Skip to main content

AI for UK financial services and insurance firms

AI training for Compliance Directors, CROs, and SM&CR Senior Managers at FCA-authorised firms, with Consumer Duty, SM&CR, and FOS redress built into every session

Sector-specific training and briefings for FCA-authorised firms at mid-market scale with 20 to 500 employees, including retail banks below PRA threshold, asset managers, insurance intermediaries, wealth managers, and managing general agents. Built around the three primary buying triggers: Consumer Duty exposure when AI tools influence retail customer outcomes, SM&CR personal accountability for AI-influenced decisions, and the FOS redress question on AI explainability. Delivered by UK-based, vendor-neutral facilitators through The AI Consultancy (London) Ltd.

AI Readiness Assessment for FS firmsAI for FCA-regulated firms briefing
  • For FCA-authorised firms with 20 to 500 employees
  • Vendor-neutral, no reseller commissions
  • A trading style of The AI Consultancy (London) Ltd
Financial services leadership team reviewing AI governance documents in a modern City of London meeting room.

Why AI governance is a live question for every UK FCA-authorised firm

FCA-authorised firms sit at the sharpest end of AI governance: customer data, suitability obligations, Consumer Duty outcomes, and personal accountability under SM&CR all converge on the compliance and risk leadership team. Every figure below carries its source and year.

72%
of UK financial services firms reported using machine learning in some form, the most recent cross-market figure published by the regulator and central bank before the generative-AI wave.

Source: Bank of England and FCA, Machine Learning in UK Financial Services survey, 2022.

97%
of UK firms report an AI skills gap inside their own workforce, including professional services, banking, insurance, and wealth management.

Source: IBM Institute for Business Value, 2024.

61%
of professional services firms have abandoned at least one AI project, with skills gaps at leadership level cited as a primary cause.

Source: Skills England and DSIT workforce research, 2025.

The FCA, PRA, FOS, and ICO touchpoints a UK financial services firm has to consider before AI ships

Six regulatory and supervisory areas every UK FCA-authorised firm should have a position on before AI tools touch customer outcomes, pricing, suitability, or financial crime controls. We describe where the rulebook is, what the published supervisory position says, and where the firm carries the accountability. We do not claim alignment or endorsement from the FCA, PRA, CII, or any other body.

Diagram mapping the UK regulators touching financial services AI use: FCA, PRA, FOS, and ICO, with the Consumer Duty, SM&CR, operational resilience, and data protection touchpoints linked to each.

  1. FCA Consumer Duty on AI-mediated retail outcomes

    Does the firm evidence good outcomes for retail customers when AI influences the decision, the price, the communication, or the support?

    The Consumer Duty (FCA Principle 12, in force for open products from 31 July 2023 and for closed products from 31 July 2024) requires firms to deliver good outcomes on products and services, price and value, consumer understanding, and consumer support. AI tools that score, price, triage, or draft communications to retail customers sit directly under that duty. The FCA's April 2024 AI Update and its November 2024 AI Update response confirmed firms should govern AI within the existing rulebook, with the Consumer Duty as a live lens.

  2. SM&CR personal accountability for AI-influenced decisions

    Which Senior Manager Function holds the Statement of Responsibility for the AI tool that influences customer outcomes or risk?

    The Senior Managers and Certification Regime extends personal accountability to named Senior Manager Functions via Statements of Responsibility and the Duty of Responsibility under FSMA section 66A. A material AI tool influencing pricing, suitability, onboarding, or complaint handling sits under an SMF's responsibility. Firms need to name the SMF before the tool is live, not after a supervisory enquiry lands.

  3. FCA principles-based approach and the 2026 good-and-poor-practice signal

    What does a principles-based supervisory approach mean for an AI tool the firm actually has running?

    The FCA has confirmed a principles-based approach rather than an AI-specific rulebook, published in the April 2024 AI Update and reiterated through 2025. The operational translation is evidencing that AI use meets existing Principles 2 (due skill, care, and diligence), 3 (management and control), 6 (customers' interests), 7 (communications with clients), and 12 (Consumer Duty). An FCA good-and-poor-practice report on AI in financial services is expected in 2026 and will concretise examples; firms should build the governance now and be ready to map it against the report when it lands.

  4. Financial Ombudsman Service redress and explainability

    Could the firm explain an AI-influenced decision to the Financial Ombudsman Service on fairness grounds?

    The Financial Ombudsman Service, established under FSMA Part XVI, determines eligible complaints against FCA-authorised firms on what is fair and reasonable in the circumstances. When a customer attributes an outcome to an AI-driven decision, the firm needs an explanation the FOS can evaluate. Models without a reasoned human override point, or with outputs that cannot be reconstructed for a specific customer, create a redress exposure the firm carries alongside the underlying conduct risk.

  5. Operational resilience for PRA-designated and FCA solo-regulated firms

    Are the AI tools supporting important business services inside the firm's operational resilience register, with set impact tolerances?

