Supporting AI, innovation, and growth in financial services

The rapid adoption of artificial intelligence (AI) in financial services presents a transformative opportunity for the sector. However, it also raises significant regulatory and operational challenges.

On 10 March 2025, the Financial Conduct Authority (FCA) and the Information Commissioner’s Office (ICO) issued a joint letter to trade associations and financial services firms, addressing these challenges and reaffirming their commitment to fostering innovation while ensuring regulatory clarity. The letter underscores the delicate balance between enabling technological advancement while safeguarding consumer rights, data protection, and financial stability.

Key Insights from the FCA and ICO Letter

The regulators acknowledge the growing potential of AI in financial services but highlight two critical barriers to its adoption: data protection concerns and compliance with the Consumer Duty. These issues were identified as top constraints in a recent joint survey by the FCA and the Bank of England. The survey revealed a lack of confidence among firms in deploying AI, stemming from uncertainty about how the FCA’s financial regulations and the ICO’s data protection rules intersect.

To address these challenges, the FCA and ICO are hosting a roundtable on 09 May 2025 in London. This event aims to:

1. Identify areas of regulatory uncertainty hindering AI adoption.
2. Explore how regulators and industry leaders can collaborate to provide greater clarity.
3. Discuss specific data protection and financial regulation issues that require enhanced guidance to support innovation.

Broader Context: AI in Financial Services

The FCA and ICO’s initiative reflects a global trend where regulators are grappling with the dual mandate of promoting innovation and ensuring compliance. For instance, the EU’s AI Act and the UK’s pro-innovation AI framework both emphasise the need for robust governance frameworks to mitigate risks such as bias, discrimination, and data breaches.

In financial services, AI applications range from fraud detection and credit scoring to personalised customer experiences. However, these use cases often involve processing vast amounts of sensitive personal data, raising concerns under the UK GDPR and the Data Protection Act 2018. Additionally, the FCA’s Consumer Duty requires firms to ensure fair outcomes for customers, which can be challenging when deploying complex, opaque AI systems.

Practical Calls to Action for Firms

1. Engage with Regulators: Attend the FCA and ICO roundtable to voice your concerns and contribute to shaping future guidance. Early engagement can help firms stay ahead of regulatory developments.
2. Conduct a Regulatory Gap Analysis: Assess how your AI systems align with existing data protection and financial regulations. Identify areas where additional clarity or support is needed.
3. Invest in Explainable AI: Prioritise transparency in AI systems to ensure compliance with Consumer Duty and build trust with customers.
4. Collaborate with Peers: Share best practices and challenges with industry peers to foster a collective understanding of regulatory expectations.
5. Monitor Global Developments: Stay informed about international regulatory trends, as these may influence UK policies and create cross-border compliance obligations.

Conclusion

The FCA and ICO’s joint letter is a timely reminder of the importance of regulatory clarity in enabling responsible AI innovation. By addressing data protection and Consumer Duty concerns, the regulators aim to create an environment where firms can harness AI’s potential while safeguarding consumer rights and financial stability.

For financial services firms, the path forward involves proactive engagement with regulators, robust internal governance frameworks, and a commitment to ethical AI practices. By taking these steps, firms can not only navigate the regulatory landscape but also drive innovation that delivers tangible benefits for consumers and the broader economy.