What a summer of sport and heatwaves it’s been so far – we hope you’re enjoying the World Cup and Wimbledon and are managing to find suitable air-conditioned spaces for these!
This SMCR+ View is here to remind you of the Phase 1 SMCR changes coming into force on 10 July, following the initial set of SMCR changes that came into force on 24 April 2026 (covered in our last edition of SMCR+ View). Primarily, the changes coming into force on 10 July relate to (i) changes to the Enhanced firm thresholds, (ii) changes to the rules/guidance around prescribed responsibilities – e.g., FCA SMF 18s can hold PRs other than PR(z) for CASS – and (iii) overlapping certification roles will not require separate certification and individuals will be removed from the FS Register/Directory for overlapping roles (although it's worth noting that the FCA has confirmed that it will remove duplicative roles on 30 July from the Directory, and that between 10-30 July duplicate roles will remain visible on the Directory - firms don’t need to take any action and should notify the FCA of changes in the usual way). We’ve created a checklist to support firms with the Phase 1 SMCR changes and the incoming NFM changes, which we’d be delighted to discuss further with you.
We’ve also focussed on the King's Speech on 13 May 2026 which trailed the Financial Services and Markets Bill 2026/2027 (the “Bill”), which was introduced in the House of Lords on 19 May 2026 along with its explanatory notes and is now moving through the legislative process. The Bill will ultimately pave the way for the highly anticipated, and hopefully meaningful, adjustments to the SMCR. The headline changes are as expected:
- Removing the Certification Regime from the Financial Services and Markets Act 2000 (“FSMA”);
- Repealing prescriptive legislative requirements around Statements of Responsibilities (“SoRs”);
- Making provision for notifications of Senior Manager appointments to the FCA (rather than requiring pre-approval for such individuals);
- Amending the rules around time-limited approvals and conditions; and
- Removing Conduct Rules notification and mandatory training obligations.
In each case, it is largely an enabling Bill, removing much of the detail of the regime from FSMA and giving the regulators greater flexibility to develop a proportionate, less-administratively burdensome regime. Therefore, much of the substance for how the SMCR will change will depend on the FCA and PRA’s subsequent changes to their rules and guidance governing the SMCR. Timing-wise, the Bill could receive Royal Assent before the end of the year, but the current political environment may cause delays. Based on the recent Regulatory Initiatives Grid, we will likely have a consultation on Phase 2 SMCR changes in Q3/4 2026. The FCA previously kicked the can down the road for introducing meaningful change to the regime – as evidenced by Phase 1 changes really just being tweaks to the regime – so we think there is a real opportunity for strong advocacy as part of Phase 2 to ensure the regulators genuinely do deliver in the removal of at least 50% of the administrative burdens currently experienced by firms when operationalising the regime. More on all of this is in the body of SMCR+ View and for more on the Bill itself, see our insight here.
This edition also covers other relevant updates such as relevant enforcement actions, and findings from the FCA’s review of financial and trade sanctions systems and controls across over 150 firms – with clear messages for Senior Managers on governance and MI, among others.
As always, please do let us know if you have any questions or feedback.
1. The Financial Services and Markets Bill
This Bill introduces proposed amendments to FSMA to remove the more prescriptive SMCR requirements. The Bill is currently sitting with the House of Lords and both the first and second reading have concluded meaning it is at the Committee Stage. While it is anticipated that it will receive Royal Assent by the end of 2026, it’s unclear what the political changes at Number 10 might mean for it at this stage.
We don’t think any of the proposals will come as a surprise, and almost all these changes have been trailed already. With that in mind, we’ve focussed on the key amendments to FSMA relating to the SMCR, but it’s worth noting that the Bill does make several consequential amendments to FSMA (such as removing reference to the requirements as “relevant requirements” in the context of disciplinary measures and removing the requirements for relevant recognised bodies). The Bill also makes similar amendments to Financial Services (Banking Reform) Act 2013 and Bank of England and Financial Services Act 2016, where relevant.
