Regulatory Risk and Compliance Report For the Week Ending 31 October 2025
- James Ross
- Nov 2
- 7 min read
Executive Summary
This week’s regulatory publications indicate several high-priority areas for risk, compliance, and legal functions. The Financial Conduct Authority (FCA) has issued direct warnings on firm conduct, M&A governance, and consumer protection, signalling a clear supervisory and enforcement focus.
Key considerations arising this week include:
M&A Governance and Integration: The FCA’s multi-firm review of wealth sector consolidation criticises weak due diligence, high-risk debt structures, and inadequate integration of acquired firms. Acquiring firms must immediately review their M&A and integration frameworks to mitigate risks of client detriment and disorderly failure. Senior Management accountability for these risks is a clear focus.
Non-Financial Misconduct (NFM): With 76 open supervisory cases, the FCA’s update on the “Sexism in the City” inquiry confirms that NFM is a primary enforcement priority. Firms must ensure that adequate preventive and detective controls are in place and that NFM is integrated into their governance, remuneration, and accountability structures.
Consumer Protection & Promotions: A direct warning on CFD promotions, “finfluencers,” and improper client categorisation signals an impending crackdown. This, combined with the LSB’s critical report on online support, places renewed urgency on evidencing compliance with the Consumer Duty outcomes, particularly in relation to communications and support for vulnerable customers.
Major UK Regime Implementation: The UK’s post-Brexit framework is advancing. The laying of the draft Financial Services and Markets Act 2000 (Regulated Activities) (ESG Ratings) Order 2025 marks the formal beginning of the countdown to a new regulated activity. Concurrently, the PRA has published near-final rules (PS20/25) for the Simplified Capital Regime (SDDT), and the FCA is consulting (CP25/29) on a new UK Short Selling Regime.
Motor Finance Redress: The extension of the stay in the Doug Taylor Class Representative collective action case highlights the significant financial and legal risks facing the motor finance sector. Firms must provision for the parallel risks of a mandatory FCA redress scheme and high-value civil litigation.
Key Regulatory Deadlines and Action Dates
Regulatory Initiative | Jurisdiction | Key Date | Nature of Deadline | Affected Firms |
UK Short Selling Regime (CP25/29) | UK | 16 December 2025 | Consultation closes | Firms engaged in short selling on UK venues |
Pension Risk & IRRBB Clarifications | UK (PRA) | 01 July 2026 | Effective date | PRA-regulated banks, building societies, etc. |
EU Benchmarks Regulation (NZ Equivalence) | EU | 01 January 2026 | New rules for third-country benchmarks take effect | EU firms using NZ benchmarks |
Berne Financial Services Agreement | UK/CH | Early 2026 | Expected entry into force | UK insurers, Swiss investment firms |
PRA Pillar 2A’ Refined Methodology’ Retirement | UK (PRA) | 01 January 2027 | Effective date (aligned with Basel 3.1) | PRA-regulated firms (non-SDDTs) |
PRA’ Strong and Simple’ Capital Regime | UK (PRA) | 01 January 2027 | Effective date (aligned with Basel 3.1) | Small Domestic Deposit Takers (SDDTs) |
Solvency II Delegated Regulation Amendments | EU | 30 January 2027 | New rules take effect | EU insurance and reinsurance undertakings |
UK ESG Ratings Provider Regulation | UK | 29 June 2028 | The regulation comes into effect | ESG ratings providers serving UK clients |
Detailed Analysis by Theme
1. Theme: Conduct, Governance, and Consumer Protection
The FCA has demonstrated an immediate focus on firm-level culture, governance frameworks, and consumer outcomes.
FCA Multi-Firm Review of Consolidation
Development: The FCA’s review of financial advice and wealth management consolidators identified significant failings, including: over-reliance on cash generation from regulated entities to service group debt (heightening prudential risk); “tick-box” due diligence on acquisitions; and a failure to scale compliance and conflict-of-interest systems commensurate with growth.
Risk & Compliance Consideration: This constitutes a significant warning for firms engaged in M&A. Compliance and Risk functions must be integral to M&A strategy, not a post-acquisition thought. Due diligence frameworks must be robust, demonstrably challenging, and explicitly cover the target’s compliance, culture, and client bank. The FCA is signalling it will hold Senior Management Functions accountable for risks arising from poorly managed acquisitions and integrations.
