In the last six months, the Financial Conduct Authority (the FCA) has repositioned itself as a regulator for growth, in line with the Government’s growth agenda. There’s still a strong focus on consumer protection but this now sits alongside the growth agenda and the FCA is paying closer attention to the regulatory burden on firms and how that can be eased.
People have asked me whether this means the FCA will adopt a light-touch approach to regulation, making regulation something firms don’t need to be as concerned about. My view is that firms still need to pay very close attention to compliance with regulatory requirements but there’ll be more emphasis on firms deciding for themselves what they need to do to comply. They’ll need to consider their strategy, the business they’ll do (and not do), the customers who’ll make up their target market, how they’ll carry on business and deal with their customers and how activities and all aspects of the business will be reviewed, checked and overseen. They’ll need to consider how problems will be spotted and addressed and how they can ensure the business will be resilient and robust. The Consumer Duty is a good example of what this new approach might look like.
Where a firm gets compliance right, expect a lighter touch on the part of supervisors. Put regulation and compliance on the back burner, and expect supervisory attention to be laser-sharp and thoroughly intrusive.
Here are some thoughts on what firms will need to consider.
1 This is a work in progress – we’re in the early stages of the change of approach by the FCA. Some streamlining work is subject to consultation at present but we don’t know the full shape or details of proposed changes or how they’ll fit together and that’s likely to remain the case until 2026.
2 Therefore, keep a close eye on proposals in the coming months – more consultations will be launched during 2025 and it should then be easier to identify points the FCA keeps coming back to, overall messages and areas the FCA is focusing on.
3 Until then, assume nothing’s altered – above all, don’t work on the basis that regulation doesn’t matter. We aren’t in an era of regulatory free passes.
4 But we can see a broad outline of where regulatory emphasis will lie in the future – I’m expecting regulation to boil down to five topics, five ‘pillars’ of regulation.
- Operational resilience
- Financial resilience
- The Consumer Duty
- Preventing financial crime
- Governance
Focusing on these topics should achieve most of what the FCA is looking for (and, probably, the Prudential Regulation Authority too). Put differently, not focusing on these topics will almost certainly bring supervisory attention and regulatory consequences.
5 Of these five pillars, governance is the cross-cutting topic – as well as being a topic in its own right, governance is relevant to each of the other topics. Robust operational resilience, for instance, requires robust governance and the same is true of the other topics. And if a firm doesn’t have robust governance, there are likely to be regulatory compliance weaknesses.
6 Robust governance is essential to firms deciding how to comply with broad standards and being able to evidence how they’ve done that – robust governance includes:
- frameworks within which firms make decisions;
- systems and controls, including the three lines of defence model and policies, processes and procedures; and
- oversight by the board of directors.
7 Robust governance is also essential if boards and senior managers are required to attest to compliance – if the onus is on firms to decide how to comply and there’s less intrusive supervision by the FCA, it follows that supervisors are likely to want firms to confirm that what they’ve done results in compliance. Even if attestations aren’t used as a BAU supervisory tool by regulators, expect them to be used where concerns arise. Robust governance will be needed for attestations to be given.
Ruth Finch
June 2025
This article is intended to provide general information about current and expected topics and perspectives that might be of interest. It does not provide or constitute, or purport to provide or constitute, advice relevant to any particular circumstances. Legal or other professional advice relevant to any particular circumstances should always be sought.