The FCA expects applicant firms to actively participate in the application process. No consultant or advisor can completely substitute for that. We will provide drafts but you will also need to take time to examine your submission and responses to the application questions and consider what governance arrangements must be in place.
Any submission needs to be bespoke to your business model, articulating your knowledge and experience of payment services and evidencing that you have sufficient capital (if required for your application) and you are complaint with Regulation 6 of the Payment services regulations 2017 (PSR’s).
It is the expectation of the FCA that applicant’s complete applications for authorisation only with the assistance of compliance advisors. They do not expect to receive documents that are merely ‘signed off’ by applicants. If the applicant cannot answer the questions in the application form without an advisor answering for them, the FCA has to question the overall suitability of the applicant. Of course, standardised compliance templates may be utilised and Hirett will provide them for you but it is expected that the content should reflect the nuances of the applicant firm. Culture is at the heart of how the FCA authorises and supervises firms. When the FCA receives your application and throughout their assessment of it, they will consider whether you are ready, willing and organised to comply, on a continuing basis, with the requirements and standards under the regulatory system.
Your head office is considered in terms of substance rather than form, the FCA case officer will have to determine whether they have appropriate oversight and regulatory reach over the firm and key individuals and where is the location of a firm’s central management and control (‘mind and management’). This includes where decisions are made and where is its central administrative functions such as risk, compliance, IT, and internal audit are located, as well as the extent of where any outsourcing / 3rd party arrangements are. Be mindful that the FCA must be able to use its resources in the most efficient and economical way (Regulation 106(3) of the PSRs 2017). Considering this, supervising a firm at a home address adds complications. If you are going to acquire rental office later, be clear about when you expect this arrangement to be in place. Also, provide the particulars of the lease and advise whether your office address confirms availability of private office space.
Firms must appropriately identify and manage the operational risks associated with its use of third parties (outsourcing), including undertaking due diligence. Your application must have specific details on how you intend to operate in terms of technology or in the open banking sphere. Regulated firms retain full responsibility and accountability for discharging their regulatory responsibilities (‘Important operational function’), see 3.39 & chapter 18 of the Approach document.
If your application relates to open banking, the FCA expects to understand how you are going to look after personal/sensitive data, what controls you have in place (or are already in place) to protect from fraud and money laundering and cyber-attacks plus how you are going to manage the relationship with your end customer, how you have considered your risks.
It is a requirement of the PSR’s (Payment services regulations) regulation 6(7) that those involved have both experience and knowledge in UK/EU payment services. The FCA needs to understand how this condition to operate a payment institution is satisfied. It is common with open banking related applications for individuals to come from a technological background. However, this is not the FCA’s sole interest, the FCA wants to understand that when you configure your systems, you are doing it from a perspective of understanding why and that you know about the impacts, and any resulting reporting or compliance notifications. Plus, the FCA wants to ascertain that you have your customers interest at heart, merely taking qualifications doesn’t illustrate compliance of the condition.
Ultimately the best tip to applying, is to ensure that you have answered the questions in the application and provided supplementing documents that add weight to your responses (or where the FCA asks for them). Lastly, the FCA needs to understand that you are fully aware of your responsibilities.
If your previous application for an FCA or PRA authorisation has been refused and you want to reapply, our service is FREE even if you used a different consultancy before. That being said, outcomes of applications cannot be guaranteed as the final decision will always rest with the FCA. However, what we do offer is money-off assurance whereby we will waive the latter element of the Agreed Fee (usually 25%) in the event that your application fails.
Please note that this assumes full and total disclosure to us of all even remotely-relevant information, especially any information that could at all in any way be deleterious to your Application, and whether or not that information in the event had a bearing on the Application’s failure.
‘Yes’ and ‘no’ – and it all depends on attitude and an appreciation of the importance of compliance to your business.
Becoming Directly Authorised is more than simply becoming a ‘member’ of a trading body – you’re signing up to comply with a set of requirements that affect all aspects of your business, even the non-regulated side to a degree. So although good compliance is grounded on common sense, honesty, and diligent, effective record-keeping – you or someone within your firm will need to be conscious of the responsibility that comes with being Directly Authorised.
