The Financial Conduct Authority (FCA) may have commissioned fewer Skilled Person Reviews in Q4, but its expectations of firms have not eased. Eva Koreskova explores what the latest data tells us about where scrutiny is being applied and how firms can demonstrate that their regulatory frameworks work in practice.
The FCA has published its latest data on s166 Skilled Person Reviews commissioned during Q4 2025/26, covering the period from 1 January 2026 to 31 March 2026.
Q4 was the quietest quarter of the 2025/26 reporting year, with only four reviews commissioned compared with eleven in Q3. These reviews were split across the following sectors: Consumer Investments, Insurance, and Payments & Digital Assets, and focused on controls and risk management, financial crime, and governance, accountability and culture. All four related to portfolio-supervised firms, and none were commissioned under the FCA’s direct contracting power.
It is worth highlighting that the lower number of reviews should not be read as a reduction in regulatory expectations. Instead, it shows the FCA continues to use Skilled Person Reviews selectively when it is looking for independent assurance over specific areas of concern.
Live webinar | 16 June | 11:00–11:45
FCA Supervisory Tools: What to Expect, How to RespondThis session looks at how the FCA supervises firms in practice, including the use of data analysis, thematic work and information requests before formal contact is made. It also covers Section 165 requests and Section 166 Skilled Person Reviews, with practical guidance on how firms can respond effectively when scrutiny arises.
What the Latest Data Shows
Across the financial year, the FCA commissioned:
-
10 reviews in Q1
-
6 reviews in Q2
-
11 reviews in Q3
-
4 reviews in Q4
A simple comparison between 2024/25 and 2025/26 years is set out below:
|
Reporting period |
No. of reports |
Lot focus |
Sector focus |
Overview |
|
2024/25 full year |
47 |
Financial Crime, Controls and Risk Management Frameworks, and Conduct of Business were the joint highest Lots, with 12 reviews each. Governance, Accountability, Strategy and Culture accounted for 7 reviews. |
Consumer Investments was the most active sector, with 23 reviews, followed by Insurance with 9 and Wholesale Sell-Side with 8. |
The data shows that the FCA’s use of Skilled Person Reviews was concentrated around core control environments, conduct arrangements and financial crime frameworks. |
|
2025/26 Q1 |
10 |
Financial Crime was the largest Lot, with 4 reviews. Controls and Risk Management Frameworks and Prudential - Adequate Financial Resources each had 2 reviews. |
Reviews were spread across Wholesale Sell-Side, Consumer Investments, Retail Banking, Insurance, Payments & Digital Assets and Wholesale Buy-Side. |
Activity was spread across several sectors, but Financial Crime was the clearest Lot focus. |
|
2025/26 Q2 |
6 |
Financial Crime remained the largest Lot, again with 4 reviews. Client Assets and Safeguarding and Conduct of Business each had 1 review. |
Reviews were focused on Insurance, Payments & Digital Assets, Retail Banking and Wholesale Sell-Side. |
Although total activity reduced, Financial Crime remained prominent in the FCA’s Skilled Person activity for the quarter. |
|
2025/26 Q3 |
11 |
Controls and Risk Management Frameworks was the largest Lot, with 4 reviews, followed by Financial Crime with 3. Governance, Accountability, Strategy and Culture accounted for 2 reviews. |
Reviews covered Consumer Finance, Consumer Investments, Insurance, Retail Banking, Wholesale Buy-Side, Wholesale Sell-Side and Annex 1 Financial Institutions. |
The data points to a broader spread of activity, with continued emphasis on controls, governance and financial crime across different firm types. |
|
2025/26 Q4 |
4 |
Controls and Risk Management Frameworks accounted for 2 reviews. Financial Crime and Governance, Accountability, Strategy and Culture each accounted for 1 review. |
Reviews were focused on Consumer Investments, Insurance and Payments & Digital Assets. |
Activity fell sharply, but the themes remained consistent: controls, financial crime and governance. |
|
2025/26 full year |
31 |
Financial Crime was the leading Lot across the year, with 12 reviews, followed by Controls and Risk Management Frameworks with 8. Governance, Accountability, Strategy and Culture accounted for 4 reviews. |
Reviews were most common in Insurance, Wholesale Sell-Side, Consumer Investments and Retail Banking, with activity also across Payments & Digital Assets, Consumer Finance, Wholesale Buy-Side and Annex 1 Financial Institutions. |
The full-year data shows continued FCA focus on financial crime, controls and governance, with activity spread across a broad range of sectors rather than concentrated in one market. |
Lower Volume Does Not Mean Lower Expectations
Although the total number of reviews fell from 47 in 2024/25 to 31 in 2025/26, the core themes remain consistent. The FCA continues to use Skilled Person Reviews where it wants independent assurance that firms are demonstrating effective governance, appropriate controls and clear management of key regulatory risks. In our experience, we are aware the FCA is focused not just on whether frameworks exist, but on whether they are understood, applied in practice, challenged through governance, and improved over time.