Senior managers – Applications
The Bill introduces the ability for the FCA and PRA to create rules that allow for firms to notify them of the appointment of Senior Managers, rather than obtaining pre-approval. This will create a dual-track system – i.e., for some senior management functions (“SMFs”) prior regulatory approval will be required before an individual can perform the SMF role, but for others designated by the FCA and/or PRA rules will simply be subject to regulatory notification. Where notifications are submitted the firm will still be responsible for assessing the individual’s fitness and propriety and once notified the individual will be subject to all the requirements of the regime applicable to Senior Managers.
The proposals also amend the deadline for the FCA and PRA to determine a Senior Manager application from three months to two months. This has been trailed for a long time so shouldn’t come as a surprise. The FCA has also been reporting against this two month determination period in its operational metrics ahead of it coming into force.
Further details:
- Proposed Section 59(3A) to (3B) of FSMA permits the FCA and PRA to specify which SMFs are “notifiable” by reference to: (i) the activities the SMF relates to, (ii) characteristics of the individual (including existing or prior approvals), (iii) characteristics of the firm or its group, or (iv) anything else the regulator considers appropriate. For dual-regulated firms, each regulator may only specify functions that fall within its own rules. A new Section 60(2ZA) makes it clear that a firm cannot make an SMF application for approval if the firm can make a notification instead (i.e., using the notification route where available isn’t optional).
- Proposed Section 60ZA gives the regulators freedom as to the form, content, manner and circumstances of the notification and paves the way for different notifications or categories of notifications to have different requirements. This section also permits the regulators to make rules as to when a notification will take effect and matters that would prevent a notification being effective.
Consequential amendments have also been made to other provisions in FSMA to reflect the new notification pathway.
What does this mean for Phase 2 advocacy? Firms will want to proactively engage with the FCA/PRA on:
- Which roles should benefit from the notification process, particularly given the broad discretion given to the regulators. We can see arguments in favour of the SMF 18 role being subject to the notification process rather than pre-approval given this has tended to be more of a catch-all role.
- The form and content of notifications and limiting the differences between them so as to avoid unnecessary administrative burdens. Firms will want to avoid a patchwork of requirements.
Senior managers - Statements of responsibilities
As we expected, Section 32 of the Bill removes the statutory requirement for SoRs across FSMA. Specifically, it’s proposed that Section 60(2A) and (2B) of FSMA are removed – these sections required applications for approval of Senior Managers to be accompanied by a SoR. Similarly, it is proposed that Section 62A of FSMA is removed - this includes the legislative requirement for firms to notify the regulator of changes in the responsibilities of Senior Managers. Instead the FCA and PRA will be empowered to make rules to determine when statements are required and their form.
What does this mean for Phase 2 advocacy? Firms will want to proactively engage with the FCA/PRA on:
- The form of SoRs – e.g., are there elements that can be streamlined (for example, many firms aren’t entirely clear on the difference between “other” and “overall” responsibilities for Enhanced firm SMFs).
- When updated SoRs are required to be submitted to the FCA and/or PRA. We note that the Phase 1 changes already introduced more flexibility in this regard, but we think there’s more scope here to streamline the regime further and/or provide feedback on how the new rules are working in practice.
Senior managers – Requests for conditions or time-limited approvals
A key concern raised in the His Majesty’s Treasury (“HMT”) consultation around conditional and time-limited approvals was the stigma attached to such approvals, given they triggered statutory notice requirements and the issuance of warning and decision notices. The Bill seeks to address this by allowing firms to submit SMF applications which voluntarily subjects the SMF to time limits or conditions, and the FCA/PRA will not be required to issue a warning or decision notice, for example. We see this as a positive development and think that time limited approvals may become a useful tool where a firm is searching for a new Senior Manager and an existing employee is performing the role in an “acting” capacity in the interim. The potential changes to whether an SMF role requires approval versus a notification will also likely reduce the amount that firms need to rely on this requirement.
Certification regime
Again, as expected, Section 34 of the Bill repeals the Certification Regime from FSMA, by removing relevant sections – i.e., Section 63E (Certification of employees by authorised persons) and Section 63F (Issuing of certificates by authorised persons). This means the following key requirements have been removed from legislation: (i) the requirement to issue certificates for individuals performing specified certification functions, (ii) the scope of the Certification Regime being limited to the definition of “employee”, (iii) the requirement to assess individuals as fit and proper before starting their role on an annual basis, (iv) requirements around issuing certificates and giving notice to individuals in particular circumstances, and (v) the criteria that make up an individual's fitness and propriety.