    The PRA's Supervisory Statement SS1/21 and the corresponding FCA rules in SYSC 15A require firms to identify important business services, set impact tolerances, and test severe-but-plausible disruption. AI tools delivering fraud detection, pricing, suitability, customer communications, or financial crime screening can sit inside the scope of an important business service. Firms that have not mapped their AI estate against the IBS list carry an unmapped resilience exposure and a supervisory-readiness gap.

  6. UK GDPR Article 22 and ICO AI guidance on retail financial decisions

    Where AI influences a financial decision about an individual, has the firm addressed Article 22 and the ICO's AI guidance?

    UK GDPR Article 22 gives individuals the right not to be subject to a decision based solely on automated processing that produces legal or similarly significant effects. Retail financial decisions (credit, insurance underwriting, suitability, fraud, complaint outcomes) commonly meet that threshold. The ICO's guidance on AI and data protection, updated through 2023 and 2024, sets expectations on lawful basis, fairness, accuracy, and transparency. Firms need meaningful human review points or one of the narrow Article 22 exceptions with safeguards on record.

This summary is descriptive, not legal or regulatory advice. Firms should confirm their own position with the General Counsel, Head of Compliance, Chief Risk Officer, or external solicitor before adopting any AI tool in a regulated workflow. Learn AI is a trading style of The AI Consultancy (London) Ltd and does not provide legal, regulatory, or financial advice.

Three ways to start on the Financial Services & Insurance track

A dedicated FCA-regulated firms briefing for compliance and risk leadership, a broader Executive AI Briefing for the partnership or board, and a 90-day enablement programme for a named team. Each is scoped separately and priced transparently. FCA-authorised firms typically start with the compliance-leadership briefing because the Consumer Duty, SM&CR, and ICO Article 22 exposure sits primarily at partnership level.

  • AI for FCA-regulated firms

    Executive Briefing for 6 to 12 Compliance Directors, CROs, Heads of Risk, and SM&CR Senior Managers, in-person or virtual. Built around the Consumer Duty, the Senior Managers and Certification Regime, the FOS redress pathway, and the ICO guidance on AI and data protection.

    Outcome

    The compliance and risk leadership team leaves with a defensible position on AI, a named Senior Manager Function for each material AI tool, a Consumer Duty lens applied to the current retail AI estate, an ICO Article 22 finding list, and a plan for where the AI tools sit in the firm's important business service register.

    Price

    £2,500

    Per session. Confirmed in writing before booking.

    Briefing details and agenda

  • Executive AI Briefing

    Half-day briefing for 6 to 12 Managing Directors, CEOs, and partnership-level leaders at FCA-authorised firms. Sector-specific deck, pre-briefing call, written summary. Sits above the compliance-leader briefing and addresses the commercial, competitive, and workforce implications of AI for the firm.

    Outcome

    The leadership team leaves with a defensible strategic position on AI, a ranked shortlist of use cases across front-office and back-office, a governance gap analysis against the firm's current SM&CR and Consumer Duty posture, and named owners for the next step.

    Price

    £2,500

    Per session. Confirmed in writing before booking.

    Executive AI Briefing details

  • 90-Day Enablement

    Kickoff workshop, bi-weekly office hours for 90 days, a curated prompt library tuned to the firm's FS workflows (suitability, underwriting, client communications, financial crime), and an impact assessment at day 90.

    Outcome

    Adoption moves from individual experimenters to a supported team practice. At day 90 the firm has a documented record of where AI touched customer outcomes, a dated Consumer Duty review per tool, measurable indicators, and an evidenced SMF accountability trail before any further rollout decision.

    Price

    £8,000

    For teams of 10 to 25 users over 90 days. Scoped in a pre-engagement call.

    90-Day Enablement details

Questions a Compliance Director asks before booking

Eight questions we hear most often from Compliance Directors, CROs, Heads of Risk, and SM&CR Senior Managers. Straight answers, no regulatory claim we cannot defend.

What does the AI for FCA-regulated firms briefing actually cover?

A half-day Executive Briefing for 6 to 12 Compliance Directors, CROs, Heads of Risk, and SM&CR Senior Managers. It covers the AI use case landscape across retail FS and wholesale FS, a Consumer Duty risk review on AI-influenced retail outcomes, SM&CR accountability mapping for AI tools already in production, an audit-trail and human-in-the-loop review, FOS redress implications where AI touches customer complaints, and next steps. The output is a written summary and a governance finding list the compliance and risk leadership team can take to the Audit Committee or the Board Risk Committee.

How do you handle the FCA's principles-based approach in the training?

We describe the FCA's position as published in the April 2024 AI Update and the November 2024 response, and reiterated through 2025: AI is governed within the existing rulebook rather than an AI-specific rule set. The training walks through how Principles 2 (due skill, care, and diligence), 3 (management and control), 6 (customers' interests), 7 (communications with clients), and 12 (Consumer Duty) apply to the AI estate the firm already runs. We describe the expectations; we do not certify adherence on the firm's behalf.

