UK and EU regulators cooperate on oversight of technology vendors

The Financial Conduct Authority, Bank of England and Prudential Regulatory Authority signed a memorandum of understanding (MoU) on Wednesday with the European Supervisory Authorities to improve cooperation and oversight of critical third parties (CTP) under the UK’s CTP regime.

The MoU establishes a framework for coordinating and sharing information on the oversight of CTPs under the UK regime and Critical Third Party Providers (CTPPs) under the EU’s Digital Operational Resilience Act (DORA), including during incidents such as power outages or cyber-attacks.

The aim of the MoU is to manage potential risks to financial stability and market confidence, as well as strengthen international cooperation. It will also help reduce duplication and regulatory burden on CTPs and CTPPs.

In 2024, UK regulators introduced new rules to bolster the resilience of critical third parties providing key services to the financial sector. The rules came into effect on January 1 2025 and apply once a CTP is designated by HM Treasury.

The Financial Conduct Authority is working with major firms to test the safety of artificial intelligence technology to better understand its potential benefits and risks.

The UK financial market regulators’ artificial intelligence consortium discussed emerging technical developments including Model Context Protocol and its use in UK financial services.