The Prudential Regulation Authority (PRA) has written to chief executives of PRA-regulated international banks and designated investment firms active in the UK, setting out its 2026 supervisory priorities. The letter highlights expectations for continued focus on risk management and governance, operational and financial resilience, and data risk, while also describing planned adjustments to supervision intended to support innovation and reduce regulatory burden. On strategic risk management, counterparty credit risk remains a key focus, including growing exposures to non-bank financial institutions and challenges in aggregating risk data across businesses, with boards expected to have an accurate view of exposures under current and stressed conditions, particularly across private markets and hedge funds. The PRA also flags vulnerabilities linked to rising intraday exposures at some firms providing market access, clearing and financing to non-bank wholesale electronic market makers and ultra-low latency liquidity providers. Firms are expected to prioritise remediation where shortcomings have been identified against the PRA’s model risk management supervisory statement (effective May 2024) and to adopt new technologies such as artificial intelligence, distributed ledger technology and tokenisation without weakening safety and soundness, including by engaging in the digital securities sandbox. On operational resilience, firms are expected to strengthen testing following the 31 March 2025 deadline in SS1/21, embed resilience considerations in strategic change decisions, and enhance cyber capabilities using lessons from the 2024 sector-wide cyber stress test, CBEST and (for non-systemic firms) STAR-FS, alongside robust contingency and exit planning for third-party dependencies and concentration risks. On financial resilience, the PRA reiterates expectations for forward-looking liquidity and capital management and sets out preparations for major regime changes, including most of Basel 3.1 due to be implemented on 1 January 2027 (with market risk changes relating to the Fundamental Review of the Trading Book proposed for 1 January 2028) and the Strong and Simple Framework for Small Domestic Deposit Takers also due on 1 January 2027; variable Pillar 2 requirements will be rebased in 2026, supported by data submissions due by 31 March 2026. The PRA plans to start transitioning remaining firms on annual Periodic Summary Meeting (PSM) cycles to a two-year cycle during 2026, with supervisors to provide firm-specific timing. Firms are also encouraged to engage on streamlining reporting through the Future Banking Data programme, and to engage early on regulatory permissions, including applications and conversions affected by the move to Basel 3.1 and Small Domestic Deposit Taker capital rules.
Prudential Regulation Authority 2026-01-15
United Kingdom's Prudential Regulation Authority sets 2026 supervisory priorities for UK-active international banks and plans move to two-year PSM cycle
The Prudential Regulation Authority has written to chief executives of PRA-regulated international banks and designated investment firms in the UK setting out its 2026 supervisory priorities, emphasising risk management and governance, operational and financial resilience, and data risk, while adjusting supervision to support innovation and reduce regulatory burden. Key expectations include stronger counterparty credit and model risk management, prudent adoption of technologies such as artificial intelligence and distributed ledger technology, enhanced operational resilience and cyber capabilities, and preparations for Basel 3.1 and the Strong and Simple Framework. The PRA will also move remaining firms from annual to two-year Periodic Summary Meeting cycles in 2026 and is encouraging engagement on streamlined reporting and regulatory permissions ahead of capital regime changes.