Money Wiki
GB flag

Financial Conduct Authority

FCA
Share:
Official RegulatorNationalEurope

Overview

The Financial Conduct Authority (FCA) is the United Kingdom's independent conduct regulator for all financial services, established on 1 April 2013 under the Financial Services Act 2012. Operating as a successor to the Financial Services Authority (FSA), the FCA regulates approximately 58,000 financial services firms across the UK, protecting consumers, maintaining market integrity, and promoting healthy competition in the financial system.

The FCA is the primary authorizing and supervisory authority for:

  • Payment Service Providers (PSPs) under the Payment Services Regulations 2017 (PSRs 2017)
  • Electronic Money Institutions (EMIs) under the Electronic Money Regulations 2011 (EMRs 2011)
  • Consumer Credit Firms under the Financial Services and Markets Act 2000
  • Investment Firms under the Markets in Financial Instruments Directive II (MiFID II)
  • Insurance Intermediaries under the Insurance Distribution Directive (IDD)
  • Cryptoasset Businesses (AML/CTF registration only, until October 2027)
  • Banks and Insurers (conduct regulation; prudential regulation by PRA)

The Financial Conduct Authority (FCA) is the United Kingdom's primary conduct regulator for all financial services, established by the Financial Services Act 2012 (operative since 1 April 2013) as the successor to the Financial Services Authority. Operating independently and funded by regulated firms, the FCA regulates approximately 58,000 firms across payment services, electronic money, consumer credit, investment services, insurance distribution, and cryptoasset businesses (AML/CTF only until October 2027).

For payment services and electronic money, the FCA is the authorizing and supervisory authority under the Payment Services Regulations 2017 and Electronic Money Regulations 2011, implementing the Payment Services Directive (PSD2) in UK law. The FCA authorizes Payment Institutions, Electronic Money Institutions, Payment Initiation Service Providers, and registers Account Information Service Providers.

The FCA's enforcement authority includes financial penalties (up to £5 million per firm breach), prohibitions, public censure, withdrawal of authorization, and criminal prosecution. The regulator operates within a dual regulatory system alongside the Prudential Regulation Authority (Bank of England), with the PRA responsible for prudential oversight of major financial institutions and the FCA responsible for conduct regulation across all sectors.

Consumer protections including the Financial Services Compensation Scheme (FSCS) and Financial Ombudsman Service (FOS) apply to FCA-authorized firms. The FCA's Consumer Duty (from July 2023) imposes higher conduct standards on all retail-facing firms, requiring fair value, good outcomes, clear communication, and support for vulnerable customers.

Page Version: A012

Last Updated: 2026-04-05

Verification Status: Gold Standard — Official Sources

Confidence Score: 96/100

Basic Identity

Field Value
Official Name (English) REGULATOR PAGE METADATA
Official Name (Local Language) REGULATOR PAGE METADATA
Acronym [Not applicable]
Country United Kingdom
Jurisdiction Level National
Official Website https://www.legislation.gov.uk/ukpga/2012/21/part/2
Official Website Language(s) English
Headquarters United Kingdom
Year Established 2012
Current Status Active

Classification

Field Value
Entity Type Official Regulator
Control Layer Layer 1 — Sovereign/Government Regulator
Legal Authority Level Binding
Jurisdiction Level National
Scope of Power Licensing, Supervision, Enforcement, Rulemaking

Inclusion Justification

Field Value
Why This Entity Is Included Government-backed financial regulatory authority with statutory licensing, supervisory, and enforcement powers
Type of Influence Direct
Exclusion Risk Removes a key financial regulatory authority from the jurisdiction's control map

What This Entity Oversees

Regulatory Authority & Scope

Regulatory Perimeter

The FCA's regulatory perimeter is defined in the Perimeter Guidance Manual (PERG) within the FCA Handbook. The FCA regulates "regulated activities" as defined in the Financial Services and Markets Act 2000 (Regulated Activities) Order 2001 and subsequent amendments implementing EU directives (now retained as part of UK law post-Brexit).

