In May 2025, the FCA introduced
PS25/3,
a new regulatory return for firms with permissions for credit broking, debt counselling, and credit information services. It replaces the returns process introduced in 2014, which the regulator had concluded was no longer delivering the level of clarity needed
to monitor risk in the market.
The updated return requires firms to report activity across five categories: permissions, business model, marketing, revenue, and staffing. This gives
the FCA more direct visibility into how brokers and bureaux are operating and whether their actions align with the outcomes they are expected to support.
While PS25/3 does not apply to credit providers, it is already influencing the way bureaux behave, including how they configure, price, and explain their
services. That makes this a sensible moment for lenders to reassess whether their bureau data contracts still reflect what the business needs and how it operates.
Why this affects data buyers
The FCA has made clear that it wants a more consistent understanding of how regulated firms operate. For brokers and bureaux, that means connecting internal
decisions across multiple areas of the business. For those that supply credit data services, it means explaining how each product, process, and dataset fits into the wider operation.
This increased scrutiny has implications for their clients. Many credit providers are still using bureau contracts that haven’t changed in years. Some
terms were agreed around older product sets or inherited usage patterns. In other cases, volumes or decisioning logic have evolved without a formal review of the underlying data or licensing model.
This is where issues tend to surface:
|
FCA return section
|
What’s reported
|
Where problems often occur
|
|
Permissions
|
Regulated activities
|
Datasets don’t match product permissions or customer types
|
|
Business model
|
Products and services offered
|
Affordability models or coverage haven’t been reviewed
|
|
Marketing
|
Targeting methods
|
Risk data is used in early-stage activity without an audit
|
|
Revenue
|
Credit vs. non-credit income
|
No clear link between data usage and income classification
|
|
Staff
|
Incentives and oversight
|
Teams rely on data not covered by the current contract or policy
|
These are operational gaps, not regulatory breaches. But as bureaux are required to document and explain their activity, the services they provide, and
the clients using them, will come under greater internal and commercial review.
Is your bureau setup still appropriate?
For many credit providers, bureau data contracts remain largely unchanged since they were first negotiated. Product configurations and licence terms may
have rolled forward year after year. In some cases, the rationale for specific data decisions is no longer clear internally. For firms that have expanded their product lines or added new use cases, these arrangements may no longer reflect actual requirements.
This raises practical questions:
-
Does our current bureau agreement match our products, permissions and customer base?
-
Have we added use cases that were never reviewed with our data supplier?
-
Are we still paying for services that no longer support risk, compliance, or commercial activity?
-
Can we explain how the current setup came to be and who approved it?
PS25/3 has made these questions more relevant, even for firms outside the scope of the return. As bureaux respond to regulatory expectations, the structure
and pricing of their services will become more deliberate. Their clients should expect, and prepare for, the same.
How firms are reassessing value through benchmarking
Many credit providers are now using benchmarking as a way to review their bureau arrangements. This involves comparing contract pricing, product mix, and
usage against others with similar requirements, helping teams identify whether existing terms still make commercial sense.
In practice, this often supports clearer internal conversations between credit risk, procurement and compliance, especially where data usage spans multiple
functions.
Firms typically use benchmarking to:
-
Compare bureau costs against peer usage
-
Identify underused or outdated services
-
Review whether pricing reflects actual volume and footprint
-
Establish a clearer rationale for contract terms
-
Support mid-term negotiations based on observed market practice
This doesn’t require a supplier change or formal audit. It’s simply a method for understanding whether current data services match today’s needs and whether
the right commercial structure still supports internal decisions.
Conclusion
PS25/3 requires brokers and bureaux to take a more structured view of their activity. That will influence how they configure and deliver their services,
including to credit providers who rely on their data.
For those buying from bureaux, this is a good time to revisit the terms in place and the rationale behind them. If supplier behaviour is changing, there’s
value in being prepared, commercially and operationally, before it becomes a requirement to do so.
