How-to guide: Introduction to the UK financial services regulators (UK)

Introduction

This guide will assist in-house counsel, private practice lawyers, risk and compliance teams and others understand who regulates the financial services sector in the UK and how they do it.

The guide is an introduction to the key financial services regulators including the Prudential Regulation Authority (PRA) and the Financial Conduct Authority (FCA). Recent changes have started to reshape the UK financial services regulatory framework, and in section 5 there is an overview of those changes which include enhanced rule-making powers and a new secondary objective for the FCA and PRA to facilitate the international competitiveness of the UK economy and its growth in the medium to long term.

This guide covers:

Overview of the current UK regulatory framework
The FCA
The PRA, Bank of England and the Financial Policy Committee
Interaction and collaboration between the regulators
The future regulatory framework

This guide can be used in conjunction with the following How-to guides: The general prohibition – beware the consequences of breach and Checklists: Preparing an application to the FCA or the PRA for a Part 4A permission and Preparing an application to vary a Part 4A permission at the request of a firm.

Section 1 – Overview of the current UK regulatory framework

The main framework for financial services regulation is set out in the Financial Services and Markets Act 2000 (FSMA) with much of the detailed provision contained in secondary legislation. One of the principal purposes of FSMA is to set out what is and what is not subject to regulation. This is often known as the regulatory perimeter. FSMA defines the scope of the UK’s financial regulation in respect of FSMA-regulated activities and prohibits any person (unless an exemption or an exclusion applies) from carrying on regulated financial services business in the UK without having the relevant authorisation. It should be noted that the consequences of breach are serious and could lead to criminal or disciplinary offences, unenforceable contracts, payment of compensation and reputational damage. See How-to guide: The general prohibition – beware the consequences of breach.

1.1 The current regulatory framework

Under the current model of regulation, the two key regulators – the FCA and the PRA – generally set the direct regulatory requirements in their rulebooks. While there is no exact definition of what constitutes the regulatory framework, a broad view would include the general principles and processes for developing financial services policy in the UK eg, including who specifies and defines regulated activities, the institutions responsible for developing policy and supervising compliance, and the mechanisms by which the regulatory authorities are held accountable.

1.2 Future regulatory framework reforms

Until the beginning of 2021, the UK was also bound by EU regulatory requirements relating to financial services which are now contained in retained EU law (which exists as a category of law carried over into UK law post-Brexit). On 29 June 2023 the Financial Services and Markets Act 2023 received royal assent, a landmark piece of legislation which introduced major and far-reaching reforms reshaping the UK’s future regulatory framework (FSM Act 2023) outside the EU. The Treasury and the regulators are now in the process of removing direct EU-derived obligations (including retained EU law) from legislation into the UK regulators’ rulebooks. Work is being undertaken at a staggered pace in ‘tranches’ to manage the impact on industry.

Due to the significant interest in these objectives, a new ‘Smarter Regulatory Framework (SRF) section in the November 2023 Regulatory Initiatives Grid (see pages 54-60) was created, bringing all initiatives together in one place. Updates on additional work will be set out in updated Regulatory Initiatives Grids (these are published periodically usually twice a year), with the latest edition published on 14 April 2025. The grid sets out how the regulators’ growth plans are taking shape and serves to update the industry and stakeholders on the timing of initiatives that may affect them.

Section 2 – The Financial Conduct Authority (FCA)

2.1 Who is the FCA?

The FCA is a private company limited by guarantee and governed by the FCA Board which sets FCA policy and is accountable to the Treasury and to parliament. Section 3C of FSMA states that in managing its affairs the FCA must have regard to generally accepted principles of good corporate governance. It must make and maintain effective arrangements to consult practitioners and consumers and also consult with six independent statutory panels.

In addition to other reporting and record-keeping obligations in the exercise of its functions (eg, to publish a record of each meeting of its governing body), the FCA must submit an Annual Report to the Treasury setting out how it has discharged its functions. It must also include a corporate governance statement and specify the remuneration details of senior members. The FCA is required to operate in a transparent way and provide detailed information to parliament, law firms and individuals as necessary.

