16 March 2026
by Payments Intelligence
UK payments regulation has undergone a decade of structural transformation. The country’s departure from the European Union (EU) necessitated a significant legislative rebuild, requiring regulators and government to replace over two decades of harmonised EU law with a coherent domestic framework. At the same time, regulators have had to respond to the emergence of open banking, the rise of authorised push payment (APP) fraud, and the rapid growth of digital assets, including stablecoins.
Understanding this shift requires mapping the transformation through a corpus of 474 regulatory publications from the FCA, Bank of England, HM Treasury, and the Payment Systems Regulator, between 2015 and 2025. It traces the post-Brexit legislative rebuild across four phases, examines how competition and consumer protection themes have evolved in regulatory priority, and charts the trajectory of the UK’s approach to stablecoin regulation as digital payments move from the margins to the mainstream.
APP fraud reimbursement and stricter conduct rules are increasing liability and scrutiny for PSPs.
Growth now depends on viable commercial models and clearer liability frameworks.
A split regime is emerging, with FCA oversight for most issuers and Bank of England involvement for systemic ones.
Stronger fraud protections for consumers, with new payment options for merchants but potential cost pass-through.
Regulatory activity in UK payments has fluctuated over the past decade, with peaks during the post-Brexit onshoring period and a renewed rise in recent years as policy attention shifts toward consumer protection, fraud, and digital assets. The balance between consultation activity and finalised rules also reflects a transition from policy design to implementation.
With the UK’s departure from the EU single market, decades of harmonised EU law needed to be either adopted into domestic statute, replaced with bespoke UK equivalents, or allowed to lapse. The process unfolded across four broadly sequential phases, generating 110 documented policy and legislative actions between 2018 and 2025.
These phases are an analytical framework used to organise the post-Brexit transition, rather than formally defined policy stages.
Phase | Focus | Period | No. of documents |
|---|---|---|---|
Phase 1 | EU Exit Onshoring
| 2018–2021 (tail to 2025) | 83 |
Phase 2
| Future Regulatory Framework Review
| 2019–2024
| 7
|
Phase 3 | Edinburgh Reforms / FSMA 2023
| 2022–2023
| 5
|
Phase 4 | Payments-Specific Rebuild
| 2023–2025
| 6 |
Other | Competitiveness, Growth & Measurement
| 2023–2025
| 9
|
The first and largest phase of the rebuild focused on converting EU-derived law into domestic UK law, ensuring legal continuity after the UK’s departure from the single market. This was an exercise in legislative volume rather than policy innovation: 83 documents, comprising 75% of the entire dataset, relate directly to Phase 1 activity, with the peak coming in 2018 and 2019 when 52 documents were published in just two years. This tracks with the European Union (Withdrawal) Act 2018, receiving royal assent in June 2018.
The onshoring process covered an exceptionally broad range of financial instruments and market structures, including:
Where phase 1 was about preserving legal continuity, phase 2 asked a more fundamental question: now that the UK had full regulatory sovereignty, what kind of financial services framework should it build? The Future Regulatory Framework (FRF) Review, launched by HMT in July 2019, sought to address this, unfolding across multiple consultation rounds:
The review’s central conclusion was that the UK’s regulatory architecture – inherited largely intact from EU membership – gave domestic regulators too little discretion and Parliament too little accountability. The proposed solution was a model under which the primary legislation (the Financial Services and Markets Act) would set high-level objectives and principles, while detailed rule-making would be delegated to independent regulators, subject to enhanced parliamentary scrutiny and direction from HMT.
The Edinburgh Reforms, announced in December 2022, marked the political crystallisation of the FRF Review into a named reform programme. This was a deliberate rebranding of the post-Brexit regulatory agenda, framing it not as a technical necessity (as Phase 1 had been) but as an opportunity to improve UK competitiveness and attract capital. Key elements included:
Payments regulation has followed a partly distinct trajectory within the broader post-Brexit rebuild, reflecting both the sector’s operational complexity and the existence of the PSR as a dedicated regulator with specific statutory functions over payment systems.
