The UK’s Financial Conduct Authority has handed Palantir a contract to dig through its most sensitive intelligence data, according to Hacker News. The deal gives the Peter Thiel-co-founded AI company access to case files, fraud reports, consumer complaints, phone recordings, emails, and social media trawls — all in the name of fighting financial crime.
This isn’t a small pilot. Palantir will earn more than £30,000 a week during a three-month trial to apply its Foundry AI system to the FCA’s “data lake.” If the trial goes well, it could lead to a full procurement deal. The FCA regulates 42,000 financial services firms, from major banks to crypto exchanges, and wants AI to help it spot money laundering, fraud, and insider trading faster.
Why This Matters
Palantir already holds more than £500 million in UK public contracts — NHS, military, police. This FCA deal extends its reach into yet another critical piece of British state infrastructure: financial regulation.
The concern isn’t just about one more government contract. It’s about what Palantir learns in the process. As one FCA source put it: “Once Palantir understands how we detect money-laundering threats, how do we know that they are ethically reliable enough not to share that information?”
Prof Michael Levi, a money laundering expert at Cardiff University, raised a sharper point: whether “Palantir’s owners might tip off their friends about methodologies.” The question of what happens to institutional knowledge after a contract ends is real — and largely unanswered across the AI industry.
The Privacy Problem
The FCA considered using dummy data or scrambled names for the pilot. It decided real data was the only worthwhile test — even though guidelines encourage synthetic data in trials.
That means Palantir gets access to:
- Case intelligence files marked highly sensitive
- Information on “problem firms”
- Proven and suspected fraud reports from lenders
- Consumer complaints to the financial ombudsman
- Phone call recordings, emails, and social media posts
Christopher Houssemayne du Boulay, a barrister at Hickman & Rose, warned that enforcement investigations sweep up “hundreds of whole email accounts and full financial records” from innocent people. “If you ingest that data and use it to train an AI system, there are very significant privacy concerns,” he said.
The Safeguards
The FCA says it has controls in place:
- Palantir is classified as a “data processor,” not a “data controller” — it can only act on FCA instruction
- The FCA retains exclusive control over encryption keys for the most sensitive files
- All data stays hosted and stored in the UK
- Palantir must destroy data after the contract ends
- Any intellectual property derived from the analysis belongs to the FCA
- Palantir cannot copy the data to train its own products
These are reasonable contractual protections. Whether they’re enforceable in practice — especially around what knowledge Palantir’s engineers carry in their heads after three months of deep analysis — is a different question entirely.
The Bigger Picture
Palantir’s technology is already deployed by the Israeli military and in the US immigration enforcement system under ICE. UK MPs have called the company “highly questionable” and pointed to “reports of serious allegations of complicity in human rights violations.” Palantir has pushed back, citing NHS scheduling improvements and domestic violence work with UK police.
What stands out here is the pattern. Palantir isn’t just selling software to governments — it’s embedding itself into the operational intelligence of state institutions. Health data, defense data, policing data, and now financial regulatory data. Each contract deepens the dependency.
For the AI industry, this is a case study in the tension between genuine capability and institutional risk. Financial regulators do need better tools. Prof Levi acknowledged “serious under-exploitation” of existing data. But the question of who builds those tools — and what they take away from the engagement — deserves more than a contractual clause.
The full investigation is available at the original source.