Our approach to supervision

Corporate documents Published: 19/03/2024 Last updated: 19/03/2024

Our approach to supervision sets out how we carry out our regulatory oversight. It is designed to help firms, consumers and markets understand how we work, and fulfil our accountability to Parliament and to the public.

This is an updated version of our previously published approach to supervision.

1. Introduction

Every day the UK population relies on a range of financial services, from basic bank accounts to car loans, mortgages, pensions and complex investment products. The FCA was created by Parliament to regulate the conduct of the UK’s financial services and to be the prudential regulator for all firms solely authorised by us. Our regulation affects consumers, businesses and the UK economy.

Our objectives

Parliament gave us a single strategic objective: to ensure financial services markets function well. We also have operational objectives to protect consumers, maintain market integrity and promote competition in the interests of consumers.

Since August 2023, we have a secondary objective to facilitate the international competitiveness and growth of the UK economy in the medium to long term. This objective only applies when we advance our existing objectives. It applies only to our general functions, which include rule-making, giving general guidance and deciding general policies. It doesn’t apply to individual authorisation, supervision or enforcement decisions.

Financial services continue to change rapidly and significantly. We will continue to respond to the ongoing impact of crises such as the pandemic and the Russian invasion of Ukraine, as well as changes to the UK’s regulatory framework and developments in technology.

We are an independent public body funded entirely by the fees we charge regulated firms. Our role is defined by the Financial Services and Markets Act 2000 (FSMA) and we are accountable to the Treasury, which is responsible for the UK’s financial system, and to Parliament. The aim of our regulation is to serve the public interest by improving the way the UK financial system works and how firms conduct their business. This benefits individuals, businesses, the economy and the public as a whole.

We work closely with the Prudential Regulation Authority (PRA). The PRA is the prudential regulator for banks, building societies, credit unions, insurer and large investment firms. For these firms, the FCA acts as the conduct (rather than prudential) regulator. Many of the factors relevant to the PRA’s objectives are also important to ours, so we coordinate and work in partnership with the PRA, including the sharing of information.

We also work with consumer groups, trade associations and professional bodies, domestic regulators, international partners and a wide range of other stakeholders.

We have a large and growing remit. Our approach to regulation is proportionate, prioritising key areas of focus and on firms that pose a higher risk to meeting our objectives. 

Parliament gave us a range of tools and independent powers to make decisions about how best to use them. We focus on 3 key areas:

  • Reducing and preventing serious harm, using data to assess problems more quickly and act sooner. We aim to prevent harm from happening in the first place.
  • Setting and testing higher standards, making sure firms sell suitable products that provide good standards of customer service.
  • Promoting competition and positive change, being open-minded about innovation, within regulatory safeguards.

This document explains the purpose of, and our approach to, our supervision of firms and individuals.

It sets out:

  • our role and why we supervise
  • how we supervise, including our supervisory principles
  • how we use judgement to support our decisions 

2. Why we supervise

We define supervision as the regulatory oversight of firms, and of individuals controlling firms, to reduce actual and potential harm. We focus our efforts on the outcomes and priorities set out in our strategy.

What we expect of firms we regulate

We set the regulatory conditions to encourage good conduct, and to enforce this if we need to. Firms are responsible for conducting their business in a proper and responsible way, and to comply with the spirit – not just the letter – of our rules and guidance. We supervise to ensure firms and individuals comply with our rules.

In line with our Consumer Duty, it is first and foremost a firm’s responsibility to deliver good outcomes to consumers – for products and services, prices and value, consumer understanding and consumer support. When necessary, firms are expected to provide redress, putting things right when they go wrong. The Duty requires firms to act in good faith, avoid causing foreseeable harm and enable and support retail customers to pursue their financial objectives.

There are 4 overarching outcomes we expect from financial services across all the markets and sectors we regulate.

  • Fair value: Consumers receive fair prices and quality. Professional market participants have the information and transparency they need to make well informed assessments of value and risks.
  • Suitability and treatment: Consumers are sold suitable products and services, and receive good treatment.
  • Confidence: Consumers are confident about participating in markets, particularly because of (1) minimised harm when firms fail and (2) minimised financial crime. Markets are (1) resilient to firm failures and (2) clean, with low levels of market abuse, financial crime and regulatory misconduct.
  • Access: The needs of different consumers are met through (1) reliable services and (2) a range of widely available products and services.

Our expectations of individuals

A firm’s senior managers are responsible and accountable for its culture, strategy and for preventing harm. They need our approval to ensure they are fit and proper to perform their role and meet our minimum standards. Senior managers must meet 5 minimum standards of behaviour. They must:

  • act with integrity
  • act with due care, skill and diligence
  • be open and cooperative with the FCA, the PRA and other regulators
  • pay due regard to the interests of customers and treat them fairly
  • observe proper standards of market conduct

Each senior manager that comes under the Senior Manager and Certification Regime (SM&CR) must have an agreed Statement of Responsibilities. This must clearly set out the areas of the business they are accountable for.

