The UK’s Financial Conduct Authority (FCA) published a report on 6 July 2026 examining the impact of artificial intelligence on retail financial services, named the Mills Review after its author, executive director Sheldon Mills. The regulator predicts AI will become a “defining force” in the market by 2030 and asks the government for broader powers. Mills himself described keeping pace with the change as an “arms race”.
Key takeaways
- The FCA calls the Mills Review the first report of its kind produced by a financial regulator anywhere in the world, published on 6 July 2026.
- Sheldon Mills told the Financial Times bluntly: “It is an arms race” — the regulator must adopt AI itself to detect and manage risk.
- FCA-commissioned research shows a fifth of UK adults, roughly 11 million people, are open to using AI that acts autonomously within pre-set goals.
- The FCA wants to deploy its own AI-enabled model to supervise firms and to gain “direct powers” over technology and cloud providers.
- The report recommends a further review within six months focused on harm to consumers who manage finances with AI.
What the Mills Review contains
The report stems from a review announced in January 2026 and, as Financial Reporter notes, is the first such regulator-led initiative globally. Rather than assessing today’s deployments, it maps the market from 2030 onward. The FCA finds that firms are already shifting away from human-led interactions toward AI-enabled services.
Intermediaries will change, not vanish
One of the more interesting conclusions concerns intermediaries — advisers, brokers, wealth managers. The document identifies four major AI-driven shifts, from the transformation of firm operations to the amplification of fraud and cyber risks, and judges that “intermediation is expected to evolve rather than disappear”. AI could reduce reliance on traditional intermediaries, but new forms built on AI platforms and agents may take their place. Its research shows consumers trust AI more readily for lower-value services, while still valuing human contact for complex decisions such as a mortgage.
Recommendations: more power for the regulator
Mills set out a series of recommendations whose common thread is strengthening the regulator’s hand. The FCA would adopt its own AI-based model to supervise firms, and the government would expand its authority. That includes bringing “critical third parties” such as AI firms and cloud providers under supervision, and granting “direct powers” to regulate technology companies — in order to prevent digital monopolies, boost competition and protect consumers.
The report also recommends a further, narrower review within six months. It would assess real harm to consumers using AI to manage finances and the risks posed by firms providing unregulated financial services with AI, which today largely fall outside the FCA’s remit.
FCA chair Ashley Alder said the regulator’s principles-based, outcomes-focused approach — supported by the Consumer Duty and Senior Managers Regime — has been critical to keeping pace with change. It is a telling signal: the FCA is not announcing a new, rigid AI statute but expanding existing tools.
How it compares with the EU and the US
The British approach differs from the direction taken in the European Union. The EU AI Act classifies systems used to assess creditworthiness as “high risk”, imposing hard requirements on documentation, oversight and data governance. That is a model built on risk categories written directly into law. The FCA takes a different route — rather than a new list of prohibitions, it expands general principles and its own supervisory powers.
The United States sits at a third pole, with no comprehensive federal AI regulation for finance and oversight spread across existing sector agencies. Against that backdrop, the Mills Review stands out because the regulator itself — not the legislature — is initiating the debate before the technology becomes fully mainstream.
| Jurisdiction | Regulatory model | AI in financial services |
|---|---|---|
| United Kingdom (FCA) | Expanding general principles and supervisory powers, no new AI statute | Regulator itself initiates the debate and adopts AI |
| European Union (AI Act) | Risk categories written directly into law | Creditworthiness assessment as "high risk", hard requirements |
| United States | No comprehensive federal regulation | Oversight spread across sector agencies |
Why it matters
The Mills Review signals that regulating AI in finance is no longer a question of “whether” but of “how fast”. The “arms race” framing is not marketing here — it is an admission that a supervisor who does not use AI cannot keep up with firms that already do. For banks and fintechs, that means a technological edge may soon be scrutinised by the regulator just like sales practices or capital adequacy.
The pivotal figure is 11 million adults willing to entrust financial decisions to autonomous AI, even though such models are not supervised today and customers will not be compensated for losses. That is the gap the FCA wants to close in advance. If the government grants powers over cloud providers and AI firms, the line between “technology” and “financial service” will genuinely blur, and responsibility for a model’s behaviour could reach its maker, not just the bank that deployed it.
What’s next
- The FCA says it will now deliberate on how to respond to the Mills Review’s recommendations — the regulator’s decisions are the next concrete step.
- The report recommends launching a narrower review within six months, focused on harm to consumers using AI in personal finance.
- Expanding authority over “critical third parties” requires a government decision — a potential legislative change whose scope will define how far oversight of AI and cloud firms reaches.
Sources
- The Guardian — Boost City regulator’s powers to help protect UK consumers from AI, says watchdog
- Financial Reporter — AI could 'reduce reliance on intermediaries', FCA report admits





