UK watchdog seeks stronger AI powers for financial services oversight

The UK's Financial Conduct Authority is considering stronger regulatory powers over artificial intelligence in financial services after executive director Sheldon Mills warned that regulators are in an "arms race" to keep pace with rapidly expanding AI use, according to the Financial Times.

Speaking ahead of the publication of an FCA-commissioned report due on Monday, Mills said the regulator should review within the next three to six months whether large language models such as ChatGPT, Claude and Gemini that provide financial guidance should fall within its regulatory remit.

He told the FT that the watchdog would need greater powers and would have to adopt AI itself to "monitor, detect and tackle the risks" created by the technology's rapid development. "It is an arms race," he said.

The report follows research commissioned by Mills which found that one fifth of UK adults are open to using AI models to make financial decisions on issues such as savings and borrowing, despite those services sitting outside the current regulatory framework. Mills questioned whether conversational AI systems are becoming "something closer to a recommendation, or guidance", noting that firms providing equivalent regulated advice already face stricter rules.

Mills argued that AI could widen access to financial advice traditionally reserved for wealthy clients, while warning that firms deploying autonomous AI systems must remain accountable for their actions. "You need a human on the hook for what they're doing," he said. His report recommends creating an AI-enabled financial capability service to provide free financial guidance to the public through collaboration between government and industry.

The report recommends expanding the FCA's oversight of major technology providers through the UK's critical third parties regime, which could cover companies including OpenAI, Anthropic, Amazon, Google and Microsoft. The government has yet to decide which providers will be formally designated under the regime, which would require greater operational resilience testing and disclosure.

According to the report, AI is expected to increase the sophistication of fraud, cyber attacks, deepfakes and synthetic identities, while offering new tools to combat those threats. It recommends giving the FCA additional powers under the designated activities regime, allowing it to regulate specific AI-related activities without requiring firms to become authorised financial institutions.

The FCA board is expected to consider Mills' recommendations before deciding its response. The regulator has previously faced criticism from some MPs over a 12-week contract with Palantir to test AI systems for tackling financial crime, although both the FCA and Palantir have denied concerns that the arrangement could expose sensitive UK financial data to US authorities.



Share Story:

Recent Stories


Creating value together: Strategic partnerships in the age of GCCs
As Global Capability Centres reshape the financial services landscape, one question stands out: how do leading banks balance in-house innovation with strategic partnerships to drive real transformation?

Data trust in the AI era: Building customer confidence through responsible banking
In the second episode of FStech’s three-part video podcast series sponsored by HCLTech, Sudip Lahiri, Executive Vice President & Head of Financial Services for Europe & UKI at HCLTech examines the critical relationship between data trust, transparency, and responsible AI implementation in financial services.

Banking's GenAI evolution: Beyond the hype, building the future
In the first episode of a three-part video podcast series sponsored by HCLTech, Sudip Lahiri, Executive Vice President & Head of Financial Services for Europe & UKI at HCLTech explores how financial institutions can navigate the transformative potential of Generative AI while building lasting foundations for innovation.

Beyond compliance: Building unshakeable operational resilience in financial services
In today's rapidly evolving financial landscape, operational resilience has become a critical focus for institutions worldwide. As regulatory requirements grow more complex and cyber threats, particularly ransomware, become increasingly sophisticated, financial services providers must adapt and strengthen their defences. The intersection of compliance, technology, and security presents both challenges and opportunities.