Our perimeter report

Whether an activity is within our perimeter can be complex. It is made more complex when new products and services are developed, or there are other changes in the way they are used or provided, which were not envisioned when a piece of legislation was written. 

Harm may occur due to the development of new products, activities or services that sit outside our perimeter. This is because during their development, they will generally not be subject to our rules designed to prevent harm. Then if harm does occur, we have only limited powers to act when it is happening outside our perimeter.

Consumers may suffer harm if they wrongly believe they are dealing with an authorised firm or individual carrying out a regulated activity or wrongly think they will be able to get redress or compensation through the Financial Ombudsman[3] or the FSCS[1]. Our ScamSmart[12] campaign aims to give consumers the knowledge and tools to help prevent them falling victim to scams. We do this by raising consumer awareness of the key warning signs of a scam and encouraging them to check our online warning list.

Harm could also occur if an unauthorised person pretends to be authorised, or if an authorised person conducts a regulated activity without the relevant permission from us to do so. Both are illegal. Consumers are at more risk of harm because that firm or individual has not gone through our approval process and so has avoided our scrutiny.

If a firm has not resolved a complaint, consumers may be able to get redress by taking the complaint to the Financial Ombudsman, or potentially claiming from the FSCS if a firm fails. The Financial Ombudsman is a statutory dispute resolution scheme that settles complaints fairly and impartially between eligible consumers and authorised firms. The FSCS is a statutory compensation scheme for eligible customers of authorised financial services firms carrying out certain regulated activities. This means it can step in to pay compensation if a firm is unable, or likely to be unable, to pay claims against it.

Consumers cannot always use these routes to get redress, because not all activities regulated by the FCA and PRA are protected by the Financial Ombudsman and the FSCS. There are also limitation periods that apply to bringing a claim to the FSCS or a complaint to the Financial Ombudsman. Consumers also have to be eligible to complain or to bring a claim.

To help consumers understand how they may be able to access redress, we require most firms to give customers information on how to make a complaint to their firm. We require firms to tell customers how they can refer their complaint to the Financial Ombudsman for an independent review if unhappy with the firm’s decision on their complaint (where the customer is an 'eligible complainant'). Firms are generally also required to let their customers know when compensation from the FSCS might be available if the firm cannot meet its liabilities.

The Financial Ombudsman is able to consider complaints against respondents (including firms) carrying out specified regulated activities and other activities. There are limits on the amount of redress[13] that the Financial Ombudsman can award. These limits differ depending on when the complaint was referred to the Financial Ombudsman.

FSCS cover applies to protected claims made by eligible claimants against firms who are in default, involving an activity which is regulated by the FCA or PRA under the RAO, and where the firm owes the claimant a civil liability for financial loss that it caused them. But this does not apply to all regulated activities. For example, it does not cover consumer credit activities apart from when conducted by certain debt management firms. As with the Financial Ombudsman, there are limits to the amount of compensation[14] that the FSCS can award.

Generally speaking, the FCA does not have powers to act in relation to non-authorised firms conducting activities which do not require authorisation by us.

We do have powers to make rules and impose obligations in relation to the activities of FCA-authorised firms, including their non-regulated activities where relevant to our statutory objectives. As a recent example, our new rules under the Consumer Duty[15] include specific obligations on the design of financial products and services for retail customers and ongoing support for them. These activities typically do not amount, in themselves, to regulated activities but are connected to regulated activities and the Consumer Duty applies to them.

Many of our rules pertain to how an authorised firm conducts its business in a more general way – for example, prudential requirements, our systems and controls rules, including the Senior Managers & Certification Regime[16] (SM&CR), and our rules on complaints handling.

We can use our powers under general consumer protection legislation for both regulated and unregulated activities. We have powers under the Consumer Rights Act 2015[17] and the Unfair Terms in Consumer Contracts Regulations 1999[18] to take action if we consider a term in a consumer contract is likely to be unfair or insufficiently transparent. We used these powers when we took action to have contracts used by Buy Now Pay Later (BNPL) lenders[19] changed and agreed refunds for affected borrowers.

We can also use our powers to enforce other consumer protection legislation such as the Consumer Protection from Unfair Trading Regulations 2008[20]. This can help us to tackle unfair commercial practices, even where our rules do not apply.

Financial services markets are dynamic and always changing and, given our large and growing remit, we need to prioritise where we take action. Given our limited powers to act against unregulated activities, defining where and how we might act against the harm they cause is not simple. 

We are more likely to act where the unregulated activity: 

• is illegal or fraudulent 
• has the potential to undermine confidence in the UK financial system 
• is closely linked to, or may affect, a regulated activity 

We work closely with partner agencies[21] to prevent harm and support consumers if things go wrong. These include:

• Bodies that provide consumer protection and guidance in financial services, such as the Financial Ombudsman and the FSCS. It also includes the Money and Pensions Service[22] (MaPS) who deliver free and impartial money, debt and pensions guidance to consumers through the MoneyHelper website[23].
• Other regulators and public bodies such as the Prudential Regulation Authority[24] (PRA) and the Bank of England[25], the Payment Systems Regulator[26] (PSR), the Competition and Markets Authority[9] (CMA), the Equality and Human Rights Commission[27] (EHRC), The Pensions Regulator[28] (TPR), and the Advertising Standards Authority[29] (ASA).
• Other law enforcement agencies, such as the Serious Fraud Office[30] (SFO), the National Crime Agency[31] (NCA) and the National Economic Crime Centre[32] (NECC).

We proactively communicate and share information, particularly when our partners have the power to act and we don’t, or when they are better placed to do so.

As well as publishing information on our perimeter, we work to help others understand the issues around the perimeter. This includes:

• Our Handbook has guidance on the perimeter, in the Perimeter Guidance manual (PDF)[33].
• In our supervision of firms, we discuss their activities and where they sit in relation to the perimeter.
• We promote innovation in consumers’ interests. Through our Innovation Hub[34], we help regulated and unregulated firms understand whether or not their planned activities, products, services and business models come within our regulation.
• We horizon-scan future market developments and work with the Treasury and the Bank of England to encourage healthy innovation while maintaining appropriate safeguards.
• We take appropriate enforcement action against breaches of the perimeter and publish details of these cases to foster understanding and act as a deterrent.

Firms and individuals are required to meet our regulatory requirements. We investigate, and take action where we can, to tackle harm where we suspect serious misconduct, or if we suspect unauthorised firms and individuals are carrying out regulated activities. 

We also highlight where we see gaps in the legislation and discuss this with the Treasury and the Government. We contribute to the Bank’s Financial Policy Committee’s work to assess potential financial stability risks involving the regulatory perimeter. However, the focus of our own work is on upholding our statutory objectives, including protecting consumers.

Changing the perimeter can take time and is not always an effective way to prevent harm. It may also increase our regulatory responsibilities which has implications for our resources and the fees we levy on the industry.

The FCA has delivered a number of initiatives to address fraud and misconduct risks that are outside the perimeter of regulation but involve authorised firms. 

Gateway

We have rolled out a holistic approach to firms applying for FCA authorisation.

We apply scrutiny of a firm’s financial information when we receive an application for authorisation. We conduct enhanced financial checks and we scrutinise firms’ funders and the controllers of these organisations so we can trace the funding back to its source.

Our review of a firm’s financial information is not solely designed to spot fraud. More broadly, it makes sure that the applicant firm meets our conditions of authorisation pertaining to financial resources. It supports case officers in spotting irregularities and where we do, we may engage with external parties who certify financial information, for example accountants and auditors.

Our colleagues consider how fraud might be identified during the authorisation process, differentiating across sectors and portfolios. Our intelligence checks for applicant firms and individuals also play a critical role in spotting potential fraud. We also gather further intelligence at the Gateway to add to existing sources. Our assessments leverage independently verified information when relevant and possible.

Where we identify concerns with a firm, we take an assertive approach. If we have concerns with an application, we share our concerns with firms. The firm can address the concerns or, if more work is required, it can result in the withdrawal of the application. Alternatively, we consider refusing applications if we have significant concerns that a firm is unable to address.

Identifying connected entities and individuals

Our financial promotion and enforcement taskforce (FPET) brings together colleagues with expertise in supervision and enforcement to deliver an integrated approach to tackling scams, breaches of the perimeter and non-compliant financial promotions, leading to more and earlier interventions.

On 14 February 2024, we published our financial promotions data 2023[35] – this report analysed the data for the action that FPET took from 1 January 2023 to 31 December 2023. We continue to work with partner agencies where appropriate.

