FCA Faces Privacy Concerns over Palantir AI Trial with Sensitive Data

TL;DR:

  • The FCA is paying Palantir more than £30,000 per week for a three-month trial applying its Foundry AI to the regulator’s data lake of case files, fraud reports, and consumer complaints.
  • Legal experts warn the trial raises serious privacy risks, given the data includes phone recordings, emails, and social media trawls involving individuals not suspected of wrongdoing.
  • Palantir’s expanding UK public sector footprint — including a £330 million NHS deal and a £240 million MoD contract — makes this latest engagement politically sensitive.

The UK’s Financial Conduct Authority has hired the Peter Thiel-cofounded data analytics firm Palantir for a three-month AI trial that will give the company access to highly sensitive regulatory data, according to reporting by The Guardian.

Palantir’s Foundry platform will analyse the FCA’s extensive data holdings, which include intelligence files marked as highly sensitive, records on firms under scrutiny, lender-submitted reports on confirmed and suspected fraud, and consumer complaints lodged with the Financial Ombudsman. The dataset also contains phone call recordings, email archives, and social media content.

Privacy Warnings

The arrangement has drawn sharp criticism from legal professionals. Christopher Houssemayne du Boulay, a partner at Hickman & Rose, warned that the data could encompass “hundreds of whole email accounts and full financial records” belonging to innocent people caught up in investigations, including bank details and personal contact information.

“If you ingest that data and use it to train an AI system, there are very significant privacy concerns,” he told The Guardian. “There should be serious confidentiality requirements regarding what Palantir does with the data.”

Growing UK Public Sector Presence

The FCA trial adds to Palantir’s rapidly expanding footprint across UK public institutions. The company secured a £330 million NHS data platform contract in 2023 — a deal that prompted resistance from medical professionals — and a £240 million Ministry of Defence agreement in December 2025, which led MPs to raise concerns about “reports of serious allegations of complicity in human rights violations.”

Each new contract intensifies scrutiny of how much access the Miami-based firm should have to sensitive British public data, particularly given its links to the US military and immigration enforcement operations.

Looking Forward

The FCA has defended the arrangement, stating it retains exclusive control over encryption keys for the most sensitive files and that Palantir must destroy all data after the contract ends. If the trial succeeds, it could lead to a full AI procurement — raising the stakes for data governance standards in financial regulation. For UK businesses subject to FCA oversight, the question is whether AI-powered surveillance will sharpen enforcement or create new risks for those whose data sits in the regulator’s files.