FCA-Regulated Sectors:

Sector Authorization Status Key Regulations
Payment Services Authorization required PSRs 2017, PSD2 implementation
Electronic Money Authorization required EMRs 2011
Consumer Credit Authorization required FSMA 2000, Consumer Credit Act 1974 (retained), CONC Rules
Investment Services Authorization required MiFID II, FSMA 2000
Insurance Distribution Authorization required Insurance Distribution Directive (IDD)
Banks & Insurers Authorization (PRA+FCA) Dual regulation (PRA prudential, FCA conduct)
Cryptoasset Businesses Registration (AML/CTF only) Money Laundering Regulations 2017 (until October 2027)
Account Information Services Registration only PSD2, no full authorization

Authorization Requirements

The FCA issues authorization to firms that meet the threshold conditions set out in Section 55B of FSMA 2000 and Chapter COND of the FCA Handbook:

Threshold Conditions:

  1. Location of Establishment — Firm must be established in the UK or EEA state
  2. Business Model — Business model must not present undue risk or be unsuitable for regulation
  3. Adequate Financial Resources — Sufficient capital and resources to manage business for minimum 1 year
  4. Systems and Controls — Robust, proportionate governance and risk management systems
  5. Fit and Proper Persons — Managers, directors, and significant shareholders must be fit and proper
  6. Payment/E-Money Specific — Minimum capital: €20,000 initial + €10,000 per payment service; safeguarding arrangements for e-money

FCA Authorization Process:

Step Action Duration
1 Pre-Application Engage FCA, confirm regulated activities, obtain guidance
2 Application Submission Submit completed application form + all required documentation
3 Completeness Review FCA reviews for completeness; requests clarifications if needed Up to 20 business days
4 Assessment Period FCA assesses against threshold conditions and ongoing compliance rules 3 months (standard); 6 months (payment/e-money institutions)
5 Decision FCA grants authorization or issues Minded to Refuse notice 3 months

Application Materials Required:

  • Completed FCA application forms (FORM A for standard authorization)
  • Governance and risk management policies (SYSC compliance)
  • Evidence of fit and proper persons (CVs, references, financial status checks)
  • Audited financial statements or forecasts
  • Business plan and financial projections (3 years)
  • AML/KYC procedures and sanctions screening protocols
  • Systems and controls documentation
  • Client money protection policies (where applicable)
  • Complaint-handling procedures
  • Data protection and GDPR compliance framework
  • FCA Handbook compliance statements

Consumer Duty (from 31 July 2023): All applicants serving retail customers must demonstrate compliance with the FCA's Consumer Duty, requiring firms to:

  • Act with integrity in customers' best interests
  • Deliver products and services offering fair value
  • Communicate clearly and transparently
  • Support vulnerable customers with enhanced protections

The FCA is the Anti-Money Laundering and Counter-Terrorist Financing (AML/CTF) supervisor for UK cryptoasset businesses under the Money Laundering Regulations 2017 (MLRs 2017).

Cryptoasset Business Registration

Scope of Regulation:

Cryptoasset service providers must register with the FCA (not authorize) if they:

  • Operate a cryptoasset exchange (fiat-to-crypto or crypto-to-crypto trading)
  • Operate a cryptoasset trading platform (peer-to-peer or merchant services)
  • Provide custodian wallet services (hold customer cryptoassets)
  • Operate OTC broking (over-the-counter trades)
  • Provide crypto ATM services
  • Provide payment services using cryptocurrency
  • Engage in any cryptoasset activity "by way of business"

Registration vs. Authorization:

Status Coverage Consumer Protections
Registered (AML/CTF only) AML/CTF supervision; financial crime controls NONE — No FSCS/FOS coverage
Authorized (from October 2027) Full FSMA authorization; conduct + prudential FSCS + FOS coverage (to be implemented)

AML/CTF Compliance Requirements

Registered cryptoasset firms must comply with MLRs 2017:

  1. Customer Due Diligence (CDD):
  • Verify customer identity using government-issued photo ID
  • Verify beneficial ownership (for legal entities)
  • Understand source of funds
  • Document and retain records (minimum 5 years)
  1. Enhanced Due Diligence (EDD):
  • Apply to Politically Exposed Persons (PEPs) and higher-risk jurisdictions
  • Additional scrutiny for transactions >€15,000
  • Ongoing risk monitoring
  1. Transaction Monitoring:
  • Monitor ongoing customer relationships
  • Suspicious Activity Reporting (SAR): Submit SARs to UK Financial Intelligence Unit (UKFIU) when POCA threshold met (£2,000+)
  • 5-year record retention
  1. Crypto Travel Rule (effective 1 September 2023):
  • For transactions >€3,000: Collect, verify, and share originator and beneficiary information (name, account, address) with receiving institution
  • Technology standards: FATF guidance on data formats and secure transmission
  • Failure to comply triggers FCA enforcement
  1. Risk Management:
  • Know Your Customer (KYC) procedures
  • Sanctions screening: Verify customers against OFAC, EU, and UK sanctions lists
  • Transaction structuring detection (preventing funds from being split to avoid reporting thresholds)

Regulatory Enforcement & Permissions

The FCA's AML/CTF authority is limited to anti-money laundering and counter-terrorist financing supervision. Registration does NOT grant:

  • Consumer protections (Financial Ombudsman Service — FOS)
  • Deposit insurance (Financial Services Compensation Scheme — FSCS)
  • Market conduct regulation
  • Prudential oversight

Emerging Cryptoasset Regulatory Regime (October 2027)

The UK government laid draft legislation in December 2025 establishing a new Financial Services and Markets Act (FSMA) cryptoasset regime, expected to come into force on 25 October 2027.

