The FCA Is Raising Expectations and Firms Will Need to Catch Up 

The UK Financial Conduct Authority’s (FCA) March 2026 Regulatory Priorities reports go well beyond an administrative refresh. They’re a ringing statement of intent. And the audience for the report was with the FCA noting it “should act as a guide for firms’ boards and chief executives…[Firms] and should read these reports carefully, review the priorities within them – and act where you need to.” 

It doesn’t get more direct than that.  

For wholesale banks, brokers, asset managers, and principal trading firms, the FCA’s position is that it wants to see procedural compliance backed up by outcomes and evidence. Frameworks and policies in and of themselves are not enough.  

In my view, this shift instigates a choice for compliance and surveillance leaders. Invest now in AI governance, communications oversight, unified surveillance, and data integrity – lest you fall behind the curve when examiners arrive. 

Three Reports, One Direction of Travel 

The FCA’s three March 2026 Regulatory Priorities reports share a common thread—stronger governance, better data, and demonstrable control over risk, but each speaks to a distinct audience.  

1. The Wholesale Markets report is the most directly relevant to trade and communications surveillance, covering market abuse, off-channel communications, insider risk, data integrity, and the governance of surveillance models.  
2. The Wholesale Buy Side report is less about frontline monitoring and more about evidencing that governance, valuation discipline, and liquidity frameworks support resilient market conduct.  
3. Consumer Investments focuses on disclosures, suitability, scam prevention, and responsible use of digital channels.  

The guidance is the same across all three: Firms must be able to show control, not just claim it.

Surveillance Gaps are on the FCA’s Shortlist 

Surveillance and financial crime controls sit at the heart of the Wholesale Markets report providing the most direct observations on FCA expectations.  

The FCA expects firms to strengthen surveillance, data quality, governance, and controls to identify, prevent, and report financial crime and market abuse. It has also called out specific gaps it has observed, including incomplete or inaccurate data feeds, weak alert calibration, and poor testing and governance of surveillance models. 

The question the FCA is asking moves us from “are you capturing trade and communications data?” to “can you demonstrate your surveillance would detect misconduct?” It’s a significant distinction that keeps with expectations for banks in place since the SEC findings fully codified completeness and data integrity, controls that have become more relevant as firms bring on AI.  

For background, the FCA received more than 3,800 suspicious transaction and order reports (STORs) in 2025, the vast majority attributed to insider dealing. Firms operating with fragmented surveillance—channel gaps, unexplainable alert logic, or unverifiable data feeds—are creating exactly the conditions where misconduct goes undetected.  

AI Governance is an Opportunity, Not Just a Risk 

Across the wholesale reports in particular, the FCA’s message on AI is consistent: The opportunity is real, but without demonstrable governance, testing, and oversight, firms are taking on risk they may not be able to defend.  

The FCA’s own 2024 survey of AI in UK financial services found that only 34% of firms said they had complete understanding of their AI, while 46% acknowledged only partial understanding, particularly where third-party models are involved. 

Surely, with the pace we’ve seen for AI adoption, more will have acknowledged fuller understanding today. And that makes the shift in framing compliance teams are hearing more actionable: AI governance, done well, isn’t a cost center. It’s a competitive advantage. Firms that build explainable, auditable AI frameworks with documented model oversight and calibration records will find themselves far better positioned in examination cycles. Defensibility is what separates clean outcomes from expanded scrutiny.  

The FCA’s own message is to innovate and to do so responsibly. Firms that build that foundation now will be the ones best placed to innovate with confidence later. 

Non-Financial Misconduct is a Wholesale Compliance Obligation 

The Wholesale Markets report states directly, that the FCA will review and test controls to prevent and investigate non-financial misconduct (NFM) this year. 

This follows the PS25/23, published December 2025, where the FCA laid out its final rules on NFM in financial services. In March 2026, the FCA issued direct guidance for firms on NFM in the same week it published its Regulatory Priorities reports, confirming that new rules come into effect on September 1, 2026.  

The surveillance implications are significant. Detecting harassment, bullying, and discriminatory behavior in communications is harder than flagging suspicious trading patterns, and yet the FCA’s expectations are no less rigorous. Firms need to ensure their surveillance frameworks extend to conduct risk in its broadest sense, with lexicons, surveillance policy models, and escalation processes updated accordingly.  

For compliance and HR functions that have historically operated in silos, the September deadline makes convergence urgent, not optional. 

Off-Channel Coverage and Data Quality: The Surveillance Gaps that Matter Most 

The FCA’s off-channel review and surveillance guidance within the Wholesale Markets report both point to the same underlying liability: What you can’t monitor, you can’t defend.  

In wholesale trading environments, that blind spot is broader than most firms likely want to acknowledge. Material conversations happen across voice channels that don’t always integrate with surveillance platforms. They also occur in off-channel written communications such as WhatsApp, LINE, WeChat, and other third-party social applications. In many firms, these channels may remain outside the surveillance perimeter. The FCA’s August 2025 review of off-channel communications made clear that this is an active area of supervisory focus, not a future risk. Either gap alone is enough to draw scrutiny.  

Data quality compounds the problem: If the data going into a surveillance platform is unreliable, so are the alerts it generates. Without data completeness, surveillance technology alone won’t hold up under examination scrutiny. 

How Shield Addresses What the FCA is Asking for 

The FCA’s demands convergence on four capabilities:  

1. Defensible records 
2. Effective detection across all channels 
3. Fast investigation 
4. Governed, explainable technology.  

Shield’s platform provides end-to-end comprehensive digital communications governance and archiving, purpose-built for financial institutions.  

The platform combines industry-leading AI-powered innovation with deep regulatory expertise to strengthen compliance intuitively, efficiently, and securely. It is powered by a unified Data Engine across records’ full lifecycle and offers Shield Archive to address robust recordkeeping and auditability.  

Shield Surveillance maps directly to the market abuse and escalation priorities while Shield’s Voice offering brings written and spoken communications under a single framework. Lastly, Shield’s agentic and generative AI technology is natively embedded across the platform to deliver AI-driven explainability, human-in-the-loop review, and governance by design, which the FCA expects.  

This unified yet modular approach enables financial institutions using Shield to strengthen compliance, reduce risk, and act on communications data with speed and confidence. 

For firms that want to advance compliance and build surveillance programs that are genuinely defensible and innovation-ready, one integrated platform is the only way to get there without creating new gaps in the process. 

The Choice is Yours if to Walk or Run 

The FCA is giving firms more flexibility but in return it expects stronger governance, better data, and demonstrable outcomes. 

Firms that use that flexibility wisely, building for examination readiness rather than waiting for it, will be the ones that benefit most when the regulator comes knocking. 

With NFM rules live on September 1, surveillance models under review, and AI governance expectations sharpening, the window to get ahead is open now. 

Are you ready to strengthen your surveillance posture? Our team can help you assess your capabilities and demonstrate how comprehensive, unified surveillance transforms compliance coverage into true risk management. Get in touch with us to learn more.