Our ability to monitor harm caused by unregulated activities is limited – especially if the firms are not authorised. This makes it more difficult to identify harm and to conduct analysis.

We do not routinely collect significant data on unregulated activities. Firms must comply with our regulatory reporting requirements. These typically focus on activities that fall within our perimeter.

Where we do receive data or intelligence on unregulated activities, for example from other agencies or from consumers, this is generally after harm has happened.

We are investing in our people, technology and capabilities so we can find and stop harm quicker but will still face significant challenges when unregulated activities are the cause.

When we take action to prevent misconduct in one product or activity within or outside our perimeter, these players, who may be well resourced, frequently seek out new opportunities in other products or activities. We aim to reduce this 'waterbed effect' by sharing intelligence with other agencies and issuing warnings on our website.

We try to provide clarity on the perimeter where we can and to enable consumers to make informed financial decisions. However, the complexity of the perimeter, and continuous changes in financial services, products and services mean we will never be able to remove all uncertainty and ambiguity.

In the following sections, we provide detail on specific topics involving our perimeter to provide greater clarity on our position and our work.

This issue was first publicly raised in September 2020.

Unregulated lead generators are a major point of entry to the individual voluntary arrangements (IVA) and Protected Trust Deed (PTD) market. They pass leads to FCA-authorised debt packager firms and to Insolvency Practitioners (IPs) regulated by Recognised Professional Bodies, overseen by the Insolvency Service (IS). IPs benefit from an exclusion in the RAO which typically enables them to provide debt advice without being FCA regulated. 

We understand that consumers seeking debt advice need help which meets their needs and enables their financial recovery. Referral fees paid by debt solution providers in exchange for customer leads can lead to poor consumer outcomes. We found that debt packagers – which we regulate – had a conflict of interest between having regard to the best interests of consumers (as our rules require) and giving debt advice which maximises revenue for the firm from referral fees. This business model put consumers at risk of harm from entering into an inappropriate debt solution, which is why we banned debt packagers from receiving referral fees in June 2023 (PS23/5[36]). 

Alongside this, we also introduced new guidance to clarify when lead generators may need to be authorised by us. 

We continue to work closely with regulatory partners including the IS which responded to a Call for Evidence[37] on its Personal Insolvency Framework in August 2023. We will continue to support the Government and the IS in any efforts to address the risk of harm to consumers in this market.

This issue was first publicly raised in September 2020.

An appointed representative (AR) is a firm or person who carries on regulated activity under the responsibility of an authorised firm. This authorised firm is known as the AR’s ‘principal’ and is responsible for the AR’s activities, including its compliance with our rules. Firms and individuals may want to be an AR for a range of reasons, including being able to undertake certain regulated activities without having to become FCA authorised in their own right.

The AR regime is a long-standing feature of the UK’s legislative regulatory architecture. It was created primarily to allow self-employed representatives to engage in regulated activities without having to be authorised. In particular, it allowed insurers and other product providers to distribute products through self-employed sales agents by appointing them as ARs. 

Over time, the way in which the AR regime is used has evolved. Today, the regime is used in a diverse range of business models such as networks and regulatory hosts. The scope of business which can be carried out within the AR regime has also expanded with time. Principals and their ARs now offer a wide range of products and services across many different sectors, for example, from retail and general insurance to investment management.

Where these models are well run, we believe they can bring benefits such as wider consumer access and greater innovation. However, we have identified risks of harm to consumers when principals do not adequately oversee the activities of their ARs. Our consultation paper CP21/34 (PDF)[38] highlighted, that on average, principals generate 50% to 400% more complaints and supervisory cases than directly authorised firms doing the same type of business.

In our 2022 to 2025 Strategy (PDF)[39] we committed to a new and extensive programme of work on the AR regime, including:

• consulting on changes to the AR regime
• greater engagement with, and scrutiny of, firms as they appoint ARs, both for new applicants for authorisation and already-authorised firms
• targeted supervision of principal firms across the whole financial services sector, using improved data and analytical tools to focus our work

Our Annual Report 2022/23[40] and Annual Report 2023/24[41] set out the steps we have taken so far to tackle harm from the regime. Notably, in August 2022 we published new rules and guidance to strengthen the AR regime (PS22/11 (PDF)[42]). The new rules and guidance came into force on 8 December 2022. The changes clarify and strengthen the expectations of principal firms’ oversight of ARs, including ensuring they have adequate systems, controls and resources.

We also supported the Treasury’s Call for Evidence, which closed on 3 March 2022, to assess whether wider legislative changes are needed. We will continue this important work with the Treasury and would welcome progress on next steps.

This issue was first publicly raised in September 2020.

Firms increasingly depend on unregulated third-party service providers to deliver their important business services to consumers and markets. Where many firms, or even one significant firm, rely on the same third party to deliver their services, such as cloud service providers, the potential harm increases if the third party, or the services it provides, fail or are disrupted. Indeed, third-party related issues were the most frequently reported root cause of operational incidents reported to us across 2022-2023. 

As the Financial Stability Board noted in December 2023 in its final report on enhancing third-party risk management and oversight – a toolkit for financial institutions and financial authorities[43], concentration in the provision of third-party services to firms does not automatically pose systemic risks, nor is it inherently or invariably problematic. Concentration can reflect the quality, including the resilience, of a third party’s services. However, in line with the comments of the Bank of England’s Financial Policy Committee (of which FCA CEO is a member) in its Q2 2021 Financial Policy Summary and Record[44], the greater the share of the financial sector relying on a third party, the greater the risk to the UK financial system in the event of failure or disruption.

To tackle this systemic risk, FSMA 2023 gave the FCA, PRA and Bank of England a suite of powers and shared regulatory oversight of certain third parties that the Treasury designates as a Critical Third Party. Under these powers, we can make rules that the third party must follow; investigate and gather information; publicly censure the third party; and place limitations on or prohibit arrangements between third parties and regulated firms. Unlike our powers over regulated firms, these powers apply in relation to the services for which the third party is designated by the Treasury, not to the Critical Third Party as a whole. We do not have the power to impose fines on Critical Third Parties.

We published our proposals for Critical Third Parties under these new powers jointly with the PRA and Bank of England in Consultation Paper (CP23/30[45]) in December 2023, and included:

• an approach to identifying third parties that we should recommend to the Treasury for designation
• a set of Fundamental Rules and Operational Risk and Resilience Requirements
• rules on resilience testing, incident notification and information gathering requirements

In November 2024 we published our Policy Statement[46] including final rules.

Current requirements and guidance will continue to make regulated firms responsible for identifying and managing their own outsourcing and third-party risks: firms cannot delegate regulatory responsibility for outsourced processes or services. The proposed regime targets the systemic risk that an individual firm cannot mitigate.

This issue was first publicly raised in April 2021.

Deposit aggregators (also known as savings platforms or savings marketplaces) are firms that provide intermediary services to retail consumers with savings accounts. They can offer a convenient service for customers to spread deposits across different banks and building societies, to get the best interest rates and potentially maximise FSCS protection for high balances under the deposit protection scheme (PRA's rules). Deposit aggregation is a growing market.

Deposit aggregation is not a regulated activity under FSMA, although it can involve activities or services that are within our perimeter, in particular payment services. Most, but not all, deposit aggregators are within our perimeter because they are regulated for these other activities or services. We have no remit to supervise unregulated deposit aggregators. 

Deposit aggregation offers benefits to consumers, but there are also risks of consumer harm. For example, customers who are also investing directly with banks or building societies may unknowingly breach the FSCS limit because they do not realise different trading names are part of the same group. There could also be liquidity risks to banks and building societies accepting deposits from deposit aggregators, for example, where there is a concentration of deposits from a small number of aggregators who might move them at the same time.

In April 2021, the FCA and PRA jointly wrote a Dear CEO letter (PDF)[47] to all banks and building societies to highlight the risks from deposit aggregation and the actions needed to mitigate them. We reminded them of their responsibilities for the content of and conduct around financial promotions for savings accounts where a deposit aggregator advertises products as their agent.

We have updated the deposit aggregators entry[48] in the A-Z of financial terms to explain that deposit aggregators are not necessarily regulated by us and that, even where we regulate them for other activities or services, protections will not necessarily apply to the deposit aggregation service they offer. The entry explains what customers should ask the deposit aggregator and how customers can check on our website the status of any firm regulated by us and the regulated activities it is authorised to do.

We expect banks and building societies to continue to address the issues set out in our Dear CEO letter. This includes compliance with applicable rules on relevant financial promotions, including to ensure that any claims about FSCS protections are fair, clear, and not misleading.