Planned Changes:

  1. Full FCA Authorization — Cryptoasset firms will require FCA authorization (not mere registration) to conduct specified cryptoasset activities
  2. Authorized Activities — New "cryptoasset regulated activities" defined in amended FSMA (Regulated Activities) Order
  3. Conduct & Prudential Regulation — Full conduct and prudential oversight (similar to payment institutions)
  4. Consumer Protections — FSCS and FOS coverage to apply to authorized cryptoasset firms
  5. Transition Period — Registered firms will have transition period to apply for authorization before regime fully enforced

Ongoing Compliance & Regulatory Obligations

FCA Handbook Framework

All authorized firms must comply with the FCA Handbook, the FCA's complete rulebook for regulated activities. The Handbook is organized into:

High-Level Standards (HLS):

  1. PRIN (Principles for Businesses) — 11 foundational conduct principles applying to all firms
  2. SYSC (Senior Management Arrangements, Systems and Controls) — Governance, internal controls, risk management
  3. COND (Threshold Conditions for Authorization) — Authorization eligibility and ongoing conditions

Activity-Specific Rules:

  1. COBS (Conduct of Business Rules) — Client categorization, communications, suitability, complaints
  2. PAYMENTS (Payment Services Rules) — PSRs 2017 implementation
  3. EMONEY (E-Money Rules) — EMRs 2011 implementation
  4. CONC (Consumer Credit Rules) — Consumer credit conduct standards
  5. MIFIDPRU (MiFID Prudential Rules) — Investment firm capital and prudential requirements
  6. MIFIDCAT (MiFID II Conduct Rules) — Investment firm conduct standards
  7. IDD (Insurance Distribution Rules) — Insurance intermediary requirements

Cross-Cutting Rules:

  1. FCMC (Fees & Charges) — FCA fee structure and billing
  2. GEN (General Provisions) — Definitions, interpretation, cross-firm standards
  3. DISP (Dispute Resolution) — Complaint-handling and Financial Ombudsman Service procedures
  4. EG (Enforcement Guide) — Enforcement procedures and penalties

11 Principles for Businesses (PRIN)

Every authorized firm must comply with these foundational principles:

Principle Requirement
PRIN 1 Act with integrity in all dealings
PRIN 2 Conduct business with due skill, care, and diligence
PRIN 3 Take reasonable care to organize and control affairs to comply with rules
PRIN 4 Maintain adequate financial resources
PRIN 5 Observe proper standards of market conduct
PRIN 6 Pay due regard to customers' interests; treat customers fairly
PRIN 7 Communicate clearly with customers (information to be clear, fair, not misleading)
PRIN 8 Manage conflicts of interest to avoid detrimental client impact
PRIN 9 Ensure records accurately reflect transactions and dealings
PRIN 10 Arrange senior management and governance to execute FSMA obligations
PRIN 11 Deal with FCA openly and cooperatively; provide accurate regulatory information

Consumer Duty (from 31 July 2023)

The FCA introduced the Consumer Duty as a higher-level consumer protection standard. All firms with retail customers must:

  1. Act with Integrity — Avoid conflicts of interest; disclose material information
  2. Deliver Good Outcomes — Products and services must be suitable and deliver good value
  3. Deliver Fair Value — Fair price relative to benefits; transparent charging; no exploitation
  4. Communicate Clearly — Information clear, fair, not misleading; accessible to target customers
  5. Support Vulnerable Customers — Identify vulnerable customers (elderly, low income, health issues) and provide enhanced protections

The Consumer Duty applies to all firms authorized to serve retail customers, including payment institutions, e-money institutions, and consumer credit firms (where end customers are consumers).

Regulatory Reporting Obligations

Authorized firms must submit ongoing regulatory reports to the FCA:

Prudential Reporting:

  • Capital Adequacy Reports — Regulatory capital, leverage ratios, liquidity metrics
  • EMIR Regulatory Technical Standards (RTS) — For derivative traders
  • MiFID II Trade Reports — Investment transaction data
  • CASS Returns — Client asset segregation (if applicable)

Behavioral/Conduct Reporting:

  • Complaints Data — Quarterly consumer complaint volumes and redress (larger firms)
  • Fit and Proper Updates — Changes in senior managers, directors, significant shareholders
  • Event Notifications — Material events (major system failures, regulatory breaches, management changes)
  • Data Quality Reporting — Accuracy attestations for submitted data

Reporting Frequency:

  • Quarterly: Complaints data (for largest firms)
  • Annual: Full financial statements, capital reports
  • On-Event: Significant management/strategic changes, regulatory breaches
  • Ad-hoc: FCA information requests (under section 165 FSMA 2000)

Financial Services Compensation Scheme (FSCS)

The FSCS is a separate statutory compensation fund protecting consumers against insolvency of FCA-authorized firms.

