Unpacking the FCA’s 2026 Priorities for Retail Banking

In March 2026, the Financial Conduct Authority (FCA) moved from a period of policy implementation to active supervision, publishing its inaugural Regulatory Priorities Report for Retail Banking. This document marks a significant shift in the UK’s regulatory landscape, replacing traditional “portfolio letters” with a consolidated, data-driven annual report aimed at boards and C-suite executives.

As firms in the US and UK navigate this new terrain, the 2026 priorities emphasize four critical pillars: the evolution of the Consumer Duty, the integration of stablecoins and AI, operational resilience, and the fight against financial crime.

1. Consumer Duty 2.0: Proving Positive Outcomes

The transition from “implementation” to “active supervision” is the defining theme for 2026. The FCA is no longer asking firms if they have the Duty in place; it is demanding evidence that the Duty is delivering tangible benefits.

• Fair Value and Pricing: The regulator is conducting intensive reviews of product pricing, specifically targeting business current accounts and savings. Firms are expected to use robust data to prove that their products offer fair value and that higher interest rates are being passed on to consumers where appropriate.

• Vulnerability and Digital Exclusion: While digital transformation is encouraged, the FCA warned that digital-first strategies must not cause “foreseeable harm” to less digitally capable customers.

• Access to Cash: Under the new Access to Cash sourcebook, designated banks must fill significant gaps in local services. Firms closing branches must ensure that accessible alternatives, such as banking hubs or shared spaces, are fully operational before the branch shutters come down.

2. Digital Assets and the “Supercharged Sandbox”

The March 2026 update accelerates the UK’s ambition to be a global hub for digital finance. The FCA is actively balancing innovation with a tightened regulatory perimeter.

• The Stablecoin Regime: Following the passage of the Financial Services and Markets Act (Cryptoassets) Regulations 2026 in February, the FCA has prioritized stablecoin issuance and custody. A “Stablecoin Sprint” was launched in March to finalize the rules before the official FSMA authorization gateway opens in September 2026.

• AI Live Testing: The application window for the second cohort of “AI Live Testing” and the “Supercharged Sandbox” closed in early March 2026. This initiative allows firms like Revolut and Monee Financial Technologies to test AI-driven fraud detection and automated customer support under direct regulatory oversight.

• Crypto Enforcement: Supervision is becoming more assertive. The regulator is currently pursuing enforcement actions against platforms for unlawful financial promotions, emphasizing that all crypto-related marketing must meet the same high standards as traditional financial products.

3. Financial Crime: AI vs. The Bad Actors

Financial crime remains a “critical” priority for 2026, with the FCA urging firms to invest in advanced technologies to combat evolving threats.

• APP Fraud Evaluation: With mandatory reimbursement for Authorised Push Payment (APP) fraud now standard, the regulator is preparing for a full evaluation of the regime’s impact in Q3 2026.

• Precision in AML: The FCA has issued a stern reminder that financial crime controls should not lead to “unnecessary or overlong account freezing”. The goal is for firms to move away from blunt “de-risking” toward a more surgical, data-led approach to identifying suspicious activity.

• Unified Supervision: The consolidation of AML/CTF supervision for professional services under the FCA is further empowering the regulator to address systemic risks across the entire financial ecosystem.

4. Operational Resilience and “Compliance as Code”

With the UK’s operational resilience rules fully active, the focus has shifted to the integrity of the supply chain and “material third parties” like cloud providers.

• Critical Third-Party Rules: New rules introduced in March 2026 require firms to report operational incidents more granularly and manage dependencies on a small number of dominant tech providers.

• Technological Agnostic Controls: The FCA emphasizes that its systems and controls (SYSC) requirements are “technologically agnostic,” meaning firms using DLT or cloud-native cores must prove their systems can remain within “impact tolerances” during a severe but plausible disruption.

• Automation: Leading firms are increasingly adopting “Compliance as Code”—the practice of embedding regulatory rules into their software development lifecycle to automate reporting and oversight.

Summary of Key 2026 Dates

The FCA’s 2026 agenda signals a more assertive, tech-forward regulator. For firms, the priority is no longer just policy creation, but the continuous, data-backed demonstration of operational stability and fair consumer outcomes.