Joining a ‘Network’ instead: Although this can be seen as an ideal solution for those who don’t want to have to be Directly Authorised – the Network have their obligations to ensure that having your firm under their wing is not going to cost them their licence. This normally translates into their own ‘compliance regime’ – which is often more burdensome than going it alone, as they have to build in a large margin of error.
The following quote summarises the situation well:
“At the start it all seemed quite onerous and daunting – but over time and with some professional support, it’s now almost second nature, built into the way we do things every day, and boils down to common sense, a genuine concern for client welfare, and having in place systems and records to prove your side, should things go wrong.”
However, no firm could ever reasonably become ‘familiar’ with the process of Authorisation – as it happens only once, or rarely.
Being Authorised might be simple enough for small firms – but getting Authorised has its fair share of potential pitfalls.
Many firms do indeed attempt to apply to become Authorised without external help or advice. However, you’ll find that this is more often where a firm is large or complex and has a dedicated Compliance Officer. Even here – professional help is often sought.
The Application itself has a section dedicated to the details of your chosen consultant – i.e. the FCA fully expect most applicants to have resorted to professional guidance for completing the Application.
An Authorisation application for example contains many items that go towards a successful and speedy approval (hopefully) – e.g. Regulatory Business Plan, projections, accounts made up correctly, a Compliance Monitoring Programme, detailed history to help assess fitness and propriety, and not least your satisfactory reasons and motivations for seeking to embark on a regulated activity.
We will translate an intensive part-day interview and subsequent correspondence via phone and e-mail into a fully-developed Authorisation Application, including a Regulatory Business Plan. You won’t have to grapple with what the whole process is about, nor with what is required of you to do and to provide – we will walk you through and as much as possible handle every single step – up to your actually being Authorised (and beyond, if you wished).
For Variations of Permission
With these areas, you will by definition have some familiarity with the world of Authorised business. Even though, the above events are only likely to occur rarely for most firms, if at all. We will again take the headache away from you. Simply tell us what you are trying to achieve in plain language, and we will translate this into the required regulatory actions – or indeed inform you that no action is in fact required.
Probably unique expertise
Our consultants’ personal experience at the FSA (now FCA) spans many years, with the bulk of this spent in the Permissions departments. Starting as Associates, they were final arbiters on those cases within their charge. They left with extensive knowledge of what the FSA/FCA is looking for – and looking out for – when assessing an Application, as well as how firms are ‘profiled’ – making for different approaches and emphases when examining an Application.
We will translate a thorough interview with you and follow-up correspondence via phone and e-mail – into a completed Application pack, including a Regulatory Business Plan. We will make simple and clear everything that you will need to supplement the application – e.g. accounts and financials, to appropriate insurance cover – and help you with organising and generating these, where possible.
We will also develop and create for your firm a tailored Compliance Monitoring Programme.
Our service includes seeing your case through especially when problems arise – even to the point of appearing in-person with you in front of FCA Committees (at extra cost).
When your application is received at the FCA, you should receive confirmation of receipt, and number of weeks after that, details of your named Case Officer.
The FCA will only communicate directly with the Applicant Firm, with us copied in. Where you receive a query from the FCA, we will assist you fully with responding. Often of course this will entail our consulting yourselves and other relevant parties – e.g. your accountant. Ultimately therefore – we will handle all queries for you, whether directly or indirectly. You are also advised to forward to us all relevant correspondence that occurs between yourselves and the FCA
For non-Authorisations cases, the process is similar but often less involved – except where an upward Variation of Permission represents a notable increase in the Firm’s Scope of Permission, where the process may feel very much like an Authorisation.
All Applications must be granted unless the FCA can cite a substantive basis for refusing to do so. Where this occurs, you will normally be allowed to know what that basis was.
The onus will lie with the individual FCA Case Officer to ‘prove’ and gather evidence for the case against granting the Application.
This case will have to be presented to an internal committee. If this committee agrees with the arguments cited, then it will be escalated to a higher committee composed of individuals from both within and outside of the FCA. The Applicant firm will be invited to make personal representations at this committee – if this should occur, we would attend with you (if you wished).
If this committee finds against the Applicant firm, then final recourse would be to appeal via a tribunal. We would of course help you with this too (at extra cost).
