This browser is not actively supported anymore. For the best passle experience, we strongly recommend you upgrade your browser.

Freshfields Risk & Compliance

| 6 minutes read

FCA Business Plan 2021/2022: is the regulator set to continue its assertive streak?

The FCA has published its business plan for 2021/2022. This sets out its priorities for the coming financial year (and beyond) and is therefore an important pointer to the FCA’s future priorities and direction.  This year’s plan is the first published under the tenure of Nikhil Rathi, who was appointed as the regulator’s chief last October having served as the CEO of the London Stock Exchange.  It follows a year in which the regulator has been focused on dealing with the immediate consequences for financial services of the COVID-19 pandemic (notably by bringing its business interruption insurance test case). 

Vulnerable customers

As we have noted in a recent blog post (link), while the FCA’s focus on vulnerable customers is longstanding (and underpinned by its statutory objective of consumer protection), the issue has come into sharper focus with the ongoing pandemic and its impact on household finances.  The business plan (as well as an accompanying webinar presented by Mr Rathi, which can be accessed here (link)) puts consumer protection front and centre.  At a high level, the plan signals a more aggressive and assertive approach to firms’ misconduct, with the regulator noting that it intends to create a more robust authorisation gateway for new firms, ensure stronger oversight for newly authorised firms, and use innovative, data-driven approaches to prevent and stop misconduct (for example, social media monitoring to find and raise awareness about new types of investment scams). 

In terms of its specific programme of work, the regulator highlights several ongoing efforts to protect consumers.  First, the FCA continues to consult on proposals for a new Consumer Duty, which would require firms in retail markets to ask themselves what outcome their customers should be able to expect from their products and services, and to act to enable rather than hinder those outcomes.  We examined in a recent blog post (link) how the proposed changes could, for example, require firms to facilitate consumers’ understanding of financial information given to them, actively anticipating where consumers may misunderstand and structuring information in a way that prevents exploitation of behavioural biases.  The consultation closes on 31 July 2021 (with a consultation on any potential rule changes to follow later this year).  It is clear that the FCA views the Consumer Duty as potentially a key pillar in its enforcement strategy going forward.  Second, the collapse of London Capital Finance continues to cast a shadow over the regulator’s priorities as it signals its intention to consult on changes to its financial promotion rules.  The regulator aims to strengthen the classification of high-risk investments, segment the high-risk market and strengthen the responsibilities of firms that approve financial promotions. 

ESG, Diversity and Inclusion

The FCA, like financial regulators around the world, has increased its focus on sustainability and ESG – particularly climate change, given the central role of financial services firms in the allocation of capital as well as the prudential risks climate change poses. This year’s business plan signals a continued shift from ESG governance, controls and disclosures being a ‘nice to have’ to a hard regulatory expectation.  For example, the FCA highlights that in January 2021 it introduced a new Listing Rule following recommendations by the Task Force on Climate-Related Financial Disclosures (TCFD), an organisation set up by the Financial Stability Board in 2015 to improve reporting of climate-related financial information.  The new rule requires firms with a premium UK listing to include in their annual financial report a statement setting out whether they have made disclosures consistent with the TCFD’s recommendations.  This includes, for example, disclosure of the climate-related risks and opportunities that the relevant organisation has identified over the short, medium and long term.  The FCA confirms in the business plan that it is consulting on extending these new disclosure rules to asset managers, life insurers and FCA-regulated pension schemes, and that it aims to bring new rules into force from 1 January 2022.  Furthermore, the regulator will increase its supervisory focus on whether asset managers present the ESG properties of funds in terms that are fair, clear and not misleading. We have examined in a recent blog post (link) how increased disclosures and transparency in this area are prompting a rise in ESG-related litigation and we expect this trend to continue. 

The regulator also aims to improve the diversity and inclusion of its own workforce as well as of the financial services sector generally.  It highlights a recent discussion paper, prepared jointly with the Bank of England and PRA, in which the regulators set out their plans to accelerate the pace of meaningful change on diversity and inclusion in the financial sector as a whole (link).  They intend to roll out a voluntary pilot data survey later this year in which they will ask firms to supply aggregate data on some or all of the nine protected characteristics under the Equality Act 2010 (including race and gender), as well as socio-economic background, for their entire workforce (and not just for the most senior employees).  The proposals are for all firms to eventually be required to submit this kind of data (reporting is currently largely voluntary) albeit on a proportional basis. 