The dataset contains six documents relating specifically to this fourth phase, spanning the period 2023 to 2025:
Date | Document | Significance |
|---|---|---|
Jan 2023
| Payment Services Regulations Review and Call for Evidence
| Scoping review of the 2017 PSRs, which implemented PSD2
|
Aug 2023
| Payments Regulation and the Systemic Perimeter: Consultation
| Review of which payment systems should fall under PSR oversight
|
Mar 2024
| Future of Payments Review 2023
| Independent review (Garner Review) recommending a National Payments Vision
|
Jul 2025
| National Payments Vision
| HMT’s strategic framework for future UK payments infrastructure
|
Sep 2025
| Streamlined Approach to Payment Systems Regulation Consultation
| Proposed rationalisation of the PSR’s regulatory framework
|
Nov 2025
| Strategy for Future Retail Payments Infrastructure
| Long-term infrastructure roadmap, including the future of the New Payments Architecture
|
The payments rebuild has a distinctly forward-looking character compared to the earlier phases. The challenge for payments has been to determine whether PSD2-derived rules remain fit for purpose in a UK context, particularly given the rise of open banking, the emergence of digital payments, and growing concerns about APP fraud. The National Payments Vision and the streamlined regulation consultation, both published in 2025, together signal a move towards a simpler, more coherent domestic framework in which the PSR’s role may be redefined and consolidated.
Having established the framework, three themes have risen to prominence in the UK regulatory landscape: the PSR’s increasingly assertive use of its competition powers to reshape payment markets; a years-long regulatory battle over who should bear the cost of APP fraud; and the gradual, then rapid, emergence of stablecoins as a serious object of UK financial regulation.
Competition & Access dominated the corpus from 2015–2022, with a particularly intense phase in 2015–2016 (19 and 30 documents, respectively), driven by the PSR’s founding market review programme and the IFR and PSD2 implementation wave. The shift comes in 2023: Consumer Protection surges to 19 documents — matching Competition for the first time — then jumps to 27 in 2024 as mandatory APP fraud reimbursement rules came into force, while Competition fell back to 10.
“Consumer Protection” specifically covers APP fraud, APP scams, reimbursement, refunds, liability, vulnerable customers, and dispute resolution. It’s not a broad consumer-welfare catch-all but quite targeted at fraud and harm redress language, which makes the 2023-24 surge more meaningful: those specific terms are appearing more frequently because regulators are literally writing reimbursement rules.
The creation of the Payment Systems Regulator in 2015 represented a structural shift in how UK payments were overseen. As well as stability and consumer protection, the PSR was given an explicit statutory objective to promote competition and innovation. This mandate translated into a more interventionist posture toward incumbent banks and payment networks, including investigations into card acquiring, cross-border interchange, and access to infrastructure. Open Banking emerged from the Competition and Markets Authority’s 2016 retail banking market investigation, which found that large banks faced insufficient competitive pressure. The remedy required the nine largest banks to allow regulated third parties to access customer account data and initiate payments via standardised APIs, subject to customer consent. The Open Banking Implementation Entity was established to oversee delivery.
There have been measurable results: millions of consumers and businesses now use Open Banking-powered products for everything from account aggregation to tax payments and credit underwriting. However, the shift toward a commercial, sustainable model beyond the initial mandated infrastructure has proven harder to achieve, with ongoing debate about premium APIs, liability frameworks, and the transition to a future entity to steward the ecosystem long-term.
Though there hasn’t been the ‘hockey stick’ growth in adoption of open banking user connections, recent merchant-side adoption at checkout may drive this. Both Amazon and eBay have partnered with TrueLayer to roll out Pay by Bank at checkout. As of January 2026, Pay by Bank is also the recommended payment option at checkout for bet365. Payments Intelligence covered open banking adoption in more detail, along with commercial variable recurring payments, regulatory developments, and what role the technology could play in agentic commerce and cross-border payments in the Open Banking Market Trends Report.
Authorised push payment (APP) fraud has been the dominant consumer protection theme in UK payments regulation over the past decade. The regulatory response has unfolded in two distinct waves of activity, separated by a notable gap coinciding with the COVID-19 pandemic and a period in which the Payment Systems Regulator (PSR) shifted from consultation to implementation.
The first wave was triggered by a Which? super-complaint to the PSR in September 2016, which identified APP fraud as a systemic problem with inadequate consumer protections. The PSR responded quickly, publishing both a formal response and factsheet. A concentrated burst of four documents followed in 2017, constituting the first peak in regulatory output.
Key developments in this phase included:
The second wave began in February 2021, peaking in 2024 with four documents published. The central shift from the first wave was a move from voluntary to mandatory reimbursement, culminating in PS24/5 CHAPS APP scams reimbursement requirement from the PSR.
This shift from a buyer-beware model toward shared liability was significant and not without controversy. Banks raised concerns about moral hazard and the cost burden on smaller firms. The PSR also reduced the maximum reimbursement cap from £415,000 to £85,000 shortly before implementation, reflecting industry lobbying about disproportionate exposure to high-value fraud claims.