Many of the headlines in the financial press have suggested that the Certification Regime won’t be replicated to some degree by the FCA/PRA. But the Explanatory Notes make it clear that this likely isn’t the end of the Certification Regime and instead it paves the way for the FCA/PRA to set requirements through their rulebooks for relevant individuals.
What this does mean, however, is that there is huge scope for advocacy as part of the Phase 2 consultations across the spectrum of the FCA/PRA dropping the Certification Regime altogether, to tweaking the regime to make it more proportionate (e.g., remove the annual certification requirement).
Conduct rules
Proposed Section 35 of the Bill repeals certain “firm facing” obligations relating to the Conduct Rules, but retains the FCA/PRA’s power to make Conduct Rules. The repeal of particular sections of FSMA means that the FCA/PRA will be able to determine through their rules how firms should train staff on the Conduct Rules and when breaches of the Conduct Rules should be notified to the FCA/PRA. It’s worth noting that the proposed repeal of Section 64C of FSMA removes the definition of “disciplinary action” for Conduct Rule purposes, which may have consequences for firms’ breach determination processes to the extent the regulators do not introduce any similar definition or don’t retain a like for like definition in their rules.
While these changes are expected, it will be interesting to see whether the regulators propose any changes to Conduct Rule breach reporting as part of the Phase 2 reforms, particularly given the recent non-financial misconduct (“NFM”) final rules and guidance which make broader changes to COCON.
Other
The Bill also covers bringing Appointed Representatives within scope of the SMCR (which we initially covered in this SMCR+ View).
Given the breadth of discretion afforded to the regulators under the Bill, we consider there to be significant scope for industry advocacy as part of the Phase 2 reforms to ensure that the new rules genuinely reduce the regulatory burden on firms and deliver the proportionate, outcomes-focused regime that HMT has signalled.
We will continue to monitor developments closely and will be in touch with further updates as the Bill progresses through Parliament. Please reach out to Penny Miller (Partner), Amy Sumaria (Managing Associate) or Alannah Mansfield (Supervising Associate) with any questions you have.
2. FCA - Non-financial misconduct
The 1 September 2026 implementation date for the FCA’s new NFM deadline is looming larger, and with holidays coming up we’ve been very busy supporting many of you with your (i) policy and procedure updates, (ii) training, and (iii) other ad hoc changes including to employment contracts, supporting on handling NFM related matters ahead of 1 September 2026 and how to apply the current requirements.
Please reach out to Penny Miller (Partner), Andrea Finn (Partner), Amy Sumaria (Managing Associate) or Alannah Mansfield (Supervising Associate) with any questions you have.
3. FCA - Crypto and SMCR
There has been a deluge of Policy Statements issued by the FCA in relation to the regulation of firms performing relevant regulated activities in respect of crypto assets. We’re not going to cover all of these here, but Crypto View will have a detailed summary of all the publications and is well worth signing up for. However, we do want to highlight here a couple of things.
First, PS 26/13 confirms that the SMCR is going to be applied in full to authorised cryptoasset firms with some minor modifications: (i) the FCA is largely implementing the Enhanced firm thresholds consulted on, but with some modifications (in practice, we don’t believe this will capture many firms); (ii) the FCA is implementing a “modification by consent” waiver approach until the future of the Certification Regime is determined as part of the FCA’s Phase 2 SMCR consultation; and (iii) there are certain proposed amendments to the definitions of certain certifications functions that are not going ahead (e.g., certain amendments to the propriety trading function definition). A modification by consent essentially requires a firm to notify the FCA that they wish to take advantage of a particular modification rather than submit a full application form – each modification by consent will have its own instructions. This will appear on this page in due course and if you’d like support completing it then we’re happy to help. The FCA’s feedback is quite dismissive of arguments that cryptoasset firms are unique in terms of their global markets and footprints, and the FCA has emphasised that it expects implementation of the regime to accommodate for global business models. In particular, the FCA has issued a warning shot that it expects those holding SMF 16 and 17 roles to be based in UK, and reminds firms that the “mind and management” of firms must remain in the UK.