Operational resilience and financial crime

The past year has seen a proliferation of regulatory guidelines and requirements relating to operational resilience and outsourcing (you can see our summary of recent developments in this multi-layered landscape here (link)).  In March 2021, the FCA published its long-awaited operational resilience Policy Statement (link).  It sets out several far-reaching requirements, including, for example, an emphasis on ‘impact tolerances’ (the maximum tolerable amount of disruption to an important business service), requiring the use of mapping exercises to prepare ‘impact tolerances’ for important business services, and the testing of such ‘impact tolerances’ through disruption scenarios.  The FCA confirms in the business plan that it expects firms to implement these requirements, that it will, during 2021/2022, assess firms’ progress in implementing these new requirements and identify areas for improvement, and that it will, from 31 March 2022 to 31 March 2025, assess firms’ ability to remain within their ‘impact tolerances’.  Following a brief hiatus during which it was largely focussed on the financial impacts of the pandemic, we expect the FCA to re-engage with operational resilience as a priority area in the coming years.  

The FCA flags that there has been an increase in the volume and variety of fraudulent activity in the UK financial services sector.  It highlights that online platforms, such as search engines and social media platforms, play an increasing role in the proliferation of scams and the misleading promotion of high-risk investments.  It also flags the potential use of crypto assets in financial crime, noting that their highly volatile nature brings significant risks to consumers and market integrity.  The regulator has committed to implementing the recommendations on the proactive surveillance and tackling of fraud made by an independent review into the collapse of London Capital Finance.  These recommendations include ensuring that the FCA’s complaints handlers refer all allegations of fraud or serious irregularity to the FCA’s Supervision Division.  We expect to see a concerted effort from the regulator in the coming years to drive down the incidence and impact of fraud.     


Brexit is conspicuously absent from most of the plan.  There are passing references to the fact that the UK’s departure from the EU’s financial framework has afforded the regulator more freedom with respect to, for example, adapting the UK’s Listing Rules (as mentioned above).  However, it is notable that the portion of the FCA’s budget that was ring-fenced for dealing with EU withdrawal has, for 2021/2022, been reduced by 33%, which we anticipate will allow the regulator to divert more resources and attention to the areas outlined above.    

Potential enforcement targets

Given the priorities set by the FCA, we consider that there are several areas that the FCA is likely to target its thematic supervisory and enforcement activities on in the coming years: 

  • First, as noted, the regulator will be monitoring closely whether firms are properly implementing its operational resilience requirements.
  • Second, we expect the regulator to look to use some of the new tools that will be at its disposal (for example, the new Consumer Duty and strengthened financial promotions rules) to attack practices that it regards as harming consumers such as misleading marketing (including in relation to ESG-related products) or exploiting consumers’ behavioural biases.  The supervision of Appointed Representatives (entities which can carry out specific regulated activities if a principal firm, which already has regulatory permission for these activities, takes responsibility for them) by principal firms is also likely to be an area of focus. 
  • Third, with respect to the wholesale market, we expect the regulator to increase enforcement activity against misconduct that disrupts the market. 
  • The regulator will shortly consult on proposals to streamline decisions about authorisation and specific supervisory and enforcement actions (specifically by changing the balance of decisions taken by the FCA Executive and its Regulatory Decisions Committee).  We expect that this will lead to an initial increase in the number of firms whose permissions are removed either permanently or temporarily.    

Beyond this core focus, the FCA intends to be more proactive at the ‘boundaries of its perimeter’ by, for example, alerting its partner agencies (both domestic and international) when it finds risks and issues in the markets that do not fall within its remit.  It also plans to increase its cooperation with domestic and internal agencies, highlighting that it recently joined the Digital Regulation Cooperation Forum, an entity established by the CMA, ICO and Ofcom to ensure a greater level of cooperation over the regulation of online platforms. 

With this business plan, the FCA has signalled its intention to adopt a more assertive and interventionist role in financial services markets, and firms should expect increased regulatory intrusion and challenge in the FCA’s focus areas.


covid-19, fca, aml, operational resilience, governance, financial crime, esg, financial services