2.2 What does the FCA do?

As the name suggests, the FCA is responsible for the authorisation and regulates conduct of business of all authorised firms in the UK. The FCA regulates alongside the Bank of England, PRA and the Financial Policy Committee (FPC) to protect and enhance confidence and stability in the UK financial system and advance the international competitiveness and medium to long-term growth of the UK economy. The FCA is also responsible for the prudential regulation of smaller non-systemically important firms eg, independent financial advisers which are not covered by the PRA. The FCA website sets out a list of the kind of activities and the type of firms it regulates.

2.2.1 Listing regime

The FCA sets and administers the criteria governing admission to the official list for the purposes of part 6, FSMA. The FCA acts as the competent authority which entails specifying the requirements to be complied with by issuers of securities. The FCA is responsible for maintaining the official list and applications for listing must be made to them. A detailed analysis of the listing regime is outside scope of this guide.

2.2.2 Market abuse

The FCA regulates market conduct and works closely with all players in the financial services industry to identify, prevent and punish market abuse such as insider dealing and market manipulation. The FCA can take enforcement action, for example, in relation to false or misleading statements or other forms of market manipulation with possible sanctions of fines, withdrawal of authorisation and if appropriate criminal prosecution.

2.2.3 Money laundering

The FCA has authority for monitoring and enforcing compliance under the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 (as amended) (MLRs).

2.2.4 Payment Services Regulator

The Payment Services Regulator (PSR) is an independent subsidiary of the FCA with its own objectives and governance. Its remit covers various designated retail payment systems including interbank systems such as Bacs and LINK and card payment systems like Mastercard and Visa Europe. The PSR’s aim is to promote competition and innovation in payment systems and ensure that payment systems operate in the interests of the people and the businesses using them. On 11 March 2025, the plans were announced to consolidate the PSR and its functions mainly within the FCA and the government published a consultation on the proposals.

2.2.5 Competition Markets Authority

In line with the FCA objective to promote competition (see section 2.4 below), the FCA has ‘concurrent competition powers’ with the Competition Markets Authority (CMA). How this operates in practice and what this means for financial services firms is set out in more detail here.

2.2.6 The Financial Ombudsman Scheme

The Financial Ombudsman Service (FOS) is a public body established to settle and resolve disputes between consumers and FCA-regulated firms (as an alternative to resolution via the courts). The FCA sets the rules that must be followed for complaint handling by authorised firms, however if a resolution cannot be reached, the FOS has statutory powers to settle disputes. In July, the government launched a consultation proposing a review of the FOS framework. This was accompanied by a joint consultation from the FCA and FOS aimed at modernising the redress system to better serve consumers. On 13 August 2025, the FOS followed with a separate consultation on changes to its fee structure. All three consultations closed for comment on 8 October 2025, and a policy statement confirming the proposed changes and implementation periods is expected in the first quarter of 2026.

2.2.7 The Financial Services Compensation Scheme

The Financial Services Compensation Scheme (FSCS) is the compensation fund of last resort established under FSMA to help eligible customers to make a claim for compensation where an authorised firm fails, becomes insolvent or ceases trading.

2.3 Fees

The FCA are an independent body funded entirely by the fees they charge to the firms they authorise and to other bodies such as recognised investment exchanges or registered firms. Details of the fees and levies charged by the FCA vary depending on whether it is an application for authorisation, a request to change permissions or annual fee payments.

2.4 Statutory objectives

The FCA’s first strategic objective is to ensure that the relevant markets function well so that consumers get a fair deal.

This strategic objective is supported by three underlying operational objectives:

Consumer protection (ie, introduce appropriate measures to safeguard consumers and build trust);
Integrity (ie, ensure firms act in the appropriate way to protect the stability of the UK financial system);
Competition (ie, to promote effective competition in the interests of consumers).

FSMA 2023 imposed a new secondary objective on the PRA and FCA to act in a way that advances the international competitiveness and growth of the UK economy in the medium to long term. In discharging its general functions (for example making rules, preparing and issuing codes, or guidance under FSMA), the FCA must so far as is reasonably possible act in a way which is compatible with its strategic objectives and advances one or more of its operational objectives. The FCA must also have regard to the principles of good regulation as set out in section 3B, FSMA.

