27 Apr 2026

The interesting thing about this Figma-to-code experiment is not the tooling. It's the governance implication buried inside it.

When AI agents generate UI components, they need machine-readable rules to work from. Human-readable guidelines — the kind design teams have written for a decade — are useless to them. So design system teams are now being asked to encode their decisions: what a button does, when a warning state appears, what constitutes an on-brand interaction. That encoding is governance, full stop.

For anyone building consumer credit products in the UK, this matters more than it might appear. The FCA's Consumer Duty requires firms to demonstrate that their customer journeys are designed with good outcomes in mind. Right now, most firms evidence that through documentation, reviews, and sign-off processes. But if your UI is being generated by agents working from metadata files, the governance has to live in those files. The spec becomes the control.

What this forces you to reckon with

• Who owns the machine-readable rules? Design, engineering, compliance, or some combination?
• When a rule changes — say, how risk warnings are displayed — how does that propagate across every agent-generated component?
• Can you audit what the agent was told at the point a particular journey was built?

These are not abstract questions. They are the kind of questions a skilled person at your firm will eventually have to answer to a regulator.

The firms that treat design systems as a technical nicety will get caught out. The ones that recognise them as a layer of documented, versioned, auditable decision-making will be in a far stronger position — not because regulators have asked for it yet, but because the technology is making it possible to demand it.

The deeper question is whether compliance teams even know this conversation is happening in their design and engineering functions.

The financial services industry spent fifteen years celebrating disruption and then acted surprised when the result was a chaotic mess of apps, re-authentication flows, and siloed identity checks that no single institution trusts.

The article frames this as fintech having 'ruined' the customer experience, but that's too easy. The fragmentation wasn't accidental. It was the predictable outcome of building competing platforms without solving identity first. Every challenger bank, every BNPL provider, every crypto wallet launched with its own KYC stack because there was no shared infrastructure to plug into. Open Banking was supposed to start fixing this. It hasn't, not really, because data portability without identity portability only solves half the problem.

For those of us building origination platforms in consumer credit, this matters in a very direct way. A customer applying for a loan in 2025 still has to prove who they are from scratch, even if they've passed full KYC at three other FCA-regulated firms in the past six months. The cost of that duplication is real, and it lands on the customer as friction and on us as dropout rates.

The unified digital identity argument has been circulating for years. The GOV.UK One Login programme is the most credible attempt the UK has made at this, but adoption across financial services remains thin. The commercial incentives to own the identity relationship are too strong for most large institutions to voluntarily cede that ground.

So the honest position is this: the industry will not fix fragmentation through goodwill or industry working groups. It needs either a regulatory mandate or a piece of identity infrastructure so demonstrably cheaper and better that resistance becomes commercially irrational.

Which of those do you think arrives first?