Coverage:

  • Deposits: Up to £85,000 per firm per depositor (per firm basis)
  • Investment Business: Up to £85,000 per investor per firm
  • Insurance: Up to £2,000 per policyholder
  • Excluded: Cryptoasset registered firms (no FSCS coverage until October 2027)

Funding: Levied on FCA-authorized firms; no government backing (though BoE emergency liquidity provisions available in extreme scenarios)

Financial Ombudsman Service (FOS)

The FOS provides free, independent dispute resolution for consumers against FCA-authorized firms.

  • Eligible Claims: Disputes over FCA-authorized firm conduct, breach of rules, misrepresentation, negligence
  • Claim Deadline: Maximum 6 years from cause of action (typically 3 years from awareness)
  • Remedy Ceiling: Up to £385,000 per claimant per firm

Excluded: Cryptoasset registered firms (no FOS access until October 2027)

Consumer Protections Under FSMA 2000

Transparency:

  • Firms must communicate clearly, fairly, and not mislead consumers
  • Pre-contractual information must be provided in good time
  • Cost and charging information must be transparent

Suitability (where applicable):

  • Investment advisors must ensure recommendations are suitable for client
  • For non-advised sales, appropriateness assessment required
  • Suitability statements required for advised investment sales

Cancellation Rights:

  • Consumers have 14 calendar days to cancel most distance sales (online/telephone)
  • Distance cancellation right does not apply to completed payment transactions

Complaints & Redress:

  • Firms must have robust complaint-handling procedures
  • Acknowledgment within 5 working days
  • Final response within 8 weeks
  • Escalation to Financial Ombudsman Service if unresolved

Consumer Duty Protections (from 31 July 2023)

All retail-facing FCA-authorized firms must comply with higher Consumer Duty standards:

  1. Integrity — No conflicts of interest; full material disclosure
  2. Good Outcomes — Products must deliver intended value; services must be suitable
  3. Fair Value — Fair price-to-benefit ratio; no exploitative charging
  4. Clear Communication — Information accessible to target customer segment
  5. Vulnerable Customer Support — Special protections for elderly, health-impaired, low-income customers

Sources & Further Information

Official FCA Resources

Statutory Instruments & Legislation

Guidance Documents

Government Resources

Regulatory Powers

The FCA has extensive enforcement powers under the Financial Services and Markets Act 2000 and detailed in the Enforcement Guide (EG).

Enforcement Powers

Financial Penalties:

  • Firms: Up to £5,000,000 per breach (though larger cumulative penalties possible)
  • Individuals: Potentially unlimited fines for serious breaches
  • Recent Activity: FCA imposed £179–186 million in combined penalties in 2024/25

Prohibitions (Ban Orders):

  • Scope: Prohibition from performing regulated activities or specific functions (senior management)
  • Duration: Indefinite or time-limited
  • Enforcement: Violation of ban is criminal offence under FSMA

Public Censure:

  • Requirement: FCA publishes firm/individual name and details of breach
  • Impact: Reputational damage; mandatory disclosure to potential customers

Withdrawal of Authorization:

  • Grounds: Serious breaches, insolvency, ceased operations, unfit to continue
  • Effect: Firm can no longer conduct regulated activities; automatic removal from Financial Services Register

Supervisory Intervention:

  • Requirements: Positive obligations (e.g., "must implement enhanced AML controls by 30 June 2026")
  • Restrictions: Negative obligations (e.g., "must not take on new customers until capital restored")
  • Duration: Time-limited or indefinite based on severity

Enforceable Undertakings:

  • Alternative to formal action — FCA accepts binding commitments from firm/individual to remediate breach
  • Conditions: Publicly disclosed; firm responsible for compliance
  • Enforcement: Breach triggers formal action

Criminal Prosecution:

  • Scope: Unlicensed operation, market manipulation, insider trading, money laundering
  • Prosecuting Authority: FCA and Serious Fraud Office
  • Penalties: Imprisonment and/or fines

Investigative Powers:

  • Section 165 Notices: FCA can require submission of documents, data, and information
  • Section 176 Warrants: FCA can apply to court for search warrant to seize documents
  • Interview Powers: FCA can interview employees and executives
  • Third-Party Information: FCA can obtain information from banks, payment processors, etc.

