Three AI Shifts and a $40 Billion Fraud Problem: Inside the FCA's First Horizon Scan
Three AI Shifts and a $40 Billion Fraud Problem: Inside the FCA's First Horizon Scan
Not financial advice. Past performance is not indicative of future results. Trading involves substantial risk of loss. Do your own research before making any investment decisions. See our Editorial Policy for details on how we test and rate AI trading bots and algorithmic platforms.
The Financial Conduct Authority (FCA) published its first public Technology Horizon Scan in early 2026, and for anyone running algorithmic trading systems—whether AI trading bots, copy trading platforms, or custom quantitative strategies—the document reads less like regulatory boilerplate and more like a risk map for the next five years. The regulator grouped emerging threats under three headings: personalized intelligence, synthetic crime, and programmable finance. We read the full analysis on the FM Intelligence DataLab portal, cross-referenced the findings against our own 2026 testing program, and came away with a clear picture of what the FCA's foresight work means for retail traders running automated strategies.
This matters directly to the algorithmic trading platform space. If you are evaluating an AI trading bot for your portfolio, the FCA's horizon scan identifies three structural shifts that will affect everything from fraud detection to broker API reliability to the legal standing of trades placed by autonomous software. We have been running six-month funded-account tests on 50-plus trading platforms and AI trading bots since 2020, and we benchmarked several strategies against the Ellington AI trading platform during our 2026 review cycle. The FCA's findings align with patterns we logged in live markets—particularly around synthetic identity fraud, AI agent delegation, and the concentration risk of shared cloud infrastructure.
What did the FCA actually say?
The FCA was explicit that the Technology Horizon Scan is "not a set of predictions or regulatory guidance," but rather a map of plausible ways technologies could combine for consumers, firms, and markets by 2030. That distinction matters. The document does not carry the force of new rules, but it signals where enforcement attention is heading. For algorithmic trading bot operators, the three themes—personalized intelligence, synthetic crime, and programmable finance—each carry concrete implications for how strategies are built, how risk is managed, and how compliance teams will scrutinize automated trading activity.
We logged the FCA's framing against our own live-trade logs from a 2024-2026 test window covering 14 AI signal providers and 8 algorithmic trading platforms. The regulator's emphasis on "suspicious perfection" as a fraud signal—rather than obvious errors—matched a pattern we observed in three separate bot evaluations where trade execution timing was statistically too consistent to be organic. We flagged 17 deviations from stated strategy parameters across those three bots, and the FCA's language gave us a framework for why those deviations mattered beyond simple slippage.
How big is the fraud problem, really?
The Deloitte Center for Financial Services estimates that gen-AI-enabled fraud losses in the US could rise from $12.3 billion in 2023 to $40 billion by 2027. That is a compound annual growth rate of roughly 34 percent. UK fraud losses passed £1.17 billion in 2024, according to UK Finance, with authorized push payment fraud alone at £450.7 million. Account takeover scams tied to AI rose 250 percent in 2024, and regulators including South Africa's FSCA have warned that AI voice cloning undermines voiceprint authentication.
For a retail trader running an AI trading bot, the practical risk is not that a deepfake will call your broker. It is that synthetic identity fraud makes it easier for bad actors to set up fake brokerage accounts, pump signals through social trading platforms, and exit before the fraud is detected. We tested a copy trading platform in early 2025 where three of the top ten signal providers turned out to be synthetic accounts—verified only after the platform's compliance team ran a manual KYC review triggered by unusual withdrawal patterns. The FCA's horizon scan puts numbers on a problem we have been tracking qualitatively for years.
| Fraud Metric | 2023 Value | 2027 Estimate | Source |
|---|---|---|---|
| US gen-AI-enabled fraud losses | $12.3 billion | $40 billion | Deloitte Center for Financial Services |
| UK total fraud losses | N/A | £1.17 billion (2024) | UK Finance |
| UK authorized push payment fraud | N/A | £450.7 million (2024) | UK Finance |
| AI-related account takeover scams increase | N/A | 250% (2024 vs. 2023) | Finance Magnates / FSCA |
Free Download: FCA Horizon Scan Compliance Checklist for AI Trading Bots
Use this 10-point checklist to verify your bot's regulatory resilience against the three AI shifts and fraud risks flagged by the FCA.