Most commonly non-disclosure of material facts, or oversight of something you did not think was pertinent or relevant; your Business Plan does not demonstrate a coherent, logical flow and is not presented with an expected level of articulacy (written document); your business case for seeking to begin a Regulated Activity is not deemed sufficient; not enough relevant experience; your accounts and forecasts may have discrepancies (N.B. you will need to ensure you have a competent accountant do this part for you – my role is not that of accountant); your organisational structure, and/or the fitness & propriety (or otherwise) of those within it, can raise concerns; evidence that key staff members are suitably equipped to perform the proposed functions may be deficient; CRB checks yield undisclosed facts and history; Intelligence from other outside agencies; one or more of the Threshold Conditions have not been met (e.g. residential status/domicility) – the list can indeed go on!
For Variations of Permission
Much of the above will apply with a VoP, where a firm is seeking to ‘Vary upwards’ and entering a completely new realm of regulatory activity. Where this happens, a VoP is essentially treated as a micro-Authorisation case. Beyond that, a firm might fail to demonstrate suitable justification or reasoning for their VoP application; the requested manoeuvre might lead to a Threshold Condition being broken; other problems or discrepancies might show within the application form itself. Even when Varying ‘downwards’, a fair level of scrutiny is still applied.
One of the main issues being looked out for is ‘phoenixing’ – where the FCA has to be satisfied that the application to Cancel (‘Cancelling Part IV Permissions’) does not in some way facilitate a firm or individuals within it to escape from liabilities and start anew elsewhere. Less of an issue this decade, but the FCA will also need to be satisfied that the firm in question does not have any outstanding Pensions Review liabilities, or cases unresolved. If your six-digit FCA registration number begins with ‘4’, then this will not be an issue for you; with Cancellations especially, if the case officer instinctively feels that there is something untoward or ‘more than meets the eye’ about the application, then this can be a source of delay, unless a hunch is backed up with investigation-based evidence.
Where the case officer in question feels that an application should be refused, they will be personally responsible for building the ‘case against’ – for presentation to a committee composed of individuals both within and without the FCA. The Applicant firm is able to make personal representations during such meetings. If this should ever occur, I would accompany you to the meeting.
We will provide everything you should normally need in order to become Authorised, and to be compliant upon the moment of Authorisation, including a Compliance Monitoring Programme tailored to your business. Paper compliance manuals are a thing of the past, given how one new Instrument or Amendment can require wholesale revision. Instead, the self-updating online FCA Handbook represents your source of information and guidance for your firm type, and we will provide basic tailored guidance and navigation assistance.
Beyond Authorisation, larger firms would be well advised to retain professional help when it comes to managing their compliance issues, staying up-to-date with FCA regulations, rules, guidance and requirements – and periodic ‘testing’ – e.g. Systems and Controls, Anti-Money Laundering procedures, record-keeping, mock visits if need be.
The amount you will need to spend on ongoing compliance support will be directly proportional to your firm size, complexity, and areas of regulated activity undertaken.
The DIY approach
For the smaller firm confident of its commitment to maintaining its own compliance set-up, we can provide an intensive DIY training programme. This is where we are hired for two full days a month, for three months post-Authorisation, with the goal at the end to leave you fully set up and able to manage your own compliance – you shouldn’t have to spend any further money on compliance. The programme focuses on capacity-building, where you will be left familiar with all those resources available to you both within the FCA (as a Member Firm) and outside, and how and where the FCA Handbook applies to your business.
Certain activities require regulation by the UK Financial Conduct Authority (FCA) if carried out in the UK. Carrying out these activities without obtaining authorisation (called Part 4A Permission) is a criminal offence and may impact on the enforceability of contracts. There is also a parallel UK regulatory regime requiring banks and insurance companies to be authorised by the Prudential Regulation Authority (PRA). The PRA regime is beyond the scope of this guide.
The main activities relevant to investment managers are as follows.
Activities under the AIFMD regime:
Managing an AIF: being appointed by your fund to be primarily responsible for risk management or portfolio management for your fund, if that fund is an AIF, is a regulated activity.
