FCA Mills Review: What Agentic AI and Tokenized Money Mean for UK Firms
The UK's Financial Conduct Authority has released a 147-page blueprint warning that retail financial services are moving rapidly toward full automation, and that legacy settlement infrastructure cannot keep up. For accounting firms, auditors, and CFOs who rely on crypto accounting software to manage digital asset positions, the Mills Review is not a distant forecast. It is a governance and liability signal arriving now.
What the FCA Actually Published
The report, titled "AI and the future of retail financial services" and led by FCA Executive Director Sheldon Mills, frames the central change as a shift from human-led, periodic financial activity toward AI-enabled, continuous, and delegated financial services. Mills, who is stepping down after eight years at the authority, told the Financial Times ahead of publication that managers must remain accountable for what their AI models do. His phrase was direct: "You need a human on the hook for what they're doing."
The FCA launched the underlying review in January, examining the implications of advanced AI for consumers, retail financial markets, and regulators themselves. The resulting report covers what the authority calls an "autonomy spectrum," ranging from AI systems that recommend actions at one end to fully autonomous agents where humans act only as observers at the other. The FCA notes that more than 20 frontier AI models have been released since late 2025 alone, a pace it describes as having outrun prior regulatory timelines.
The Seven Recommendations in Brief
The Mills Review sets out seven recommendations for the FCA to consider. These include enabling the foundations for agentic finance through trusted agent protocols, and scaling up the FCA's AI Lab to support model and system innovation. The recommendations are framed as forward-looking priorities rather than binding rules at this stage, but they signal where supervisory attention will be directed. Firms that wait for formal rules before acting on governance are likely to find themselves behind the curve.
Why Stablecoins and Tokenized Deposits Enter the Picture
The report's most consequential passage for digital asset practitioners is its treatment of settlement infrastructure. For AI agents to execute multi-layered transaction strategies without human clearance, they need settlement mechanisms that are programmable and effectively instantaneous. Traditional multi-day settlement cycles are described as an operational bottleneck that autonomous systems cannot tolerate.
Because systemic stablecoins and tokenized bank deposits live natively on programmable ledger networks, they offer the atomic, frictionless settlement that automated protocols require. The FCA does not mandate their use, but the logic of the analysis positions them as the natural infrastructure layer for agentic finance. That framing has direct regulatory weight: it means the FCA is actively thinking about stablecoins not only as speculative assets but as systemic financial plumbing.
Implications for How Firms Classify and Record These Instruments
If stablecoins and tokenized deposits become embedded in automated treasury and portfolio management, the accounting treatment firms apply today needs to hold up under that future operating model. Under IFRS 9, most stablecoins are currently classified as financial assets measured at fair value or amortized cost depending on their contractual cash flow characteristics and the firm's business model. Tokenized bank deposits may qualify as cash equivalents under IAS 7, but only where they meet the criteria for short-term, highly liquid instruments with insignificant risk of change in value.
The Mills Review effectively puts on record that these instruments could be transacting at machine speed, across multiple counterparties, within a single reporting period. That raises the volume and complexity of entries that crypto accounting software must capture accurately. Firms whose current tooling relies on manual reconciliation or end-of-day batch imports will face real gaps. The question is not whether to address this but when, and the FCA's timeline suggests sooner rather than later.
For context on how one major institution is already positioning stablecoin infrastructure within its accounting framework, the piece on Standard Chartered USDC integration and its stablecoin accounting implications is worth reading alongside this review.
AML and KYC Obligations When AI Executes the Transaction
The accountability question Mills raised publicly is the same one that sits at the heart of the UK's existing AML framework. The Proceeds of Crime Act 2002 and the Money Laundering, Terrorist Financing and Transfer of Funds Regulations 2017 place obligations on the firm, not the algorithm. When an AI agent initiates a transaction autonomously, the regulated entity remains the responsible party for ensuring that customer due diligence has been completed, that transaction monitoring flags are being reviewed, and that suspicious activity reports are filed where required.
The Accountability Gap the Review Identifies
One CEO quoted in the report raised the prospect of a financial sector equivalent of a "Turing test," a mechanism to distinguish between human intent and autonomous algorithmic behavior in the market. That observation cuts to a live compliance problem. Where AML systems currently flag transactions for human review, an agentic AI operating at continuous speed may generate volumes of activity that overwhelm manual escalation processes. Firms need to think now about whether their suspicious activity reporting workflows can scale alongside the automation of their transaction execution.
Emma Banymandhub, CEO of The Payments Association, responded to the review by stating that realizing AI's potential in financial services will depend on strong governance, clear accountability, and maintaining consumer trust. For regulated firms, that is not a values statement; it is a description of existing regulatory obligations that do not pause because the actor is a model rather than a person.
What This Means for Accounting Firms and CFOs Right Now
The Mills Review is a proposed framework, not enacted law. But it is an FCA publication, and supervisors draw on FCA publications when assessing whether a firm's governance arrangements are adequate. Several practical actions follow from reading it carefully.