FCA Update on “Sexism in the City” Inquiry
Development: The FCA confirmed 76 open supervisory cases related to non-financial misconduct (NFM). It is actively testing firms’ preventative and detective controls at an operational level.
Risk & Compliance Consideration: The high number of open cases confirms NFM is a significant enforcement priority. This is a core SMCR and conduct risk issue. Compliance, in partnership with HR, must ensure NFM is explicitly defined in policies, training is robust, and that whistleblowing and reporting channels are effective. Firms must be able to demonstrate to supervisors how they are actively preventing, detecting, and remediating NFM.
FCA Warning on CFD Promotions
Development: The FCA warned firms against using high-pressure techniques to re-categorise retail clients as “elective professionals” (bypassing CFD restrictions). It also highlighted risks from unregulated “finfluencers.”
Risk & Compliance Consideration: This is a direct precursor to enforcement action. Firms must immediately audit their client categorisation processes (per COBS 3) to ensure they are robust, evidence-based, and free from undue influence. Financial promotion controls must be reviewed to ensure all marketing, including via third-party “finfluencers,” is compliant with rules for the correct client type.
LSB Report on Online Support for Money Worries
Development: The LSB’s final report identified significant failings in firms’ online support for customers with financial and mental health challenges, citing complex jargon, unsupportive tone, and poor signposting.
Risk & Compliance Consideration: This report provides a clear evidential benchmark for assessing compliance with the Consumer Duty. These failings represent a direct risk of breaching the Consumer Understanding and Consumer Support outcomes. Firms must review their online journeys for vulnerable customers to ensure language is simple, the tone is supportive, and signposting to specialist help is clear and compelling.
2. Theme: UK Prudential & Markets Reform
Major components of the “Smarter Regulatory Framework” were advanced this week.
Draft Order for Regulating ESG Ratings
Development: The draft Financial Services and Markets Act 2000 (Regulated Activities) (ESG Ratings) Order 2025 was laid before Parliament, bringing ESG rating provision into the FCA’s regulatory perimeter.
Risk & Compliance Consideration: This formally commences the implementation timeline.
For Providers: Firms providing ESG ratings must now commence formal authorisation workstreams, focusing on governance, systems and controls, and conflicts of interest management.
For Users: Firms using ESG ratings (e.g., asset managers) must update their third-party risk management (TPRM) frameworks to ensure that, once the regime is live, they are procuring services from FCA-authorised providers.
PRA Policy on Simplified Capital Regime (SDDTs) (PS20/25)
Development: The PRA published near-final rules (PS20/25) for the SDDT capital regime, the final phase of the “Strong and Simple” framework, with an implementation date of 01 January 2027.
Risk & Compliance Consideration: Eligible firms can now finalise implementation plans for the 2027 transition. This is a significant project that impacts capital modelling, risk management, and regulatory reporting. Firms not qualifying for the SDDT regime must continue to implement the full Basel 3.1 standards, as the interim capital regime (ICR) will be phased out.
FCA Consultation on New Short Selling Regime (CP25/29)
Development: The FCA is consulting (CP25/29) on a new UK regime, proposing a new model for aggregated net short position disclosures (replacing the current individual public disclosure model) and streamlining reporting.
Risk & Compliance Consideration: This is a significant rewrite of a key market regulation, detailed in the new draft Short Selling Rules Sourcebook (SSR). Firms engaged in short selling must conduct a gap analysis of the proposals’ impact on their reporting systems, data infrastructure, and disclosure workflows.
PRA Policy on Pillar 2A Methodology (PS18/25)
Development: The PRA (PS18/25) confirmed that it will retire the “refined” methodology for Pillar 2A, coinciding with the implementation of Basel 3.1.
Risk & Compliance Consideration: This change simplifies the capital framework. Firms’ capital and ICAAP teams must model the impact of this change, alongside the broader implementation of Basel 3.1, on their overall capital requirements and SREP processes.