Social media companies, however, are absent from this shared liability framework, a point that PSPs have taken issue with, given the high proportion of fraud initiated through these platforms.
The introduction of mandatory reimbursement also has material economic implications for PSPs. The allocation of costs between sending and receiving institutions, alongside operational requirements such as claims handling and dispute resolution, is likely to affect pricing, onboarding practices, and risk appetite. Smaller firms in particular may face proportionately higher compliance and fraud exposure costs, potentially influencing market participation and competition dynamics.
Stablecoin use is growing, and UK regulators are taking an interest. An estimated $390 billion in stablecoin payments were processed in 2025, according to analysis by McKinsey and Artemis Analytics, more than double 2024 levels, with B2B payments growing 733% in that period.
In response, the FCA, Bank of England, PSR, and HM Treasury issued 14 policy documents on stablecoins in 2025, matching the total published over the preceding five years.
Following regulatory action in the US, the UK has taken a layered approach to regulating stablecoins. The Financial Services and Markets Act 2023 expanded the Bank of England’s regulatory remit to cover digital settlement assets, including systemic stablecoins. HM Treasury published the final draft of the Financial Services and Markets Act 2000 (Cryptoassets) Regulations 2025 in December 2025, laying the legislation before Parliament with a go-live date of 25 October 2027. Non-systemic stablecoin issuers will fall under FCA supervision, while those recognised as systemic by HM Treasury will transition into a dual-regulatory model, with the Bank of England overseeing prudential and financial stability requirements, and the FCA continuing to supervise conduct and consumer protection. Final FCA rules are expected to be published in 2026, following further consultations on conduct standards, disclosures, trading platforms, and remaining prudential requirements.
Separately, the Bank has proposed that systemic issuers hold at least 40% of backing assets as unremunerated central bank deposits, with the remainder in short-term UK government debt. This is intended to be a backstop liquidity mechanism designed to support redemption in stress conditions. Proposed per-coin holding limits remain contested, with pressure on the Bank to align more closely with the less restrictive approaches adopted in the US and EU.
These requirements reflect financial stability concerns, particularly the risk of rapid redemption in stress scenarios and the potential for stablecoins to scale into systemically important payment instruments. The Bank’s approach prioritises resilience and parity with traditional payment systems, even where this constrains flexibility for issuers.
The picture that emerges from this decade of regulatory activity is one of a framework still in transition, but increasingly defined by a set of structural tensions that will shape the next phase of UK payments regulation.
Three tensions in particular stand out.
First, the balance between consumer protection and innovation. The introduction of mandatory APP fraud reimbursement marks a decisive shift toward stronger consumer protection, but the liability framework remains incomplete. Costs continue to fall predominantly on PSPs, while sectors such as social media remain outside scope despite originating a significant proportion of fraud. As reimbursement costs materialise and performance data becomes more transparent, pressure to rebalance responsibility is likely to increase. At the same time, stricter controls may influence pricing, onboarding practices, and risk appetite, with implications for competition and innovation across the market.
Second, the balance between domestic regulatory autonomy and global competitiveness. The UK is increasingly designing its own payments and digital asset framework, particularly in areas such as stablecoins. This creates opportunities to tailor regulation to domestic priorities, but also introduces the risk of divergence from other major jurisdictions. With final FCA conduct rules for cryptoassets still in development, there will be a period of regulatory catch-up, and the eventual design of the regime will play a key role in determining whether the UK remains competitive in attracting digital asset activity.
Third, the balance between institutional clarity and regulatory fragmentation. Responsibility for payments is distributed across the PSR, FCA, and Bank of England, each with distinct mandates covering competition, conduct, and financial stability. Recent initiatives, including the National Payments Vision and proposals to streamline the regulatory framework, point toward greater coordination. However, the future role of the PSR and the allocation of responsibilities across authorities remain areas of uncertainty that could either accelerate reform or slow decision-making.
The central challenge for the UK is to translate its post-Brexit flexibility into a coherent and predictable regulatory framework, one that supports innovation and competitiveness while maintaining the consumer protections and systemic safeguards that have become increasingly central to payments policy.
To see UK payments regulation consolidated in one place, with policy summaries, key dates, and recommended next steps, see The Payments Association’s quarterly Regulatory Roadmap.
Data and methodology
UK merchants expect agentic commerce to grow rapidly, but uncertainty around liability, fraud, and standards is slowing readiness.
Stablecoins are moving into mainstream finance, reshaping payments, trade, and regulation as institutions explore faster, programmable settlement.
A forward-looking overview of key regulatory developments across payments, crypto and financial services, with timelines and practical implications.
You need to be logged in to do this!