For the purposes of this guide, we consider how the FCA advances these objectives through regulation, supervision and enforcement.

2.5 Regulation

If you are authorised by the FCA, it is important that you comply with its rules. Part of these rules relate to the behaviour and conduct of key personnel including:

Senior managers function under the senior managers and certification regime (SMCR) with the aim of holding individuals to account and increasing governance measures for senior managers. The government is currently reviewing this regime;
Certifying individuals as being ‘fit and proper’ and competent for the role when carrying out specific functions for a firm that can have a significant impact on the firm, customers or market integrity;
The code of conduct rules which apply to all employees except ancillary staff and set out the baseline standards of behaviour expected.

The FCA’s powers are extensive and to prevent harm occurring, the FCA uses several methods including:

monitoring compliance against required standards for regulated firms;
minimising the extent to which businesses carrying on regulated activities can be used for a purpose associated with financial crime;
setting standards expected when firms are selling products to customers;
removing misleading financial promotions from the market;
enforcing within its market abuse or money laundering remit;
investigating incidents of suspected breach and if necessary issue a warning proposing disciplinary action against a firm or an individual or actually taking such measures.

2.6 Supervision

The FCA supervises against a framework of principles known as the Threshold Conditions which apply to firms upon authorisation and on an ongoing basis. All regulated firms are expected to meet these standards of conduct and once authorised, senior managers of these firms are responsible for ensuring that these firms are operating in line with their regulatory obligations. They will be the focus of FCA attention if they do not. In addition, the FCA is the prudential regulator for all firms apart from PRA-regulated firms such as banks, building societies, credit unions, insurers and large investment firms.

The FCA is a forward-looking regulator and aims to pre-empt poor behaviours and culture in firms to mitigate risk and harm. The FCA considers the conduct of individual firms (eg, in terms of the governance of firms, business models or strategies or the accountability of senior managers) and how retail and wholesale markets are evolving. Firms regulated by the FCA vary significantly in size, risk and complexity. Operating a risk-based supervisory framework, firms categorised into different supervision portfolios eg, fixed portfolio supervision (larger firms with significant market impact receiving direct ongoing supervision) alongside sector portfolios based on similar business models. Engagement with the FCA will vary from periodic engagement (medium sized firms) to thematic work and regulatory returns (smaller firms). The FCA uses data from (among others) firms (eg, from on-site visits), trade associations, insights from other regulatory organisations, information from MPs and whistleblowers and consumer feedback to identify specific risks and where necessary to intervene to address harm. To deliver the best value, the FCA takes a proportionate, evidenced based approach to supervising firms and focuses on those firms whose misconduct would cause the greatest harm.

See the FCA's approach to supervision which sets out how the FCA supervises in practice. The FCA approach is judgement-led, shaped in part by five supervisory principles of being forward-looking outcomes-focused, proportionate and evidence-led, transparent and integrated and co-ordinated. These principles complement the FCA’s Principles for Business (see section 2.8). Their approach combines both proactive (eg, review of drivers of culture) and reactive supervisory methods (eg, baseline monitoring) alongside other types of supervisory methods such as attestations (ie where the regulator makes a request to a senior individual in the firm to attest that the firm will take or has taken an action that the regulator requires), skilled person reviews and thematic reviews.

See also section 2.9 below for more details on supervisory strategic priorities.

2.7 Enforcement

The FCA uses a wide range of enforcement powers under FSMA to ensure the protection of consumers and to investigate and enforce against firms and individuals who do not meet the required standards of conduct, where there is evidence of regulatory breaches or where a matter is in the public interest. The FCA enforcement division works closely with internal teams across the FCA, as well as other regulators and law enforcement agencies, including those from overseas. Examples of enforcement activities include withdrawing a firm’s authorisation, public censure, prohibiting individuals from carrying on regulated activities, or issuing fines against firms or individuals.

Facing a warning of suspected enforcement action by the FCA and particularly where sanctions arise not only carries significant risk in terms of financial penalty and criminal prosecution but can also lead to reputational damage and dent shareholder and investor confidence.

