FCA cyber incident and third-party reporting rules
Regulatory/Legal Action
Summary
Hide ▲
Show ▼
The UK Financial Conduct Authority (FCA) issued new rules that clarify when regulated firms must report cyber-related incidents and third-party outages, aiming to improve business resilience and reporting consistency. The regime adds a single reporting portal with the PRA and Bank of England and takes effect on March 18, 2027.
Related Happenings
UK government FCA Bank of England and **CMORG** Issued a statement urging firms to actively manage frontier AI cyber risks and strengthen defenses for **May 15** and ongoing
Public Sector Action
First: 18.05.2026 12:00
Last: 18.05.2026 12:00
Sources 1
About this happening:
The **UK government**, **FCA**, and **Bank of England** issued a **May 15** statement telling **UK financial services firms** to actively manage **frontier AI** cyber risks, becau...
UK government FCA Bank of England and **CMORG** Issued a statement urging firms to actively manage frontier AI cyber risks and strengthen defenses for **May 15** and ongoing
Public Sector ActionAbout this happening: The **UK government**, **FCA**, and **Bank of England** issued a **May 15** statement telling **UK financial services firms** to actively manage **frontier AI** cyber risks, becau...
Financial Conduct Authority launches Firm Checker consumer tool
Public Sector Action
First: 11.12.2025 12:30
Last: 11.12.2025 12:30
Sources 1
About this happening:
The **FCA** launched **Firm Checker**, a consumer tool designed to help people verify whether a financial firm is authorized and reduce **online investment fraud**. The service al...
Financial Conduct Authority launches Firm Checker consumer tool
Public Sector ActionAbout this happening: The **FCA** launched **Firm Checker**, a consumer tool designed to help people verify whether a financial firm is authorized and reduce **online investment fraud**. The service al...
UK government loan guarantee for JLR after cyberattack
Public Sector Action
First: 29.09.2025 13:57
Last: 29.09.2025 13:57
Sources 1
About this happening:
The **UK government** approved a **£1.5 billion loan guarantee** for **Jaguar Land Rover (JLR)** after a **September ransomware attack** disrupted production and strained the comp...
UK government loan guarantee for JLR after cyberattack
Public Sector ActionAbout this happening: The **UK government** approved a **£1.5 billion loan guarantee** for **Jaguar Land Rover (JLR)** after a **September ransomware attack** disrupted production and strained the comp...
Timeline
-
19.03.2026 12:30 2 articles · 2mo ago
FCA issues updated cyber reporting rules
Legal Policy Action UpdateThe UK Financial Conduct Authority issues updated cyber-related incident and third-party outage reporting rules for regulated financial firms, creating a single reporting portal with the Prudential Regulation Authority and Bank of England, removing duplicated incident reporting for payment service providers and credit rating agencies, and clarifying thresholds, definitions, responsibilities, and short-form submissions.
Show sources
- FCA Updates Cyber Incident and Third-Party Reporting Rules — www.infosecurity-magazine.com — 19.03.2026 12:30
- FCA Updates Cyber Incident and Third-Party Reporting Rules — www.infosecurity-magazine.com — 19.03.2026 12:30
-
19.03.2026 12:30 1 articles · 2mo ago
FCA reporting regime takes effect
Legal Policy Action UpdateThe FCA's new cyber-related incident and third-party outage reporting regime comes into force for regulated financial firms after a 12-month preparation period, making the single reporting portal, streamlined forms, and clarified reporting thresholds part of the ongoing compliance framework.
Show sources
- FCA Updates Cyber Incident and Third-Party Reporting Rules — www.infosecurity-magazine.com — 19.03.2026 12:30