The Rulebook Is Not The Starting Point
UK financial firms waiting for a standalone AI rulebook are looking in the wrong place. The near-term supervisory question is more practical: what can a bank, insurer, asset manager or payments firm evidence today about how it develops, deploys and controls AI?
The Financial Conduct Authority has made that question explicit. Its AI Lab page says the AI Input Zone is open for views and examples to inform a good and poor practice publication later this year, with responses open until 19 June 2026. [FCA: AI Lab] The dedicated Input Zone page asks stakeholders for specific examples of what has helped firms develop or deploy safe and responsible AI, what has stopped them doing so, and which themes should appear in the publication. [FCA: AI Input Zone]
That makes the exercise more than a consultation box. The FCA is not simply asking whether AI should be encouraged or constrained. It is asking the market to show what good governance, consumer consideration and resilience risk mitigation look like in practice.
Good Practice Will Be Built From Examples
The wording matters. The FCA says examples do not have to come only from financial services, but they should be relevant to firms trying to deploy AI safely and responsibly. It also says the examples will help ensure its eventual output is grounded in the latest evidence.
That creates an incentive for firms to organise their own AI files before the FCA publishes anything. A useful submission is unlikely to be a broad statement that the firm has an AI policy. It will need to describe a use case, the decision owner, the model or vendor dependency, the data and testing approach, the consumer or market risk, the control that worked, and the evidence that showed it worked.
The poor-practice side is just as important. In financial services, blockers are likely to include weak model inventories, thin vendor oversight, unclear hand-off between product and risk teams, inadequate monitoring after launch, and governance that treats AI as an innovation project rather than an operating control.
The result is a shift in burden. A firm does not yet need to map every AI system to a new FCA AI sourcebook. It does need to show that existing controls can answer AI-specific questions with evidence.
Frontier AI Has Already Moved Into Cyber Resilience
The second half of the picture arrived on 15 May, when the Bank of England, the FCA and HM Treasury issued a joint statement on frontier AI models and cyber resilience. The statement said frontier models could make cyber threats faster, cheaper and more scalable, including by helping threat actors with reconnaissance, vulnerability discovery, social engineering and malware development. [Bank of England: joint statement on frontier AI models and cyber resilience]
For regulated finance, that is not a speculative AI-policy note. It is a cyber-resilience warning from the main public authorities responsible for financial stability, conduct supervision and economic policy. The statement links frontier AI to vulnerabilities in firms, financial market infrastructure and third-party suppliers. It also points firms towards faster vulnerability management, stronger threat intelligence, security-by-design and senior-level understanding of the changing threat environment.
The important point is where the authorities locate the risk. They do not say firms should wait for a bespoke frontier-AI cyber regime. They frame the issue through existing resilience expectations: identify important services, understand dependencies, test severe but plausible disruption, manage third-party exposure and keep recovery planning credible.
That aligns with the Bank’s operational-resilience materials. The Bank says operational resilience work is about the financial sector’s ability to prevent, adapt, respond to, recover and learn from operational disruption, including where disruption affects critical functions and wider financial stability. [Bank of England: operational resilience of the financial sector] Frontier AI changes the threat model; it does not remove the obligation to understand the service, dependency and impact chain.
Boards Need A Shorter Evidence Loop
The board and senior-management test follows from that. A financial firm cannot sensibly say it understands its operational resilience if it does not understand where AI has changed the cost, speed or scale of attacks against its services. Nor can it treat AI governance and cyber governance as separate files when the same third-party model, data pipeline or vendor platform may sit inside both.
For many firms, the first control will be an inventory rather than a model. Which business services rely on AI-enabled systems? Which cyber controls now use AI? Which suppliers provide AI functions that are material to customer outcomes, market integrity or service continuity?
The next control is evidence of testing. Vulnerability management should account for AI-accelerated discovery, phishing simulations should reflect AI-enhanced social engineering, vendor reviews should ask about model security and data handling, and incident playbooks should cover AI-enabled misinformation, fraud and operational disruption.
The FCA’s Input Zone creates a way to turn that work into regulatory learning. A firm that has built a useful third-party AI-risk review, improved model monitoring after a near miss, or stopped a deployment because consumer-understanding evidence was too weak has something concrete to submit. A firm that has only a policy document has less to say.
The June Deadline Is A Practical Prompt
The 19 June deadline should be treated as a forcing event. The best submissions will probably come from teams that can connect product governance, data protection, cyber resilience, operational risk and senior-management oversight in one narrative.
For the UK market, the direction of travel is clear. The FCA is building good and poor practice from real examples. The Bank, FCA and Treasury have already placed frontier-AI cyber threats inside the resilience perimeter. The immediate compliance task is not to predict the final AI rulebook. It is to prove that existing governance can see AI risks, test them, and change course when the evidence demands it.
Discussion
Sign in to join the discussion.
No comments yet. Be the first to share your thoughts.