This issue was first publicly raised in June 2019.

The RAO does not provide a complete definition of insurance. This means court decisions about whether particular contracts amount to insurance help determine where our remit applies. 

There has sometimes been uncertainty as to whether certain contracts should be classed as insurance. We have identified concerns in 2 areas, where we think relevant products should properly be regarded as insurance.

• Insurance requires a provider to undertake to pay money or provide a corresponding benefit to a recipient. In some contracts, the provider claims to have absolute discretion not to pay out. But this may involve circumstances where we consider the discretion to have no real content or to be an unfair term. In these cases, our view is that the contracts should properly be categorised as insurance.
• We have also seen firms claim that their warranties are mainly service contracts providing repair services, with a minor indemnity element that pays benefits if the product is lost or damaged. We believe many of these contracts artificially describe the repair services and, on more detailed analysis, are really contracts of insurance. 

The FCA is considering, alongside other priorities, whether it would help to consult on guidance setting out the FCA’s approach in this area.

Overseas insurers and what amounts to carrying on insurance business in the UK

Since the UK’s exit from the European Union and the end of the temporary permissions regime we have seen instances where persons based in the UK – for example an intermediary or a network of distributors – are providing services for or on behalf of a non-UK authorised overseas insurer.

Where these activities are integral or significant to the insurance business being conducted by the overseas insurer, there is a risk that the overseas insurer could be carrying out the regulated activities of 'effecting' or 'carrying out' insurance contracts in the UK, requiring it to be UK authorised.  

Ultimately, it is for a UK court to decide what may amount to doing insurance business in the UK, and each case would need to be assessed on its own particular facts. However, we are keeping under review the need for guidance to set out our approach in this area and we have raised the issue on an individual basis with specific firms.

Use of group policies

We have seen instances of general insurance policies being used by commercial entities to provide the benefit of the insurance cover for liabilities their clients may suffer. However, these unregulated firms are the sole policyholder who then sell to their clients an interest in the policy in order to share in proceeds of any claim.

We are concerned that these arrangements may lead to consumers losing access to regulatory protections and so not getting the best outcome. Also, the contractual position is often ambiguous, leading to uncertainty about whether consumers actually obtain rights under the insurance policy. If they do, this could mean that these unregulated firms are carrying on regulated activities without the necessary permission.

The FCA is considering, alongside other priorities, whether it would help to consult on guidance setting out the FCA’s approach in this area.

This issue was first publicly raised in July 2021.

Under the Money Laundering Regulations[49] (MLRs) we are responsible for supervising certain cryptoasset businesses solely for their compliance with the MLRs. 

In July 2022, the Government made some amendments to our powers and remit for cryptoasset firms. A change of control regime for cryptoasset businesses under the MLRs was also introduced.

The Treasury published a consultation on improving the effectiveness of the MLRs which ran from 11 March to 9 June. The consultation included questions on how best to align registration and change in control measures for custodial wallet providers and cryptoasset exchange providers between Financial Services and Markets Act 2000 and the MLRs. The FCA encourages proposed acquirers of FCA-registered cryptoasset firms to continue to engage with the change in control team early for pre-application meetings before making a formal submission.

The issue was first publicly raised in February 2021.

Over the last few years, we have seen the significant growth of unregulated Buy Now Pay Later products (which we refer to as ‘Deferred Payment Credit’ (DPC)), predominantly supporting digital retail sales, as these more flexible payment options become increasingly popular with consumers. 

The products often take the form of either deferred payment or short-term instalment loans, commonly providing credit for lower value goods.

DPC relies upon an exemption in the RAO that applies where, among other conditions, the credit is provided without interest or charges and is repayable within 12 months by no more than 12 payments. This is a longstanding exemption and was originally provided for in regulations under the Consumer Credit Act 1974.

In October 2024, the Treasury published a consultation with a draft Statutory Instrument which sets out its intention to remove the exemption in relation to third-party DPC providers, which will bring them within our regulatory perimeter. The consultation closed on 29 November 2024. 

Once the Government has made the legislation, we intend to consult on rules which will supplement the legislative requirements. 

We will set out requirements for the sector in our Handbook and ensure that it is subject to proportionate regulation and builds upon the Consumer Duty. We have been designing a framework to assess firms applying for authorisation and a supervisory strategy for when this activity is within our regulatory perimeter.

The Treasury’s consultation follows on from the February 2021 Woolard Review[50], which recommended that unregulated DPC products be brought into the regulatory perimeter to protect consumers. Treasury then published its consultation paper[51] in October 2021, setting out potential options on the scope and form of regulation for DPC, and a subsequent consultation[52] in February 2023 on the draft legislation.

In advance of DPC coming into our perimeter, we will act where we see harm using our existing powers and our non-FSMA consumer protection powers which can apply to unauthorised firms where we see poor practices.

We can use our powers under the Consumer Rights Act 2015 to intervene where we have concerns that terms in the consumer contracts of DPC providers may be unfair and/or not transparent.

In February 2022, we announced that we had secured changes to potentially unfair and unclear terms[53] in the contracts of Clearpay, Klarna, Laybuy and Openpay, and in October 2023 we secured changes to the contract terms[54] of QVC and Paypal. As a result of our work, the firms made terms on issues like contract cancellations and continuous payment authorities fairer and easier to understand.

As consumers across the country face the rising cost of living and experience financial difficulties, we have issued a letter to firms in the sector (both regulated lenders offering exempt DPC products and unauthorised firms offering exempt DPC products) setting out our expectations around providing their customers with appropriate care and support.

We strongly encouraged unauthorised firms to take positive action now and set out in our Dear CEO Letter to regulated lenders how we expect them to treat borrowers in financial difficulty. We reinforced our messages at a roundtable with unauthorised firms offering exempt DPC products in July 2022.

Some firms offering DPC products are regulated by us for other activities, and this enables us to intervene if we see poor conduct. We have acted on concerns over financial promotions which resulted in firms withdrawing certain marketing material. We discussed our concerns with the sector at a roundtable held in July 2022. In August 2022, we published a Dear CEO letter setting out concerns identified with DPC financial promotions.

The letter reminded firms involved in communicating or approving financial promotions for exempt credit agreements of their obligations when doing so. We are proactively monitoring the market to assess compliance.

Small and medium sized enterprises (SME) lending is a longstanding perimeter issue, as business lending is generally only a regulated activity where both the loan is up to £25,000, and the borrower is either a sole trader or a ‘relevant recipient of credit’ (RRC). 

Consumer credit regulation does not currently apply to lending to limited companies, limited liability partnerships and partnerships consisting of more than 3 persons. The level of regulatory protection that an SME will receive when lending is therefore defined by the legal entity type that the business owner(s) has chosen to use, combined with the loan amount. Lending or hire of a value over £25,000 for business purposes is also out of scope of the CCA. 

In December 2022 in its first stage consultation[55] on Reform of the Consumer Credit Act (CCA), the Treasury asked respondents to comment on whether the business lending scope of the CCA should be changed. We will be working alongside the Government through their reform process, which it expects will take a number of years. The Government said in its consultation on bringing BNPL into regulation that it remains committed to wider CCA reform, and that it will set out detailed reform proposals in a separate consultation in due course.

The question of whether limited company borrowers should benefit from the consumer protections provided by the rules and guidance in our Consumer Credit Sourcebook was raised in a recent super-complaint[56].

We are committed to the fair treatment of SMEs. In 2021/22 we carried out work to monitor how firms treat SME borrowers in financial difficulty or arrears, and if they are receiving appropriate forbearance where they are entitled to protection under our rules. Our supervisory work concluded that protections for SMEs in financial difficulty are broadly being delivered overall, although we communicated that there were important steps that some firms needed to take to ensure all customers are treated fairly and are receiving appropriate protection. 

This issue was first publicly raised in August 2017.

Some of the most serious harm we see continues to come from investment scams from businesses operating without FCA/PRA authorisation. From January to August 2024, we received 14,504 reports of potential unauthorised business and published 1,409 consumer alerts. This compares with 17,726 reports received and 1,249 consumer alerts published for the same period last year. This represents a 13% increase in consumer alerts about unauthorised firms and individuals.

The increased cost of living could encourage some consumers to seek higher risk investments to achieve returns which exceed inflation, and so risk falling victim to scams. Since 2020, scams have significantly contributed to the volume of queries our consumer helpline receives.

