The Financial Conduct Authority (FCA) has announced that Barclays, Experian and UBS are among the latest financial institutions to join its live testing initiative for artificial intelligence (AI) applications. These firms are now part of the second cohort of the regulator's AI sandbox, a controlled environment designed to allow companies to experiment with AI under real-world conditions while receiving appropriate regulatory guidance and oversight.
This second group follows the first cohort, which included prominent UK lenders such as Lloyds Banking Group, NatWest and Monzo. The FCA's initiative aims to support firms that have advanced in their AI development and are prepared to implement these technologies in live markets. According to the regulator, the program is structured to answer critical questions around risk management, model governance, and continuous monitoring, all of which are essential for the responsible deployment of AI in financial services.
Jessica Rusu, chief data, information and intelligence officer at the FCA, stated: “We’re continuing to collaborate with firms to support the safe and responsible development of AI in UK financial markets.” She emphasized that the tailored support provided by the FCA and its technical partner, Advai, reflects the regulator's commitment to keeping pace with the rapid evolution of AI. Rusu added that the initiative demonstrates how regulators and industry can work together to harness innovation responsibly while protecting consumers and market integrity.
Participating firms in this second cohort will test a variety of customer-facing and business-to-business use cases. These include AI-enabled targeted support for investment decisions, personalized credit score insights for consumers, agentic payments systems that autonomously execute transactions, and advanced money laundering detection mechanisms. The FCA noted that banks are experimenting with a diverse range of technologies, from agentic AI and small language models (SLMs) to emerging approaches such as neurosymbolic AI, which combines neural networks with symbolic reasoning.
The FCA plans to publish a report later this year highlighting both good and poor practices observed during the testing phases. This report is expected to provide valuable guidance for other financial institutions considering AI adoption and will help shape future regulatory frameworks.
Background and regulatory context
The FCA's AI sandbox was launched in 2024 as part of the UK government's broader strategy to position the country as a global leader in AI innovation. The initiative is part of a wider trend among financial regulators worldwide to create safe spaces for experimentation, similar to the 'regulatory sandbox' concept first pioneered by the FCA in 2016 for fintech companies. By allowing firms to test AI applications without the immediate fear of regulatory penalties, the FCA aims to encourage innovation while gathering empirical data on the technology's risks and benefits.
However, the FCA's approach has not escaped criticism. Earlier this year, MPs on the Treasury Committee accused UK financial services regulators of adopting a 'wait-and-see' attitude toward AI regulation. In a report, the committee stated: “The UK public and the country’s finance system are exposed to potential serious harm because regulators in the financial sector are not doing enough.” The MPs urged regulators to take a more proactive stance, particularly in light of fast-moving developments such as Anthropic’s Project Mythos, which uncovered decades-old software vulnerabilities in major banks.
Sarah Breeden, deputy governor for financial stability at the Bank of England, pushed back against the committee's characterization. She said: “We share the [committee’s] view that AI has broad, complex and likely long-term implications for how the UK financial system serves the real economy. However, we do not agree with [its] characterisation that the bank is taking a ‘wait-and-see’ approach to the use of AI in financial services.” Breeden highlighted that the Bank of England has invested heavily in analyzing both the current and future risks posed by AI in financial services, as well as the broader adoption of AI across the economy.
The Treasury Committee's concerns were echoed by industry observers who note that the pace of AI development is outstripping the ability of regulators to keep up. The recent emergence of Anthropic’s Mythos model, which autonomously identified thousands of software vulnerabilities in legacy banking systems, has added urgency to calls for more stringent oversight. Major UK banks have since entered discussions with regulators, finance ministries and national security organizations to address these vulnerabilities.
How the FCA AI sandbox works
The AI sandbox provides participating firms with a 'safe harbor' where they can test their models on real users while being monitored by FCA specialists. Technical partner Advai, a firm specializing in AI robustness and assurance, provides additional expertise in stress-testing AI systems for bias, drift and security flaws. The sandbox typically runs for a period of six to twelve months, after which firms can apply for full regulatory approval or adapt their models based on lessons learned.
