The Financial Conduct Authority (FCA) Business Plan for 2021/22 made clear the FCA's intent to apply a more intensive assessment with greater scrutiny of financial information and business models. As John Burns points out in his recent article, the FCA intend to be “more innovative, more assertive, and more adaptive”. Having spent many years managing authorisations teams at the FCA, most notably the Payments Authorisation team, I feel I have a particular insight into where the FCA is coming from and the possible impacts of where it seems to be heading.
An evolutionary approach
First, let's look at the history to set some context. Since the introduction of financial services regulation in 1986 firms have been submitting applications to the appropriate regulator in order to perform certain financial services. In the early days, of Self-Regulatory Organisations and indeed, the successor Personal Investment Authority, the numbers applying for authorisation were manageable. Fast-forward to 2000 and the creation of the Financial Services Authority (FSA) as a single regulator - later to become the FCA - and the size of the task really started to grow. Further responsibilities were ‘given’ to the FSA – my colleague John Burns and I always say ‘given’ because, for the most part, the FSA didn’t really want them – such as for mortgage and insurance intermediaries, payments firms, consumer credit firms, claims management companies and so on.
So, over time, the regulator has seen an exponential rise in its regulated population, now cited at some 60,000 firms, all of whom would have passed through the authorisation ‘gateway’, and necessitating a proportionate or risk-based approach, such that not every ‘I’ in an application needed to be dotted, not every ‘t’ crossed. Essentially, as long as the fundamentals of the threshold conditions could be seen to be met, the FCA didn’t sweat the small stuff. This allowed it to determine thousands of applications each year, based on the resource at its disposal: proportionality in action.
Where we are now
Fast-forward again to 2021 and we see that the FCA Authorisations teams are creaking under the volume of applications. And that’s before they start to receive applications in earnest from those firms in the Temporary Permissions Regime. Applications submitted are often sat on the (virtual) shelf gathering dust for months before a case officer is able to start reviewing it. Perhaps evidence of this new ‘assertive’ FCA in action. Indeed, it has made much of its assertive approach to assessing cryptoasset registration applications, where few have been successful so far and I expect this will to be replicated across other departments.
How does it unblock its pipeline? The obvious answer is usually to throw money at the problem; in this case, the FCA's CEO Nikhil Rathi stated on the Business Plan launch webinar an additional 100 colleagues in Authorisations. That’s fine, but these are staff that will likely need training before they are fully effective and can be seen to help make inroads into allocation times and determination times.
Previously, applying a more relaxed approach at the gateway may have helped more firms get through, more quickly. But those days seem to have gone. The FCA now seems to have decided that it has been too lenient with applicant firms that haven’t been able to demonstrate they are ‘ready, willing and organised’ at the point at which the application is submitted. That’s fine as a principle, but doesn’t really help new start-ups unable to generate income until authorised, but knowing that the assessment of their application won’t even start for weeks, or months.
So, the FCA seems to be looking to flex its muscles more. It says “Our standards will be higher [implicitly accepting that they have been lower] with more intensive assessment and greater scrutiny of firms’ financials and business models”. This will, inevitably, lead to more applicants being advised that the FCA is ‘minded to refuse’ its application. The FCA itself says “we will expect [refusal/withdrawal/rejection rates] to increase initially as we make the gateway more robust.” And it is absolutely right that the FCA should refuse firms that fail to demonstrate that they meet, and will continue to meet, the relevant threshold conditions. And yet…
A worrying developing for new applicants?
The FCA’s proposed overhaul of the decision-making process is slightly worrying. Currently, the independence of the Regulatory Decisions Committee as final arbiter of refusal decisions (although a firm does have the right to appeal such a refusal to the Upper Tribunal) provides a clear separation from the FCA being judge, jury and executioner. Instead the FCA suggests that such decisions can be taken more quickly ‘in-house’. The need for such rapid decision-making is understandable where consumer harm is identified through an existing firm, but applicant firms are unlikely to create the same urgency.
That said, it takes at least three times the FCA resource to remove a firm’s permission once it has been authorised than if it had been refused permission in the first place. In that context, more timely decisions make sense. But the process needs to be demonstrably fair and allow for firms to continue to be able to make representations in their defence. We await the forthcoming consultation with interest.
Conclusion
The more robust gateway for new firms is already here. It just had not been formally communicated until now. The FCA will be applying more scrutiny to applications than ever before. As such, you may find the prospect of preparing and submitting an application in this environment daunting. More than ever, firms are well advised to seek specialist support from compliance consultancies that have a long and successful history helping new applicants navigate the FCA application process.
Related resources
All resourcesPayment Services Regulatory Compliance Forum 2025
Webinar: Operational Resilience – the final countdown
FCA announce limited temporary flexibility on the ‘Naming and Marketing’ rules
Managing reputational risk