3. Theme: Sector-Specific Risk Spotlight
Motor Finance (Discretionary Commission Arrangements)
Development: The Competition Appeal Tribunal (CAT) further extended the stay on the Doug Taylor Class Representative collective damages application, pending the FCA’s final rules for a planned redress scheme.
Risk & Compliance Consideration: The motor finance sector faces a severe, dual-front risk. The CAT’s action confirms that high-value litigation (collective proceedings under the Competition Act 1998) is proceeding in parallel with the FCA’s regulatory action. Firms with DCA exposure must ensure material financial provisions are adequate to cover potential liabilities from both a binding FCA redress scheme and separate civil litigation.
4. Theme: European & International Developments
UK-Switzerland Mutual Recognition Agreement
Development: The Financial Services and Markets Act 2023 (Mutual Recognition Agreement) (Switzerland) Regulations 2025 (SI 2025/1145) were published, implementing the Berne Financial Services Agreement from 01 January 2026.
Risk & Compliance Consideration: This is a key cross-border operational enabler. Firms providing investment services to wholesale/HNW clients between the UK and Switzerland must review the regulations to operationalise the new permissions and exclusions, which will relieve them of specific dual-authorisation requirements.
EU EMIR 3 - Active Account Requirement
Development: The European Commission adopted the Delegated Regulation (C(2025) 7124) specifying the operational conditions for the “active account requirement” (AAR) under EMIR 3.
Risk & Compliance Consideration: This operationalises a key financial stability provision of EMIR 3. In-scope EU entities (FCs and NFCs) must now commence the significant operational and legal build-out required to establish active accounts at EU CCPs and meet the associated reporting and representativeness obligations.
EU Solvency II Amending Delegated Regulation
Development: The European Commission adopted a Delegated Regulation (C(2025) 7206) that significantly amends the Solvency II Delegated Regulation, affecting long-term investment, reporting, and proportionality.
Risk & Compliance Consideration: This is a major update for all EU-based insurers. Actuarial, risk, and investment functions must conduct a detailed impact analysis of the changes to the Solvency Capital Requirement (SCR), supervisory reporting templates, and the new, more favourable prudential treatment for long-term equity investments.
Summary of Regulatory Actions for Firms
Regulatory Development | Primary Action for Banks & Lenders | Primary Action for Insurers | Primary Action for Asset/Wealth Managers |
PRA Prudential Changes (Pillar 2A, SDDT) | Non-SDDTs: Model impact of retiring refined methodology and update ICAAP. SDDTs: Conduct a cost-benefit analysis of opting in to the new regime. | N/A | N/A |
EU Solvency II Amendments | N/A | Review Strategic Asset Allocation to leverage new capital rules for equity/securitisation. Re-evaluate risk margin calculations. | N/A |
FCA Wealth Consolidation Review | Review lending exposures to PE-backed consolidator groups. | N/A | Consolidators: Review group debt structures, governance, and integration plans urgently. All: Enhance due diligence on potential acquisition targets. |
FCA ‘Finfluencer’ / CFD Warning | Review policies on marketing high-risk products and client categorisation processes. | N/A | Review marketing policies, especially the use of social media and third-party promoters. |
UK Short Selling Regime Reform | N/A | N/A | Update reporting systems to meet the new T+1 deadline. Prepare for shift to anonymous, aggregated public disclosure. |
Berne Agreement (UK/CH) | Assess opportunities for corporate banking services. | Assess commercial opportunities for wholesale insurance lines in Switzerland. Prepare for the notification process. | Swiss firms: Prepare for UK notification process. UK firms: Review opportunities for advising Swiss HNW clients. |
‘Sexism in the City’ Report | Review and fortify policies on NFM, NDA usage, and whistleblowing. Enhance D&I governance. | Review and fortify policies on NFM, NDA usage, and whistleblowing. Enhance D&I governance. | Review and fortify policies on NFM, NDA usage, and whistleblowing. Enhance D&I governance. |
LSB Vulnerable Customers Report | Test and enhance online/digital journeys for vulnerable customers. Review communication tone and support pathways. | Test and enhance online/digital journeys for vulnerable customers. Review communication tone and support pathways. | Test and enhance online/digital journeys for vulnerable customers. Review communication tone and support pathways. |
Comments