Enforcement Trends

2023/24 Activity:

  • 12 financial penalties (8 firms, 4 individuals)
  • Enforcement focused on: financial crime controls, systems deficiencies, consumer protection violations

2024/25 Activity (Preliminary):

  • Combined penalties: £179–186 million (significant increase)
  • Individual penalties tripled year-over-year
  • Themes: FX trading conduct, payment systems failures, anti-money laundering weaknesses

Regulatory Role and Function

Statutory Basis

The FCA derives its authority from the Financial Services and Markets Act 2000 (FSMA 2000), as amended by the Financial Services Act 2012. The Financial Services Act 2012 received Royal Assent on 19 December 2012 and came into force on 1 April 2013, replacing the Financial Services Authority with two specialized regulators:

  1. Financial Conduct Authority (FCA) — conduct regulator for all financial services
  2. Prudential Regulation Authority (PRA) — prudential regulator for banks, insurers, and major investment firms (subsidiary of the Bank of England)

Regulatory Objectives

Under Section 1A of FSMA 2000, the FCA must advance the following regulatory objectives:

  1. Maintaining Market Confidence — preserve the stability and integrity of UK financial markets
  2. Protecting Consumers — ensure consumer protection and fair treatment
  3. Reducing Financial Crime — combat money laundering, fraud, and terrorist financing
  4. Promoting Competition — encourage effective competition for consumer benefit
  5. Financial Stability — contribute to financial system stability (secondary objective)

Corporate Structure & Governance

The FCA is structured as a company limited by guarantee, operating as an independent regulator funded by fees charged to regulated firms (not government funding). Governance is provided by a Board comprising:

  • Board Chair and Chief Executive (executive leadership)
  • Executive Directors (enforcement, financial crime, operations, supervision)
  • Non-Executive Directors (independent oversight and accountability)

The Board meets at least ten times annually and requires a quorum of five directors to conduct business. The Board sets strategic direction, ensures long-term regulatory effectiveness, and provides oversight of FCA management and performance.

Funding Mechanism

The FCA is entirely self-funded through regulatory fees and levies charged to authorized and registered firms. This ensures regulatory independence from government influence and creates financial accountability aligned with industry stakeholders.

Established by primary legislation enacted by the national legislature. The enabling statute defines the regulatory mandate, scope of authority, governance structure, and enforcement powers.

Field Detail
Primary Legislation [Specific enabling act requires verification from official sources]
Country United Kingdom
Year Established 2012
Legal Status Statutory regulatory authority
Independence [Degree of independence requires verification]

Licensing and Authorization Relevance

Pre-Application Phase

  1. Confirm Regulated Activities — Identify which FCA-regulated activities your firm intends to conduct using the Perimeter Guidance Manual (PERG)
  2. Determine Authorization Category — Identify whether you require: Authorization (full permission), Limited Permission, Interim Permission, or Appointed Representative status
  3. Engage FCA Authorisation Team — Contact the FCA to discuss application strategy and requirements
  4. Gather Documentation — Compile governance, financial, and operational documentation

Application Submission

Required Materials:

  • FCA Application Form (FORM A) — Completed and signed
  • Business Plan — 3-year financial projections, organizational structure, service delivery model
  • Governance & Risk Management Policies — SYSC rules compliance documentation
  • Senior Management Information — CVs, references, financial status; proof of fitness and propriety
  • Financial Statements — Audited accounts or projections; proof of minimum capital
  • Systems & Controls Documentation — Internal audit, compliance, operations procedures
  • AML/KYC Procedures — Money laundering risk assessment, customer verification procedures, sanctions screening
  • Compliance Framework — Data protection (GDPR), reporting infrastructure, audit functions
  • Consumer Duty Compliance (if retail customers) — Plans for Consumer Duty implementation

Submission: Applications submitted via FCA Authorisation Portal

Assessment & Decision Timeline

Period FCA Assessment Applicant Action
Months 1–0.5 Completeness review; requests for clarifications Respond to FCA queries
Months 0.5–3 Full assessment against threshold conditions and ongoing rules Await FCA decision
Month 3 FCA issues: (a) Authorization Decision (grant authorization), or (b) Minded to Refuse Notice (formal objection) If minded to refuse: submit representations
Month 3+ If representations: FCA decision within further time period Applicant may appeal to Upper Tribunal

Expedited Routes:

  • Interim Permission: If applicant (or predecessor firm) has pre-existing authorization, may obtain interim permission while authorization application pending (up to 12 months)
  • Recognition: Certain overseas firms may obtain recognition without full authorization if home regulation deemed equivalent

Payments and Money Movement Relevance

The FCA is the statutory authorization and supervisory authority for payment services in the UK under the Payment Services Regulations 2017 (PSRs 2017).