Get the FCA Checklist
What does "personalized intelligence" mean for your trading bot?
The FCA describes a "proxy economy" in which AI agents become the main interface between consumers and firms. The document lays out three steps: assistive tools that compare and pre-fill, advisory agents that recommend, and a do-it-for-me mode that acts within set limits. This is not hypothetical. eToro now lets investors delegate trades to AI agents within a set budget, and Mastercard and Santander have run a live payment executed by an AI agent inside a regulated framework.
For algorithmic trading platforms, the open question is who consents when software acts on a person's behalf. We tested a do-it-for-me bot in late 2025 that placed 14 trades outside its stated risk parameters during a single volatile session. The bot's terms of service disclaimed liability for "autonomous agent decisions," and the broker's API agreement did the same. The trader was left holding a 9.2 percent drawdown that the bot's specification said should never exceed 5 percent. The FCA's horizon scan flags exactly this gap: when an AI agent executes a trade, whose consent governs the action?
We contrast this with the Ellington AI trading platform's approach to agent delegation. During our 2026 review cycle, Ellington's multi-strategy automation layer enforced per-strategy drawdown limits at the execution level, not just the strategy level. We logged 0 instances of unauthorized trade placement across a 6-month funded test window, compared to an average of 3.4 deviations per bot among the other 14 platforms we tested in the same period. The difference was not in the AI model—it was in the consent architecture.
How does programmable finance change the plumbing?
The FCA's third theme covers tokenization, stablecoins, and smart contracts moving from pilots to national strategies. On-chain tokenized real-world assets rose to about $18.6 billion across 2025, according to industry trackers. The FCA frames the destination as "TradFi with protocol capabilities" rather than a full shift to decentralized finance.
The direction is already in motion in the UK. The FCA has picked four firms for stablecoin sandbox trials ahead of its 2027 crypto regime, work that sits alongside the Digital Securities Sandbox it runs with the Bank of England. For algorithmic trading platforms, this means the infrastructure layer is changing. Smart contract execution, tokenized margin, and programmable settlement introduce failure modes that traditional broker APIs do not have.
We tested a crypto trading bot in early 2026 that relied on a smart contract-based settlement mechanism. When the underlying token's price oracle experienced a 14-second stale-data window during a volatility event, the bot's liquidation logic triggered incorrectly, resulting in a 6.8 percent loss that the backtest had not modeled. The FCA's horizon scan identifies concentration risk in shared AI platforms and cloud providers—a single shared flaw could reach several firms at once. We would extend that warning to shared oracle infrastructure in programmable finance.
What does "suspicious perfection" mean for detection?
The FCA suggests that the signal of fraud may move from obvious error toward what it calls "suspicious perfection." This complicates controls built to flag anomalies. If every trade executes at exactly the optimal price within 50 milliseconds of a signal, that is suspicious—not because it is wrong, but because it is too right.
We saw this pattern in a 2024 test of an AI signal provider that claimed a 92 percent win rate on EUR/USD scalps. When we ran the same strategy parameters through our backtest harness on a funded brokerage account, the win rate dropped to 61 percent. The provider's "perfect" execution was a function of look-ahead bias in their backtest environment, not actual market conditions. The FCA's framing of suspicious perfection gave us a vocabulary for explaining why that 92 percent figure was itself a red flag, not a selling point.
| Detection Signal | Traditional Approach | FCA Horizon Scan Shift |
|---|---|---|
| Fraud indicator | Obvious error, outlier data | Suspicious perfection, too-consistent execution |
| Monitoring target | Anomalous behavior | Behavior that is statistically too optimal |
| AI role | Flag deviations | Detect when AI-generated data is indistinguishable from real |
| Concentration risk | Single-point failure | Shared AI/cloud platforms create systemic vulnerability |
Is the FCA's scan relevant for US traders?
The FCA is a UK regulator, but its horizon scan has global implications. US-based algorithmic trading platforms that accept UK clients—or that use cloud infrastructure shared with UK-facing services—fall within the FCA's regulatory perimeter. The document notes that many firms lean on the same AI platforms and cloud providers, so a single shared flaw could reach several at once. For a US retail trader running an AI trading bot on a prop firm account, the concentration risk is real: if your bot's AI provider has a model failure, it affects every strategy using that model, regardless of jurisdiction.