Second, we plan to create a Toolkit for firms applying for authorisation who need to implement the SMCR for the first time, although there will be elements of the Toolkit more generally applicable to firms who are applying for a Variation of Permission and are already subject to the SMCR but want further guidance on its application in relation to the crypto asset element of their business. By way of reminder those looking for a better chance to be authorised (or obtain a Variation of Permission) by 25 October 2027 should submit their application between the application window of 30 September 2026 to 28 February 2027.
If this is of interest or you’d like support on your authorisation or variation of permission application then please contact Amy Sumaria (Managing Associate), Gordon Richie (Managing Associate), Alannah Mansfield (Supervising Associate) with any questions you have.
4. AI updates – FCA, PRA, Bank of England, including the Mills Review
Earlier this week, the Mills Review was published which looks at AI and the future of retail financial services (although some of this will be interesting to other firms). The Senior Managers Regime is flagged as a key part of the FCA’s regulatory framework that is outcomes-based and that can flex across changing business models and technologies. The review outlines that no responses received argued that the SMCR accountability model should change, but does highlight that as automation increases both firms and regulators need to consider how it operates as AI systems become more autonomous. Page 79 of the Mills review has a section on the SMCR. It outlines that the SMCR is an important mitigant against firms adopting a ‘growth at all costs’ strategy whereby regulatory sanctions are simply a priced risk rather than a constraint.
However, the Mills Review outlines that the SMCR comes under strain under the ‘autonomy spectrum’ – i.e., pressure points arise where the opacity and autonomous operation of AI increases. For example, it identifies that a key pressure point is where AI acts within boundaries with humans monitoring it, but where meaningful human control is likely hard to evidence (which naturally makes demonstrating ‘reasonable steps’ challenging) and accountability, while likely clear, is harder to exercise. The Mills Review acknowledges that there is a potential gap between the outcomes of AI mediated decisions and the ability of the FCA to identify a de facto responsible party or individual exercising ‘meaningful human control’ where appropriate. Any future assessment of the adequacy of the SMCR will also need to accommodate for (i) the emergence of new models that are less probabilistic and opaque than current models, and (ii) assurance tools that better enable Senior Managers to take reasonable steps.
The outcome on the SMCR side of things? More feedback and guidance from the regulator clarifying what ‘reasonable steps’ means in this new context. So…despite the Treasury Select Committee already mandating the regulators to provide guidance on the application of the SMCR in the advent of AI (which we covered in this SMCR+ View), this seems to reiterate the need for more guidance from the regulators on reasonable steps specifically in due course. More generally, the Mills Review might be something worth flagging internally to Senior Managers as a matter of interest (particularly those with responsibilities for AI, operational resilience, Consumer Duty, and retail services).
The Mills Review also references the Financial Services Skills Commission, Annual Skills Report 2026, which is an interesting read and highlights that 75% of surveyed firms reported AI affecting their skills demand in 2025, with rising demand for AI literacy, data analysis and ethical AI governance. Something worth considering as firms consider what fitness and propriety (particularly competence and capability) look like in an AI era, in particular.
Other AI updates include the joint statement on “frontier” AI models made by the Bank of England, FCA and HMT. This covers the implications of these models for cyber security and operational resilience and will be of particular interest to Senior Managers with cyber security and operational resilience responsibilities. In particular, there’s a focus on ensuring that Boards and senior management have sufficient understanding of frontier AI risks and that investment and resourcing decisions reflect the emerging threat. Other areas of focus include the quick identification and remediation of vulnerabilities, managing third party and supply chain risks, effective access management, network security and data protection, and the ability to respond to and recover from disruption quickly.
The FCA also reopened its AI Input Zone to collect views on good and poor practice in AI use cases in financial services – covering what enables (and what stops) firms developing and deploying safe and responsible AI, including governance, consumer needs and resilience risks. We’ll keep an eye out for any updates from this survey.
If you have any questions on these publications or AI governance more generally, please do reach out to Amy Sumaria (Managing Associate) and Alannah Mansfield (Supervising Associate). Please also sign up to AI View here.
