Learning from the Evolution of UK Financial Services Supervision 

Author: James Borley, Dierctor of Payment Services

The UK’s supervisory evolution offers a number of practical and, in some respects, cautionary lessons for overseas regulators. While institutional structures will always reflect domestic legal and political contexts, the underlying shifts in supervisory philosophy are broadly transferable. In particular, the UK experience illustrates the importance of moving beyond static supervision toward dynamic, intervention-capable regulatory models. As such, it might be helpful to reflect on just how supervision in the UK has changed over the years. 

By any measure, the UK’s approach to financial services supervision has undergone profound transformation since the modern regulatory era began in 1988. What started as a largely rules-based, institutionally fragmented framework has evolved into a far more intrusive, judgement-led and outcomes-focused model. Having observed and, at times, participated in this evolution from both regulatory and advisory perspectives, one theme stands out: supervision in the UK has progressively shifted from checking compliance to assessing culture, governance, and risk in real time. 

This journey has been shaped by crises, political priorities, global regulatory developments and, perhaps most significantly, recognition of the limitations of supervision that is too reactive or overly reliant on firms’ self-assessments and attestations. 

A notable feature of this evolution, particularly in the past five years, is the subtle but important shift in language and practice, from traditional ‘supervision’ toward what might more accurately be characterised as ‘market intervention’. Indeed, the supervisory departments at the Financial Conduct Authority (FCA) are today named as ‘Market Interventions’. This reflects a regulator that is no longer content to observe and assess but is increasingly willing to shape outcomes proactively. 

The 1988 Baseline 

The Financial Services Act 1986, implemented in 1988 (and often referred to as ‘A-Day’), marked the first comprehensive attempt to regulate the UK’s financial services industry. It introduced a system built on Self-Regulating Organisations (SROs) overseen by the Securities and Investments Board (SIB). The philosophy was based on the expectation that markets, guided by detailed rulebooks and industry expertise, could regulate themselves effectively with limited central oversight. 

Supervision during this period was: 

• Rules-based: Firms were assessed against prescriptive requirements rather than broader risk considerations; 
• Fragmented: Different sectors (e.g. securities, insurance, banking) were overseen by different bodies; 
• Reactive: Intervention generally followed breaches rather than anticipating them. 

The model reflected the prevailing belief in market discipline. However, it also created inconsistencies in supervisory approach, arbitrage opportunities, and a tendency for regulators to focus on technical compliance rather than underlying risks. 

My part on this journey began in 1995, as a ‘Monitoring Officer’ with the Personal Investment Authority (PIA), one of the aforementioned SROs. Monitoring (Supervision) of firms was based around a rudimentary risk framework: High Risk firms received an annual physical inspection, Medium Risk every two years, Low Risk every three years. Crucially though, all firms got a visit. 

1997–2007: FSA and Risk-Based Supervision 

The establishment of the Financial Services Authority (FSA) in 1997 represented a decisive shift toward consolidation. For the first time, the UK had a single, integrated regulator responsible for prudential and conduct supervision across financial sectors. 

The FSA introduced a more sophisticated risk-based approach, encapsulated in frameworks such as ARROW (Advanced Risk-Responsive Operating Framework). The intention was to allocate supervisory resources to firms and activities posing the greatest risk to the regulator’s objectives. 

This period saw the emergence of several important developments: 

• Supervisory prioritisation based on impact and probability of risk; 
• Greater emphasis on firms’ systems and controls; 
• Introduction of principles-based regulation, moving away from purely prescriptive rules. 

The FSA’s Principles for Businesses signalled that firms were expected not only to comply with specific rules but to act in a way consistent with broader regulatory expectations. 

Yet, despite these innovations, supervision retained a relatively light-touch character. There was a degree of confidence, arguably overconfidence, in firms’ internal risk management capabilities and governance structures. 

Post-2008: The End of ‘Light Touch’ 

The global financial crisis of 2007–2008 exposed significant shortcomings in the UK’s supervisory model. Failures such as Northern Rock highlighted weaknesses in prudential oversight, risk assessment and regulatory intervention. 

The response was swift and fundamental. By 2013, the FSA had been dismantled and replaced with a “twin peaks” model: 

• The Prudential Regulation Authority (PRA), focused on the safety and soundness of certain firms (e.g. banks, insurers); 
• The Financial Conduct Authority (FCA), responsible for conduct of business and market integrity across all firms. 

This restructuring marked a philosophical reset in supervision. 

Key changes included: 

1. Judgement-Based Supervision

Supervisors were encouraged to apply forward-looking judgement, rather than relying solely on firms’ data or historical performance, and a willingness to intervene early and decisively, even in the absence of clear rule breaches. 

2. Intensive Engagement

Supervision became more intrusive and continuous, especially for systemically important firms. Regulators expected access to senior management, board minutes and internal debates. 

3. Focus on Governance and Culture

Regulators recognised that many failures stemmed not from technical breaches but from poor decision-making, weak challenge and cultural deficiencies within firms. 

The Gloster Report: A Catalyst for Change 

While the post-crisis reforms were significant, the Gloster Report (2020), ostensibly reviewing the FCA’s handling of the collapse of London Capital & Finance (LCF), marked another turning point for supervision. 

