+44 (0) 207 096 2100
info@acumengcompliance.com
37th Floor, 1 Canada Square, London E14 5DY
Getting FCA authorisation is one of the most important and most challenging steps any financial services business will take. Whether you are launching a FinTech startup, establishing a payment institution, or seeking an e-money licence, the process demands precision, preparation, and a thorough understanding of what the Financial Conduct Authority actually expects.
The hard truth? Most application delays and rejections are entirely avoidable. They happen because businesses approach the FCA without the right regulatory framework in place, with generic business plans that fail to reflect their actual operating model, or without understanding the specific compliance requirements that apply to their licence type.
This is exactly where an experienced FCA authorisation consultant makes the difference not by navigating bureaucracy on your behalf, but by ensuring your application is built on the kind of robust compliance infrastructure the FCA demands from day one.
| Quick Answer An FCA authorisation consultant helps businesses prepare, structure, and submit applications to the Financial Conduct Authority (FCA). They build regulatory business plans, compliance frameworks, AML policies, and governance documentation required for licences such as EMI, API, SPI, and consumer credit authorisations. With the right consultant, FinTech startups and payment institutions in the UK significantly reduce application timelines and rejection risk. |
What Is the FCA and Why Does Your Business Need Authorisation?
The Financial Conduct Authority (FCA) is the UK’s primary conduct regulator for financial services firms. Established under the Financial Services and Markets Act 2000 (FSMA), it regulates over 50,000 firms across banking, payments, investments, insurance, and consumer credit.
If your business provides or intends to provide regulated financial services in the United Kingdom, FCA authorisation is not optional. Operating without the appropriate permissions is a criminal offence under FSMA, and the FCA has demonstrated a clear willingness to pursue enforcement action against non-compliant firms.
What Does the FCA Actually Regulate?
The FCA’s regulatory perimeter is broad. It covers:
• Payment institutions firms processing payments on behalf of customers
• Electronic Money Institutions (EMIs) firms issuing digital or prepaid currency
• Consumer credit providers, lenders, brokers, and debt management firms
• Investment firms’ discretionary managers, advisers, and brokers
• Crypto asset businesses and firms carrying out regulated crypto activities in the UK
• Mortgage lenders and brokers
• Insurance intermediaries and underwriters
• Money service businesses (MSBs), currency exchange, and remittance operators
FCA Authorisation Requirements: What the Regulator Expects
The FCA operates what it calls a ‘threshold conditions’ framework. Before granting authorisation, it assesses every applicant against a set of minimum standards. These are not a formality; they are a genuine gateway that determines whether a firm is fit, capable, and ready to operate in a regulated market.
The Five Threshold Conditions
1. Legal status: The firm must be a legal entity capable of being authorised (e.g. a UK-incorporated company or LLP)
2. Location of offices: For most firms, the head office and management must be in the UK
3. Effective supervision: The FCA must be able to supervise the firm effectively
4. Appropriate resources: Financial, human, and operational resources must be adequate for the business model
5. Suitability (Fit and Proper): Owners, controllers, and Senior Managers must meet the Fit and Proper standard
In practice, demonstrating these conditions requires a substantial body of documentation, governance to evidence, and compliance infrastructure. This is where the quality of your application and the expertise behind it determine whether the FCA approves, delays, or refuses your application.
Documents Required for FCA Authorisation
| FCA Application Document Checklist The following documentation is typically required as part of an FCA authorisation application • Regulatory Business Plan (detailed, FCA-standard narrative) • Programmer of Operations explaining how regulated activities will be carried out • Financial forecasts: 3-year projections, capital adequacy evidence, stress testing • Governance structure: organizational chart, reporting lines, decision-making framework • SMCR documentation: Senior Manager Functions, Statements of Responsibilities • AML/CFT Policies and Procedures risk-based, tailored to your business model • KYC procedures and customer due diligence framework • Transaction monitoring policy • Safeguarding arrangements for client funds (EMI and API applicants) • IT and cybersecurity policies • Business continuity and disaster recovery plans • Consumer Duty implementation plan • Compliance monitoring programme |
The FCA Authorisation Process: Step-by-Step
Understanding the FCA’s process gives you a clear roadmap and clarifies where delays typically occur and why professional support at each stage is so valuable.