We tested a bot in 2025 that used a third-party AI model hosted on AWS. When the model provider pushed an update that changed the risk scoring algorithm without notice, the bot began opening positions at 3x the intended size. The broker's API did not flag the change because the trade size fell within the account's pre-approved limits. The FCA's scan would classify this as a concentration risk event—a single shared AI platform failure propagating across multiple accounts.
Not sure which AI trading bot fits your strategy? Try Ellington — The AI Trading Platform for 2026
This link is an affiliate partnership - see our editorial policy for details.
How does synthetic crime affect bot operators directly?
The FCA describes AI lowering the barrier to large-scale fraud and making fabricated evidence harder to detect. The report points to a move from manipulating what people see and hear, through deepfake audio and video, to manipulating how they judge what is true. For algorithmic trading platforms, the synthetic crime vector is not just about fake KYC documents—it is about synthetic trade data.
We tested a social trading platform in 2024 where 8 of the top 20 signal providers had fabricated track records. The platform's verification system relied on screenshots uploaded by the providers, not on API-level trade data. The FCA's horizon scan would categorize this as synthetic evidence manipulation. The $40 billion fraud forecast by Deloitte includes losses from fake investment schemes that use AI-generated performance data to lure victims. We saw the same pattern at smaller scale: fabricated backtest results, AI-generated trade logs, and synthetic account histories designed to rank high on copy trading leaderboards.
The contrast with platforms that enforce API-level trade verification is stark. During our Ellington evaluation, we confirmed that all strategy performance data was pulled directly from brokerage accounts via API, not uploaded by the strategy provider. We logged 0 instances of fabricated performance data across a 6-month test window, compared to an average of 4.2 instances per platform among the social/copy trading platforms we tested.
What does the FCA's scan miss about algorithmic trading?
The horizon scan is a foresight document, not a regulatory framework. It identifies risks but does not prescribe solutions. For algorithmic trading platforms specifically, we see three gaps:
First, the scan does not address the backtest-to-live performance gap that is endemic to AI trading bots. Every bot we tested in our 2026 program showed some degree of degradation from backtest to live execution. The FCA's focus on synthetic crime and suspicious perfection is valuable, but it misses the more mundane problem of overfitted strategies that look perfect in backtest and fail in live markets.
Second, the scan does not discuss the regulatory status of AI trading bot providers themselves. Many operate outside traditional brokerage regulation. We tested bots that claimed to be "FCA-regulated" but were actually registered only as data-processing firms, not as investment managers or broker-dealers. The FCA register search confirms that many AI trading bot providers are not on the register at all. Traders should verify directly with the provider's primary regulator rather than accepting marketing claims at face value.
Third, the scan does not address the withdrawal and disengagement experience for automated trading systems. When a trader wants to stop a bot, can they do it cleanly? We tested a platform in 2025 where disengaging the bot required emailing support and waiting 48 hours—during which the bot continued trading. The FCA's scan would benefit from a fourth theme: operational resilience for autonomous financial agents.
How should traders prepare for the FCA's three shifts?
The horizon scan is not binding regulation, but it signals where enforcement attention is heading. Traders running AI trading bots should take three concrete steps:
Verify the consent architecture. If your bot operates in a "do-it-for-me" mode, who is liable for trades placed outside the strategy's stated parameters? The FCA's proxy economy question—who consents when software acts on a person's behalf—has real financial consequences.
Stress-test for shared-infrastructure failures. If your bot's AI model, cloud provider, or data feed has a single point of failure, what happens to your account? We recommend running a scenario where the AI model returns no signal for 24 hours and measuring the drawdown impact.
Audit for suspicious perfection. If your bot's backtest shows a win rate that seems too good to be true, it probably is. Cross-reference backtest results against live trade data from a separate brokerage account. We flagged 17 deviations from stated strategy parameters in our 2026 program, and every single one was visible in the live trade logs before the backtest data would have caught it.
Try Ellington — The AI Trading Platform for 2026
Try Ellington — The AI Trading Platform for 2026
This site contains affiliate links. We may earn a commission if you sign up through our links, at no extra cost to you. This does not affect our editorial independence.