Activities under the MiFID regime:
Arranging deals in investments: marketing your fund, or sourcing investment opportunities for your fund is a regulated activity
Advising on investments: providing research and/or investment recommendations in relation to specific investments, other than where such advice is provided intra group, is a regulated activity
Managing investments: managing assets belonging to another person, in circumstances involving the exercise of discretion, is a regulated activity. This includes acting as sub-investment manager on a delegated basis in relation to a fund which is an AIF
Dealing as agent: buying or selling investments as agent on behalf of a third party is a regulated activity
Agreeing to carry on activities: agreeing to carry on the activities listed above is also a regulated activity.
An AIFM can also have permission to carry on these activities on a “top-up” basis, separately from managing an AIF for example, when providing segregated portfolio management services. The permission of “Managing an AIF” automatically includes these MiFID activities when carried on for a fund which is an AIF in the course of providing the regulated activity of managing an AIF.
The provision of custody services is also regulated and the FCA additionally regulates the activity of “Arranging safeguarding and administration of assets” which covers the negotiation and arranging of custody arrangements for a client. This arranging activity would be included in the “Managing an AIF” permission, but would need to be separately obtained if needed when providing segregated portfolio management services. Custody permissions need to be separately applied for but an AIFM is not permitted to provide custody for the fund assets.
You need to meet the Threshold Conditions, which are the FCA’s minimum standards for becoming, and remaining, authorised; see below.
The process of applying for authorisation requires the proper completion and submission of certain prescribed forms:
An applicant for Part 4A Permission, except in so far as the FCA may direct in individual cases, must apply in writing in the manner directed, and with the information required, in the application pack provided by the FCA
A MiFID investment adviser or investment manager will generally be a “wholesale investment firm” and should follow the FCA application pack process for that category. An AIFM under AIFMD will also need to follow the FCA’s specific process for AIFMs.
The forms required will include some or all of the following:
A core details form – this requires factual information about the business structure, controllers, management and personnel. Information on systems and controls, including business continuity is also required here
Supplement for investment managers – this covers the applicant’s regulatory business plan, its proposed customer types and investment strategy, and the scope of regulatory permissions required. This form also requires information on financial resources and cash flow projections, further detail on personnel and compliance arrangements
Forms for individuals who will be performing “controlled functions” (called Approved Persons; see below)
Owners and influencers appendix
Forms for controllers – persons who (broadly) hold or control 10 per cent or more of the applicant
IT Controls form – for those firms who are more dependent on IT systems, and
Supporting documents including org charts/ financial information / compliance procedures, etc.
For new applicants seeking authorisation as AIFMs, in addition to the requirements specified above, a firm applying to be an AIFM also needs to submit the following to the FCA:
The Variation of Permission (VOP) form which acts as a checklist of the AIFMD-specific requirements (see “What are the ongoing requirements for an authorised firm?” below) with further details where necessary. The VOP form includes information relating to: the FCA permission profile for the AIFM; the regulatory business plan; financial resources; conditions for authorisation; approved persons; AIFs and depositary arrangements
Schedule of AIFs – various details in respect of any AIF for which the firm is to be appointed as AIFM, including its name, constituting instruments (eg Articles of Association) and its investor disclosure document (prospectus).
See the FCA guidance on the wholesale investment firm application process on its website. And for the AIFM application requirements, see the FCA’s AIFMD website pages for further information and links to the forms.
For applicants which are limited liability partnerships (see legal entities, below) the FCA will need to see a signed LLP agreement before granting authorisation.
Most applicants use a compliance consultant or their legal adviser to manage the application process for them as this will make the process smoother for a first time applicant.
Hirett can give information on compliance consultants with whom we work frequently on request or can assist on your application if you prefer.