Our existing work focuses on protecting consumers through assertive supervision and consumer communications to help them avoid scams. Our ScamSmart[14] and InvestSmart[57] campaigns and publication of alerts seek to warn consumers about scams or the activity of unauthorised firms and help them make better investment decisions. 

We also take enforcement action against firms and individuals that are not authorised or exempt under FSMA[58], but who carry out regulated activities, in breach of the legislation and/or who disregard restrictions on financial promotions. In 2022/23 we secured £5m in redress for consumers of unauthorised investment business.

This issue was first publicly raised in April 2016.

A Collective Investment Scheme (CIS) – sometimes known as a ‘pooled investment’ – is a type of fund that usually has contributions from several people. Another type of pooled investment is an ‘alternative investment fund’ (AIF). There is a significant overlap between CISs and AIFs. The fund manager of a CIS/AIF will put investors’ money into one or more types of asset such as stocks, bonds, property or other types of asset, including cryptoassets.

A CIS/AIF may be an authorised UK scheme, or a ‘recognised’ scheme from other countries. If a CIS/AIF is not authorised or recognised, then it is considered an Unregulated Collective Investment Scheme (UCIS). While we do not directly supervise the UCIS themselves, we regulate the promotion of these schemes in the UK, how UK firms can advise on, or sell, them and, generally, the fund managers who operate them.

UCIS are high-risk investments and cannot be promoted to the general public in the UK. Despite this, we have seen evidence that such schemes are being unlawfully promoted to consumers through a wide range of investments, including investments in property developments, hotel-room schemes, and care homes.

Where this happens, the individuals and firms involved are breaking our rules and other laws. In some cases, these UCIS may involve fraud or be scams. Firms thinking of establishing these types of investment scheme, or offering them to consumers, need to consider whether they meet the definition of a CIS/AIF.

We have taken action, including successful prosecutions, against firms and individuals involved in promoting and selling UCIS to the public. We continue to take action and, where fraud or scams are involved, we work closely with other law enforcement agencies such as the Serious Fraud Office.

This issue was first publicly raised in October 2021.

The Overseas Funds Regime (OFR) is a new gateway to allow certain investment funds established outside the UK to be promoted in the UK, including to retail clients.

If a fund applies for and is given 'recognised scheme' status under the OFR, it can be promoted in the same way as an authorised collective investment scheme established in the UK.

The categories of funds that will be able to use the OFR are specified in legislation following an equivalence determination by the Government. Following the Government’s first such determination, the OFR is now available to most funds established in EEA and EU member states that have been authorised under the UCITS Directive. The exceptions are EEA UCITS that have been authorised as money-market funds.

The OFR will be available to new EEA UCITS that have not previously marketed to UK retail investors, as well as EEA UCITS that are currently operating under the Temporary Marketing Permissions Regime[59] (TMPR) – the transitional arrangements following UK withdrawal from the EU.

Our responsibilities and powers in relation to funds recognised under the OFR are different than in relation to UK authorised funds, and this may not always be apparent to UK consumers. We have finalised rules requiring overseas funds to disclose whether UK investors will have access to redress under the UK Financial Services Compensation Scheme (FSCS) and to the Financial Ombudsman.

This is a new issue.

The Government and the FCA are committed to the ongoing reform programme to reinvigorate our capital markets. Making sure retail investors can make informed investment decisions is an important part of ensuring healthy capital markets. As part of this, we are committed to replacing EU-inherited consumer cost disclosure regulation with a new framework tailored to UK markets and firms. 

In November 2023, we indicated we would exercise regulatory forbearance to enable additional disclosures. This gave investment trusts greater ability to explain their costs and charges to consumers. It followed concerns raised by industry representatives about the operation of current costs disclosure requirements and its effect on the close-ended listed investment fund sector.

The Government has announced it will lay legislation to exempt listed investment trusts from the current regulations for packaged retail investment products (PRIIPs) and make amendments to other EU-assimilated law as required. We have therefore indicated from 19 September 2024 that we would exercise additional regulatory forbearance, confirming we will not take supervisory or enforcement action if an investment trust chooses to not follow the PRIIPs requirements and associated technical standards, the requirements under Article 50(2)(b) and Article 51 of the MiFID Org Regulation. Our forbearance ended on 22 November 2024 when the Government’s statutory instrument to exclude closed-ended UK-listed investment funds from the PRIIPs Regulation and MiFID Org Regulation took effect, as those funds are no longer bound by the requirements of that legislation. These firms will remain within the wider regulatory perimeter and subject to the Consumer Duty and COBS 4 requirements to communicate in a manner that is fair, clear and not misleading.

The UK’s new framework for CCIs (Consumer Composite Investments) will support investors to better understand what they are paying for and the value they are receiving through the distribution chain. The FCA will launch a consultation on the proposed CCI framework before the end of 2024 with a view to publishing the final rules in the first half of 2025 (subject to Parliamentary approval), with a transition period in place to support firms’ compliance with the new regime. The new CCI framework will be proportionate and deliver more tailored and flexible rules which will address concerns across industry with current disclosure requirements, including for costs. This will allow for firms to utilise more bespoke arrangements where appropriate, while continuing to deliver against our primary consumer protection objective.

This issue was first publicly raised in June 2019.

We have limited powers over many issuers of high-risk investments, as issuing an investment product often does not involve carrying out a regulated activity. This means that we cannot generally impose requirements on the issuers themselves as they are often not authorised persons. 

However, marketing these investments is generally subject to the financial promotion regime, unless an exemption applies. Financial promotions are often consumers’ first contact with an investment offer and so the financial promotion regime is key in ensuring that only appropriate investments are mass-marketed to ordinary retail consumers. Our rules are based on the level of risk in what is being promoted and the characteristics of the audience. 

Where the risks are higher, or less clear, marketing restrictions are in place to protect consumers. This also means that it is vital that the legislative exemptions from these restrictions, which allow unauthorised persons to communicate promotions without the involvement of an authorised firm and the application of FCA rules, are suitable and appropriate for consumers.

Where we identify harm to consumers from particular products, we may take steps to restrict promotions. For example, in January 2021, we permanently banned the mass-marketing of Speculative Illiquid Securities, such as speculative mini-bonds, to retail investors[60]. 

In August 2022, we published a Policy Statement (PDF)[61] on strengthening our financial promotion rules for high-risk investments. 

These rules are designed to make sure that consumers understand the risks before investing in high-risk products, and that firms marketing and approving financial promotions operate to high standards. The rules were extended to promotions of qualifying cryptoassets when these were brought within the scope of the financial promotion regime in October 2023.

This issue was first publicly raised in September 2020.

Unauthorised persons still frequently rely on exemptions in the Financial Promotion Order (FPO) which allow certain high-risk investments to be marketed to, among others, ‘high net worth’ and ‘sophisticated’ investors (‘the exemptions’).

Promotions made under these exemptions do not have to comply with our financial promotion rules, including the requirement to be clear, fair and not misleading, and our mass-marketing bans. 

Strengthening our financial promotion rules has seen more unauthorised issuers using, or purporting to use, the exemptions to target ordinary consumers with high-risk investments and scams outside of our financial promotion perimeter. So it is therefore important that exemptions that take communications outside of our financial promotion requirements are designed appropriately.

The Treasury consulted on reforming the exemptions[62] for promoting to ‘high net worth’ and ‘sophisticated’ investors in December 2021, and responded to its consultation[63] in November 2023.

On 31 January 2024, changes to the exemptions came into force which included: increasing the financial thresholds in the eligibility criteria for consumers to self-certify as a ‘high net worth’ or ‘sophisticated’ investor; removing one of the criteria to ‘self-certify’ as a ‘sophisticated’ investor (to have made more than one investment in an unlisted company in the previous 2 years); and updating the statements that consumers need to sign to increase investor engagement.

However, in March 2024, the Treasury announced the reversal of some of the reforms in response to new concerns raised by industry about the impact of the changes on access to investment opportunities. This included reinstating the removed criterion to self-certify as a ‘sophisticated’ investor and reverting the financial thresholds in the eligibility criteria to the pre-31 January levels.

We considered that the reforms that took effect in January were needed to reflect significant changes in the investment environment, including inflation, since the exemptions were introduced in 2001/2005. The FCA published a statement[64] in response to these changes in March 2024.

Following reversal of these reforms, one way for consumers to self-certify as a ‘sophisticated’ investor is once again to confirm that they have made more than one investment in an unlisted company in the previous 2 years.

