From the journal

From Cloud Concentration to AI Dependence: The UK’s Critical Third Parties Regime

The United Kingdom now directly oversees designated technology suppliers whose service failures could threaten financial stability. The question is whether the first cloud designations show a legal expansion toward AI-model providers, and what the present regime requires. This analysis assumes the quoted statement concerns the UK financial-services Critical Third Parties regime and assesses the law through 14 July 2026.

Illia ProkopievCo-Founder and CEO11 min read

Executive Summary

  • The first designations took effect on 13 July 2026. The designated persons are Amazon Web Services EMEA SARL, Google Cloud EMEA Limited, Microsoft Ireland Operations Limited, and Oracle Corporation UK Limited. Critical Third Parties (Designation) Regulations 2026, SI 2026/777, regs 1(2), 2.
  • The regime has not yet expanded from cloud providers to separately named AI-model providers. No independent AI-model provider appears in SI 2026/777. The present legal event is the first designation of four cloud and technology entities.
  • AI providers already fit the statutory category in principle. Section 312L turns on systemic consequences from service failure or disruption, not on a prescribed technology. Financial Services and Markets Act 2000, ss 312L(1)–(3), 312L(8).
  • An independent model provider would need its own Treasury designation regulation. Treasury designates a legal entity, after consultation and representations, rather than designating “AI” as a product category. FSMA 2000, s 312L(4); HM Treasury, Critical Third Parties – HM Treasury’s Approach to Designation, paras 1.10–1.19 (21 Mar. 2024).
  • AI services supplied by one of the four designated entities may enter direct oversight without a second entity designation. That result depends on the contracting entity and whether Treasury and the regulators treat the service as systemic. The public record does not identify any specific model, model API, or hosted AI service as systemic.
  • A model provider may also face indirect exposure as a “key nth-party provider” in a designated entity’s supply chain. The designated entity must manage that dependency and take reasonable steps to secure cooperation and regulator access. FCA Handbook, CTPS 4.4.1R–4.4.2R.
  • Parliament and the Bank of England have expressly addressed AI providers as possible designees. The FCA has linked model-provider dependency to the CTP regime. These records indicate scrutiny, but not an announced candidate or pending designation.
  • [United Kingdom] Designation brings duties concerning risk controls, mapping, testing, incident response, self-assessment, information sharing, and reporting. It also exposes the provider to directions, investigations, public censure, and service restrictions. FSMA 2000, ss 312M–312S; FCA Handbook, CTPS 3–10.

Analysis by Issue

The quoted timing was accurate when HM Treasury published its announcement on 10 July 2026. The announcement said the four providers would enter the regime “from next week.” The legal commencement date was 13 July 2026. That date has passed. Critical Third Parties (Designation) Regulations 2026, SI 2026/777, regs 1(2), 2.

The statutory instrument names legal persons, not corporate groups or product brands. It designates Amazon Web Services EMEA SARL, Google Cloud EMEA Limited, Microsoft Ireland Operations Limited, and Oracle Corporation UK Limited. Brand shorthand can obscure the entity boundary. That boundary matters because duties attach to the designated person.

The regulators’ final rules took effect on 1 January 2025. They did not bind any provider until Treasury designation took effect. The first direct oversight therefore began on 13 July 2026. FCA, PS24/16: Operational Resilience: Critical Third Parties to the UK Financial Sector, paras 1.8–1.10 (12 Nov. 2024); FCA Handbook, CTPS 1.1–1.3.

This sequence does not yet prove an expansion from cloud to AI-model providers. It establishes a direct oversight model that can reach AI services and their suppliers. The legal perimeter is wider than the first designation list.

The statutory designation test

Treasury may designate a person that provides services to authorised persons, relevant service providers, or financial market infrastructure entities. Treasury must form the opinion that failure or disruption, alone or across several services, could threaten UK financial stability or confidence. FSMA 2000, s 312L(1)–(2).

Treasury must consider two statutory factors. The first is the service’s materiality to essential activities, services, or operations. The second is the number and type of regulated recipients. FSMA 2000, s 312L(3). The regulators describe those factors as materiality and concentration.

Concentration is not enough by itself. A widely used service may remain outside the regime if its failure lacks system-wide consequences. A service that matters to one firm may also fall short. The assessment asks whether disruption could spread through the financial system, not whether the contract is important to one customer.

The regulators also examine interconnections, speed of transmission, substitute capacity, migration difficulty, and access to firms’ assets. Those factors address propagation and recovery. They are especially relevant where many firms rely on one model, one inference gateway, or one chain of compute and data providers. Bank of England, PRA and FCA, The Regulators’ Approach to the Oversight of Critical Third Parties, ch 3 (12 Nov. 2024).

Treasury normally acts on a regulator recommendation, but it may begin without one. It must consult the Bank, PRA, and FCA. It must give the proposed designee written notice and an opportunity to make representations. FSMA 2000, s 312L(4). Treasury then makes regulations naming the entity.