The Threshold Conditions represent the minimum conditions which a firm is required to satisfy, and continue to satisfy, in order to be given and to retain authorisation:
Location of offices: the authorised firm’s head office must be in the UK. This is regarded by the FCA as where the directors and other senior management (ie those who make decisions relating to the UK firm’s central direction and the material management decisions of the firm on a day to day basis) and where the central administrative functions of the firm (for example, central compliance, internal audit) are located. This is a condition that subsidiaries of non-UK based managers can sometimes find difficult to meet if there is no person of sufficient seniority in London
Effective supervision: the UK firm must be capable of being effectively supervised by the FCA having regard to the nature and complexity of its business and must not have any close links (ie controllers or other affiliates) which would prevent the FCA’s effective supervision
Appropriate resources: the resources of the firm (including non-financial resources such as personnel) must, in the opinion of the FCA, be appropriate in relation to the regulated activities that it seeks to carry on, or carries on. This is more general and is separate to the strict capital requirements described further below
Suitability: the firm must satisfy the FCA that it is a fit and proper person having regard to all the circumstances including nature of the business and experience of the personnel running the business
Business model: the strategy of the firm for doing business must be suitable for the regulated activities that it seeks to carry on, and in this context the FCA will look at whether the business model is consistent with the business being conducted in a sound and prudent manner, the interests of consumers and the integrity of the UK financial system.
An Authorisation application can take anything from a month or two, to one year if complications arise. There are ways and means to maximise speed of progress – the exact method will depend on the nature and aspects of each case.
A Variation of Permission can be done as quickly as one day (if the need for urgency has been expressed) – or, if complex, can take several months. As mentioned before – a Variation ‘upward’ can often be vetted as closely as full Authorisations case. Variations downward are
often granted the most rapidly.
Passporting (under the Insurance Mediation Directive) can be effected within days or weeks, depending on the countries being passported into.
Cancellations are normally done within an average of one to three months.
In relation to a MiFID firm, if the application is complete, the FCA is obliged to respond within six months. If the application is incomplete it is allowed up to 12 months. Where the application is for approval to manage an AIF, the FCA must respond within three months, extendable up to six months if notified to the applicant firm. In practice for most applications to carry on MiFID investment advisory or investment management activities, these are being processed by the FCA within five months from the date of application. We do not yet have enough evidence of how long it will typically take the FCA to process AIFM applications.
There are various levels of cost; initial and ongoing.
Application and start-up costs: the costs of engaging a professional to assist with the application process and the costs of establishing the legal entity and preparing any LLP agreement for any applicant which is a limited liability partnership
FCA costs: the FCA charges a fixed application fee, which is £5,000 for a portfolio manager (which will include any firm whose permission includes managing an AIF) submitting a “moderately complex” application. Please note that additional fees may apply for each AIF registered or notified to the FCA for managing and/or marketing under AIFMD
Expert adviser costs: depending on your business, you may need assistance to complete/review an IT Controls form for the FCA and help with preparation of financial projections and calculation of regulatory capital requirements
Regulatory capital costs: the FCA rules require firms to carry a minimum amount of capital which depends on the activities of the business and the size of the business:
If the firm is a MiFID firm, the capital requirement is likely to be a minimum of €50,000 and unless it is an exempt CAD firm, the business will also be required to carry, if greater, an amount equal to at least 13 weeks’ expenditure, based on projected expenditure forecasts provided to the FCA. (An exempt CAD firm is limited to carrying on advisory and arranging activities; it cannot carry on discretionary management activities or deal in investments for its clients)
Where a firm is an AIFM, the capital requirements will be governed by and calculated according to AIFMD (and will be dependent on its fixed overheads, and the value of the assets under management). An AIFM must hold, at a minimum, the sum of (i) €125,000; (ii) the greater of (a) one quarter of its projected annual fixed overheads amount or (b) own funds equal to 0.02% of the amount by which the value of the funds under management (calculated according to AIFMD) exceeds €250m; and (iii) an additional amount to cover professional liability risks or appropriate PII cover.
In order to benefit from the EU passporting regime, and to avoid bringing any non UK entity into the UK tax net, a UK body corporate is generally recommended. This can take two forms:
Private limited company
Limited liability partnership
Hirett can provide further information on the merits of either vehicle upon request. Some firms are set up as LLPs due to the more flexible nature of the vehicle compared to a limited company and the self-employed tax status available to its key principals.
The UK legislation requires persons performing certain functions (referred to as “controlled functions”) to be approved by the FCA in advance. These are as follows, and are set out in the FCA Handbook:
Governing Functions (Directors, Partners, etc.)
Required Functions (Compliance Oversight, MLRO)
Systems and Controls Function
Significant Management Function (less relevant for a new investment manager)
Customer Functions (eg for those carrying on investment advisory or portfolio management activities)
For a newly established business, the FCA is likely to require (and will require for an AIFM) a minimum of two senior individuals to be involved with the operation and management of the UK business.