6. Pre-application preparation (1–3 months): Define your regulatory scope, identify the correct license type, build your compliance infrastructure, and prepare your documentation
7. FCA Connect submission: Submit your application through the FCA’s online portal with all supporting documents
8. FCA acknowledgement: The FCA confirms receipt and assigns a case officer. The clock starts on the statutory assessment period
9. Assessment and Information Requests: The FCA reviews your application and issues Information Requests (IRs) for any gaps or clarifications
10. Possible FCA interview: Senior Managers may be interviewed on governance, compliance understanding, and business model
11. FCA decision: Authorisation granted, further information requested, or application refused
12. Post-authorization obligations: Ongoing regulatory reporting, compliance monitoring, Consumer Duty obligations, annual fees
How Long Does FCA Authorisation Take?
| Licence Type | Typical Timeline |
| Small Payment Institution (SPI) | 2–3 months |
| Authorized Payment Institution (API) | 6–12 months |
| Small E-Money Institution (SEMI) | 3–4 months |
| Full E-Money Institution (EMI) | 6–12 months |
| Consumer Credit Authorisation | 6–12 months |
| FCA Crypto Asset Registration | 12–18+ months (high scrutiny) |
These timelines assume a well-prepared application. Poorly structured applications, missing documentation, weak governance frameworks, and inadequate AML policies routinely add 6–12 additional months or result in withdrawal or refusal.
How Much Does FCA Authorisation Cost?
FCA application fees are set by the regulator and vary by firm type and size. As a general guide for 2026:
| Authorisation Type | FCA Application Fee (Approximate) |
| SPI Registration | £500 |
| API Licence | £1,500 – £10,000+ (income-based) |
| Full EMI Licence | £5,000 – £25,000+ (income-based) |
| Consumer Credit (Limited) | £1,500 |
| Consumer Credit (Full) | £5,000 – £25,000+ |
These fees are separate from professional consultancy costs. An experienced FCA authorisation consultant fees vary by project scope but the investment is significantly lower than the cost of a rejected application, a resubmission, or the commercial damage caused by delayed market entry.
| Need FCA Application Support? Acumen Global Compliance has supported 250+ successful regulatory applications. Speak with our FCA experts today. [ Book a Free Consultation → acumengcompliance.com ] |
EMI Licence, API Licence, and SPI Registration: Which Does Your Business Need?
What Is an EMI Licence?
| An Electronic Money Institution (EMI) licence, issued by the FCA, authorises a firm to issue electronic money, a digital store of value redeemable for cash and to provide associated payment services. EMI firms can operate digital wallets, prepaid cards, and cross-border transfer services. There are two tiers: full EMI (unlimited e-money issuance) and Small EMI (issuance capped at £5 million average outstanding). |
What Is an API Licence?
An Authorised Payment Institution (API) licence permits a firm to provide payment services, including money remittance, payment initiation, and account information services, without the ability to issue electronic money. APIs must meet capital requirements of at least €125,000 and maintain FCA-compliant safeguarding arrangements.
What Is SPI Registration?
A Small Payment Institution (SPI) is a simplified registration for firms whose monthly payment transactions do not exceed €3 million. SPIs face lighter-touch requirements but cannot passport their services into EEA countries. Many growing startups begin as SPIs and later upgrade to full API authorisation as volumes increase.
EMI vs API: A Quick Comparison
| Feature | EMI Licence vs API Licence |
| Can you issue e-money? | EMI: Yes | API: No |
| Can you provide payment services? | EMI: Yes | API: Yes |
| Minimum capital requirement | EMI: €350,000 | API: €125,000 |
| Safeguarding required? | EMI: Yes | API: Yes |
| Passporting (pre-Brexit EEA)? | Neither (post-Brexit) |
| Typical use case | EMI: Digital wallets, prepaid cards | API: Remittance, payment processing |
AML Compliance and FCA Authorisation: What Financial Firms Must Get Right
Anti-money laundering (AML) compliance is not a box-ticking exercise; it is a core FCA expectation that sits at the heart of every authorisation assessment. Firms that arrive at the FCA with weak or generic AML frameworks almost always face significant delays.
What Are the AML Requirements for FCA-Regulated Firms?
UK AML obligations are governed by the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017, as amended. These implement the Financial Action Task Force (FATF) standards in UK law, and the FCA enforces them rigorously.
Core AML requirements include:
• Customer Due Diligence (CDD) identity verification for all customers at onboarding
• Enhanced Due Diligence (EDD) heightened scrutiny for high-risk customers, PEPs, and complex ownership structures
• Sanctions screening, checking customers and transactions against OFSI, UN, and EU sanctions lists
• Transaction monitoring, automated detection of suspicious patterns and red flags
• Suspicious Activity Reports (SARs) obligation to report to the National Crime Agency (NCA)
• AML risk assessment documented, risk-based assessment of your customer base and product risk
• AML policies and procedures written, board-approved, and operationally integrated
• MLRO appointment: a senior Money Laundering Reporting Officer must be designated
• Staff training: All relevant staff must receive AML training appropriate to their role
The Risk-Based Approach to AML
The FCA expects firms to adopt a genuine risk-based approach, not a one-size-fits-all set of procedures. This means your AML framework should reflect the specific risks of your business model, customer base, and geographic exposure.
| Expert InsightFirms operating in high-risk remittance corridors, including transfers to and from Bangladesh, Nigeria, Pakistan, or other higher-risk jurisdictions, must demonstrate enhanced controls proportionate to that risk. The FCA and FATF both publish guidance on corridor-specific risks. A generic AML policy won’t cut it. Your framework needs to show the regulator that you understand your own risk profile. |
Who Needs HMRC MLR Registration?
