On 24 June 2026, FCA chief executive Nikhil Rathi stood up at techUK's AI conference and said something most of the room heard as good news. "Technology is moving much faster than many regulatory paradigms. Legislation will never keep up."
If you build with AI, that sounds like open road. Read on, because the rest of the speech describes the opposite of a regulator stepping back. It describes one that intends to move faster, lean harder on judgement, and intervene before the law catches up. For anyone running AI compliance in financial services, that changes what "being compliant" even means.
What Rathi actually said
Three things in the speech matter for regulated firms.
First, the FCA is rethinking what kind of regulator it is. In some areas it will still write detailed rules. In others, Rathi was blunt that "traditional rule-making simply won't work anymore," and the gap gets filled with supervision, stewardship and a willingness to act early. He used Buy Now Pay Later as the template. It took about six years to come inside the regulatory perimeter, and the FCA didn't wait six years to intervene.
Second, the regulator is now using AI on itself. It's running agentic AI as a "first responder" across roughly a billion rows of data a day to spot market abuse faster than human supervisors can. The body checking your firm is getting quicker, not slower.
Third, this is happening into a market that has already adopted the technology. More than 80% of financial services firms are using AI somewhere in the business. The question Rathi posed wasn't whether AI belongs in finance. It was how to keep trust, competition and resilience intact when the technology is moving markets faster than the frameworks built to govern them.
Why "less regulation" is the wrong read
It's tempting to file all of this under deregulation. Lighter rulebook, faster approvals, fewer people to answer to. That reading will get firms into trouble.
Fewer prescriptive rules doesn't lower the bar. It moves it. When a regulator writes less and judges more, you lose the thing that made compliance feel safe, the clear rule you could point to and say you followed it. In its place comes discretion, and discretion is far harder to plan a campaign around than a checklist.
You can see the same shift already inside Consumer Duty. The Duty doesn't hand you a list of banned phrases. It asks whether your communication could foreseeably cause harm, and whether you can show you considered that before you published. Outcomes-based regulation and AI-era supervision pull in the same direction. Both stop asking "did you follow the rule" and start asking "can you show how you decided." That is the real story behind consumer duty AI conversations, and it's the ground the FCA is now extending across the board.
The shift: from approval to provability
Here is the practical consequence for regulated marketing. The defensible position is no longer a clean ad. It's a clean ad you can explain.
A promotion that complied is only half the job. If you can't show why it complied, who reviewed it, what claim it rested on, what evidence supported that claim, and how the Consumer Duty considerations were weighed, you're exposed in almost the same way as if it had breached. A compliant ad you can't evidence and a non-compliant one look uncomfortably similar from the regulator's side of the table.
This is why the financial promotions audit trail is becoming the centre of gravity in financial services compliance, rather than a box ticked after the fact. The FCA has already confirmed it will publish AI audit-trail and explainability guidance by the end of 2026, with the Mills Review on AI in retail finance and a publication on good and poor AI practice due before then. The direction is set. The firms that treat evidencing as a first-class job, not an afterthought, are the ones who'll be ready when the guidance lands.
What this means for regulated marketing teams
AI doesn't just change how the regulator works. It changes the volume you're asking compliance to carry.
A model can write fifty versions of a promotion before lunch. It can localise a campaign across markets, spin up affiliate copy, draft fifty subject lines. The bottleneck was never production. It's approval, and now evidencing. As one AI practice lead put it in coverage of the speech, most leaders think AI could move faster if governance got out of the way, but in practice governance is what makes these systems deployable at scale.
That's the part worth sitting with. The teams pulling ahead with AI marketing aren't the ones who've loosened sign-off to keep up with the volume. They're the ones who can prove their calls quickly enough that the volume never has to slow down. Speed and defensibility stopped being a trade-off. They became the same capability.
Building for provability, not just approval
This is the problem Adclear was built for. The platform reviews regulated marketing against the applicable rulebook before it goes live, monitors live ads after publication, and produces a regulator-ready record of every decision as it's made.
A few parts matter most in an AI-era compliance setup:
- Review before publish. Pre-publication approval checks a promotion against the rules and tells the marketer what to fix while they can still fix it. At volume, 85 to 90% of reviewer feedback is the same repeated issues, missing or buried risk warnings and disclaimers, which is exactly the work a model handles well so your reviewers can spend their judgement on the genuine edge cases.
- Evidence by default. The audit trail captures versions, the claim, supporting evidence, audience and channel, who signed off, the reasoning including Consumer Duty considerations, and the dates, generated automatically at the point of decision rather than reconstructed when someone asks. Where the platform auto-approves low-risk, verifiable checks, that automation is earned against a logged threshold, so you can show the regulator how you got comfortable.
- Watch what goes live. Post-publication monitoring compares live promotions against the approved version to catch drift, and extends to affiliates and finfluencers publishing in your name on channels you don't own. The post you reviewed isn't representative of the ones you didn't.
- One process across markets. Coverage spans FCA, FINRA Rule 2210 and the SEC Marketing Rule across 100+ regulatory bodies and 40+ jurisdictions, so firms aren't running parallel processes per market.
The results show up where it counts. PensionBee unified UK and US compliance and brought approval times down to a single day. NinjaTrader moved first-time approval from a 20 to 25% baseline to 62%, and to 75% when marketers engage the AI before submitting. None of that came from approving less carefully. It came from being able to prove every call fast enough to keep moving.
Where to start
If the FCA is going to act faster than the law can, the question for your team is simple. Can you show why you approved a piece of marketing, or only that you did?
If the honest answer is the second one, that's the gap to close before the AI guidance lands at the end of the year. A good first step is building the internal business case for treating compliance as governable infrastructure rather than a queue every launch waits in. When you're ready to see how the evidencing works in practice, book a product tour.
Adclear is automated marketing-compliance software serving regulated firms in the UK, US and other markets. Customers retain final compliance decisions and sign-off authority. This article is educational and not regulatory advice.
Once you're booked in, we'll send you a free playbook on Financial promotions compliance for FinTechs.