Governance and Accountability Structures
If your firm is already using AI-assisted tools for portfolio monitoring, cash management, or trade execution, the Review makes the accountability question explicit. Who is the named individual responsible for the outputs of each model? That person needs to be identified, their oversight responsibilities documented, and the documentation kept current as models are updated or replaced. Senior Managers and Certification Regime obligations under SMCR already point in this direction; the Mills Review reinforces that the FCA will be looking for substance, not just form.
Digital Asset Accounting Software and Reconciliation Readiness
CFOs overseeing treasuries that hold stablecoins or tokenized deposits should review whether their digital asset accounting software can handle the transaction volumes and settlement finality characteristics of on-chain instruments at machine speed. Key questions include whether the software can ingest on-chain transaction data in near real-time, whether it can correctly classify atomically settled transactions under the applicable accounting standard, and whether the audit trail it produces will satisfy an external auditor assessing completeness and accuracy of the digital asset ledger.
The FCA's direction of travel also has implications for how firms approach the MiCA-adjacent stablecoin questions already live in UK regulatory thinking. The coverage of how the Revolut USDT delisting is reshaping stablecoin accounting for UK firms provides a concrete example of the compliance steps that stablecoin reclassification requires in practice.
Consumer-Facing AI and Conduct Risk
The FCA's own research cited in the review found that 20% of UK adults are already open to allowing AI to make autonomous financial decisions on their behalf. For accounting firms advising clients who use retail AI investment tools, this creates a conduct risk dimension. If a client's financial position was altered by an autonomous agent without adequate disclosure or oversight, questions of professional liability and suitability may arise in the context of that client's financial statements and tax position. Firms should consider whether their client intake and engagement processes capture the use of AI financial tools, and whether those tools produce records adequate for year-end accounting and tax reporting.
The Broader Regulatory Trajectory
The Mills Review sits within a wider pattern of regulators repositioning themselves for a world where financial activity is increasingly automated and settled on programmable infrastructure. The FCA is not alone in this. The pace of frontier AI model releases since late 2025 has prompted multiple regulators across jurisdictions to accelerate their thinking on accountability frameworks for AI-driven finance.
For firms already navigating crypto compliance reporting, the convergence of agentic AI and tokenized settlement is not a new category of problem. It is an intensification of existing ones: transaction volume, audit trail completeness, AML alert management, and accountability documentation. Firms that have already invested in robust crypto bookkeeping software and clear governance structures for digital asset activity are better placed to absorb the Mills Review's implications than those still treating digital assets as a peripheral matter.
The review's status remains proposed and advisory. The FCA has not yet issued binding rules flowing from it. But the seven recommendations, the explicit framing of stablecoins as potential systemic settlement infrastructure, and the public statements from Mills about human accountability for AI outputs all point in a consistent direction. Waiting for enforcement action to define the standard is not a strategy that SMCR-regulated firms can credibly adopt.
Frequently Asked Questions
Does the Mills Review create immediate legal obligations for UK firms?
No. The review sets out recommendations for the FCA to consider and is not itself a binding rulebook. However, FCA publications carry supervisory weight. Regulated firms whose governance arrangements do not reflect the principles articulated in the review may find that gap used as evidence of inadequate oversight in the event of enforcement action.
How should a CFO account for stablecoins used in AI-automated treasury functions?
The classification depends on the specific instrument and the firm's business model under IFRS 9 and IAS 7. Stablecoins used for short-term settlement may qualify as cash equivalents if they meet the criteria under IAS 7, but most will be classified as financial assets at fair value. Given the transaction volumes that agentic systems can generate, firms need crypto accounting software capable of capturing each settlement event accurately and in near real-time, with a complete audit trail.
Who is accountable for AML compliance when an AI agent executes a transaction?
The regulated entity remains accountable. UK AML obligations under the Money Laundering Regulations 2017 and POCA 2002 attach to the firm, not to the algorithm. The individual identified under SMCR as responsible for the relevant function is the person the FCA will look to if controls fail. The Mills Review explicitly reinforces that a human must remain accountable for AI-generated actions.
What is the "autonomy spectrum" the FCA describes?
The FCA uses the autonomy spectrum to describe the range of AI involvement in financial decision-making, from systems that recommend actions for humans to approve at one end, to fully autonomous agents where humans function only as observers at the other. The review notes that firms are already moving from the recommendation end toward the execution end, and that this shift has outpaced prior regulatory timelines.
How does this review affect how accounting firms audit clients with AI-driven investment tools?
Auditors will need to consider whether clients using autonomous financial agents can demonstrate adequate governance and accountability for AI-generated transactions, whether the transaction records produced by those agents are complete and accurate for financial statement purposes, and whether AML controls are proportionate to the volume and speed of AI-driven activity. The Mills Review signals that the FCA expects these questions to be asked and answered within the firm before the auditor arrives.
Source: Cointelegraph Regulation