Applications to join the sandbox are evaluated based on several criteria, including the maturity of the AI system, the potential impact on consumers, and the strength of the risk management framework proposed. The FCA has welcomed applications from a wide range of financial services firms, including banks, insurers, asset managers, and fintech startups. The regulator has also encouraged participation from firms working on innovative applications such as explainable AI, federated learning, and AI-driven compliance tools.
The FCA's initiative is distinct from other regulatory efforts such as the European Union's AI Act, which takes a more prescriptive, risk-based approach to AI governance. In contrast, the UK has favored a principles-based, sector-led model that emphasizes flexibility and collaboration. This approach has been praised by some industry leaders for its agility, but criticized by consumer advocacy groups for lacking teeth in cases where AI causes harm.
Specific use cases in the second cohort
The second cohort includes a diverse set of use cases that reflect the growing maturity of AI in financial services. Barclays is testing an agentic AI system that can autonomously execute payments based on user instructions and contextual data, with built-in safeguards against fraud and error. Experian is exploring a consumer-facing tool that provides personalized credit score insights using small language models trained on anonymized financial data. UBS is focusing on investment support, deploying a neurosymbolic AI agent that can reason about market conditions and regulatory constraints while generating tailored portfolio recommendations.
Other participants in the second cohort, whose names have not been publicly disclosed, are testing AI applications in areas such as insurance claims processing, mortgage underwriting, and anti-money laundering compliance. These use cases are expected to generate significant data on the performance, fairness and accountability of AI systems when deployed at scale.
The FCA has stated that the sandbox results will inform its future policy work, including potential updates to its guidance on AI governance and the use of algorithms in financial markets. The regulator is also collaborating with the Bank of England, the Prudential Regulation Authority, and the Financial Policy Committee to ensure a coordinated approach to AI risks across the financial system.
Industry reactions and next steps
Industry reaction to the expanded sandbox has been largely positive. Financial services trade bodies such as UK Finance and the Investment Association have welcomed the FCA's proactive engagement, noting that the sandbox provides a constructive framework for experimentation without stifling innovation. However, some critics argue that the sandbox is too narrow, focusing only on a small number of firms and use cases, while most of the financial sector remains outside its scope.
In response to the Treasury Committee's criticisms, the FCA has committed to publishing more detailed guidance on AI risk management and to increasing the frequency of its engagement with industry. The regulator has also signaled its intention to launch a permanent 'AI lab' that would allow continuous testing of AI applications, rather than relying on time-limited cohorts. Such a lab could serve as a model for other regulators around the world.
Looking ahead, the FCA's report on good and poor practices, due later this year, will be closely watched by the financial services industry. The report is expected to highlight common pitfalls such as algorithmic bias, lack of explainability, and insufficient monitoring, as well as best practices for model validation, transparency and human oversight. The lessons learned from the sandbox will also feed into the UK government's broader National AI Strategy, which aims to make the UK a global hub for AI innovation by 2030.
Parallel developments: MP criticism and banking vulnerabilities
Separate from the sandbox, the debate over AI regulation in the UK financial sector continues to intensify. The Treasury Committee's report, published in March 2026, specifically warned that the FCA and the Bank of England were not doing enough to protect consumers from AI-related risks, including mis-selling, discrimination and systemic financial instability. MPs called for statutory powers to compel regulators to act more quickly, a recommendation that the government has so far resisted.
Adding to the urgency, the discovery of outdated software vulnerabilities by Anthropic's Mythos AI model led to emergency meetings between major banks and officials from the National Cyber Security Centre (NCSC). These vulnerabilities, some dating back over twenty years, could have been exploited by malicious actors to gain unauthorized access to critical banking systems. The incident highlighted the dual role of AI as both a tool for innovation and a potential vector for risk.
Meg Hillier, MP, chair of the Treasury Committee, reiterated her call for a more proactive approach: “Recent developments in the world of AI, such as Anthropic’s Project Mythos, show us how fast this transformative technology is moving. It has never been more important that those responsible for maintaining the UK’s financial stability take a proactive approach to understanding and mitigating the risks AI may pose to our financial system.”
The FCA, for its part, maintains that the AI sandbox is precisely the kind of proactive initiative needed to stay ahead of developments. By working closely with firms and learning from real-world testing, the regulator hopes to build the expertise and evidence base required to adapt its regulatory framework as AI continues to evolve.
Source: ComputerWeekly.com News