5. FCA – Consumer Duty and SMCR
There is a lot going on in the Consumer Duty world, including Consumer Duty being the focus of the FCA’s second Enforcement Watch – for more on the specifics we’d suggest signing up to Consumer Duty View here. However, one recent update is CP 26/23 – the FCA’s consultation paper on the scope and proportionality of the Consumer Duty regime. For a full debrief see our article on this here and we are hosting a webinar on Thursday 16 July – see here for details. However, in short it is focussed on how wholesale firms have been applying the Duty in a more expansive way than originally intended and the changes the FCA can make to give such firms greater clarity and confidence in the application of the Duty. The FCA is also clearly trying to support UK PLCs and ensuring that the Duty isn’t making the UK an uncompetitive and unattractive place for financial services business.
The FCA also reiterates the role of Boards/governing bodies for embedding the Duty and considering it in all relevant contexts, and Senior Managers in taking accountability for the outcomes experienced by customers. The non-Handbook guidance on the interlock of the SMCR and the Consumer Duty has not been amended. In relation to Board reporting, the FCA has specifically stated that its intention is not for Board reporting to be onerous or take up a disproportionate amount of time, and so where a firm only does limited amounts of business in scope of the Duty, then its Board reporting should be correspondingly limited. This sentiment is being carried through to the proposed amendments to the FCA’s Handbook Guidance – e.g., clarifying that the extent and depth of Board reporting depends on its retail market business, role in the distribution chain, size and capabilities and the risk of harm to end retail customers. Therefore, firms, for example, with a more limited role in the manufacture and distribution of relevant products and services can avail themselves of more limited Board reporting. Such reporting might also be incorporated into other board reporting and governance structures – e.g., standalone reports should just duplicate other reporting. A new example of good practice has been inserted with regards to a firm whose activities in scope of the Duty are limited to providing information about relevant products and services to retail-facing distributors to support sales to retail customers.
For more information this and our thoughts, please contact Louise Tudor-Edwards (Partner), Penny Miller (Partner), Caroline Hunter-Yeats (Partner) or Rosie MacArthur (Managing Associate).
6. FCA review of firms’ financial and trade sanctions systems and controls
One for MLROs and other individuals working in financial crime compliance – the FCA has published its findings from its review of sanctions systems and controls across over 150 firms, covering both financial and trade sanctions. This follows the FCA’s review of customer due diligence, enhanced due diligence and ongoing due diligence controls which we covered in this SMCR+ View. It’s abundantly clear that financial crime remains a key focus for the FCA.
The FCA found that the most common root cause of reported sanctions breaches related to firms’ control frameworks – weaknesses in due diligence, alert management, transaction and name screening. In terms of governance and oversight, the FCA found that standards across the market were mixed – some firms had outdated or inconsistent policies and procedures (in some cases covering only asset freezes and not the more complex measures we have seen introduced under the Russia sanctions), and some relied heavily on group arrangements or third-party vendors with limited local oversight. In several cases, firms couldn't demonstrate effective oversight, validation or assurance of the controls they relied on.
The FCA also found that sanctions management information (“MI”) reaching senior management varied between firms and often focused too heavily on financial sanctions, with few firms routinely collecting or escalating data on trade or sectoral sanctions exposure. This presents a particular source of risk for institutions, since financing linked to restricted trade is prohibited but firms often do not have easy access to relevant information. The FCA reiterated the importance of strong governance, clear ownership and accountability, and ensuring that Senior Managers receive MI that allows them to understand sanctions exposure, emerging risks, control effectiveness and issues needing escalation or remediation. There was a recognition that firms who had effectively identified trade-related exposures relied on a range of tools, including proactive monitoring of multiple systems and data sources and comprehensive internal watchlists.
UK frozen assets rose from £24.4 billion to £37 billion in the past year — a stark measure of the exposure the industry has to respond to. The FCA expects firms to review their own systems and controls in light of these findings – we'd recommend considering this report to determine whether any follow-up actions are needed. Please do reach out to Amy Sumaria (Managing Associate) or Alexandra Webster (Managing Associate) with any questions.