The FCA enforcement framework is set out in:

Enforcement Guide (ENFG): sets out the approach to investigations including when and how sanctions may be issued; and
Decision Procedure and Penalties Manual (DEPP) sets out procedures for issuing statutory notices, how decisions are made and how penalties are calculated.

In early 2024, the FCA unveiled plans to significantly change it enforcement approach including proposals to publicise investigations into firms. Facing strong industry backlash, the FCA reconsidered the approach and published policy statement (PS25/5). The revised policy, effective from 3 June 2025 reflects a more targeted enforcement approach towards ‘impactful deterrence’ with the FCA still intending to intervene earlier. The FCA has retained the ‘exceptional circumstances’ threshold for naming regulated firms under investigation. However, it may now name unregulated firms or individuals where it considers doing so to be in the public interest eg, including in cases involving unauthorised financial promotions or suspected offences related to unregulated activity, reactive announcements or anonymous announcements (subject to any other regulatory or disclosure restrictions). For details of the FCA enforcement process, see Enforcement Information Guide.

2.8 FCA Handbook and Principles for Business

The rules and guidance applicable to FCA-authorised firms are consolidated in the FCA Handbook, which includes conduct-of-business requirements, regulatory processes, prudential standards and specific specialist sourcebooks. The FCA Handbook reflects the regulatory regime and the role the FCA has.

In addition, the FCA Handbook sets out high-level standards including the FCA’s 12 Principles for Business (PRIN). These set out the minimum acceptable standards expected upon which the FCA’s supervisory approach is based. Where firms become aware of wrong-doing or breach of their regulatory obligations, they have a duty to notify the regulator under PRIN 11 (of anything that the regulator would expect notice). SUP 15 sets out the notification requirements that firms must follow and notifications should be delivered promptly (see in particular SUP 15.3 which lists events that must be reported upon immediately). Firms should develop internal escalation reporting procedures and staff should be trained so that they are aware of their reporting requirements. Firms should assess the materiality of the matter to determine how significant it is and maintain records of all notifications and decision-making.

Principle 12 was introduced with the implementation of the Consumer Duty such that a ‘firm must act to deliver good outcomes for retail customers’. The Consumer Duty applies to all authorised firms that have a material influence over or determine retail customer outcomes and across the whole distribution chain even where they do not have a direct relationship with the retail customer. The FCA hopes Consumer Principle 12 will advance their consumer protection and competition objectives. On 31 July 2023, the Consumer Duty started to apply to all new products and services, and all existing products and services that remain on sale or open for renewal. This was extended to closed products and services from 31 July 2024. Firms’ first board reports on complying with the Consumer Duty were due by 31 July 2024. Failure to comply with Principle 12 carries the risk of enforcement action leading to fines and reputational damage. See How-to guide: The FCA’s Consumer Duty: putting the needs of customers first and Checklist: Embedding the Consumer Duty: practical considerations.

The latest news and updates in relation to the FCA Handbooks are available here.

2.9 FCA – Priorities for 2025/2026 and beyond

In March 2025, the FCA published its five-year strategy for 2025–2030 (the Strategy), building on the outcomes and metrics set out in the three-year strategy (2022 to 2025). The Strategy identifies a range of opportunities and challenges facing the financial services sector including technological change, the need for sustainable growth, global uncertainty, financial resilience pressures and demographic change.

The FCA’s aim is to become a more efficient and effective regulator by deepening trust and rebalancing risk (across regulatory, market, firm and consumer risks) while supporting innovation, growth and consumer protection.

The Strategy sets out four key priorities:

Becoming a smarter regulator: The FCA intends to be more predictable, purposeful and proportionate in its approach. Key developments include:
- The FCA currently applies two-year supervisory programmes for the largest firms. It plans to adopt a more flexible model with less intensive oversight for firms that demonstrably seek to do the right thing.
- The FCA intends to provide firms with more direct contact points improving communications and improving market intelligence.
- Supervisory priorities will be significantly streamlined and communicated through a small number of market reports (produced once a year). These will outline risks, opportunities and insights from supervisory work. In enforcement, this focus means a streamlined portfolio of cases with the same number of outcomes but delivered faster.
- Increased investment in technology will enable faster, more assertive regulatory responses, detect anomalies and improve efficiencies. The FCA manages 100,000 cases annually and new approaches will help to manage this caseload more effectively.
Supporting growth: by enabling investment, fostering innovation and ensuring continued growth and competitiveness in the financial services sector.
Helping consumers navigate their financial lives: working with industry to boost trust in financial products, allowing for product innovation and widened access and ensuring the right information and support is available when decision-making. The Consumer Duty is integral to this approach to build trust and confidence in the financial services sector.
Fighting financial crime: remains a core priority for the FCA. The regulator views firms as a critical line of defence in identifying and disrupting criminal activity. It has made clear it will take assertive action against those who are using regulated firms as a cover for illegal activity (whether by fraud or market abuse). The FCA emphasises the importance of early and proactive engagement, technology and innovation, collaboration and partnership. By 2030 it hopes to report improvements in market cleanliness and a reduction in cases of investment fraud and authorised push payment fraud.

On 8 April 2025, the FCA published its Annual Work Programme 2025/26, outlining the specific actions it will take to implement and deliver on the same four priorities set out in its Strategy.

Section 3 – The Prudential Regulation Authority (PRA), the Bank of England (BoE) and the Financial Policy Committee (FPC)

3.1 Who are the PRA?

The PRA was originally established as a subsidiary of the Bank of England (BoE). However, as a result of the Bank of England and Financial Services Act 2016, the PRA responsibilities were merged into the BoE and the PRA became a committee of the BoE.

3.2 What do they do?

The PRA is the micro-prudential regulator responsible for the regulation and supervision of ‘systemically important firms’ (eg, banks, insurers and certain investment firms). The PRA is required to promote the safety and soundness of these firms in such a way which avoids adverse impacts on UK financial stability and minimises the effect that failure of a firm could have on UK financial stability. This principle of having a resilient and stable financial system underpins the PRA objectives and whilst it does not operate a ‘zero failure’ regime it seeks to ensure that firm failures minimize disruption to the financial system as a whole. The FCA acts as conduct regulator for all firms including those that are prudentially regulated by the PRA. The PRA and FCA work closely together.

For day-to-day regulation and supervision of PRA-authorised firms, the PRA has operational independence from the BoE and the FPC. The PRA regulatory focus is primarily at the individual firm and sector level with the most important decisions taken by the Prudential Regulation Committee (PRC).

The PRA also works closely with other authorities including the BoE, the FPC, the Special Resolution Unit (which has responsibility for planning for and implementing resolutions of failing UK banks, building societies, and some larger investment firms), the FCA, the FSCS, and international bodies.

The PRA is accountable to parliament and reports annually to the Treasury.

See PRA approach to policy document.

3.3 Fees

The PRA is an independent body funded entirely by the fees it charges to firms. See Policy Statement 10/25 which provides feedback to a previous consultation paper on fees and levies, and contains the PRA’s final policy on PRA fees for the fee year up to 28 February 2026.

3.4 Statutory objectives

The PRA has two primary objectives and two secondary objectives:

Primary objectives

to promote the safety and soundness of the PRA-authorised persons; and
an insurance-specific objective that insurance firms must contribute to securing an appropriate level of protection for present and future policy holders.

Secondary objectives

to facilitate effective competition in the markets for services provided by PRA-authorised persons in carrying on regulated activities; and
to facilitate the international competitiveness of the UK economy (in particular the financial services sector) and its growth in the medium to long term.

The PRA acts and adheres to its statutory objectives to ensure that the UK has a resilient and stable financial system and in promoting safety and soundness, the PRA focuses on minimising the harm that firms can cause to avoid significant disruption to the supply of critical financial services. The PRA must also have regard to the principles of good regulation as set out in section 3B, FSMA.

For the purposes of this guide, we will now consider how the PRA advances these objectives through regulation, supervision and enforcement.

3.5 Regulation

The PRA sets standards or policies that it expects firms to meet and monitors the firms’ compliance against them. For example, upon authorisation firms must meet (and must ensure ongoing compliance with the Threshold Conditions). There are similarities between each regulator’s Threshold Conditions however the PRA conditions focus on the safety and soundness objective.

