against policy constraints. Fintech News SG (Apr 22) covers the commercial debut of FACT (Framework for Agentic Commerce Trust): middleware layer intercepting transactions initiated by AI agents, validating parameters against policy constraints and injecting cryptographic attestation into the authorization flow. It's the first commercial response to the MCP problem — what MCP doesn't do (sanitization), FACT does externally. Fintech News SG (Apr 22)

[MEDIUM] PayPal becomes exclusive P2P partner of the NFL — activation from the Pittsburgh Draft. SportsMarketing (Apr 22) reports the multi-year contract between PayPal and the National Football League: exclusive P2P in the most lucrative US sports league. Massive acquisition channel: each NFL game reaches 17-20M viewers, and P2P activates micro-transactions between fans. Reinforces PayPal's post-2024 strategy of P2P + merchant commerce convergence through a unified wallet. SportsMarketing (Apr 22)