7. FCA Enforcement
One theme that we’ve seen across some of the enforcement cases is the regulators’ clear focus on ensuring they are being kept informed by firms and Senior Managers promptly and proactively. We’re also seeing interesting parallels emerging in Ireland, in the Irish High Court’s landmark judgment CD v CBI recently considering a case involving a senior executive of an Irish asset manager who chose not to disclose an ongoing internal investigation in relation to suspected gross misconduct of senior portfolio manager in its UK, FCA authorised investment manager delegate, to the Central Bank of Ireland on the basis that no final determination had yet been made by the UK investment manager. The Central Bank viewed this lack of disclosure by CD as a failure in his fitness and probity obligations as, in the CBI’s view, he had not been candid and truthful in his dealings with them and issuing a Prohibition Notice. That conclusion was compounded by the fact that the Central Bank subsequently discovered that the FCA had already been made aware of the matter by an internal whistleblower at the time of the interview.
While the High Court in Ireland ultimately declined to confirm the Central Bank’s Prohibition Notice on procedural fairness grounds (and the case is an interesting read for that reason alone – you can find our summary here), the underlying facts are a useful reminder of just how important these disclosure obligations are in practice when dealing with multiple regulators, and performing roles for different entities in a group. The case makes it clear that Senior Managers need to consider their own personal accountability and whether involvement in a group internal investigation could conflict with their individual responsibilities. This case also underlines the need for firms and Senior Managers to deal with the regulators openly and cooperatively, including in relation to personal and overseas matters – and it’s all the more pertinent given the additional guidance introduced through the SMCR Phase 1 reforms. The new guidance on Senior Manager Conduct Rule 4 reemphasises that Senior Managers’ proactive disclosure obligations are ongoing and may extend to personal matters. And the new guidance on Senior Manager Conduct Rule 2 (“SC2”) makes clear that a failure to take reasonable steps to ensure the firm meets its notification obligations under Principle 11 and SUP 15 could itself constitute a breach of SC2 – so this isn’t just about individual disclosure, it’s about Senior Managers actively considering the firm’s notification obligations too.
There’s also been the following enforcement cases:
- FCA’s Decision Notice against Carlos Ricardo Fuenmayor – in this FCA Decision Notice against Mr Fuenmayor, the CEO of BancTrust, the FCA imposed a fine of £99,600 as a result of alleged failures to notify the FCA of a US FINRA investigation and subsequent sanction as well as action taken against him by the Venezuelan National Financial Intelligence Unit to freeze his local currency bank accounts and those of his Venezuelan companies and directors of those companies. The case, which has been referred to the Upper Tribunal, has likenesses to other recent enforcement actions including in relation to Mr. Staley, the PRA’s Bank of Tokyo case, and the FCA’s action against Mr. Käärmann, all of which emphasise that firms and Senior Managers must deal with the FCA/PRA openly and cooperatively, including in relation to personal matters and overseas matters, as these could be relevant to their ongoing fitness and propriety.
- FCA Final Notice against Daniel Pugh – In Q4 2025, Mr Pugh was sentenced to 7.5 years in prison for running a £1.3 million Ponzi scheme. He has, perhaps unsurprisingly, now been prohibited by the FCA from performing another role within financial services. This is a clear integrity and honesty related issue meaning the FCA determined him not to be fit and proper.
- Final Notices against Andrew Currie and Peter Currie – again, an unsurprising set of Final Notices to see… Mr A Currie and Mr P Currie were both convicted for fraud related offences in 2023 and disqualified from acting as a director. These convictions related to their conduct while directors of Collateral (UK) Limited which was not authorised, whereby they made it appear that it had an interim permission from the FCA. Both were considered to lack fitness and propriety (honesty and integrity).
The FCA has also published a Consultation Paper (CP 26/19) which updates its Decision Procedure and Penalties Manual (“DEPP”), which governs penalties imposed on Senior Managers, directors and other employees of firms who breach the FCA’s rules, which suggests certain changes around the deterrent aspect of penalties, discrete aspects of the FCA’s penalty policy and changes in relation to the FCA’s decision-making.
