Increased FCA focus on Principal Firms and the changing regulatory landscape 

Written By Stefania Cirignano
Blue background with two hands making a rectangle to signify focussing on something. Letters 'AR' inside the rectangle,

Over the past 12-18 months, we have seen a noticeable increase in FCA supervisory engagement with principal firms operating Appointed Representative (AR) and Introducer Appointed Representative (IAR) models. This has included thematic reviews, data requests, supervisory meetings, skilled person reviews (s166 reviews), and, in some cases, formal remediation programmes where weaknesses have been identified. We are also seeing a greater focus on how firms evidence their oversight of appointed representatives in practice, with the FCA increasingly seeking tangible evidence that principal firms retain effective control of their AR networks. 

This increased scrutiny comes at a time when the AR regime continues to evolve. While the overall number of principal firms and ARs has reduced, the FCA's focus has shifted towards ensuring that firms can demonstrate effective governance, robust controls, and clear accountability across increasingly complex AR networks. 

Looking ahead, the regulatory landscape is set to change further. The FCA has proposed introducing a dedicated principal firm permission, which would require firms wishing to operate AR models to obtain specific regulatory approval. While the detail and implementation timeline are still developing, the direction of travel is clear: firms acting as principals should expect greater regulatory scrutiny and higher supervisory expectations. 

Against this backdrop, now is an important time for principal firms to assess the maturity of their AR and IAR frameworks. Firms should be able to demonstrate that their onboarding processes, oversight arrangements, governance structures, management information, and monitoring activities are proportionate, risk-based, and supported by a clear audit trail. 

We are working with a number of firms to help them understand how their frameworks compare with emerging regulatory expectations and market good practice. As the regime continues to develop, early assessment and enhancement of AR oversight arrangements can help firms identify gaps, strengthen controls, and prepare for increased FCA focus. 

Below, we share some of the key themes and risks we are currently observing across the market. 

Market context – what the FCA data shows 

The FCA’s most recent data (published June 2026) provides a useful backdrop to current supervisory focus: 

  • As of March 2026, there are 2,431 principal firms and c.33,347 ARs (including 12,619 IARs) 

  • This represents a continued reduction in both principals (-5.3%) and ARs (-0.7%) year-on-year 

  • More broadly, the regime has gradually contracted since 2011, particularly in some sectors 

However, this headline trend masks important shifts in activity and risk: 

  • Consumer finance is growing, adding 114 ARs between 2025 and 2026 (+2.5%)  

  • General insurance and protection continue to decline, with 346 fewer ARs (-4.8%) over the same period  

  • Since 2011, AR populations in general insurance have been steadily decreasing, while consumer finance ARs have been increasing 

At the same time, FCA data shows revenues generated through ARs are increasing, indicating that activity is becoming more concentrated in fewer, but larger or more complex networks  

What this means:
The FCA is increasingly focused not just on the size of AR networks, but on the quality of oversight, governance, and risk management within those networks. 

Key themes we are observing 

1. Principal firms retaining accountability in practice (not just in principle)

  • In some instances, onboarding and oversight activities are being effectively delegated to ARs, including decision-making on appointments. 

  • This is outside FCA expectations, as the principal firm must retain responsibility for assessing suitability and ongoing oversight under SUP 12. 

2. Gaps in documented frameworks and procedures

  • Many firms have policies in place, but lack end-to-end procedures covering onboarding, oversight, termination and training. 

  • This often leads to inconsistent application of controls and reliance on individual judgement, which creates regulatory risk. 

3. Weaknesses in onboarding and due diligence

  • We frequently see incomplete due diligence files, missing evidence, or unclear rationale for onboarding decisions. 

  • In some cases, firms cannot demonstrate that required checks (e.g. FCA register, adverse media, fitness & propriety) were fully completed or evidenced. 

4. Lack of a robust ongoing oversight framework

  • A common gap is the absence of a documented, risk-based monitoring framework. 

  • Firms are often relying on reactive tools (e.g. attestations, alerts) without sufficient proactive controls such as: 

    • Risk-based file reviews 

    • Site visits or engagement with AR/IARs 

    • Structured monitoring plans and escalation routes 

5. Governance and MI still maturing

  • Board-level oversight is often in place, but operational governance forums (e.g. AR oversight committees) are missing. 

  • Management information is frequently limited or not fully embedded, reducing the firm’s ability to identify emerging risks. 

6. Financial promotions and website oversight

  • The FCA continues to highlight financial promotions and website monitoring as key areas of risk. 

  • We see cases where firms:  

    • Do not have a formal financial promotions framework for ARs/IARs, or 

    • Are not consistently monitoring how ARs/IARs present themselves to customers 

If you’d like to explore what these key themes and risks mean for your AR/IAR model, and how effective oversight and governance looks in practice, get in touch at contact@avyse.co.uk to speak with one of our experienced compliance specialists.

Stefania Cirignano
Next

FCA Mortgage Rule Review: Opening access while raising the bar on outcomes