Our role in prudential supervision

The PRA has prudential oversight over a number of financial services firms. We are the prudential supervisor for all other firms we regulate who do not fall within the scope of the PRA. Firms that don’t have to meet minimum financial resource requirements must still ensure they have adequate resources, as outlined in our Handbook Threshold Conditions.

Our supervision work aims to avoid firms failing in a disorderly way and to minimise the harm this could cause consumers or the integrity of the UK financial system. This harm can be a loss of money, or a loss of confidence and participation in financial markets. For example, if the firm is unable to return client money or cannot pay redress.

To minimise harm, we can set and enforce the minimum level of capital or liquidity that a firm must hold.

Managing the risks of harm

Cross-market priorities

We prioritise issues that are common across both retail and wholesale markets and may create a risk of harm to wider society. We aim to ensure that firms and markets:

  • are stable and resilient, for example, that they can defend themselves against a cyber-attack or technological failure, or recover quickly
  • are not used as channels for financial crime, such as money laundering or terrorist financing
  • are not using bribery or corruption to offer, provide or accept financial or non-financial incentives, and are not breaching financial sanctions
  • maintain effective control over personal data that they hold
  • do not fail in a disorderly way causing harm to markets or consumers - and protect consumers’ and market participants’ assets if they do fail

Retail markets

Within retail markets, our priority is to protect consumers from harm. The sources of harm we prioritise include:

  • Unsuitable, misleading or unsafe treatment of customers. This may include firms selling unsuitable products, losing client assets or funds, misusing personal data, failing to fulfil obligations to their customers and failing to provide customer services. It also includes the inappropriate treatment of consumers in financial difficulty, or who are vulnerable and not resolving consumer complaints appropriately.
  • Restricting consumers’ access to products and services. This may include practices that inappropriately excludes consumers from products, or failing to meet consumer needs.
  • The price and quality of financial goods and services which do not represent fair value for consumers. This may include excessive prices, fees and charges, or substandard quality or products that are unsuitable for consumer needs. 

Wholesale markets

Wholesale markets are global and many participants operate across international boundaries. We supervise UK and global wholesale firms to ensure there is market confidence, integrity and participation, Markets should be fair, effective, efficient, transparent, competitive and work well for their users. We often work alongside overseas regulators to pursue our supervisory priorities.
When supervising wholesale markets, we particularly focus on:

  • ensuring there is the infrastructure, fairness and confidence in markets, to enable firms to access, participate and perform
  • minimising the level of market abuse caused by manipulation, conflicts of interest, insider dealing or issuing false/misleading statements

3. How we supervise

We carry out regulatory oversight against a framework of principles and rules that represent minimum standards of conduct.

When we authorise a firm, we assess whether it meets the minimum standards that all authorised firms must meet and continue to meet the Threshold Conditions.

Once authorised, the senior managers of these firms are responsible for ensuring their firms act in line with our principles and rules that set out the minimum standards of conduct. 

We take a forward-looking and strategic approach to our supervisory work. We use data and judgement to evaluate both the conduct of individual firms and, more widely, how retail and wholesale markets are evolving.

Supervising by business models

To supervise effectively, we need a thorough understanding of the business models, culture, and strategies of the firms we regulate. We supervise most firms as a portfolio – grouping firms that share a common business model.

Business models can create risks of harm to consumers or markets in several ways. A business model which is based on significant pressure for performance, for example, can create risks to consumers. For example, it may engage in higher risk lending or aggressive sales practices. This can lead to greater conduct risk or a high risk of disorderly failure, which may involve the loss of client money.

Business model analysis helps us understand risks of harm and identify actions we can take to address them. We communicate our expectations and priorities to and describe examples of good and poor practice in these portfolios.

Supervising in different ways

We may provide dedicated supervisory oversight to firms with the greatest potential impact on consumers or their relevant markets. We want to understand their strategy and the competitive dynamics of their business models. For example, we may want to understand what creates competitive advantage, the reasons why some customers, products or services are profitable and the role of cross-subsidy.

We may want to understand how consumers choose between competing offerings, and whether there is a mismatch between the firms’ incentives and the interests of consumers.

Prudential supervision

We prudentially supervise for all firms apart from banks, building societies, credit unions, insurers and large investment firms, who are authorised by the PRA.