Businesses that fall outside the FCA’s regulatory perimeter but still carry out money service activities, including currency exchange, cheque cashing, and certain payment services, must register with HMRC under the Money Laundering Regulations (MLR). This includes most standalone MSBs that are not also FCA-authorised. Some businesses require both FCA authorisation and HMRC MLR registration simultaneously.
Governance, SMCR, and Consumer Duty: The Compliance Foundations the FCA Expects
What Is the SMCR Framework?
| DefinitionThe Senior Managers and Certification Regime (SMCR) is an FCA framework that places individual accountability on senior leaders within regulated firms. Under SMCR, Senior Manager Functions (SMFs) must be pre-approved by the FCA, hold Statements of Responsibilities, and are personally accountable for the areas they control. All staff must adhere to FCA Conduct Rules. SMCR applies to all FCA-authorised firms. |
For FCA applicants, SMCR documentation is mandatory from day one. The FCA will scrutinise whether your governance structure assigns clear responsibilities, whether Senior Managers are fit and proper, and whether your firm has a credible accountability framework.
Consumer Duty: The 2026 Compliance Priority
Introduced by the FCA in 2023 and now firmly embedded in supervisory expectations, Consumer Duty requires firms to demonstrate that they deliver good outcomes for retail customers across four key areas: products and services, price and value, consumer understanding, and consumer support.
For FCA applicants in 2026, the regulator expects to see a credible Consumer Duty implementation plan within your authorisation application. This is no longer a future obligation, it is a present requirement.
| Regulatory Alert — 2026The FCA has signalled intensifying Consumer Duty enforcement activity throughout 2025–2026. Applications that do not include a substantive Consumer Duty framework are increasingly likely to face Information Requests, delays, or refusals. Acumen Global Compliance builds Consumer Duty compliance directly into every FCA authorisation application we support. |
International Businesses and Cross-Border Compliance: Entering the UK Market
Since Brexit, the regulatory landscape for international businesses entering the UK financial market has changed significantly. EEA passporting is no longer available; firms based in the EU or elsewhere cannot simply extend their home-country authorisation to the UK.
Can a Foreign Company Apply for FCA Authorisation?
Yes. Overseas businesses can obtain FCA authorisation either by establishing a UK-registered subsidiary or by setting up a UK branch. Each route carries different requirements around governance, capital, and the location of mind and management.
The FCA pays particular attention to whether the senior leadership of an overseas firm’s UK operations genuinely resides and makes decisions in the UK or whether the UK entity is effectively a shell. This has become an area of increasing FCA scrutiny.
Specialist Support for Remittance and Cross-Border Payment Businesses
Cross-border payment firms, remittance operators, and businesses serving diaspora communities face a unique compliance challenge: they must satisfy UK regulatory requirements while understanding the cultural, operational, and corridor-specific risks of their markets.
Acumen Global Compliance has built genuine expertise across more than 15 international remittance corridors, with deep knowledge of the compliance considerations affecting businesses serving Bangladeshi, Pakistani, Nigerian, and other international communities from the UK. This combination of regulatory knowledge and real-world operational understanding enables us to build AML and compliance frameworks that are both regulator-ready and commercially viable.
| Operating a Cross-Border or Remittance Business? Our team understands your corridor, your compliance challenges, and your regulatory obligations. Let’s talk. [ Get Expert FCA Support → acumengcompliance.com/contact ] |
Why Most FCA Applications Get Delayed And How to Get Yours Right
The FCA does not publish rejection statistics, but experienced compliance practitioners consistently observe the same patterns in delayed and refused applications. Understanding these failure points is the clearest path to a successful submission.