8. Other updates
We’ve summarised some of the other key updates below:
- FCA insights from its Cyber Coordination Group: One for Senior Managers with responsibility for cyber and operational resilience – the FCA has published a summary of the discussions it held throughout 2025 with industry members of its Cyber Coordination Group. Of particular interest from an SMCR+ View perspective is the focus on preparing Senior Managers for incident response, which could be through active and sustained involvement by them in incident response exercises. The Group notes that where Senior Managers have rehearsed incidents, tested decision-making roles and escalation paths, they will be able to handle live incidents with more confidence and certainty. Other insights cover testing, risk frameworks and expectations around third parties.
- FCA survey of financial advice firms: The FCA has published findings from its survey of over 4,100 financial advice firms and analysis of around 31,000 registered financial advisers. This includes some interesting data around diversity in the industry, noting that women currently account for around 15% of financial advisers (though representation is increasing among younger advisers), with the average adviser in their late 40s (with the FCA reiterating the importance of succession planning as a result). On governance and assurance, the FCA found that compliance oversight across firms varied, with the FCA acknowledging opportunities to raise standards around governance, controls, use of management information and assurance activity. The FCA indicates that it will continue to work with firms to ensure strong governance and robust risk systems are in place.
- FCA multi-firm review findings on surveillance and internal controls for Credit Rating Agencies (“CRAs”): One for CRAs – this review includes a number of findings, including areas for improvement around the governance of the surveillance process and methodology process, the capability, capacity and roles of people responsible for these processes, and around the adequacy and effectiveness of the second and third line controls. The FCA expects CRAs to reflect on the findings and consider whether any improvements need to be made.
- PRA Dear CEO Letters on innovations by deposit-takers of deposits, e-money and regulated stablecoins: Some Dear CEO letters for PRA-regulated firms. The first reiterates the PRA’s expectations on innovations in the use by deposit-takers of deposits, e-money and regulated stablecoins, building on the 2023 Dear CEO letter. This includes an expectation that firms keep supervisors informed of material developments in their plans and how those plans meet the expectations set out – one to make sure the relevant Senior Managers are across. The second Dear CEO Letter provides an update on managing prudential risks from cryptoasset exposures.
- FCA Consultation Paper on registration of authorised fund assets: A quick one for depositaries – CP 26/16 proposes permitting depositaries of alternative investment funds to delegate certain registration and safekeeping functions to third parties. The FCA explicitly states that the relevant Senior Manager will be responsible for ensuring their firm complies with the proposed rule changes. The consultation closes on 9 July 2026.
- FCA – Consultation Paper on Simplifying Consumer Investment Disclosures: CP 26/24 is all about changes to the cost disclosure requirements to align the requirements derived from MIFID with the FCA’s Consumer Composite Investments (“CCI”) regime. This is particularly relevant to firms carrying out MIFID business and other forms of designated investment business, as well as manufacturers of CCIs and other investments. In the CP, the FCA references the fact that the proposals are likely to enhance the ability of senior management to take responsibility for their decisions by providing clear standards for disclosure and integrating it into their Consumer Duty responsibilities (i.e., better meet the information needs of customers) for relevant products.
- FCA – Consultation Paper on Proposed changes to the UK Listing Rules for closed-ended investment funds: CP 26/21 outlines proposed targeted adjustments to the UK Listing Rules with the aim of ensuring Board support strong shareholder rights and manage conflicts of interest. The CP contains proposals in relation to Board independence and director responsibilities. Responses are due by 14 August 2026.
- FCA - Consultation Paper on Self-invested Personal Pensions (SIPPs): CP 26/20 proposes new rules for firms operating SIPPs and covers due diligence requirements and handling pension scheme money and assets (“PSM&A”). The proposed PSM&A regime will require, among other things, relevant firms to allocate a Senior Manager with operational oversight of the regime. This will include accountability for the firm’s compliance with the PSM&A rules and ensuring that systems and controls are in place to support the accurate identification, recording and monitoring of pension scheme money and assets. The Senior Manager will also be responsible for reporting to the SIPP operator’s governing body (typically the Board) on their oversight. The individual appointed must have sufficient skill and authority. Responses are due 24 August 2026.





.jpg?crop=300,495&format=webply&auto=webp)