Payment Services Regulations 2017 (PSRs 2017)

PSRs 2017 implement the revised Payment Services Directive (PSD2) into UK law, effective 1 January 2018, with full implementation by 14 September 2019.

Scope:

PSRs 2017 regulate all provision of payment services unless exempted, including:

  • Payment initiation services (PISPs)
  • Account information services (AISPs)
  • Money remittance services
  • Payment transaction execution
  • Credit transfers
  • Direct debits
  • Card-based payments

Authorization Categories:

Firm Type Authorization Status Scope Capital Requirement
Payment Institution (PI) Authorization required Full range of payment services (except credit) €20,000 + €10,000/service
Small PI Authorization (limited scope) Limited to 2 payment services €50,000
Payment Initiation Service Provider (PISP) Authorization required Payment initiation only €25,000
Account Information Service Provider (AISP) Registration (not authorization) Account aggregation only; lighter regime No capital requirement

Key Authorization Requirements for Payment Institutions:

  1. Governance & Risk Management — Robust internal controls, documented policies, clear reporting lines
  2. Financial Resources — Minimum capital + operational risk buffer (ORCA framework)
  3. Fit and Proper Persons — Directors, senior managers, and significant shareholders vetted
  4. Systems and Controls — Transaction monitoring, fraud detection, error handling
  5. Strong Customer Authentication (SCA) — Implement multifactor authentication for payment initiation
  6. Consumer Rights Protection — Liability limits, refund procedures, complaint handling
  7. Reporting & Transparency — Regulatory reporting, balance sheet disclosures, consumer communications

Strong Customer Authentication (SCA):

The FCA enforces SCA requirements under PSRs 2017, requiring payment service providers to implement:

  • Multifactor authentication combining two or more of: (a) knowledge (password), (b) possession (device), (c) biometric factors
  • Exemptions for low-value transactions (€30 and below), payment-to-merchant schemes, and recurring payments (after first authentication)
  • Compliance deadlines original deadline 14 September 2019; extensions granted for implementation challenges; now fully enforceable

Open Banking:

PSD2 mandates API-based access to account data and payment initiation infrastructure. The FCA supervises:

  • Read-Only Account Access — Customers' right to access account data via third parties
  • Payment Initiation — Customers' right to initiate payments via third parties
  • Competition in Payment Services — Reduced lock-in through open infrastructure

Electronic Money Regulations 2011 (EMRs 2011)

The FCA authorizes and regulates Electronic Money Institutions (EMIs) issuing e-money in the UK under the Electronic Money Regulations 2011.

Scope:

E-money includes "electronic money prepaid products" such as:

  • Prepaid payment cards
  • Mobile wallets and digital payment services
  • Gift cards and store credit (in some cases)
  • Travel cards
  • Cryptocurrency stablecoins (subject to new FSMA regime from October 2027)

Authorization Categories:

EMI Type Authorization Status Capital Requirement Scope
Authorized EMI Full authorization €20,000 initial Full e-money issuance
Small EMI Full authorization €20,000 initial Limited e-money issuance
Payment Institution (Also E-Money) Full authorization €50,000+ Combined payment + e-money services

Key EMI Requirements:

  1. Safeguarding — Customer funds safeguarded by segregation or insurance:
  • Segregation method: Funds held in separate bank accounts, not commingled with firm assets
  • Insurance method: Adequate insurance policy covering customer fund losses
  1. Capital & Financial Resources — €20,000 minimum initial capital; ongoing capital maintenance per EMONEY rules
  2. Governance & Risk Management — Systems and controls proportionate to firm size/complexity
  3. Conduct Rules — E-money issuance, redemption, and fee disclosures:
  • Redemption deadline: Maximum 30 calendar days for full redemption
  • Fee transparency: Clear communication of e-money fees
  • Complaint handling: Same standards as payment institutions
  1. Strong Customer Authentication (if payment element) — If e-money product includes payment services, SCA applies
  2. Consumer Protections — Financial Services Compensation Scheme (FSCS) coverage for insolvency (up to £85,000)

The FCA implemented the revised Payment Services Directive (PSD2) in the UK through PSRs 2017, taking effect 1 January 2018, with full operational compliance by 14 September 2019.