Our supervision work aims to avoid disorderly failure and minimise the harm to consumers or the integrity of the UK financial system. Understanding a firm’s financial risks, its proximity to failure and how the harm from failure is being minimised is an important part of our supervisory work. To minimise harm, we can set and enforce the minimum level of capital or liquidity the firm must hold.

We require firms that hold client assets to have systems that protect those assets if the firm fails. We ask all firms to have credible wind-down plans in place, because some will inevitably fail. Where we identify that failure would result in harm to consumers or markets, we help to ensure the firm failure is managed in an orderly way. For some of these firms, we carry out this work with the Bank of England.

4. Our supervisory principles

Our supervisory principles form the basis of our supervisory approach. These principles complement the Principles for Business which outline our expectations of firms.

Our approach to advancing our objectives is judgement-led, informed by 5 key principles of being:

  • forward looking
  • outcomes-focused
  • proportionate and evidence-led
  • transparent, and
  • integrated and co-ordinated

Our approach aims to put right systemic harm that has occurred and stop it happening again.

Forward looking

  • We aim to pre-empt poor conduct so that the risk and any associated harm does not materialise.
  • We assess firms’ business models and strategies both against current and future risks, to identify emerging risks and try to reduce or prevent them.
  • Our strong understanding of firms’ business models means we can identify poor alignment between firms’ conduct and the interests of consumers and markets functioning well.

Outcomes-focused

  • Where we see systematic harm, we will move quickly to stop the harm occurring using a range of powers. We then work to ensure that the firm addresses the drivers of harmful culture and its business model and strategy to prevent a recurrence.
  • Where we judge it necessary, we will refer firms for an enforcement investigation.
  • We want to get redress for affected customers, either by requiring a redress scheme, engaging directly with the firm, or by working with other authorities such as the Financial Ombudsman Service.

Proportionate and evidence-led

  • We focus our work on the key drivers of conduct likely to cause harm, and particularly on firms we judge pose the greatest risk to our objectives. 
  • We also look at  the drivers of culture which underpin a firm’s conduct. These include the firm’s purpose, the attitude, behaviour, competence and compliance of the firm’s leadership, its approach to
  • We approve and hold to account the most senior individuals whose decisions and personal conduct have a significant effect on the firm’s conduct. As part of the Senior Managers and Certification Regime (SM&CR), we also expect firms to take responsibility for certifying the competence and integrity of business-critical staff.
  • We systematically use intelligence and information from a broad range of sources to target our actions. These include consumer feedback, data and intelligence from firms and their trade associations, insight from with other regulatory organisations, information from MPs and from whistle blowers, and our firm and consumer contact centre.

Transparency

  • We engage directly with consumers and their representatives to understand issues they face and target firms that may be causing harm.
  • We engage with industry, firms and other market participants to understand how they are responding to market-wide events, firm-specific events and/or the regulatory framework and to adjust our approach where appropriate.
  • We are clear with firms and individuals about good and poor practice that we observe.
  • We are as transparent as possible about our work and our priorities for the coming year.

Integrated and coordinated

  • We ensure our teams work closely across all our functions to reach robust decisions, share information and provide consistent messages.
  • We share intelligence with other regulatory bodies such as the Bank of England, the Prudential Regulatory Authority, the Payment Systems Regulator, the Financial Ombudsman Service, the Pensions Regulator, the National Crime Agency and the National Economic Crime Centre.
  • As a supervisor of global firms and global markets, we work with international regulators to supervise firms, markets and issues which are common across jurisdictions.

5. Supervisory judgement and decision-making

Our decision-making framework helps us use our regulatory tools efficiently and cost-effectively. It guides how we identify and manage the risk of harm.

Figure 1: The FCA’s decision-making framework

Figure 1: The FCA’s decision-making framework

Figure 1: The FCA’s decision-making framework (PDF)

Identifying potential risks of harm

Markets and firms are reacting ever faster to changing regulation, new technology and shifting consumer demographics, attitudes and behaviours. Our approach to supervision is based on analysis that gives us a clear view of how the financial system works as a whole and within individual sectors and markets. 

We look at possible scenarios and identify risks of harm to consumers and markets, based on our understanding of current business models. This allows us to anticipate potential problems in firms and markets and adapt our business model portfolios as business models change.

We use an assessment model to identify the key risks and drivers of harm that underpin a firm’s conduct and its business model. This informs how we prioritise our regulatory actions.

To support our assessment of firms, we use a variety of analyses. These include:

  • market analyses
  • market studies
  • business model analyses
  • data analytics on regulatory returns and third party data providers
  • real-time intelligence from our interactions with firms and consumers
  • insights and intelligence from other regulators and law enforcement agencies

In some cases, we may ask firms for additional information to help our analysis. We assess the key risks of harm in each portfolio to inform our strategic priorities and identify individual firms which show a greater risk of harm that requires direct supervisory engagement.