The regime has no general territorial limit. CTPS applies wherever the relevant services are carried out. An overseas model provider is not excluded merely because its models, compute, or staff sit outside the United Kingdom. FCA Handbook, CTPS 1.3.1R.

What designation regulates

Designation is not authorisation. It does not approve the provider, its products, or its business. Direct oversight focuses mainly on systemic third-party services supplied to regulated firms and financial market infrastructures. FCA Handbook, CTPS 3.1.1R; HM Treasury, UK Financial System Strengthened with New Safeguards for Major Technology Providers, Notes to Editors (10 July 2026).

Treasury designates the entity. Treasury also privately identifies services deemed material at designation. The regulators identify which services are systemic, and they may review that service set over time. HM Treasury, Critical Third Parties – HM Treasury’s Approach to Designation, paras 1.15, 1.18–1.20.

That structure creates a material distinction. SI 2026/777 identifies four entities, but it does not publish a service schedule. The public record therefore does not establish that any named cloud AI product, model-hosting service, or model API is already a systemic third-party service.

Most CTPS duties apply only to systemic third-party services. Fundamental Rule 6 applies to all services that the designated person provides to firms. It requires open cooperation and appropriate disclosure to the regulators. FCA Handbook, CTPS 3.1.1R, 3.2.6R.

Regulated firms retain their own duties. They remain responsible for outsourcing, operational resilience, due diligence, risk controls, and contingency planning. Designation does not transfer accountability from a bank, insurer, payment firm, or infrastructure operator to its supplier.

Section 312L is technology-neutral. It covers a “service,” including a facility, when the systemic test is met. FSMA 2000, s 312L(8). Model APIs, hosted inference, model orchestration, AI agents, embeddings, and managed model services can therefore qualify as services.

The legal issue is not whether a provider calls itself an AI company. The issue is whether financial firms depend on its service for essential operations at systemic scale. Relevant uses may include payments, fraud controls, cyber defence, credit decisions, claims processing, market operations, or customer access. The use must be important enough that failure or disruption could threaten stability or confidence.

The CTPS definition of “disruption” strengthens this reading. It includes complete or partial failure, quality degradation, unavailability, and failure to perform as intended. FCA Handbook Glossary, “disruption” (in CTPS). A model service can therefore suffer disruption through degraded output quality, failed inference, unavailable endpoints, or unintended performance.

Not every hallucination, bias event, or model drift episode becomes a CTP operational incident. The incident definition requires serious disruption to a systemic service, or a serious adverse impact on protected firm assets. FCA Handbook Glossary, “CTP operational incident.” Product-quality concerns may instead engage a firm’s conduct, model-risk, consumer-protection, or prudential duties.

A provider also needs the required system-wide footprint. A specialist model used by one bank may be operationally important without being systemic. A common model used across payments, trading, or fraud controls presents a stronger case. A provider with several viable substitutes and fast portability presents a weaker case.

Official statements point toward AI, but do not designate a firm

The House of Commons Treasury Committee recommended that Treasury designate major AI and cloud providers by the end of 2026. House of Commons Treasury Committee, Artificial Intelligence in Financial Services, HC 684, para 24 (22 Jan. 2026). That recommendation is not binding law.

Treasury responded that it was gathering evidence for potential designations and expected initial decisions in 2026. It did not accept a duty to designate AI providers by year-end. House of Commons Treasury Committee, AI in Financial Services: Responses to the Committee’s Fifteenth Report, HC 1791, Appendix 1 (16 Apr. 2026).

The Bank stated that an AI-service provider could be designated if service failure or disruption posed financial-stability risk. Id., Appendix 2. The statement confirms legal availability. It does not report that any identified provider already meets the test.

The FCA’s chief executive later said financial services increasingly depend on cloud, model, and data providers. He also said firms must map dependencies on model providers and third parties, and that the CTP regime becomes more important. Nikhil Rathi, Rethinking Regulation for the Age of AI (24 June 2026).

After the cloud designations, the Treasury Committee Chair said the Government may later need to consider specific AI firms. Treasury Committee Chair statement (10 July 2026). Treasury also described the regime as rolling and left further designations open.

Together, these records support active policy interest and probable scrutiny of model providers. They do not support a statement that Treasury has announced AI candidates. Treasury does not ordinarily disclose prospective designees before a decision.

Direct designation, existing-entity scope, and nth-party exposure

An independent model provider would require a separate designation regulation naming the relevant legal entity. A committee recommendation, regulator speech, or Treasury evidence-gathering exercise cannot substitute for that instrument. FSMA 2000, s 312L; HM Treasury, Critical Third Parties – HM Treasury’s Approach to Designation, paras 1.8–1.19.

A different route applies where one of the four designated entities supplies the AI service. Treasury designates at entity level, while material services can change after designation. It follows that a new regulation may not be needed solely because an additional service of that same entity becomes systemic. This is an inference from the entity-level designation process. The regulators would still need to treat the service as systemic.

The inference has two limits. First, the contracting entity must be the designated person. A service sold by a different affiliate is not automatically covered. Second, the public sources do not identify any specific AI service within the four entities’ current systemic-service set.

