Summary
- The FCA says agentic AI could lower the cost and complexity of high-volume financial crime.
- The regulator links AI agents to synthetic identities, deepfake-enabled deception, phishing, market abuse, and faster vulnerability discovery.
- The report places AI risk within operational resilience, financial crime controls, identity, and third-party technology oversight.
The Financial Conduct Authority has warned that agentic AI could allow criminals to automate complex fraud, cyber operations, and market manipulation at a scale that existing controls may struggle to detect.
The warning appears in the FCA’s Emerging Technology Horizon Scan 2026, its first external publication of this kind. The document is not a prediction or formal guidance, but sets out plausible ways emerging technologies could combine to create new outcomes for consumers, firms, and markets.
One of the report’s strongest sections concerns what the FCA calls “synthetic insecurity”. AI systems can now replicate aspects of human agency online, automating tasks that previously required time, specialist skill, coordination, and funding. The report raises the prospect of a single actor deploying and coordinating large numbers of AI agents to support scams, phishing, synthetic identities, malicious code generation, or broader cyber attacks.
The concern extends beyond more convincing phishing messages. The report describes a shift towards automated attack infrastructure, where criminals could use AI agents to profile victims, mimic empathy, generate fake documents, sustain long-form deception, or coordinate multi-step attacks without direct human oversight at each stage.
Frontier AI capability is also linked to vulnerability discovery. Advanced models have begun to demonstrate the ability to find zero-day vulnerabilities across financial services ecosystems, including software used by third-party cloud providers. That creates a dual-use problem: defenders may find weaknesses faster, while attackers may have less delay between discovery, weaponisation, and exploitation.
The financial-sector consequences are wider than fraud losses. Multiple institutions relying on the same AI platform or third-party technology could create concentration risk if that platform contains a vulnerability. An AI-augmented attack against a common dependency could therefore affect many firms at once, with potential financial stability consequences.
Market integrity also appears in the report. Autonomous multi-agent systems could produce new forms of market abuse, including insider trading, collusion, spoofing, pump and dump strategies, sentiment manipulation, and synthetic consensus cascades. In some cases, misconduct may emerge from the behaviour of agents rather than a simple human instruction to break the rules.
Financial crime controls are built around identifiable actors, evidence, intent, audit trails, escalation points, and known typologies. Agentic systems complicate that structure when decisions are made at machine speed, across multiple tools, with partial autonomy and incomplete human visibility.
The report places AI risk inside the practical control environment of financial services. Institutions will need to understand which AI tools are in use, what those tools can access, what actions they can take, which third parties support them, how agent behaviour is monitored, and how abnormal activity can be contained.
Identity and access management will be central. AI agents that can query data, move funds, open tickets, trigger workflows, write code, or interact with customers are not ordinary software features. They are non-human actors with permissions. If those permissions are excessive, poorly logged, or spread across business functions, agentic AI becomes part of the attack surface.
The FCA stops short of prescribing controls, but the supervisory direction is visible. Financial institutions are moving from AI experimentation into a period where autonomy, fraud, cyber risk, concentration, and market integrity will be judged together. Firms will increasingly need evidence showing who or what acted, under whose authority, and with what safeguards.