In the past, this would have required the consumer to have some private business experience. However, with the introduction of investment-based crowdfunding, ordinary consumers can now easily meet this criterion. For example, our Financial Lives Survey (FLS), conducted in 2022, shows that at least 1.6 million consumers hold investments in unlisted companies. We supported removing this criterion due to our concern that it is no longer a reasonable reflection of expertise.

It is also now again the case that, to self-certify as a ‘high net worth’ investor, a consumer will need an annual income of £100k or more, or £250k or more in net assets excluding their primary residence and pension assets. While there are not direct comparisons to the UK exemptions, other jurisdictions have attempted to define ‘high net worth’ investor exemptions.

The UK threshold has returned to being significantly lower than the thresholds which other comparable jurisdictions use. We supported the increase in financial thresholds to ensure investors exposed to promotions for investments which are generally higher risk are better able to withstand losses.

In their 2021/22 consultation[66], the Treasury also proposed introducing a requirement for firms to check that consumers meet the relevant criteria to self-certify as ‘high net worth’ or ‘sophisticated’. However, this was not taken forward in its final reforms due to concerns about the impact on the ability of small and medium-sized enterprises to raise finance.

While we recognise these concerns raised by respondents to Treasury’s consultation, we have seen evidence of unauthorised persons abusing these exemptions by coaching ordinary consumers to self-certify. For this reason, we remain concerned that investors who do not meet these tests are being ‘pushed’ through them, often by unregulated persons. 

Our behavioural testing[65] found that even our most effective changes to the declaration forms used in our own rules still resulted in more than twice the proportion of consumers self-certifying as 'high net worth' or 'sophisticated' compared with those who claimed they met the relevant criteria.

Our 2022 FLS also found that only 1 in 5 adults holding high-risk investment products that fall under our marketing rules could recall being asked if they were a 'high net worth' or 'sophisticated' investor the last time they invested. This suggests that many consumers pass through the self-certification process without being aware of its significance.

While we welcomed the Treasury’s consultation[69] on reforming these exemptions, our position remains that self-certification should be removed entirely, and the threshold to be considered ‘high net worth’ should be raised significantly. Firms should have greater responsibility to verify that individuals meet the criteria to be 'high net worth' or 'sophisticated'.

Leaving this aspect of the legislation unchanged undermines other measures to strengthen the financial promotions regime, and will continue to lead to significant consumer harm that we are unable to reduce. We are not aware of any other jurisdiction that allows firms to use exemptions purely based on investors’ self-certification.

The previous government had committed to further work to review the scope of the exemptions and we will continue to raise any evidence of ongoing consumer harm with the Treasury and work with them on possible ways to strengthen the regime as a whole.

This issue was first publicly raised in June 2019.

Authorised persons approving financial promotions for unauthorised persons (as a ‘s21 approver’), are responsible for ensuring the promotion complies with FCA financial promotion rules.

This means that s21 approvers play a pivotal role in ensuring that financial promotions communicated by unauthorised persons accurately represent the product or service being promoted. This is particularly relevant to matters that are pertinent to helping consumers make informed decisions.

We have seen previous instances of firms approving financial promotions without properly understanding the product or service and so being unable to properly ensure that the promotion meets our standards.

The Financial Services and Markets Act 2023 included provisions to amend section 21 of FSMA, to create a regime that requires authorised persons to seek permission from the FCA to approve financial promotions for unauthorised persons (the ‘s21 Gateway’).

All firms that want to approve financial promotions now need to apply to us for permission to do so (subject to certain exemptions).

Applicants are assessed at the gateway to determine whether they have the necessary systems/controls, competence and expertise to act as a s21 approver. Firms that approve financial promotions in scope of the gateway must also submit regular reports to us about their approval activity.

The s21 Gateway does not apply to firms when issuing their own promotions, approving those of group members, or those of their appointed representatives (where the financial promotions relate to the regulated activities they are permitted to undertake).

We will keep s21 approval activity under close review, including by using the reports that approving firms submit to us. This will include assessing whether firms are seeking to inappropriately exploit the exemptions to avoid applying to the s21 Gateway.

This is a new issue.

There are various exclusions that are provided for in legislation for regulated activities which would otherwise fall within the FCA’s scope. One such exclusion relates to trustees who are acting in the course of discharging their general obligations as trustee. We have identified a number of instances where consumers have lost money when their trusts have been invested in opaque, high-risk investments which have subsequently failed through a trust structure. 

We would welcome wider consideration about the circumstances when exclusions, including for unregulated trustees, could be disapplied to enable the FCA to have greater oversight.

This issue was first publicly raised in October 2021.

There are problems with the marketing of contracts for difference (CFDs) and other high-risk derivative products to retail clients. Our concerns include firms encouraging clients to trade with entities in third country jurisdictions rather than their UK business. We are also concerned about the use of introducers and affiliates who may be carrying out unregulated activities.

We know that some providers of retail derivatives (CFDs) are encouraging retail clients to trade with firms in third country jurisdictions, by using comparison tables to highlight that retail consumers can get higher leverage through third country group entities. This effectively circumvents the permanent restrictions on maximum leverage we brought in from 2019 to reduce retail consumer losses from these high-risk products. Some firms also don’t highlight other protections that retail consumers may lose by transferring their account overseas, such as the loss of negative balance protections.

We will continue to focus on firms’ financial promotions and marketing activities in our supervision work.

This issue was first publicly raised in June 2019.

Over recent years, rises in fraud cases in the UK have been increasingly influenced by scammers’ use of online platforms, including fraudulent advertising on search engines and social media. Recent industry data[65] highlights that the abuse of these services remains a major issue.

Evolution in technology adds further urgency to the issue, with generative AI developments providing additional tools to criminals, such as using deepfakes for scams.

The FCA Warning List[66], which provides consumers and the public with a list of unauthorised firms and individuals that aren’t allowed to carry out regulated activities in the UK, provides links to website addresses, social media accounts and contact details used by such firms. We encourage consumers to check our Financial Services Register and Warning List to see if a firm or individual is authorised or registered with the FCA, or if there is a warning alert associated with them.

We are making greater use of technology in this area to prevent online fraud. For example, we are scanning approximately 100,000 websites every day to identify newly registered domains that show characteristics of a scam. We are also working with a third party that specialises in identifying and removing illegal content from the web.

We continue to work with the largest platforms to assess the application of the financial promotion regime to their business models and to make sure they do not host illegal content. Following our engagement, Google, Meta, Microsoft (Bing), X, and TikTok have all changed their policies to only permit paid-for ads of financial services that have been made or approved by authorised firms.

This has been a significant step in making sure searches for paid-for advertising exclude clear scam ads. However, we continue to be concerned about the prevalence of scams and other illegal financial promotions elsewhere – particularly in organic content targeted at consumers. We continue to engage with most large online platforms to ensure these policies are implemented consistently and robustly.

We have been clear that the protection of consumers from illegal online scams should be strengthened through the legal obligations in the Online Safety Act 2023. Following the introduction of the legislation, we have supported Ofcom, as the online safety regulator, sharing our expertise and feedback to make sure that the regulatory regime achieves its aims.

While there has been some progress, there is still substantial further work to be done by all social media platforms. The responsiveness to our requests for unlawful content to be removed continues to be variable and some platforms, such as X, have refused to remove unlawful content except in exceptional circumstances. We want to see stronger action being taken to proactively identify and stop illegal promotions being pushed on consumers. We want terms of service to be enforced strongly and consistently, so that scams are stopped before consumers are exposed to them.

This issue was first publicly raised in October 2021.

Firms are increasingly making use of social media to communicate financial promotions and generate business.

We are particularly concerned by the way in which some firms encourage consumers to trade complex and high-risk products through social media and messaging platforms such as Instagram and Telegram. The risk to consumers can be exacerbated by firms partnering with unregulated introducers and affiliates (such as ‘educators’ and ‘influencers’) to reach new investors.

We are concerned by the increase in cases of social media influencers promoting financial products and services without knowledge of the rules governing such promotions, including an awareness that they could be communicating an illegal financial promotion. We have worked with other regulators, including partnering with the Advertising Standards Authority (ASA), to educate ‘finfluencers’ (influencers that publicise content on financial matters) about the risks involved and their legal obligations when seeking to promote financial products or services.

Many of these influencers make promises of positive returns on investments and push the potential to achieve a celebrity-like lifestyle by trading high-risk investments such as CFDs, reinforcing this with images of holidays and expensive cars to promote the potential returns from trading these investments.

Recent evidence suggests that influencer marketing is leading to firms taking on younger consumers who may be less able to afford to lose funds invested. Our consumer research has shown that younger, less experienced consumers are far more likely to turn to social media to research investments. This exacerbates the risk of harm from these promotions.