A model provider can also sit below a designated CTP in the supply chain. CTPS defines a “key nth-party provider” as a supply-chain person essential to a systemic service. The CTP must identify and manage that dependency. It must take reasonable steps to secure cooperation, information provision, and regulator access. FCA Handbook, CTPS 4.4.1R–4.4.2R.

Nth-party status does not equal direct designation. It does not impose every CTPS duty directly on the model provider. Its practical effects arise through contracts, audits, information requests, incident coordination, testing, and the designated CTP’s own compliance duties.

Duties and enforcement

A designated CTP must comply with six Fundamental Rules. These cover integrity, skill and care, prudence, risk controls, responsible organisation, and regulator cooperation. FCA Handbook, CTPS 3.2.1R–3.2.6R.

The operational rules require accountable control arrangements, effective risk management, supply-chain controls, technology and cyber controls, change controls, and resource mapping. They also require incident management, orderly termination planning, assurance work, scenario testing, and playbook exercises. FCA Handbook, CTPS 4–5.

Some duties apply at once. An interim self-assessment is due within three months of designation. The first resource map and incident playbook are due within 12 months. A playbook exercise with a representative sample of firms is also due within 12 months, then at least every two years. FCA Handbook, CTPS 4.7.1R, 4.8.1R, 5.3.1R, 6.1.1R.

The CTP must give firms enough risk information to manage their own dependencies. It must send initial incident reports as soon as practicable, update material changes, and provide a final report after resolution. FCA Handbook, CTPS 7–8.

The regulators may make rules and issue directions. They may require information, skilled-person reports, or investigations. They may publish censure and restrict or prohibit service arrangements after breach, subject to statutory notice and Upper Tribunal rights. FSMA 2000, ss 312M–312S.

For an AI provider, these powers can reach model versions, deployment architecture, data and compute dependencies, change controls, rollback procedures, supply-chain concentration, testing evidence, and incident records. The legal reach depends on the designated entity and the systemic services under review.

Practical consequences for AI providers and financial firms

Model providers should map the exact contracting entity for each financial-sector service. They should quantify reliance by UK firms and systemically important institutions. They should identify supported essential services, substitute capacity, switching time, and direct access to firm assets.

They should also map model, data, compute, orchestration, and content-safety dependencies. Change records should cover model updates, deprecations, routing changes, fallback models, rollback, and recovery. Testing should examine correlated failure, degraded quality, capacity loss, cyber compromise, and withdrawal of a key upstream service.

Financial firms should not wait for a model provider’s designation. They should inventory models, providers, resellers, cloud hosts, and material subprocessors. Contracts should address incident data, testing evidence, audit access, portability, termination support, data return, and substitute capacity.

Illia Prokopiev

Written by

Illia Prokopiev

Co-Founder and CEO

Illia is the Managing Partner and founder of Licentium. With over 11 years of practice, he has guided innovators through cross-border M&A deals and the disputes that follow, combining transactional skill with courtroom resolve. Admitted to the bar in 2017, he pivoted early to Web3, serving as legal advisor to prominent crypto projects and carrying AML/MLRO duties that anchored complex token, DAO, and compliance questions on solid regulatory ground. Certified in money laundering prevention and an active crypto investor, Illia blends market intuition with a global network of specialists, enabling Licentium to untangle licensing knots for crypto and AI ventures anywhere in the world.

More from the journal

See all

Alberta Regulated iGaming Market Launched on 13 July 2026 with 22 Operators

Alberta's regulated private iGaming market launched on 13 July 2026, making Alberta the second Canadian province to permit private online gambling operators after Ontario. The Alberta Gaming, Liquor and Cannabis Commission serves as market regulator and the Alberta iGaming Corporation oversees commercial operations and operator contracts. Twenty-two operator sites went live on day one, including FanDuel, DraftKings, BetMGM, and BetRivers. Operators must fully launch or exit the Alberta market by 13 October 2026.

European Commission Presents Cybersecurity and AI Action Plan on 7 July 2026

On 7 July 2026, the European Commission presented an Action Plan on Cybersecurity and Artificial Intelligence. The plan directs the Commission and ENISA to evaluate advanced AI models before they reach the EU market, establish a secure testing platform for critical-sector organisations, and launch an EU Grand Challenge on AI-powered cybersecurity solutions. It operates alongside the AI Act, NIS2 Directive, DORA, Cyber Resilience Act, and Cyber Solidarity Act, and introduces no new directly binding obligations.

Hong Kong Gazetted Crypto-Asset Reporting Framework Bill on 22 May 2026

The Inland Revenue (Amendment) (Crypto-Asset Reporting Framework and Amended Common Reporting Standard) Bill 2026 was gazetted in Hong Kong on 22 May 2026 and had its first reading in the Legislative Council on 3 June 2026. The bill implements the OECD Crypto-Asset Reporting Framework and 2023 CRS amendments. Crypto-asset service providers with a Hong Kong reporting nexus must register with the Inland Revenue Department, conduct client due diligence, file annual returns, and maintain records from 1 January 2027.