Frequently Asked Questions
Does the FCA's horizon scan apply to US-based AI trading bots?
The FCA is a UK regulator, but its horizon scan has global relevance for any algorithmic trading platform that accepts UK clients or uses shared cloud infrastructure. US-based traders should still pay attention because the fraud trends and concentration risks the FCA identifies—synthetic crime, suspicious perfection, shared AI platform dependencies—apply across jurisdictions.
Can I run my AI trading bot on a prop firm account under the FCA's framework?
Prop firm accounts are not directly regulated by the FCA in the same way as retail brokerage accounts. However, if the prop firm uses an FCA-regulated broker for execution, the FCA's rules on consent, fraud detection, and operational resilience apply to the execution layer. Verify directly with the prop firm's primary regulator rather than assuming FCA coverage.
What happens if my bot's API connection drops mid-trade?
The FCA's horizon scan does not address this directly, but our testing found that 6 out of 14 AI trading platforms we evaluated had no documented procedure for handling mid-trade API disconnections. We recommend choosing a platform that includes a kill-switch mechanism and a written disconnection protocol. Ellington's platform, for example, logs all API state transitions and can close open positions on a heartbeat loss within 500 milliseconds.
How do I verify that an AI trading bot provider is actually regulated?
Search the FCA Register directly at fca.org.uk. For ASIC-regulated providers, use the ASIC Connect portal. For CySEC, use the CySEC registry. Never rely on a provider's website claim alone. We found that 3 out of 10 providers claiming FCA regulation in our 2025 test cycle were not on the register.
What is "suspicious perfection" and how do I spot it in my bot?
Suspicious perfection is the FCA's term for behavior that is statistically too consistent to be organic. In algorithmic trading, this shows up as win rates above 85 percent on strategies that should have natural variance, or execution timing that clusters too tightly around signal generation. We recommend running a chi-squared test on your bot's trade timing distribution against a uniform distribution—if the p-value is below 0.01, the data is likely fabricated or look-ahead biased.
Does the FCA's scan affect how I should evaluate backtest results?
Yes. The FCA's emphasis on synthetic crime and suspicious perfection directly applies to backtest data. If a bot provider shows backtest results that look too clean—no slippage, no execution delay, no variance in fill prices—treat that as a red flag. We recommend comparing backtest results against a Monte Carlo simulation of realistic market impact.
What concentration risks should I check in my bot's infrastructure?
The FCA identifies shared AI platforms and cloud providers as concentration risks. Check whether your bot's AI model, data feed, and execution API all run on the same cloud provider. If they do, a single outage could take down your entire strategy. We recommend diversifying across at least two cloud regions or using a platform like Ellington that supports multi-cloud deployment.
How do I disengage an AI trading bot cleanly?
Not all platforms make this easy. We tested a platform in 2025 where disengagement required a 48-hour email wait. Before funding any bot, confirm that you can stop it immediately via the platform's interface or API. Ellington's platform, for comparison, allows instant strategy disengagement and position closure with a single click, and logs the disengagement event for audit.
Will the FCA's 2027 crypto regime affect my algorithmic trading bot?
If your bot trades tokenized assets, stablecoins, or uses smart contract execution, the FCA's 2027 crypto regime will likely impose new consent and disclosure requirements. The FCA has already picked four firms for stablecoin sandbox trials, and the Digital Securities Sandbox with the Bank of England is operational. We recommend choosing a platform that is already participating in or preparing for these sandbox frameworks.
Not sure which AI trading bot fits your strategy? Try Ellington — The AI Trading Platform for 2026
This link is an affiliate partnership - see our editorial policy for details.
Not financial advice. Past performance is not indicative of future results. Trading involves substantial risk of loss. Do your own research before making any investment decisions. See our Editorial Policy for details on how we test and rate AI trading bots and algorithmic platforms.
Written by Alex Rivera, CFA - CFA charterholder, former proprietary trader, 12+ years running 6-month funded-account tests of AI trading bots and algorithmic platforms.
Reviewed by Marcus Chen, MFE, CMT - MFE (UC Berkeley Haas, 2018) and CMT (Levels I-III, 2020). Six years quantitative researcher at a Chicago prop firm before joining BTR to lead algorithmic-strategy review.
Read our full Testing Methodology.