The PRA needs to be assured that firms have adequate capital and liquidity and suitable risk management and governance frameworks. Alike the FCA above at section 2.5, the PRA have compliance requirements under the senior managers and certification regime (SMCR) for ‘fit and proper’ individuals and required rules of conduct.

3.6 Supervision

Through ongoing monitoring and supervision of regulated firms, the PRA assesses the risks that firms may pose to the PRA’s objectives and, where necessary, sets out clarification of its approach by way of supervisory statements and statements of policy.

The PRA’s approach to regulation and supervision is a focused and forward-looking approach (ie, the PRA assesses firms not just against current risks but also against future risks) and is judgement based (ie, the PRA uses its judgement to assess whether firms will continue to meet their Threshold Conditions). Supervision is tailored to the size, complexity and risk profile of each firm and assessed on a proportionate basis. The PRA take a structured approach when forming their judgements using a risk element framework to measure the net risk that any given firm poses to the PRA objectives. See here for details on how this is assessed (page 17, Figure 1).

Regulatory oversight is based on data collected from firms including financial results, minutes from board meetings, and regulatory returns. It is essential that authorised firms fully understand their reporting requirements and have appropriate policies and procedures in place to manage them. The PRA adopts a proportionate approach to supervision. Systemically important firms (including the UK’s largest banks and insurers) are subject to continuous assessment by dedicated supervisory teams with specialist expertise. These firms are closely monitored due to the potential impact their failure could have on financial stability. Lower risk firms (whose failure would be less disruptive) are supervised through a portfolio approach. This involves thematic reviews and sector level oversight with a greater emphasis on firms proactively notifying the PRA of issues.

The PRA’s most significant supervisory decisions are taken by its board – comprising the governor of the Bank of England, the deputy governor for financial stability, the chief executive officer of the PRA (and deputy governor for prudential regulation), a non-voting member from the Treasury, the chief executive of the FCA and independent non-executive members. The authority employs various supervisory tools including on-site visits, ongoing monitoring and skilled person reviews.

See PRA’s Approach to Supervision of the Banking and Insurance Sectors (Bank of England), PRA Dear CEO Letter to insurers and Supervision Overview – Bank of England.

3.7 Enforcement

The PRA has a broad range of investigatory and enforcement powers (including criminal powers) under various statutory regimes, such as FSMA and the Banking Act 2019. Enforcement action will be preceded by an investigation which may be triggered by supervisory concerns, whistleblowing reports, or where issues have been identified through regulatory returns.

PRA investigators gather information to consider whether enforcement action is necessary. If, following the investigation, the PRA considers that enforcement action is warranted, it may issue an enforcement notice. Sanctions for non-compliance can be significant and may include financial penalties, public censure, suspension or prohibition orders, and in serious cases withdrawal of a firm’s permissions. Where appropriate, the PRA may also coordinate with other regulators and enforcement agencies too.

Enforcement cases typically involve conduct that impairs the PRA’s ability to supervise effectively or presents systemic risks that threaten its statutory objectives. The Regulatory Investigations Guide provides a high-level overview of the investigation and enforcement process and the Bank of England’s approach to enforcement includes statements of policy on statutory notices, decision-making, financial penalties and publicity.

Those operating within the UK financial services sector should note that other agencies may have authority to take enforcement action, for example, the Serious Fraud Office (SFO) who investigate and sanction cases of fraud and bribery. Further consideration of their role is outside the scope of this guide.

3.8 PRA Rulebook and Fundamental Rules for Business

The PRA has its own rulebook (the PRA Rulebook) which sets out detailed granular rules governing firms. The rules are separated into different sector groups eg, banking and investment rules, insurance rules and rules for non-authorised entities such as holding companies. To search policies by topic area see Prudential and Resolution Policy Index.

As well as published policy material in the PRA Rulebook, the PRA also issues further guidance by way of supervisory statements (SS) (which set out PRA guidance on how firms should comply with regulatory requirements) and policy statements (SoP)(which are published alongside new or amended rules).

Authorised firms must ensure they meet the PRA’s and FCA’s Threshold Conditions at all times to carry out regulated activities. These are the minimum requirements that firms must meet to remain authorised and continue to operate.

