FCA Enforcement Watch and Beyond – Five Headline Trends for 2026

The FCA’s launch of its inaugural Enforcement Watch newsletter provides fresh visibility into the regulator’s enforcement caseload, priorities and approach. Coupled with the High Court’s recent two-part judgment endorsing the FCA’s decision to name a firm under investigation, the direction of travel is clear: transparency is now an embedded feature of the enforcement landscape.

Against this backdrop – and following remarks made by Therese Chambers, Co-Executive Director of the FCA’s Enforcement Division, at our Emerging Themes in Financial Regulation & Disputes – Forecasting Change in 2026 launch event on 27 January — we set out the five headline trends we expect to define UK enforcement in 2026.

1. Faster, More Selective Investigations – Powered by Data and Aligned to Growth

In line with its broader strategy to be a “smarter” regulator, the FCA is reshaping its enforcement model. Moving away from its “enforcement‑led” model, it is pivoting towards a strategically targeted, data‑driven approach designed to pair credible deterrence with predictability in a growth‑focused environment.

Significant investment since 2023 in analytics, new data sources and clearer prioritisation means the regulator is focusing on issues of systemic significance rather than volume. This shift is visible in practice: a recent FOI reported by the Financial Times confirmed that around 100 investigations have been closed with no further action since 2023 in a deliberate effort to clear legacy cases and redirect resources towards fewer, higher‑impact investigations.

At our Emerging Themes launch event on 27 January, Therese Chambers previewed statistics published the following day in the FCA’s first Enforcement Watch. Between 3 June and 31 December 2025, the FCA opened 23 enforcement operations. Of these, 12 relate to authorised firms — including the investigation into The Claims Protection Agency Limited (TCPA), which features prominently in Enforcement Watch. A further six operations focus solely on individuals and involve alleged “very serious” misconduct. In total, 18 of the operations concern alleged regulatory breaches, four involve both criminal and regulatory offences, and one relates solely to criminal offences.

This caseload reflects clear prioritisation, including enforcement being deployed to drive industry-wide behavioural change. Enforcement Watch confirms six active Consumer Duty investigations, particularly around fair value — two in the insurance sector and identified as among the most serious cases in the FCA’s multi‑firm work. The FCA is also investigating five firms in the consumer investment and asset‑management sectors on suspicions of misleading consumers and third parties through false statements and failing to recognise or manage conflicts of interest.

2. Testing the Boundaries of Transparency in Enforcement

Following the backlash to the 2025 “name and shame” proposals, the FCA has settled on a more measured — but still distinctly more assertive — publicity framework. The “exceptional circumstances” test remains, but the regulator now has wider avenues to publicise enforcement activity, including naming firms suspected of unauthorised activity, confirming investigations already in the public domain, and issuing anonymised updates.

The TCPA judicial review was the first significant test of this revised approach. The High Court upheld the FCA’s decision to publicise its investigation — see our analysis of the judgment in R (CIT) v FCA [2025] EWHC 2614 (Admin) — and the regulator subsequently named TCPA in January 2026. The judgment confirmed the FCA’s determination to use its publicity powers to protect consumers, even where this may cause reputational harm to firms, provided that the high threshold of “exceptional circumstances” is met.

The opening paragraph of Enforcement Watch underlines that the amended publicity policy is now being applied “in action”, signalling that transparency will remain a prominent feature of the FCA’s enforcement strategy in 2026.

3. Financial Crime, Fraud and Market Abuse Stay Firmly at the Top of the Agenda

Financial crime remains a core strategic priority for 2025–30, underpinning the FCA’s work on consumer protection and market integrity. The regulator continues to reinforce its focus on fraud, AML systems and market‑abuse controls.

Criminal enforcement is increasing. In the autumn, Chambers has highlighted a renewed emphasis on criminal prosecutions, with recent insider‑dealing and fraud cases underscoring the FCA’s commitment to deterrence through both civil and criminal routes.

Criminal enforcement is ramping up. In the autumn, Therese Chambers highlighted a renewed focus on criminal prosecutions, reflected in recent insider dealing and fraud case — and a broader push to deter market abuse through both criminal and civil action.

AML and fraud enforcement remains robust, following significant 2025 penalties—including . Surveillance of market abuse is intensifying, with heightened scrutiny of suspicious trading, insider‑information controls and surveillance systems.

The Enforcement Watch newsletter confirms current focus areas: the adequacy of financial‑crime controls within authorised firms, and investigations into suspected cryptoasset services provided without Money Laundering Regulations registration.

The expected integration of the Payment Systems Regulator into the FCA is likely to accelerate scrutiny of authorised push‑payment (APP) fraud, including screening, transaction‑monitoring and reimbursement obligations—cementing financial crime as one of the most active enforcement domains.