Common Reasons FCA Applications Fail
• A Regulatory Business Plan that is generic, overly brief, or disconnected from the actual operating model
• AML policies that are copied from templates rather than tailored to the firm’s specific risk profile
• SMCR documentation that does not clearly map Senior Manager Functions to individuals
• Governance frameworks that exist on paper but lack operational substance
• Financial projections that do not demonstrate adequate capital adequacy or fail stress testing
• Senior Managers with regulatory history issues that have not been proactively addressed
• Applying for the wrong license type SPI, where API is required, or API where EMI is required
• Failure to include a credible Consumer Duty implementation plan
• Safeguarding arrangements that do not meet FCA requirements for ring-fencing client funds
| Warning: The FCA does not offer pre-submission feedback on most applications. Once submitted, Information Requests can add months to your timeline. Every round of IRs delays your market entry, drains internal resources, and signals to investors that your regulatory readiness is in question. Getting it right on the first submission is always the most commercially rational approach. |
Why Businesses Choose Acumen Global Compliance as Their FCA Authorisation Consultant
Acumen Global Compliance Ltd is a London-based regulatory compliance consultancy with more than 15 years of direct FCA and HMRC regulatory experience. Our founder, Md M A Khan, has personally led over 250 successful regulatory applications across payment institutions, e-money firms, FinTech companies, MSBs, and cross-border payment operators.
What Sets Us Apart
• Practical, outcomes-focused consultancy: We build compliance frameworks designed for real-world operations, not theoretical compliance documents that collapse under regulatory scrutiny.
• Deep FCA and HMRC expertise: Our team has direct experience working within and alongside regulatory frameworks; we understand how the FCA actually thinks, not just what the handbook says.
• Specialist cross-border and remittance knowledge: We support businesses across 15+ international remittance corridors with genuine cultural and operational understanding.
• Full-service compliance support: From initial regulatory mapping through to authorization and ongoing compliance monitoring, we are with you at every stage.
• Commercially minded: We understand that compliance must enable business growth. Our solutions are proportionate, practical, and built to support sustainable scale.
Our Professional Credentials
Acumen Global Compliance holds active memberships with the International Compliance Association (ICA), the Association of Professional Compliance Consultants (APCC), the Chartered Institute for Securities & Investment (CISI), BBCCI, and Omniverse. Md M A Khan holds AICA, ACPA, and ACSI qualifications.
| Ready to Get FCA Authorised in 2026? Speak with our compliance experts today. We’ll assess your regulatory position and give you a clear roadmap to authorisation. [ Book Your Free Consultation → acumengcompliance.com ] |
Frequently Asked Questions
1. What is an FCA authorisation consultant, and what do they do?
| Answer: An FCA authorisation consultant is a regulatory compliance specialist who supports businesses in applying for FCA licences. They prepare regulatory business plans, build AML and governance frameworks, compile required documentation, and manage the FCA application process on behalf of the client. The goal is to produce a complete, accurate, and FCA-standard application that minimises delays and avoids rejection. |
2. How long does FCA authorisation take for a FinTech startup?
| Answer: Timeline depends on the license type. SPI registration typically takes 2–3 months; API and EMI authorisations typically take 6–12 months from submission. These are from the date of a complete application; incomplete applications trigger Information Requests that can add significant additional time. Working with an experienced FCA authorisation consultant reduces delays by ensuring completeness from day one. |
3. How much does FCA authorisation cost?
| Answer: FCA application fees range from £500 (SPI) to £25,000+ (full EMI), depending on firm type and projected income. These are separate from professional consultancy fees. While quality FCA consultancy is an investment, the cost of a rejected application in time, resources, and commercial delay substantially exceeds the cost of getting it right the first time. |
4. What AML framework does the FCA expect from a payment institution?
| Answer: The FCA expects payment institutions to have a documented, board-approved, risk-based AML framework including: a firm-wide AML risk assessment, Customer Due Diligence (CDD) and Enhanced Due Diligence (EDD) procedures, transaction monitoring, sanctions screening, a designated MLRO, staff training, and Suspicious Activity Report (SAR) procedures. The framework must be tailored to the firm’s specific business model and customer risk profile, not based on a generic template. |
5. Can an overseas or international business apply for FCA authorisation in the UK?
| Answer: Yes. International businesses can obtain FCA authorisation by establishing a UK-incorporated subsidiary or a UK branch. Post-Brexit, EEA passporting is no longer available, meaning that all non-UK firms must obtain full FCA authorisation to operate in the UK market. The FCA pays close attention to whether genuine mind-and-management resides in the UK, and specialist compliance support is strongly advisable for overseas applicants. |
6. What is the difference between an EMI license and an API license?
| Answer: An EMI (Electronic Money Institution) license allows a firm to issue electronic money and provide payment services. An API (Authorised Payment Institution) license allows payment services only, without the issuance of e-money. EMIs face higher capital requirements (€350,000) versus APIs (€125,000). The right license depends entirely on the firm’s specific business model and the regulated activities it intends to carry out. |
