Navigating UK Banking Regulations

Who Regulates the Banking Industry in the United Kingdom?

In the United Kingdom, the banking industry is primarily regulated by two key authorities: the Prudential Regulation Authority (PRA) and the Financial Conduct Authority (FCA). The Prudential Regulation Authority (PRA), part of the Bank of England, is responsible for the prudential regulation and supervision of banks, building societies, credit unions, insurers, and major investment firms. The PRA’s main focus is to ensure that these institutions operate in a safe and sound manner, maintaining the stability of the UK’s financial system.

The Financial Conduct Authority (FCA), on the other hand, regulates the conduct of financial firms to protect consumers, ensure market integrity, and promote competition. While the PRA focuses on the safety and soundness of financial institutions, the FCA ensures that these institutions treat their customers fairly and comply with all legal and regulatory requirements.

Together, the PRA and FCA work to oversee the UK’s banking industry, creating a regulatory environment that balances safety, soundness, and consumer protection.

At a global level, the BCBS sets the Basel standards and the FSB coordinates financial stability work and implementation monitoring. UK regulators then implement and supervise these standards through UK-specific rules and supervisory statements, often with timing that reflects global sequencing across the EU and US.

‍

What Are Banking Regulations in the UK?

Banking regulations in the United Kingdom are a set of rules and guidelines designed to ensure the stability and integrity of the financial system. These regulations are implemented to protect consumers, maintain the soundness of financial institutions, and prevent financial crises.

UK banking regulations cover a wide range of areas, including capital requirements, risk management, governance, and consumer protection. For example, banks in the UK are required to maintain sufficient capital reserves to absorb potential losses, manage their risks effectively, and treat their customers fairly.

The Prudential Regulation Authority (PRA) and the Financial Conduct Authority (FCA) enforce these regulations, ensuring that banks operate within a framework that promotes financial stability and protects the interests of consumers.
‍

Short Summaries of Key UK Banking Regulations

SS1/23: Supervisory Statement by the UK’s Prudential Regulation Authority (PRA)

SS1/23 is a Supervisory Statement issued by the Prudential Regulation Authority (PRA) in the United Kingdom. This regulation provides detailed guidance on how financial institutions should manage credit risk, focusing on governance, risk appetite, and the use of credit risk models. It’s particularly relevant for banks, building societies, and large investment firms regulated by the PRA. These entities, especially those with significant credit exposures, must adhere to SS1/23 to ensure they are managing risks prudently.

While the regulation applies to most financial institutions under the PRA’s jurisdiction, its requirements are more stringent for larger or systemically important institutions due to the potential impact of their activities on the broader financial system. The PRA, a key part of the Bank of England, monitors compliance with SS1/23. Even though the UK has exited the European Union, the PRA continues to align many of its practices with international standards to maintain the stability and integrity of the financial system.

Since SS1/23 came into force in May 2024, PRA expectations have been reinforced through supervisory correspondence — including PRA letters (https://www.regulationtomorrow.com/eu/pra-dear-ceo-letter-on-2025-priorities-for-supervising-international-banks/  ) setting out 2025 supervisory priorities — and thematic communications such as cross-firm reviews of internal models and risk management practices (chrome-extension://efaidnbmnnnibpcajpcglclefindmkaj/https://www.bankofengland.co.uk/-/media/boe/files/prudential-regulation/letter/2023/december/underwriting-profit-allowed-for-in-internal-models-for-general-insurance.pdf and https://www.gov.uk/government/publications/hm-treasury-and-prudential-regulation-authority-performance-review/prudential-regulation-authority-performance-review-meeting-july-2025 ). These messages, reflected in both formal letters and public discussions of supervisory focus, consistently emphasise the shift from initial program design toward demonstrable operating effectiveness, robust independent validation, and clear senior management accountability.

‍SS3/18 Supervisory Statement by the UK’s Prudential Regulation Authority (PRA)

The SS3/18 Supervisory Statement is a key regulation issued by the Prudential Regulation Authority (PRA), focusing on model risk management within financial institutions. This regulation provides detailed guidance on how firms should manage the risks associated with the models they use for stress testing. It sets out the PRA’s expectations for ensuring that stress testing practices are both robust and reliable. By adhering to SS3/18, financial institutions in the UK are expected to implement strong governance and validation processes for their models, which are crucial for accurately assessing risk and maintaining financial stability.‍

‍
Ring-Fencing Regulation

Introduced after the 2008 financial crisis, the Ring-Fencing Regulation requires UK banks to separate their retail banking activities from their investment banking operations. This regulation is designed to protect consumer deposits by ensuring that the core retail banking services are insulated from the riskier activities of investment banking. The PRA oversees the implementation of ring-fencing, which aims to reduce the risk of financial instability and protect the wider economy.

‍
‍Basel III “final/endgame” implementation and jurisdictional sequencing‍

The UK’s implementation of the final Basel III reforms (“Basel 3.1”) has been subject to sequencing decisions linked to international developments. In January 2025, the PRA announced a delay to UK implementation until 1 January 2027, citing the need for greater clarity on US implementation plans.

This illustrates a broader pattern of implementation fragmentation across jurisdictions, where timing and detailed calibration may diverge even when the underlying BCBS standards are shared.

Operational resilience and technology risk expectations

UK regulators have made operational resilience a core supervisory priority through a joint framework introduced by the Prudential Regulation Authority (PRA), the Financial Conduct Authority (FCA), and the Bank of England. This framework was established through FCA Policy Statement PS21/3, PRA Policy Statement PS6/21, and related supervisory statements, which introduced binding requirements for firms to identify important business services, set impact tolerances, and map and test their ability to remain within those tolerances in the event of severe but plausible disruptions.

Under this regime, the FCA has stated that the transition period ends on 31 March 2025, by which in-scope firms are expected to be able to operate within their defined impact tolerances for important business services. These requirements are reflected in the FCA Handbook (notably SYSC 15A) and corresponding PRA rules and supervisory expectations.

The operational resilience framework places increased emphasis on governance over ICT resilience, cyber risk management, and third-party dependencies, including outsourcing and cloud services. These expectations complement prudential regulation and model risk requirements by focusing on firms’ ability to continue delivering critical services during disruption, rather than replacing existing capital, risk, or model governance obligations.

Conclusion

Banking regulations in the United Kingdom, overseen by the PRA and FCA, are designed to maintain the stability of the financial system and protect consumers. Regulations like SS1/23, SM&CR, and Ring-Fencing play a crucial role in ensuring that banks operate safely, manage risks effectively, and treat customers fairly. Understanding these regulations is essential for anyone navigating the UK’s financial landscape.

Yields Model Risk Management Software

Staying compliant with evolving regulations, especially across different countries, is challenging. The Yields MRM sofware is your tool specifically designed to help with Model Risk Management regulations, ensuring you meet these specific requirements effectively.

‍