In addition to the Threshold Conditions, there are eight PRA Fundamental Rules that apply to all PRA-authorised firms. These are high-level principles which apply proportionately to firms, based on a firm’s size and sector, and which collectively set out the PRA’s expectations of firms.

The PRA expects boards and senior management to understand the Fundamental Rules, and the more detailed rules in the PRA Rulebook and establish compliance frameworks, governance structures and an organisational culture that supports adherence to them. Firms should also ensure that they maintain adequate records throughout including attestations to enable them to have adequate information and evidence to support decisions taken and where required to notify the regulator.

Under Fundamental Rule 7, firms have a duty to deal with the PRA in an open and cooperative way and report matters that could affect the firm’s safety, soundness or regulatory compliance eg, governance failures or operational incidents.

3.9 PRA – Priorities for 2025/26 and beyond

The PRA has published its business plan for 2025/26 setting out its strategic priorities, workplan and budget. The annual plan acts as the signpost of regulatory focus, policy and activities for the coming year and sets out the regulatory initiatives across the respective chapters on banking (chapter 1), insurance (chapter 2), multi-sector (chapter 3) and operational effectiveness (chapter 4).

The strategic priorities for 2025/6 are to:

maintain and ensure the safety and soundness of the banking and insurance sectors, and ensure continuing resilience – cyber resilience is noted as a particular focus;
be at the forefront of identifying new and emerging risks, and developing international policy – by monitoring trends in new technologies and AI;
support competitive, dynamic and innovative markets, while promoting international competitiveness and growth, in the sectors that it regulates – closely linked to the secondary competition and competitiveness and growth objectives; and
operate an inclusive, efficient and modern regulator within the Bank of England – focus on proactive engagement with improved efficiency across operations, infrastructure and processes.

Key regulatory initiatives for the banking sector in the PRA’s 2025/6 Business Plan include finalising the ‘strong and simple’ framework for small domestic deposit takers (SDDT), implementing the Basel 3.1 standards, and conducting bank capital stress testing for larger banks with the Bank of England. The PRA will continue its work on securitisation rule reform, engage with firms on model and scenario risk management principles focusing on the expectations detailed in Supervisory Statement SS1/23. Liquidity and funding risk supervision remains a priority, with the PRA applying lessons learned from bank failures in March 2023. Additional initiatives include updating the supervisory approach to international bank branches entering the UK, supporting innovation in money and payments (including policy development on banks’ cryptoasset exposures) and further streamlining the remuneration regime.

Operational risk and resilience is a cross-cutting theme with stress testing planned for both the banking and life insurance sectors. Cyber resilience also remains a key focus, with the PRA continuing to assess firms’ capabilities through threat-led penetration testing.

The PRA is also working with the FCA and HM Treasury on broader regulatory reforms including changes to the SMCR regime aimed at improving the clarity, efficiency and proportionality of the regime. Firms are encouraged to continue active horizon scanning to stay ahead of regulatory developments and respond promptly to supervisory requests.

As noted above, a consolidated view of planned regulatory initiatives for the next 24 months for all regulators is set out in the Regulatory Initiatives Grid so the financial services industry and other stakeholders can understand the timing of initiatives that are likely to have a significant operational impact on them.

3.10 The Bank of England (BoE) and the Financial Policy Committee (FPC)

3.10.1 The BoE

The statutory objective of the BoE is to ‘protect and enhance the stability of the financial system of the United Kingdom’. The PRA as part of the BoE is closely connected to the Bank’s broader functions including oversight of financial market infrastructure, prudential policy development, operational resilience and resolution planning (ie, to ensure that if a bank or building society fails there is minimal disruption to vital services).

3.10.2 The FPC

The FPC is a committee of the BoE, acting as the macro-prudential authority responsible for monitoring the financial stability and resilience of the overall economic system. The FPC together with the PRC designs and conducts stress tests for major UK banks. These tests simluate hypothetical scenarios such as sharp downturns or market shocks and assess how such conditions could impact profitability, capital adequacy or overall profitability. The government provides the FPC with a written remit and recommendations at least once a year.