4. Governance, Culture and Non‑Financial Misconduct in the Spotlight

Regulatory scrutiny of culture, governance and individual conduct continues to intensify ahead of the FCA’s new non‑financial misconduct rules, which take effect on 1 September 2026 — see our full analysis. While it is too early to know whether this will translate into enforcement outcomes, firms should expect allegations of non‑financial misconduct to feature far more prominently in supervisory scrutiny, with a heightened risk that such issues will, over time, crystallise  an enforcement risk where they reveal wider cultural or governance failings. Therese Chambers confirmed at our Emerging Themes launch event on 27 January that the FCA does not rule out bringing enforcement action in relation to non-financial misconduct.

The FCA’s March 2025 Decision Notice against Crispin Odey — proposing a £1.8 million fine and an industry ban for lack of integrity, now under reference to the Upper Tribunal — demonstrates the regulator’s willingness to pursue senior‑level misconduct where governance failures contribute to harm. This reinforces a broader shift towards examining not only what misconduct occurred, but the environments and leadership behaviours that enabled it.

The FCA’s earlier 2024 action against Kristo Käärmann, CEO of Wise, also illustrates this trajectory. The regulator fined Käärmann for failing to meet the FCA’s fit‑and‑proper standards after he deliberately failed to submit tax returns, resulting in a substantial HMRC penalty. The FCA concluded that this conduct fell short of the integrity expected of senior financial‑services leaders. The case was significant because it arose from non‑financial personal conduct yet was treated as relevant to regulatory fitness and propriety — a preview of the type of scrutiny that will become more common as the FCA embeds its new non‑financial misconduct framework.

Political priorities around accountability and consumer protection continue to reinforce expectations on leadership behaviour, decision‑making and the cultural conditions in which misconduct arises. Regulators are increasingly focused not only on individual failings but on the governance structures and cultural signals that underpin the levels of conduct risk within regulated firms.

5. Operational Resilience and Technology‑Driven Risk Under Sharper Scrutiny

A year on from the full implementation of the operational‑resilience regime, firms should expect heightened scrutiny of their mapping, impact‑tolerance testing, annual self‑assessments and third‑party oversight. For some, this may tip into formal supervisory interventions (e.g. variations of permissions and/or the imposition of restrictions or requirements) or even enforcement investigations, where frameworks appear robust on paper but fail in practice.

The FCA’s Enforcement Watch newsletter confirms this direction of travel, highlighting ongoing investigations into systems‑ and controls‑related failings, including inadequate oversight of technology and reliance on third‑party providers that did not meet required standards.

The anticipated designation of Critical Third Parties (CTPs) later in 2026 will further expand supervisory visibility across key cloud, data and technology service providers. The Treasury Committee has been clear that these designations should be made this year, reinforcing expectations that governance of outsourced dependencies must materially improve.

Scrutiny of technology‑driven risks also continues to rise — across AI‑enabled decision‑making, cyber resilience, data integrity, algorithmic‑trading controls and broader digital‑market vulnerabilities — supported by parallel reforms in digital assets, payments infrastructure and technology‑enabled services. Reflecting the FCA’s more selective approach to enforcement, this will not lead to immediate enforcement action in most cases. However, where poor systems or weak controls cause consumer harm — especially where firms have missed or ignored opportunities to remediate — enforcement becomes a very real prospect.

The Treasury Committee’s 20 January 2026 report on AI in financial services was explicit: regulators are “not doing enough” to manage AI‑related risks, and a “wait‑and‑see approach” may expose consumers and the financial system to serious harm. In response, on 27 January 2026 the FCA launched the Mills Review into how advances in AI could reshape retail financial services, beginning with a Call for Input. The FCA has emphasised that it does not intend to introduce AI‑specific regulation at this stage, preferring to continue applying its existing principles‑based framework — while assessing how regulation must evolve as AI becomes more deeply embedded.

What is clear is that technology‑driven risks will play an increasingly prominent role in both supervisory scrutiny and, where harm arises, enforcement activity.

Continuing the shift towards a pragmatic and targeted enforcement approach

In her remarks at our Emerging Themes launch event, Therese Chambers emphasised that enforcement is adopting a consciously more pragmatic posture — engaging directly with firms and encouraging early action. Enforcement Watch reinforces this message: firms that “do the right thing” and remediate issues promptly may avoid a full enforcement investigation.

However, certain factors remain highly likely to trigger enforcement tools, including:

• repeated failures to be open with the FCA;
• failing to remediation concerns highlighted through supervisory engagement;
• deliberately misleading the FCA, consumers or markets; and
• causing significant harm through fraud, service disruption or misappropriation of assets.

This aligns closely with the FCA’s commitment to prioritising enforcement resources on the actors who pose the greatest risk of harm. Transparency, targeted deterrence and a willingness to engage — these are the hallmarks of the FCA’s enforcement strategy in 2026.