We have also seen an increase in unregulated 'educators' marketing trading courses and promoting the potential to generate a secondary, or even primary, source of income from trading activity. Top videos on YouTube for trading courses have been viewed more than 3 million times. Analysis of social media platforms X and Reddit reveals that posts about educational courses by financial educators, and from financial influencers known as ‘finfluencers’ are on the rise.

These courses can promote high-risk trading strategies such as day trading and swing trading, and can come with high fees for the consumer. Consumers signing up for these courses are often introduced to a firm (such as a CFD firm) offering trading in the relevant investment type as part of the process. In both cases, this often leads to remuneration for the client introduction.

Consumers encountering these promotions on social media may not benefit from the risk warnings and other protections that we have prescribed to alert consumers to the high-risk nature of certain investments (such as the standardised risk warnings required of CFD providers which show that most clients will lose money).

We have intervened, and will continue to do so, where we identify unauthorised persons unlawfully communicating financial promotions online and where we find firms failing to ensure that prospective investors are adequately warned of the risks of investing, particularly in high-risk investments.

We brought charges against 9 influencers[67] in relation to an unauthorised foreign exchange trading scheme promoted on social media in May 2024. We published updated guidance for financial promotions on social media in March 2024, to better reflect the way firms are using social media to advertise today and outline where influencers may be breaching the financial promotion restriction.

This issue was first publicly raised in October 2021.

The FCA is a member of the Digital Regulation Cooperation Forum[68] (DRCF) to support regulatory coordination in digital markets, and cooperation on areas of mutual importance.

The DRCF published its 2024/25 workplan[69] and 2023/24 annual report[70]. This sets out an ambitious programme of work for the DRCF, including projects that will tackle some of our biggest digital challenges.

These include: 

• launching a pilot AI and Digital Hub funded by government. The Hub will respond to queries from innovators relating to the remit of multiple regulators
• supporting the effective regulation of AI through undertaking joint research, workshops and events
• joint work between Ofcom and FCA related to illegal online financial promotions to support coherence between Ofcom’s codes of practice following Online Safety Act Royal Asset, and Financial Promotions Legislation Horizon Scanning Emerging Technologies including Digital ID and DeepFakes

We are continuing to work closely with DRCF members to deliver this ambitious and important programme of work.

The Digital Markets, Competition and Consumers Act received Royal Assent on 24 May 2024. It seeks to promote competition and tackle anti-competitive practices in digital markets by means of a new regulatory regime on certain firms designated with Strategic Market Status. This new regime will come into force on 1 January 2025.

The Act sets out that the CMA will consult the FCA when the CMA proposes to exercise certain functions under the new regime. The CMA will also consult where it considers that the matter falls in the FCA’s concurrent remit or where the CMA considers that compliance does not impose a burden on it that outweighs the benefits of compliance. The FCA can also make a recommendation to the CMA for it to exercise certain aspects of its functions.

This issue was first publicly raised in August 2017.

The UK payments industry continues to evolve rapidly. Today, we regulate more than 1,200 payment services firms that hold over £27bn safeguarded funds. Further market developments such as open banking, stablecoins, and central bank digital currencies will bring further changes to the UK’s payments landscape.

In October 2021, the Government published its response to its Payments Landscape Review: Call for Evidence. This set out its aspiration for a payments sector at the forefront of technology, ensuring consumer protection and choice, operational resilience, competition and harnessing innovation. Since then, legislation was introduced through the Financial Services and Markets Act 2023.

The Government continues to deliver on this vision, focusing on the priority areas it has identified:

• Strengthening consumer protections within Faster Payments.
• Unlocking the future potential of open banking.
• Enhancing cross-border payments.
• Future-proofing the UK’s payments regulatory and legislative framework with the opportunities created by the Smarter Regulatory Framework (SRF) Review for financial services regulation.

In January 2023, the Government published its Review of the Payment Services Regulations[71] and ancillary Call for Evidence as part of its assessment of the adequacy of the payments legislative framework. In September 2024 the FCA published a consultation paper on a new safeguarding regime for non-bank payment service providers to improve firms’ protection of funds received in connection with making a payment or in exchange for e-money issued.

Recognising the changing risks in the industry as operating models evolve, we are working closely with the Treasury and other relevant regulators to lay sustainable foundations for the next phase of growth and evolution of the UK payments market.

We will continue to seek to manage the risk of harm to consumers through our market intervention and policy work and in line with our strategy[42]. These include managing risks of harm caused by firm failure, by improving firms' resilience and consumer protection, while continuing to promote competition and innovation that is beneficial to consumers. We will also continue to tackle fraud and other financial crime by taking a data-led approach to identify potential harm for supervisory and/or enforcement action.

In July 2023, the Future of Payments Review, chaired by Joe Garner, was launched to report on how payments are likely to be made in the future, and the steps needed to deliver world-leading retail payments in the UK. The Future of Payments Review Report[72] was published in November 2023, recommending that the Government produces a National Payments Vision (NPV). The Treasury published the NPV in November 2024 setting out the Government’s ambition for a trusted, world-leading payments ecosystem delivered on next generation technology, where consumers and businesses have greater choice of payment solutions to meet their needs.

The NPV has 3 pillars to guide future activity: innovation, competition and security. It highlights the importance of payments to the UK economy, and competition and innovation in the sectors as a source of growth. We will work collaboratively with the Government and other authorities to deliver the outcomes identified in the NPV.

This issue was first publicly raised in September 2017.

Open banking is a secure way to empower consumers and businesses to use their data and move, manage and make more of their money.

It powers new beneficial products and services and enhances existing ones all built on secure systems from more than 200 FCA-authorised (or registered) providers. Open banking is currently limited to third party providers accessing a customer’s current account information and/or making payments on their behalf. It is estimated that extending data sharing beyond payment account data and providing third party access to a wider range of financial products and sectors (such as savings, investments, mortgage data) could boost UK GDP by £30bn as identified by CFIT in their February 2024 report.

Open finance is also about putting customers in control of their financial data, helping to widen access, support decision-making and facilitate comparison and switching between providers. In doing so, it aims to increase consumer choice and competition among financial service providers.

As set out in our 2022 to 2025 Strategy[79], we continue to support innovation and competition as a force for better consumer and market outcomes.

In March 2022, the Treasury, the CMA, the PSR and the FCA published a joint statement[72] on the future of open banking. This explained how all these authorities are working together to define a common vision for open banking. The joint statement also announced a new joint regulatory oversight committee (JROC) led jointly by the FCA and the PSR to deliver this.

In April 2023, the JROC published its recommendations for the next phase of open banking in the UK[73], which outlined JROC’s vision for open banking to successfully move to a new phase – one offering more products and services – for which the ecosystem needs to scale and become more economically sustainable, while remaining reliable, resilient and efficient. JROC’s April 2023 publication outlined a programme of work with 29 activities for the following 2 years to further develop open banking in line with the Committee’s vision.

JROC, with support and leadership from across the open banking ecosystem, has made progress across all of the themes identified in its April 2023 publication, covering application programme interface (API) availability and performance, financial crime, consumer protection, information flows to third party providers (TPPs) and end users, and promoting additional open banking services. JROC released a call for input on the design of a future entity[74] to take on, and expand, the role currently played by Open Banking Limited (OBL).

Following the publication of the National Payments Vision in November 2024, the FCA has been designated the lead regulator for open banking and open finance. JROC will be wound down, with the final JROC meeting taking place in December 2024. The FCA remain committed to working closely with our regulatory colleagues. This is especially important for Variable Recurring Payments where the PSR will deliver phase 1 of the project whilst the FCA prepare a commercial model for eCommerce ready for when the project transitions to phase 2, led by the FCA.

The 2024 King’s speech set out the Government’s intention to introduce a Bill which would enable government departments to establish data-sharing schemes within their sectors. The Bill, called the Data (Use and Access) Bill, will provide powers to establish a long-term regulatory framework for open banking. In parallel, we continue to support firms through our Sandbox and direct support functions. We have authorised or registered more than 200 open banking firms and supported over 50 payment firms using open banking technology in our Sandbox[75] and Innovation Pathways[76] service.

Our Sandbox provides firms with access to regulatory expertise. It gives firms the ability to test products and services in a controlled environment. Our Innovation Pathways service includes guiding firms through regulation via one-to-one discussions with a dedicated case manager assigned to provide insight, clarity and feedback on their business model.

