Analysis: FCA Guidance On Good And Poor Practice In Authorisation And Registration Applications

October 2, 2025
Request a Demo
<
Back
A recent publication from the UK’s Financial Conduct Authority (FCA) provides insight into where firms are succeeding and failing when completing authorisation and registration applications.

A recent publication from the UK’s Financial Conduct Authority (FCA) provides insight into where firms are succeeding and failing when completing authorisation and registration applications. 

Although presented as guidance, the document also signals regulatory expectations that are likely to shape supervisory engagement in the months ahead. 

For firms operating in the UK payments/e-money sector, it offers both practical lessons and early warnings.

Key themes

  • Consumer Duty: Firms must not treat Consumer Duty as an add-on, but integrate it throughout policies, customer journeys and oversight structures. The FCA’s focus on this point suggests that weak Consumer Duty evidence will increasingly be grounds for queries or delay.
     
  • Operational resilience: Applications must show more than ambition – realistic delivery roadmaps, IT system detail and recovery planning are essential. Payments/e-money firms will be under particular scrutiny.
     
  • Cross-border oversight: The FCA’s concern about overseas control is relevant for groups operating from non-UK hubs. Clear evidence of UK decision-making authority is critical, especially for e-money providers.

Key findings

  • Staff and governance
    • What the FCA wants: The regulator expects firms to demonstrate internal ownership of compliance and governance frameworks, with Senior Managers and Certification Regime (SM&CR) accountability and clear time commitments from senior staff. The FCA has stressed that outsourcing compliance functions cannot substitute for internal expertise.
    • Risks observed: The document identifies a number of key issues in this area, such as multiple senior individuals holding overlapping roles without clear allocation of time and responsibility. It also warns against applications that lean heavily on consultants without showing in-house capability or that provide weak evidence of genuine UK presence when key functions are managed overseas.
    • Implications: Payments/e-money firms need clear ownership of anti-money laundering (AML), safeguarding and resilience controls.
       
  • Policies, procedures and controls
    • What the FCA wants: Firms should provide bespoke documentation, linked to their business models and permissions sought, that demonstrates how the Consumer Duty is embedded within the organisation. Oversight arrangements must be effective where firms operate cross-border.
    • Risks observed: Common failings include generic policy templates that merely restate the rules, weak or vague IT and infrastructure plans presented as placeholders, and misaligned documents that undermine credibility.
    • Implications: Payments/e‑money firms must evidence safeguarding in practice, explain transaction monitoring configurations, and outline contingency plans for outages or provider failures.
  • Financial resources
    • What the FCA wants: The regulator wants to see transparent and evidenced financial forecasts that align with prudential requirements. It has identified and outlines good examples where firms provide both assumptions and stress scenarios, alongside historic accounts.
    • Risks observed: Firms must avoid incomplete submissions, missing accounts and unrealistic growth assumptions. The regulator is also going to be dissatisfied if they offer insufficient evidence of liquidity or contingency funding.
    • Implications: Payments/e-money firms must show they can safeguard client funds under stress and have credible wind-down plans. 

Key strategic takeaways

The FCA is raising the bar on evidence over intent, and applications that lack granular proof of capability will face delays or rejection.

In addition, the regulator is continuing to extend the reach of the Consumer Duty, which is now influencing authorisation requirements as much as ongoing supervision.

Firms with ambitious growth or complex cross-border models should expect heightened scrutiny and be sure to prepare comprehensive governance, operational and financial documentation.

The authorisation and registration applications publication is more than a checklist: it provides a window into the FCA’s current mindset.

The regulator is placing increased emphasis on demonstrable capability, integration of Consumer Duty and resilience in practice. 

Firms preparing applications should treat the document as a strategic blueprint, ensuring submissions are not only complete but also evidence-driven, tailored and forward-looking. 

The weaknesses the FCA has flagged should be seen as red flags for any serious applicant.

John Gidla

Our premium content is available to users of our services.

To view articles, please Log-in to your account. Alternatively, if you would like to gain access to the tools that will help you navigate compliance risk with confidence please get in touch today.

Request a demo

Simply complete the fields below to register your interest. You’ll then be given the option to book a specific appointment with our team.

You understand that by completing this form, you are also signing up to receive marketing communications from us. You can opt out of such communications at any time. Please see our Privacy Policy here.

Submission sent
Please enter a work email address
Please select an industry of interest
Still can’t find what you’re looking for?
Get in touch to speak to a member of our team, and we’ll do our best to answer.
Contact us
No items found.
No items found.
United Kingdom

Please choose your preferred
service to log in to.

GamblingCompliance
PaymentsCompliance
Don’t have an account?