How do you address SM&CR accountability for AI-influenced decisions?

The Senior Managers and Certification Regime extends personal accountability via Statements of Responsibility and the Duty of Responsibility under FSMA section 66A. The briefing asks the firm to identify the material AI tools already influencing customer outcomes, pricing, suitability, or financial crime controls, and to name the SMF who holds the responsibility. Where the mapping is absent, we produce a short written note the firm can use to brief the relevant Senior Manager and amend the Statement of Responsibility.

What does the FOS redress pathway mean for AI use?

The Financial Ombudsman Service, established under FSMA Part XVI, determines eligible complaints on what is fair and reasonable in the circumstances. When a customer complaint attributes an outcome to an AI-driven decision, the firm needs a reasoned explanation the FOS can evaluate. The briefing asks the firm to identify the AI tools currently influencing complaint-eligible outcomes, to assess whether each has a reconstructible decision path for a specific customer, and to flag where the model design carries a redress exposure. The output is a finding list the complaint-handling team can action.

Are AI tools in scope of operational resilience under PRA SS1/21 and FCA SYSC 15A?

Yes, where the tool supports an important business service. PRA Supervisory Statement SS1/21 and the corresponding FCA rules in SYSC 15A require firms to identify important business services, set impact tolerances, and test severe-but-plausible disruption. AI tools delivering fraud detection, pricing, suitability, customer communications, or financial crime screening commonly sit inside that scope. The briefing runs the mapping exercise against the firm's current IBS list and flags gaps.

What does UK GDPR Article 22 require when AI tools influence a financial decision?

Article 22 gives individuals the right not to be subject to a decision based solely on automated processing that produces legal or similarly significant effects. Retail financial decisions (credit, insurance underwriting, suitability, fraud, complaint outcomes) commonly cross that threshold. The firm either needs meaningful human review at every automated decision point, or one of the narrow Article 22 exceptions (contract necessity, explicit consent, or UK law authorisation) with safeguards. The briefing maps the firm's current AI-influenced decision points against the Article 22 position and flags findings for the Data Protection Officer.

Which AI tools does the training cover, and are you tied to any vendor?

Learn AI takes no reseller commissions and carries no platform lock-in. The delivery bench is trained across Microsoft Copilot, Google Gemini Workspace, Anthropic Claude, and OpenAI ChatGPT, as well as the main FS-specific AI overlays (model-risk management platforms, AI fraud detection, AI underwriting and pricing tools, customer-communication assistants). Sessions focus on the tools your firm already runs rather than promoting a specific vendor. We are happy to put the commercial position in writing before booking.

What regulatory claim does the briefing make, and what does it not claim?

We describe the FCA's April 2024 AI Update, the November 2024 response, Principles 2 / 3 / 6 / 7 / 12, the Consumer Duty, the Senior Managers and Certification Regime, FSMA section 66A, the Financial Ombudsman Service framework, PRA Supervisory Statement SS1/21, FCA SYSC 15A on operational resilience, UK GDPR Article 22, and the ICO's guidance on AI and data protection. We do not claim accreditation, endorsement, or approved-provider status from the FCA, PRA, the Chartered Insurance Institute, or any other body unless that body has confirmed alignment to us in writing. Any copy that would bind the firm, or a position on a specific customer matter, should be reviewed by the firm's General Counsel, Head of Compliance, or external solicitor.

What FS compliance and risk leaders tell us after a briefing

Attributions anonymised at role and firm-type level until named clients sign a usage permission. Full case studies will follow in Phase 2.

  • The briefing gave our risk committee a named accountability trail for the three AI tools already in production. We walked out with a Statement of Responsibility amendment in draft that afternoon.

    Chief Risk Officer, UK wealth manager (100 to 250 staff)

  • The Consumer Duty lens applied to the AI tools in our retail book was the single most useful session the compliance team has had this year. It surfaced three things the Ombudsman would ask about and gave us the language to answer them.

    Head of Compliance, UK insurance intermediary (50 to 100 staff)

  • Straight answers on the FCA's principles-based approach without the AI hype that usually comes with these sessions. We left with a governance map we could actually take to the Board.

    Compliance Director, UK asset manager (200 to 500 staff)

Built for UK regulated teams

Three commitments we carry into every engagement. Professional-body alignments are pursued once we have case studies to substantiate them.

  • GDPR-compliant by design

    Assessment data is stored in the UK, minimised by default, and retained only for the term stated in our privacy notice.

  • UK-based and UK-regulated

    A trading style of The AI Consultancy (London) Ltd, registered in England and Wales. Trainers and associates are UK-based.

  • Vendor-neutral

    No reseller commissions, no platform lock-in. Training covers the tools your firm uses, not the tools we are paid to promote.

Start where you are

Pick the first step that matches where your firm is now. Each links through to a dedicated page.