For wholesale business, there are no longer specific exam requirements. However, firms can still request employees to take exams to be satisfied that an individual has the requisite skills, knowledge and expertise.
The Threshold Conditions require ongoing compliance. Other applicable FCA rules differ depending on the nature of the business being undertaken and the following is a high level summary of some of the key requirements:
General Principles: the principles are a general statement of the fundamental obligations of firms under the UK regulatory system. These underpin all the more detailed rules in the FCA Handbook and the FCA has the power to fine firms for failing to adhere to the General Principles
Marketing: there are detailed rules applicable in the UK and elsewhere in the EU to marketing offshore unregulated collective investment schemes. Broadly, in the UK, unless certain criteria can be satisfied regarding the expertise and experience of any individual, marketing is broadly limited to those institutional investors who can be classified as “professional clients” or “eligible counterparties” within the FCA’s client classification requirements. The majority of managers of offshore unregulated funds will not have permission to conduct investment activities with retail clients. For AIFMs, AIFMD also imposes prescriptive disclosure and reporting requirements in relation to AIF marketing activities
Dealing and managing: for those firms undertaking dealing or portfolio management activities there are extensive provisions designed to ensure the clients of the firm are treated fairly. There is no relaxation even where the firm’s sole customer is an offshore fund established by it. Provisions for example cover:
Best execution – a duty to achieve the best possible result for the client when executing trades
Soft (dealing) commissions – there are detailed rules restricting the use of soft commission credits to pay for certain manager expenses, and
Client order handling – to ensure fair allocation of orders PA Dealing.
For an AIFM, many of the conduct requirements apply directly to AIFMs under the AIFMD European regime.
Systems and controls: the FCA rules require a firm to take reasonable care to organise and control its affairs responsibly and effectively, with adequate risk management systems. For both MiFID firms and AIFMs, there are detailed provisions underpinning this overall principle
Monitoring and reporting: the FCA rules require a firm to undertake ongoing monitoring of compliance with the FCA rules. They further require a mix of quarterly, six monthly and annual reports on various items. For AIFMs, further information and reporting requirements apply, which will be either on a quarterly or half-yearly basis depending on whether assets under management (as calculated under AIFMD) exceed EUR 1 billion. The requirements are set out in the FCA Handbook and in AIFMD
Regulatory capital: a firm is required to maintain, on an ongoing basis, the required level of capital (as described above). MiFID firms and AIFMs with “top up” permissions are also required to carry out a risk assessment on an annual basis called an ICAAP (Individual Capital Adequacy Assessment Process) An ICAAP is the process by which a firm’s senior management consider their business risks. It requires the documentation of the key risks, details of the management of those risks and consideration of any capital that might need to be set aside to adequately mitigate those risks. Where a firm identifies additional capital needs through its ICAAP, this additional capital should be held, and becomes the firm’s new minimum capital requirement
Liquidity: MiFID firms and AIFMs with “top up” permissions are also required to maintain liquidity resources which are adequate, both as to amount and quality, to ensure that there is no significant risk that their liabilities cannot be met as they fall due. Its strategy and systems for managing liquidity risk are required to be reviewed annually
Transaction reporting: firms are required to report to the FCA all transactions in specified financial instruments which are traded on an EU regulated market, whether or not the transaction concerned actually takes place on an EU regulated market, as well as OTC trades in derivatives whose underlying is a debt- or equity-related financial instrument traded on an EU regulated market. The firm can agree that such reports will be made on its behalf by a third party, such as the relevant counterparty. For trades taking place on an EU regulated market, certain markets will undertake to report the transaction on the firm’s behalf
AIFMD-specific requirements: Under the AIFMD regime, there are additional organisational, structuring and conduct requirements specific to AIFMs. These include, in overview, requirements to ensure that the fund appoints a depositary, certain additional policy requirements (e.g. around portfolio liquidity, portfolio risk management, valuation), restrictions on delegation, transparency and restrictions on the use of leverage in the portfolio and new rules on remuneration.
This note serves as an introduction to the UK authorisation regime and is not exhaustive. We are happy to advise further on any of the issues highlighted above.