We are working to understand the opportunities to develop open banking propositions beyond existing use cases. Developing these new initiatives requires a range of considerations, including the lessons we can learn from previous work on open banking, assessing the required regulatory framework, considering ongoing initiatives in other countries and working closely with industry as initiatives accelerate.

This issue was first publicly raised in March 2020.

While the increasing range of digital services and payments options can make life easier for some consumers, for many the ability to withdraw and deposit cash is still vital. Cash remains particularly important for consumers with vulnerable characteristics and many SMEs.

In recent years, we have been collecting regular data to map and monitor the coverage of cash access throughout the UK. Our update for Q2 2023[77] shows that, in terms of national coverage, 95% of the UK population are within 1 mile of a free-to-use cash withdrawal point such as a cash machine or Post Office branch, with 99.7% of the UK population within 3 miles of one. However, the provision of cash access services including branch and ATM networks is changing. For example, our data suggests that in the 2 years to June 2023, 1,358 bank and building society branches closed. So, it is important that we manage the pace and impact of change, and make sure that consumers are given appropriate support.

Through changes made to FSMA 2000 by the Financial Services and Markets Act 2023, Parliament gave us the new purpose of ‘seeking to ensure reasonable provision’ of cash deposit and withdrawal services for personal and business current accounts across the UK. This includes access to both notes and coins, and access that is free of charge for consumers with personal current accounts.

We introduced new rules[78] to maintain reasonable access to cash in July 2024, which came into force on 18 September 2024. Our rules require banks and building societies designated by the Government to assess and fill local gaps in cash access services where there is a significant impact on consumers or businesses.

The definition of reasonable provision of cash access services may differ by location. Our rules aim to make sure that provision of cash access services reasonably meets local need. Designated entities should establish a fair and transparent process for identifying and addressing gaps in local cash access provision, taking a wide range of factors into account.

The current retail cash services market consists of different service providers with different regulatory arrangements. This includes FSMA-authorised firms and payment service providers regulated by the FCA and payment systems, including the LINK ATM network, overseen by the PSR. The Bank of England was given new powers to supervise wholesale cash distribution under the Financial Services and Markets Act 2023, and also sets targets for the denominational mix of notes in ATMs, which we encourage regulated firms to stick to.

Access to cash is a shared priority between us, the Government, the Bank of England and the PSR. We have worked together through the Joint Authorities Cash Strategy (JACS) Group. We help make sure regulatory activity supports cash infrastructure to remain resilient, cost effective, sustainable, and able to meet the needs of users.

The FCA does not have the power to require firms to provide particular banking services or products to consumers or businesses. As agreed by Parliament through FSMA, our new access to cash powers do not extend to the provision of wider banking services and are not directed towards the maintenance of branch networks or stopping bank branch closures generally. However, our access to cash rules may still impact when firms close branches because of the cash access they provide, and will ensure their closures do not leave gaps in cash access with significant impacts.

Where firms do close branches, however, we expect them to treat their customers fairly and consider how they can continue to meet their needs. Our Branch and ATM Closures and Conversions Guidance (PDF)[79] sets out our expectations of firms when they are considering:

• a full planned closure of a branch, all ATMs operated by them at a particular location, or a mobile bank facility
• a reduction in branch opening hours or days, or reduction in branch services, where this would have a significant impact on customers (including a reduction in opening hours of internal extended hours ATMs)
• conversion of a free-to-use ATM to pay-to-use

While the decision to close, or partially close, a branch and/or ATM, or convert a free-to-use ATM to pay-to-use, is a commercial decision for firms, it is important they assess the likely impact of a closure on access to the full range of banking services. Under our Guidance, they are expected to consider alternatives that are or could reasonably be put in place to continue to meet customers’ needs. We scrutinise firms’ closure plans as part of our usual supervisory work and will challenge firms, as appropriate, around the analysis that they have undertaken. 

Firms should avoid causing harm by making sure that any proposed alternative service is in place and accessible to customers before a branch closure.

The Consumer Duty also sets a higher standard of protection for banking customers, including where they are impacted by branch closures and ATM conversions. Under the Duty, firms should anticipate the foreseeable harm to their customers of any decision to close a branch or close or convert an ATM, and take steps to mitigate the impact of any potential harm. 

Firms should engage with us if they are considering withdrawing or restricting access to products or services in a way that will have a significant impact on characteristics of vulnerability or on overall market supply.

This issue was first publicly raised in June 2019.

Most cryptoassets and cryptoasset-related activities currently sit outside the FCA’s regulatory perimeter. In October 2023, the Treasury published its response to its consultation[80] on the future financial services regulatory regime of cryptoassets.

This detailed its intention to bring forward legislation which will see new activities for cryptoasset and stablecoin services such as issuance, custody and exchange brought into the FCA’s perimeter via a FSMA authorisation regime. The Economic Secretary to the Treasury, appointed since the general election in July, has confirmed proposals in the Treasury consultation response still stand, and that the Government intends to implement them in full. 

This follows the Financial Promotions Order being amended to capture qualifying cryptoassets and the FCA’s associated rules for cryptoasset promotions which went live in October 2023. The definition of ‘qualifying cryptoasset’ that is in scope of this regime is set out in paragraph 26F of Schedule 1 to the Financial Promotion Order (FPO). Very broadly, a ‘qualifying cryptoasset’ is any cryptographically secured digital representation of value or contractual rights that is transferable and fungible. The Government decided not to bring Non-Fungible Tokens (NFTs), within scope of the financial promotions regime. These tokens have historically been used primarily as digital collectibles such as to record ownership of digital-only artwork, music, or games.

However, we have seen a number of cases where NFTs have been used as a speculative investment. In these cases, NFTs can give rise to similar risks to other cryptoassets, including risks related to misleading promotions, volatility and fraud. Firms may also attempt to increasingly use NFTs to avoid the financial promotions regime.

In its consultation on a future financial services regulatory regime for cryptoassets, the Treasury noted its intention to regulate activities rather than the asset itself. Under this approach, if an NFT were used in a way that resembles a financial services activity, it would potentially be in scope of Treasury’s future regulatory regime.

Careful alignment between the financial promotions regime and any future regulated activities for cryptoassets will be important to avoid unintended consequences and minimise scope for arbitrage. We continue to work closely with the Treasury as this work is progressed.

In the meantime, as future legislation is considered and as the use of cryptoassets and its underlying technology develops, we will continue to monitor the market and consider whether activities fall within our perimeter.

For example, depending on the specific characteristics of the cryptoasset, and the nature of the arrangements and activities carried on in relation to them, a cryptoasset may be:

• a derivative
• a unit in a collective investment scheme
• a debt security 
• e-money
• another type of specified investment that falls within our existing perimeter

The activities carried on in relation to them could constitute regulated activities, such as dealing or arranging deals in investments, or establishing, operating or winding up a collective investment scheme.

We will continue to act where we see harm and where we have the powers to do so. For example, we imposed a requirement under our own–initiative powers (OiREQ) on Binance Markets Limited[81]. This was supported with warnings to consumers that the firm is not permitted to undertake any regulated activities in the UK as a result of the imposition of requirements by the FCA. We have varied the permission or imposed a requirement (VREQ) on a number of other firms.

However, our current powers over many types of cryptoasset-based activities are limited.

To combat money laundering and terrorist financing, in 2020 certain cryptoasset firms became subject to the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 (MLRs)[82] and are required to be registered by the FCA. 

We expect firms to have robust AML control frameworks in place to manage the money laundering and terrorist financing risks from cryptoassets. A relatively large number of applications to us have been of poor quality and many of our assessments have identified significant problems.

Since January 2020, we have received 365 applications for registration under the MLRs, of which 345 have been determined and 20 remain under assessment. Of the 345 applications determined, 48 firms were registered, 241 applications were withdrawn, 43 were rejected and 13 were refused (Figures correct as of 1 November 2024).

As legislated for by the Treasury, since 1 September 2023 cryptoasset firms who are executing transfers of funds will be required to collect and submit information when executing any cryptoassets transfer in order to comply with the Financial Action Taskforce ‘travel rule’.

This makes it harder for criminals, terrorists and bad actors to use cryptoassets within the UK market.

Cryptoassets markets are cross border and therefore require international co-ordination to help mitigate the risks of harm posed. In developing the final rules, we continue to work closely with our international partners including standard-setting bodies such as International Organization of Securities Commissions’ (IOSCO) on development of common standards for digital assets and co-ordination between jurisdictions.

This issue was first publicly raised in June 2021.

We recognise the importance of supporting integrity in the environmental, social and governance (ESG) ecosystem, by encouraging improvements in ESG data, ratings, assurance and verification services.