Section 4 – Interaction and collaboration between the FCA and the PRA

Sharing of information between the FCA and the PRA is critical to the success of the financial supervisory ecosystem. The regulators have a Memorandum of Understanding in place to ensure that there is effective collaboration and cooperation between them. By way of oversight, the coordination between them is furthered by the fact that their CEOs are members of each other’s boards.

Section 5 – The future regulatory framework

The UK is in the process of shaping reforms to carve out regulatory independence post-Brexit, re-shape the UK financial regulatory architecture and make significant amendments to existing financial services legislation, including in relation to FSMA to ensure that the UK financial services framework is sustainable in the future.

5.1 Financial Services and Markets Act 2023 (FSMA 2023)

FSMA 2023 received royal assent on 29 June 2023. FSMA 2023 is the legislative outcome of the future framework for regulation as set out in the Future Regulatory Framework (FRF) Review. It features significant reforms in the regulation of the UK financial services sector. FSMA 2023 had a staggered implementation, with certain provisions having come into force on 29 June 2023 and 11 July 2023 while others came into force on 29 August 2023 and 1 January 2024. Full implementation of key reforms is ongoing.

The Act includes the provisions listed below (among others).

A framework for the repeal of retained EU law replacing it with a new approach to regulation (based on the current FSMA model) with its transfer to the FCA Handbook, PRA Rulebook and Bank of England rules (see Schedule 1, FSMA 2023).
New objectives for the regulators:
- a new secondary objective to advance medium to long-term growth and international competitiveness for the PRA and the FCA subject to aligning with relevant international standards
  - Both regulators are required to report on their progress against this objective. In addition to reporting in their respective annual reports they produce more detailed reports:
    - The PRA’s second report, covering July 2024 to June 2025, was published 26 June 2025, showing tangible policy impact including prudential reform and simplified regimes to enhance competitiveness.
    - The FCA’s second report covering July 2024 to July 2025 was published in July 2025 detailing how they are embedding growth in operations, supervisory approach and data reform. See also FCA webpage on this.
- a new requirement for the regulators to have regard to climate change and net-zero economy objectives when discharging their general functions.
Additional oversight powers to the BoE, PRA and FCA in relation to critical third parties such as IT and cloud service providers who provide services to financial services firms. Designation as to ‘criticality’ will be assessed on how important the services are and how many firms rely on them.
A new regulatory regime for cryptoassets and the regulation of digital payments. See Quick view: Proposals for the regulation of cryptoassets.
Enhancing regulatory accountability, scrutiny, rule-making powers and oversight and increased public engagement and consultation across financial services regulation.

5.2 Edinburgh Reforms

On 9 December 2022, a further package of reforms to the UK financial services sector was announced by Jeremy Hunt (former Chancellor) covering a broad range of financial services regulations known as the ‘Edinburgh Reforms’. The Edinburgh Reforms are intended to deliver the next chapter of the Government’s vision for UK financial services, set out at by Rishi Sunak in his Mansion House speechof 2021, and are divided into four categories:

a competitive marketplace promoting effective use of capital;
sustainable finance;
technology and innovation; and
consumers and business with a focus on improving outcomes and access.

A report ‘Has Anything Changed?’ was published by the Treasury Committee of the House of Commons on 8 December 2023 assessing progress and on 26 April 2024, the Government published a further update to the House of Commons’ Treasury Committee Second Report on the Edinburgh Reforms in April 2024 (see Appendix).

5.3 Leeds Reforms

The Leeds Reforms were announced by Chancellor Rachel Reeves on 15 July 2025 representing a further overhaul of UK financial services regulation. These reforms build on the Edinburgh Reforms and aim to position the UK as a leading global player for financial services by 2035.

On 15 July 2025, HM Treasury unveiled this major package of reforms alongside the Chancellor’s Mansion House speech. Centred on the new Financial Services Growth and Competitiveness Strategy, these measures mark a focus on a regulatory framework that places growth, investment and international competitiveness at its heart.

Notable measures include:

shorter deadlines for processing regulatory applications;
streamlining FOS and the financial redress system;
changes to the capital framework for banks;
proposed reforms to the SMCR (see FCA proposals here and PRA proposals here);
FCA report on the application of the Consumer Duty to wholesale firms; and
the promotion of innovation through fintech and sustainability initiatives.