The report identified not just failings in specific supervisory decisions, but deeper cultural and structural issues within the FCA, including: 

• A tendency toward narrow, siloed supervision; 
• Insufficient willingness to act decisively on emerging risks; 
• Failure to connect information across teams to form a coherent risk picture. 

Perhaps most importantly, the Gloster Report challenged the FCA’s traditional conception of supervision itself. It highlighted the risks of a model that waits for clarity before acting, particularly in fast-moving or boundary issues where harm can crystallise quickly. 

The FCA’s response has been telling. It has signalled a move away from passive monitoring toward assertive, preventative engagement, even where regulatory perimeters are not entirely clear. This has been prevalent not just in the supervision of regulated firms but also at the ‘gateway’ with applications for authorisation subject to similarly increased scrutiny. 

The Senior Managers Regime: Accountability at the Core 

Perhaps the most significant supervisory innovation of the past decade has been the Senior Managers and Certification Regime (SM&CR), introduced initially for banks in 2016 and subsequently extended across most other financial services (not yet for payments firms). 

SM&CR fundamentally changed the supervisory dynamic: 

• Individual accountability became explicit; 
• Responsibilities had to be clearly mapped and documented; 
• Firms were required to certify the fitness and propriety of key staff. 

Supervision increasingly moved beyond assessing firms as abstract entities to examining decisions, behaviours and accountability frameworks at an individual level. 

This has had a notable cultural impact. Senior managers are now acutely aware that regulatory scrutiny will focus on their personal actions (‘reasonable steps’) and oversight. 

Data, Technology and Real-Time Supervision 

Another recent defining shift has been the increasing role of data and technology in supervision. 

Regulators now leverage: 

• Advanced data analytics to identify outliers and emerging risks; 
• Regulatory reporting platforms enabling near real-time visibility; 
• Supervisory technology to enhance monitoring efficiency. 

Supervision has consequently become more proactive and evidence-driven, with the ability to detect trends and intervene earlier. 

At the same time, firms face growing expectations to demonstrate robust data governance, particularly where regulatory reporting underpins supervisory decisions. Bizarrely perhaps, the FCA has felt it necessary to remind firms to take care when completing their RegData returns! 

Outcomes-Focused Regulation and Consumer Duty 

More recently, the FCA has sharpened its focus on outcomes, culminating in the introduction of the Consumer Duty in 2023. 

This represents a further evolution in supervision: 

• Firms are judged on the fairness of customer outcomes, not just compliance processes; 
• There is heightened scrutiny of product design, pricing and communications; 
• Supervisors expect firms to evidence good outcomes through data and Management Information (MI). 

This shift reinforces a broader trend: supervision is no longer just about whether firms followed the rules, but whether they achieved the right results. To this end, “show your working out” can still serve as a practical defence. 

From Supervision to Market Interventions 

In the years following Gloster, there has been an observable shift from ‘supervision’ to ‘market intervention’: 

Earlier and More Decisive Action 

Regulators are increasingly willing to act before risks fully materialise, including: 

• Imposing restrictions on firms at an earlier stage; 

• Challenging business models that appear inherently unsustainable; 

• Using skilled person reviews and other tools more proactively. 

Willingness to Operate at the Boundary 

The FCA in particular has become more comfortable acting in areas where the regulatory perimeter is blurred, especially where consumer harm is evident. 

Focus on Market-Wide Outcomes 

Rather than confining attention to individual firms, there is greater emphasis on sector-wide risks, pricing practices, and structural issues within markets.  

Conclusion 

Looking back over nearly four decades, UK financial services supervision has evolved from: 

• Fragmented → Integrated → Differentiated (twin peaks) 
• Rules-based → Principles-based → Judgement-led 
• Reactive → Risk-based → Proactive and data-driven 

Crucially, supervision has moved beyond the narrow confines of simple rulebook compliance. It now encompasses culture, governance, accountability and outcomes, supported by increasingly sophisticated tools and a more active and assertive supervisory function. 

For overseas regulators, the central takeaway is not necessarily to replicate the UK model wholesale (although there are historic examples where this was indeed the case), but to recognise the underlying principle: effective supervision requires both the capability and the willingness to intervene early, decisively and proportionately. 

How Complyport Can Help 

As regulatory expectations continue to evolve across global financial markets, firms must ensure that their governance frameworks, accountability arrangements, risk management processes and regulatory reporting controls remain fit for purpose. 

Complyport supports financial services firms worldwide by helping them manage complex regulatory environments and strengthen their compliance frameworks. Our services include: 

• Regulatory advisory support across multiple jurisdictions; 
• Governance and risk management framework reviews; 
• Senior management accountability and conduct assessments; 
• Compliance monitoring and assurance programmes; 
• Regulatory reporting reviews and remediation projects; 
• Licensing, authorisation and registration support; 
• Policy and procedure development and enhancement; 
• Training and ongoing regulatory change management. 

Our subject matter experts work closely with firms to interpret regulatory expectations, identify compliance gaps and implement practical, proportionate solutions that support sustainable business growth. 

Contact Complyport 

If you would like to discuss any of the topics covered in this article or understand how evolving supervisory expectations may affect your organisation, please contact Complyport and arrange a meeting with one of our Subject Matter Experts. 

Ask ViCA, your Virtual Compliance Assistant. Claim your complimentary 20 queries today! Register here: https://vica.chat