Underlying Direction of FCA Scrutiny
Recent Skilled Person activity points to a consistent supervisory theme. The FCA is looking beyond the existence of policies and procedures and is testing whether firms can evidence how their arrangements operate in practice. This includes whether risk assessments reflect firm’s actual business model, whether controls have been informed by the risks they are intended to mitigate, and whether governance forums provide effective oversight and challenge. This goes beyond building frameworks which are generic, and ‘ticking the supervisory box’.
For firms, the practical question is therefore not simply whether a framework exists, but whether the firm can demonstrate that it works in practice. Relevant evidence must include clear ownership, risk-based prioritisation, documented decisions, control testing, issue tracking, meaningful management information, and proof that lessons learned are used to strengthen the control environment over time.
What Should Firms Take from This?
At Thistle, we have already seen a number of s166 Skilled Person Reviews commissioned by the FCA in Q1 2026/27. While the themes remain familiar, expectations continue to evolve. The FCA is continuing its focus on obtaining comfort that systems and controls are embedded in day-to-day decision-making and can be shown to deliver the intended outcomes.
The table below highlights practical areas firms should consider when assessing the effectiveness of their wider regulatory framework. These points are intentionally lot-agnostic and can be applied across financial crime, conduct, governance, risk management, market abuse, client assets and safeguarding reviews, and beyond.
|
Area of focus |
Why it matters |
Questions firms should be able to answer |
|
Governance and accountability |
Senior management should be able to explain the firm’s key regulatory risks, how these are managed, and where accountability sits. |
|
|
Risk management and prioritisation |
A firm’s risk management framework should clearly reflect the firm’s products, services, customers, geographies and delivery channels. Rather than relying on generic or static assessments. |
|
|
Controls and operating effectiveness |
Controls should be clearly linked to the risks they are designed to mitigate, and firms should be able to evidence that they work in practice. |
|
|
Management Information (MI) and oversight |
Management information should support informed decision making by evidencing risk trends, control performance, open issues and emerging risks. |
|
|
Record keeping and evidence |
Firms should be able to evidence not only what decisions were made, but why they were made and how relevant risks were considered as part of the decision-making process. |
|
In practice, firms need to be able to show a clear link between risk, control, oversight and action. That link is often where weaknesses become visible during a Skilled Person Review.
Market Abuse: An Area with Increasing Visibility
Market abuse is also worth noting. It featured in previous Skilled Person Reviews, including those referenced in the FCA’s 2024/25 Annual Report. From 1 April 2026, the updated Skilled Person Panel includes a dedicated Lot for Market Abuse, Lot F. This does not expand the FCA’s powers, but it does provide greater visibility and structure around how market abuse reviews are commissioned. For firms with trading activity or market conduct obligations, this is a useful prompt to reassess whether their arrangements reflect how market abuse risk arises in practice, rather than relying only on how it is described in policies.
Firms should also consider whether surveillance scenarios remain aligned to current trading activity and risk profile, and whether they are updated on an ongoing basis as the business evolves. They should review how escalation decisions, including STORs, are made and recorded, and whether similar cases are handled consistently over time.
Clarity of ownership remains important, including whether senior management can explain where market abuse risk sits within the business and how it is managed. Alongside this, firms should consider whether the data supporting surveillance is sufficiently complete and reliable, and whether any existing limitations are understood.
More broadly, firms should be able to demonstrate that they have considered how their controls operate day-to-day, rather than relying solely on how they are designed, including any over-reliance on automated tools working effectively without appropriate effectiveness testing.
Final Thoughts
The latest Skilled Person data shows a quieter quarter, but not a shift in regulatory focus. Governance, controls and risk management, and financial crime remain at the centre of FCA scrutiny. Market abuse may also warrant increased attention given its clearer positioning within the Skilled Person framework.
As part of this, firms may find it helpful to further consider how the FCA identifies and escalates concerns in practice. Thistle will be hosting a webinar on 16 June exploring how data analysis, thematic work and targeted information requests are used to monitor firms, as well as how FCA supervision works in practice, and how to respond effectively when scrutiny arises.
In parallel, Michael Knight‑Robson, Financial Crime Partner at Thistle, has published a series on Skilled Person Reviews, covering the full lifecycle of a review, from initial preparation through to receiving the final draft report, and highlights where firms typically encounter challenges, with practical guidance on how to approach and manage the process effectively.
How Thistle Initiatives Can Help
Thistle supports firms before and during FCA scrutiny, helping them strengthen frameworks in a proportionate way and respond confidently when issues arise, ensuring compliance supports decision‑making and growth rather than slowing it down.
Get in touch at info@thistleinitiatives.co.uk or call 0207 436 0630 to speak with our team.
Meet the Expert
Eva Koreskova, Manager 
Eva is a Manager at Thistle Initiatives, bringing over seven years of experience in financial crime management, regulatory compliance, and risk assessment. Previously, she led financial crime initiatives at an asset financing firm, where she presented insights to senior leadership and implemented robust control measures across the firm. Eva’s background includes roles at a bank and a brokerage firm, where she drove compliance initiatives, managed high-risk clients, and advanced financial crime systems and controls. As an ICA-certified MLRO, Eva is dedicated to safeguarding organisations against financial crime through strategic compliance frameworks and industry best practices.