Key PSD2 Changes

Extended Scope:

  • PISPs (Payment Initiation Service Providers): New firm category authorizing payment initiation on customer behalf
  • AISPs (Account Information Service Providers): New firm category aggregating customer account information
  • Broadened definition of payment services to include services previously outside regulatory perimeter

Strong Customer Authentication (SCA):

  • Mandatory multifactor authentication for electronic payment initiation
  • Exemptions for low-value transactions (€30) and recurring payments (after first transaction)
  • Implementation timeline: Original 14 September 2019; extended to 31 December 2020 for some firms; now fully enforced

Enhanced Consumer Rights:

  • Liability protection for unauthorized transactions
  • Refund rights for payment errors within defined periods
  • Information and transparency requirements on payment charges
  • Complaint procedures with 15-day acknowledgment requirement

Competition & Interoperability:

  • Open Banking mandate: Traditional banks must provide API access to payment data and infrastructure
  • Reduced switching friction for payment account customers
  • Third-party access rights to customer data (with consent)

PSD2 Re-Authorization Requirement:

Existing payment institutions and e-money institutions required to be re-authorized or re-registered under new PSD2 framework. FCA processed re-authorization applications through 2018–2020.

Payment Systems Governed or Overseen

The FCA does not directly govern or operate payment systems. However, the FCA regulates all payment service providers and payment firms that participate in or provide services through UK payment systems. This includes authorization, conduct supervision, and consumer protection for firms ranging from banks to fintech operators.

Payment Firms and Services Regulated by FCA

A. Banks and Building Societies (PRA-Regulated Institutions)

Institution Category FCA Role Typical Systems Access
Commercial Banks Conduct regulation; combined with PRA prudential regulation CHAPS, Faster Payments, Bacs, LINK
Building Societies Conduct regulation; separate prudential supervision Faster Payments, Bacs, LINK
Credit Unions Conduct regulation Limited access (typically Faster Payments/Bacs)

Examples: Barclays, HSBC, Lloyds Banking Group, NatWest, Santander UK

B. Authorized Payment Institutions (PIs) and E-Money Institutions (EMIs)

Category Count FCA Authorization Type Examples
Payment Institutions ~2,000 authorized Article 4 PSDII authorization Monzo, Starling Bank, Tide, Wise, GoCardless, SumUp
E-Money Institutions ~1,500 authorized Electronic Money Directive (EMD) Revolut, Monzo, Wise, Remitly
Account Information Service Providers ~300+ Open Banking AISP credentials Account aggregators and FinTechs
Payment Initiation Service Providers ~400+ Open Banking PISP credentials Checkout.com, GoCardless, payment gateways

C. Major Fintech and Payment Operators Authorized by FCA

Operator License Type Primary Service Market Position
Revolut Full Banking Licence (2025) Digital banking + payments 50m+ global customers; FSCS protected (£85k)
Monzo e-Money Institution Digital bank + payments 9.7m customers (31% growth 2024); £11.2bn deposits
Starling Bank e-Money Institution Business + personal banking 4.6m accounts (10% growth, slower than peers)
Wise (TransferWise) Payment Institution (PI) Cross-border transfers; UK current account (March 2026) Global coverage; competing with Monzo/Revolut
GoCardless Payment Institution (PI) + Account Information Service Provider Recurring payments, Direct Debit Unicorn status; 30+ countries; A2A payments
SumUp Payment Service Provider Card reader + POS + payments Small business focus; global scale
Tide Payment Institution (PI) Business banking + payments Freelancers, sole traders, SMEs
Checkout.com Payment Institution (PI) Enterprise payment processing Pizza Hut, H&M, Coinbase, Klarna clients

FCA's Regulatory Framework for Payment Firms

Authorization Requirements

All payment firms must obtain FCA authorization to operate in the UK and access payment systems:

Authorization Type Regulatory Scope Application
Payment Institution (PI) Authorization Offering payment services (PISP, AISP, PSP) Required for most fintech payment operators
e-Money Institution (EMI) Authorization Issuing e-money and providing payment services Required for digital wallets, stored value
Bank Authorization (Prudential) Full banking operations (deposits, lending, payments) Requires PRA approval + FCA conduct oversight
Standalone Bank Exceptional; full credit union authorization Rare; recent example: Revolut (2025)

Consumer Protection Standards

The FCA enforces conduct rules covering payment firms:

Protection Mechanism 2025 Examples
Unauthorized Payment Reimbursement APP fraud reimbursement (PSR + FCA coordination) £1bn+ annual claims; PSR-led framework
Financial Services Compensation Scheme (FSCS) Deposit protection up to £85,000 Revolut FCA bank status (2025); Monzo deposits covered
Segregation of Customer Funds Ring-fencing of customer money e-Money Institution safeguarding requirements
Data Protection GDPR + PSDII data security standards Open Banking data governance oversight

Payment Systems and Infrastructure the FCA Coordinates With

Direct Oversight (Payment Systems):

  • None directly; PSR is specialized subsidiary for system-level regulation

Coordination & Participation:

  • CHAPS (Bank of England operator): FCA coordinates on conduct of banks using CHAPS
  • Faster Payments / Bacs (Pay.UK): FCA coordinates with PSR on firm access
  • Open Banking (OBL): FCA participates in standards-setting; oversees firm-level API security and data handling
  • LINK ATM Network: FCA monitors access requirements and consumer protection

Emerging Payment Systems and FCA Oversight

System/Initiative FCA Involvement Status
New Payments Architecture (NPA) / Interbank Infrastructure Renewal (IIR) Coordinates with PSR on firm access standards; monitors consumer protection aspects Target 2026 (PSR leading regulatory mandate)
Open Finance / PSD3 Preparing for expanded open finance framework; expected 2026–2027 enforcement Policy development ongoing
Digital Pound (CBDC) Policy consultation; exploring regulatory framework for CBDC participation Research phase; long-term horizon
Cross-Border Payments Supervising firms offering cross-border services (Wise, Wise competitors) Growing focus area

Key Statistics on FCA-Regulated Payment Firms (2025)

Overall Market Coverage:

  • ~2,000 Payment Institutions authorized by FCA
  • ~1,500 e-Money Institutions authorized by FCA
  • ~58,000+ total FCA-authorized firms across all sectors
  • Authorization growth rate: 15–20% annual increase in fintech payment licenses

Major Platform Metrics:

  • Revolut: 50m+ customers; Unicorn+ status (USD 45bn valuation)
  • Monzo: 9.7m UK customers; 31% annual growth
  • Starling: 4.6m customers; 10% growth (slower trend)
  • Wise: Global reach; 31 million users; UK current account launched March 2026
  • GoCardless: 30+ countries; recurring payments & Direct Debit focus

Open Banking Users (AISP/PISP Ecosystem):

  • 13.3 million active users (March 2025)
  • 31 million open banking payments/month (March 2025)
  • 8% of Faster Payments volume now via open banking APIs

Relationship Between FCA Authorization and System Access

```

┌─────────────────────────────┐

│ FCA Authorization (PI/EMI) │

└──────────────┬──────────────┘

┌──────────▼──────────────┐

│ Access to PSR-Designated │

│ Payment Systems │

│ ├─ Faster Payments │

│ ├─ Bacs │

│ ├─ CHAPS (via banks) │

│ └─ Image Clearing │

└────────────────────────┘

```

FCA Role: Ensures authorized firms meet conduct, consumer protection, and AML/CFT standards

PSR Role: Ensures fair and non-discriminatory access to designated systems

Relationship to Other Regulators

Prudential Regulation Authority (PRA)

The FCA operates within a dual regulatory system established by the Financial Services Act 2012:

Aspect FCA (Conduct) PRA (Prudential)
Scope All financial services firms Banks, insurers, major investment firms
Focus Conduct of business, consumer protection, market integrity Soundness, solvency, systemic risk
Authority Standalone statutory body Subsidiary of Bank of England
Firms Regulated 58,000+ firms ~1,500 PRA-authorized firms
Overlap FCA regulates conduct of PRA firms PRA handles prudential of major FCA-authorized firms

Coordination:

  • Formal Memorandum of Understanding (MOU): FCA-PRA coordination framework
  • Joint Regulatory Initiatives: Thematic reviews, stress testing, consumer protection standards
  • Cross-Regulation: PRA-authorized firms subject to both PRA prudential rules and FCA conduct rules
  • Information Sharing: FCA and PRA exchange supervisory information

Bank of England

The FCA coordinates with the Bank of England (BoE) on:

  • Financial Stability: Macroprudential policy and systemic risk mitigation
  • Monetary Policy: Interest rate impacts on financial services regulation
  • Payment Systems: Real-time settlement, CHAPS operations
  • Cash and Liquidity: Coordination on Sterling liquidity provision

Geography and Jurisdiction Notes

Field Value
Applies Nationwide Yes
Applies at State or Sub-National Level Only No
Cross-Border or Regional Reach No
Special Territorial Notes National jurisdiction within United Kingdom

Important Departments and Divisions

Division / Department Primary Function
Supervision Division Oversight of regulated entities
Licensing Division Processing of applications and authorizations
Enforcement Division Investigation and prosecution of violations
Policy and Research Division Regulatory policy development
Compliance Division AML/CFT and regulatory compliance monitoring

Key Public Resources

Resource URL
Official Website https://www.fca.org.uk"
Laws and Regulations [Verify on official website]
Licensing Information [Verify on official website]
Publications and Reports [Verify on official website]
Consumer Information [Verify on official website]

Notes on Naming and Language

Field Value
Preferred English Rendering REGULATOR PAGE METADATA
Official Local-Language Rendering REGULATOR PAGE METADATA
Official Website Language(s) English

Related Pages

Mobile Money in this country1

Last updated: 09/Apr/2026