Every firm should be able to understand our view of the main risks they pose and what we expect from them. Following our analysis, we may share our view on these and our programme of work to address these. This may be individual or multi-firm and also include other regulatory tools such as enforcement, policy or competition work.
 

Identifying harm that is already happening

We aim to deal with emerging issues or past events quickly and efficiently to prevent the harm growing. We identify actual harm using several sources. Where we can, we share the outcome of our work so that complainants can understand our views and with relevant stakeholders.

How we diagnose the severity of harm

Where we have prioritised an issue for further work, we use a range of tools to diagnose harm and its impact. Which regulatory tool we use depends on the potential scale and severity of the harm.

Where we have concerns about a single firm, we will look at the root causes of issues. We will identify the senior manager responsible for the relevant business area and assess what steps they have taken to prevent, or reduce, the harm.

We may require a firm to make an immediate change to their business model to ensure that this change is long term. Sometimes our diagnostic work raises significant suspicions, highlights that a firm no longer meets its Threshold Conditions or is in breach of our rules. In these cases, we may refer the firm for further investigation and potential enforcement action.

Where we identify potential risk of harm across several firms, we may undertake wider diagnostic work. This includes undertaking larger projects, often announced in our annual Business Plan.

If we identify potential failures in the way competition works, we may undertake further investigatory work. This may include a call for input, a market study, or a Competition Act 1998 investigation.

Remedy tools

Sometimes breaches of our rules can be a result of mistakes rather than deliberate intent. In the first instance, it is the firm’s responsibility to prevent breaches and to remedy them when they happen. We expect the firm to notify us when it realises it has made a mistake and take prompt action to put things right. 

We expect firms to act when things go wrong, by:

  • stopping actual harm as quickly and as proportionately as possible
  • putting things right, including redressing customers who have been affected
  • addressing the root causes of potential harm
  • holding individuals to account where there is evidence of misconduct

Stopping actual harm quickly and proportionately

In instances where we have evidence that a firm is not meeting our standards, we may invite it to sign a voluntary requirement (VREQ) which prevents ongoing harm to consumers or markets. For example, where we have evidence a firm has inadequate systems and controls, we may invite it to sign a VREQ that they will not accept new business until the issue is resolved.

Where firms do not voluntarily agree to this requirement, we may choose to impose an Own Initiative Requirement (OIREQ) on the firm.

Where we identify that an individual firm’s behaviour is causing or may cause harm we can vary the permissions granted, impose requirements or change the approval we give individuals.

We have additional powers we can use for firms which fall under the detailed standards of our prudential regime. Where we identify a risk of harm from the firm having inadequate financial resources, we can set and enforce the minimum level of capital and/or liquidity that the firm requires.

Ensuring firms have put things right

When things go wrong, we expect firms to take prompt action to put things right, conduct a root cause analysis and take steps to prevent it happening again.

Where individual consumers suffer harm, they should first complain to the firm and ask the firm to put things right. The firm should engage with customers on an individual basis to address any harm. We monitor the adequacy of firms’ complaints-handling to ensure it is effective and transparent, and that complaints are dealt with reasonably, promptly and fairly.

Escalating customer complaints

Where individual consumers do not feel they have received a satisfactory response from the firm, they can take their case to the Financial Ombudsman Service to adjudicate.

The Financial Ombudsman is operationally independent and will issue its decision in writing to both the firm and the consumer. If the consumer chooses to accept the Financial Ombudsman’s decision, the firm must abide by it. The Financial Ombudsman also has the power to award an appropriate level of redress for the firm to pay the consumer.

We ensure that firms abide by the Financial Ombudsman’s decisions, and we take failure to pay an award very seriously. If this happens, we will follow up to ensure the firm pays what it owes and consider the implications for its wider business and other consumers.

Holding individuals to account

We hold individuals as well as firm’s accountable for their firm’s conduct. Our responses to harm will focus on ensuring senior individuals are accountable for the remedial work firms undertake. 

Where appropriate, we use attestations by Senior Managers to obtain a personal commitment that a specific action will be (or has been) taken.

In some cases, following an enforcement investigation, we may take action against individuals including banning them from undertaking financial services work or fines.
 

Evaluation

We evaluate our regulatory activities to ensure they are delivering their intended outcomes, our strategic priorities and our statutory objectives.

For our largest firms, we complete regular firm evaluations. These evaluations assess the firm, and evaluate the effectiveness of the previous work programme and may agree an ongoing programme.

We use these assessments to inform our future programme of work and choice of regulatory tools.

For business models, we regularly analyse portfolios and evaluate the impact of our regulatory oversight.