ESG data and ratings, which are currently unregulated, are increasingly embedded into financial services firms’ investment processes. But they can vary widely in what they measure and how they are defined. In particular, ESG ratings can significantly influence capital allocation when used in the design of indices and benchmarks.

In June 2022, we published a Feedback Statement (PDF)[83] bringing together the feedback received to our Consultation Paper's (PDF)[84] discussion chapter – which covered the role and regulatory oversight of ESG data and ratings providers. We noted that ESG data and ratings products should be transparent, well governed, independent, objective and based on reliable and systematic methodologies and processes to:

• ensure users can interpret what these products aim to measure and how
• give the market confidence in the reliability and quality of these products

Given some of these conditions may not be fully met in practice, and the benefit to wider market functioning of an effective, trusted and transparent market for ESG data and ratings, we concluded that we see a clear rationale for regulatory oversight of certain ESG data and ratings providers.

We also emphasised that we favour a globally consistent regulatory approach, informed by the IOSCO recommendations[85] on ESG data and ratings. We actively contributed to these recommendations.

The Treasury published a consultation[86] in March 2023 proposing to bring ESG ratings providers within our regulatory perimeter. In November 2024, the Government published their consultation response and draft legislation confirming this approach. We welcome this decision[87], and we will continue to work closely with the Government on their next steps as they welcome technical comments on their draft legislation. We will work to develop a proportionate and effective regulatory regime, with a focus on transparency, good governance, managing conflicts of interest and proper systems and controls.

Once the legislation is finalised by the Government, we intend to consult on proposals for the future regulatory regime in 2025.

We recognise that setting up a new regulatory regime will take time. In November 2022, we convened a Secretariat, consisting of the International Capital Market Association (ICMA) and the International Regulatory Strategy Group (IRSG), to appoint and lead an independent group mandated to develop an industry-led, voluntary Code of Conduct for ESG data and ratings providers.

Following a consultation process, the final Code[88] was published in December 2023. We anticipate the Code will help promote more rapid development of best practice, a globally consistent approach, and could continue to apply for providers that fall outside the scope of potential future regulation.

In parallel, other jurisdictions are considering closer regulatory oversight of ESG data and ratings providers. The European Union finalised its proposals for their ESG Ratings regime in February 2024 and India introduced its regulatory framework with effect from July 2023. Noting the global reach of these providers and the importance of globally consistent regulation in this market, we will continue our engagement with other international financial authorities, both bilaterally and via IOSCO, to work towards regulatory alignment and avoid fragmentation.

This issue was first publicly raised in October 2021.

The Senior Managers and Certification Regime[18] (SM&CR) is a key part of embedding individual accountability within firms and minimum standards of behaviour of most financial services employees.

Recognised Investment Exchanges (RIEs), and Credit Ratings Agencies (CRAs) are not currently subject to the SM&CR. The Financial Services and Markets Act 2023 enables the SM&CR to be extended to RIEs and CRAs. We believe extending the regime to them would deliver greater accountability and improve oversight of functions that promote market integrity. It would also ensure consistency of our supervisory expectations of individuals discharging key responsibilities. This is an important issue also highlighted by recent experience of market volatility events. We will continue to work with the Treasury on this issue.

Payments, e-money and crypto firms are also not currently subject to the SM&CR. We consider that extending the regime would strengthen individual accountability and governance in firms and strengthen our ability to supervise them by giving us a wider range of tools to drive higher standards and reduce risks of consumer harm.

The Financial Services and Markets Act 2023 does not enable the SM&CR to be extended to payments and e-money firms, but we continue exploring possible options with Treasury and see value in extending the SM&CR to these firms.

The SM&CR is currently being reviewed by the FCA and PRA as well as the Treasury. At the end of March 2023, we published the Senior Managers and Certification Review Discussion Paper[89], jointly with the PRA. The Discussion Paper consultation closed in June 2023, and we plan to launch a consultation on potential changes in due course.

The Treasury, in parallel, launched a Call for Evidence[90] to look at the legislative aspects of the regime. These reviews aim to identify ways to improve the regime to help it work better for firms and regulators, while preserving its underlying aims. It also invites views on its scope.

This issue was first publicly raised in October 2021.

The Overseas Persons Exclusion (OPE) is available to an overseas person who carries out certain regulated activities in the UK without requiring authorisation, so long as the person does not do so from a permanent place of business maintained in the UK. This exclusion also has some additional conditions.

In April 2022, we set out our view that the OPE is not intended as a means to run a UK-focussed business as this creates risks particularly to the FCA’s market integrity objective, given we do not have any supervisory oversight of these activities.

In our view, greater information requirements and powers along with greater visibility and oversight of firms using the OPE would be beneficial and the overseas perimeter would benefit from greater clarity about when a regulated activity is being carried on in the UK.

This issue was first publicly raised in July 2021.

Our regime for commodity derivatives includes a regulatory regime for firms which are referred to as oil market participants (OMPs) and energy market participants (EMPs). The OMP and EMP authorisation statuses are specific applications of the FSMA requirements, for firms that undertake a limited range of activities.

Our predecessor, the Financial Services Authority (FSA), inherited the regulation of these firms from the Securities and Futures Authority (SFA). In 2011, the Regulation on Wholesale Energy Market Integrity and Transparency (REMIT) introduced a market abuse regime and transaction reporting for physical gas and power markets for activities that are outside MiFID’s scope. The principal regulatory authority for REMIT in the UK is Ofgem[91]. The UK MiFID-based regime and MAR also take account of the scope of the UK version of REMIT.

In 2021, the Treasury consulted on a proposal to take OMP and EMP firms that are not MiFID investment firms outside of the regulatory perimeter through its Wholesale Markets Review[92]. However, some responses were concerned that the changes could have unintended effects in how firms are authorised and the requirements with which they have to comply.

The Treasury and FCA will keep this part of the regime under review but, as before, are not planning to make any amendments at this time. 

The FCA continues to support other work undertaken by the Treasury as part of the Wholesale Markets Review to reform and simplify the ancillary activities test as part of the domestic perimeter for all firms, including OMPs and EMPs, using commodity derivatives on an ancillary basis to their main commercial business. In line with feedback received in response to changes proposed on the ancillary activities test in CP23/27 (PDF)[93], the Government delayed commencement[94] of the new regime but not the abolition of the annual notification requirement. 

The Treasury has committed to work with the FCA and engage further with the market to deliver a regime that reflects the conclusions of the Wholesale Market Review while also taking into consideration the concerns raised by industry. The aim is to implement a new regime by 1 January 2027. The FCA also issued a clarifying statement[95] in May 2024 to confirm that the test will operate as it currently does until a new regime is implemented and that the annual notification on the use of the exemption will no longer apply to firms.

This issue was first publicly raised in December 2018.

Investment consultants provide unregulated services that can significantly influence the investment strategies of asset owners and asset managers. For example, investment consultants advise pension fund trustees on issues such as strategic asset allocation and asset manager selection.

In our Asset Management Market Study[96], we identified serious concerns about competition in investment consultancy and fiduciary management. This is something we highlighted again in the context of the Liability-Driven Investment work in 2022.

We referred these sectors to the CMA for a detailed investigation. The CMA recommended that investment consultancy services should be brought within our supervisory remit.

Under the previous Government, the Treasury had planned to consult to bring these services into our perimeter. However, the Treasury put this work on hold due to other priorities. While we note the decision on when to restart this work is a decision for the Treasury, we continue to support these services being brought into our perimeter.

This issue was first publicly raised in September 2020.

We consider that financial spread betting sits within our perimeter and it is our view that an alternative framework for sports spread betting would, ideally, be more tailored to the risks of sports gambling and provide appropriate consumer protections from those risks.

Financial bets are often placed for investment purposes and, as such, are capable of being within the scope of MiFID regulation in respect of securities and financial markets. By contrast, sports spread bets include bets on the outcome of sporting and political events. They are not capable of being MiFID instruments. 

Our regulatory framework is designed to protect consumers from the risks from investment activity. This framework does not account for the risks to consumers from gambling activity in relation to events which have no connection to the financial markets.

Consumers who take positions in sports or non-financial betting products should not assume they are eligible for financial compensation schemes or other financial regulatory protections. We continue to see novel products enter the market, including products with cryptoasset elements. 

Clarification from the Treasury of where the perimeter should lie and who should be responsible for regulating such products would be beneficial. This would ensure a suitable regulatory regime with appropriate consumer protections for the different types of activity.