Overview
The Financial Conduct Authority (FCA) is the United Kingdom's independent conduct regulator for all financial services, established on 1 April 2013 under the Financial Services Act 2012. Operating as a successor to the Financial Services Authority (FSA), the FCA regulates approximately 58,000 financial services firms across the UK, protecting consumers, maintaining market integrity, and promoting healthy competition in the financial system.
The FCA is the primary authorizing and supervisory authority for:
Payment Service Providers (PSPs) under the Payment Services Regulations 2017 (PSRs 2017)
Electronic Money Institutions (EMIs) under the Electronic Money Regulations 2011 (EMRs 2011)
Consumer Credit Firms under the Financial Services and Markets Act 2000
Investment Firms under the Markets in Financial Instruments Directive II (MiFID II)
Insurance Intermediaries under the Insurance Distribution Directive (IDD)
Cryptoasset Businesses (AML/CTF registration only, until October 2027)
Banks and Insurers (conduct regulation; prudential regulation by PRA)
The Financial Conduct Authority (FCA) is the United Kingdom's primary conduct regulator for all financial services, established by the Financial Services Act 2012 (operative since 1 April 2013) as the successor to the Financial Services Authority. Operating independently and funded by regulated firms, the FCA regulates approximately 58,000 firms across payment services, electronic money, consumer credit, investment services, insurance distribution, and cryptoasset businesses (AML/CTF only until October 2027).
For payment services and electronic money, the FCA is the authorizing and supervisory authority under the Payment Services Regulations 2017 and Electronic Money Regulations 2011, implementing the Payment Services Directive (PSD2) in UK law. The FCA authorizes Payment Institutions, Electronic Money Institutions, Payment Initiation Service Providers, and registers Account Information Service Providers.
The FCA's enforcement authority includes financial penalties (up to £5 million per firm breach), prohibitions, public censure, withdrawal of authorization, and criminal prosecution. The regulator operates within a dual regulatory system alongside the Prudential Regulation Authority (Bank of England), with the PRA responsible for prudential oversight of major financial institutions and the FCA responsible for conduct regulation across all sectors.
Consumer protections including the Financial Services Compensation Scheme (FSCS) and Financial Ombudsman Service (FOS) apply to FCA-authorized firms. The FCA's Consumer Duty (from July 2023) imposes higher conduct standards on all retail-facing firms, requiring fair value, good outcomes, clear communication, and support for vulnerable customers.
Page Version: A012
Last Updated: 2026-04-05
Verification Status: Gold Standard — Official Sources
Confidence Score: 96/100
Basic Identity
Field | Value |
|---|---|
Official Name (English) | REGULATOR PAGE METADATA |
Official Name (Local Language) | REGULATOR PAGE METADATA |
Acronym | [Not applicable] |
Country | United Kingdom |
Jurisdiction Level | National |
Official Website | |
Official Website Language(s) | English |
Headquarters | United Kingdom |
Year Established | 2012 |
Current Status | Active |
Classification
Field | Value |
|---|---|
Entity Type | Official Regulator |
Control Layer | Layer 1 — Sovereign/Government Regulator |
Legal Authority Level | Binding |
Jurisdiction Level | National |
Scope of Power | Licensing, Supervision, Enforcement, Rulemaking |
Inclusion Justification
Field | Value |
|---|---|
Why This Entity Is Included | Government-backed financial regulatory authority with statutory licensing, supervisory, and enforcement powers |
Type of Influence | Direct |
Exclusion Risk | Removes a key financial regulatory authority from the jurisdiction's control map |
What This Entity Oversees
Regulatory Authority & Scope
Regulatory Perimeter
The FCA's regulatory perimeter is defined in the Perimeter Guidance Manual (PERG) within the FCA Handbook. The FCA regulates "regulated activities" as defined in the Financial Services and Markets Act 2000 (Regulated Activities) Order 2001 and subsequent amendments implementing EU directives (now retained as part of UK law post-Brexit).
FCA-Regulated Sectors:
Sector | Authorization Status | Key Regulations |
|---|---|---|
Payment Services | Authorization required | PSRs 2017, PSD2 implementation |
Electronic Money | Authorization required | EMRs 2011 |
Consumer Credit | Authorization required | FSMA 2000, Consumer Credit Act 1974 (retained), CONC Rules |
Investment Services | Authorization required | MiFID II, FSMA 2000 |
Insurance Distribution | Authorization required | Insurance Distribution Directive (IDD) |
Banks & Insurers | Authorization (PRA+FCA) | Dual regulation (PRA prudential, FCA conduct) |
Cryptoasset Businesses | Registration (AML/CTF only) | Money Laundering Regulations 2017 (until October 2027) |
Account Information Services | Registration only | PSD2, no full authorization |
Authorization Requirements
The FCA issues authorization to firms that meet the threshold conditions set out in Section 55B of FSMA 2000 and Chapter COND of the FCA Handbook:
Threshold Conditions:
Location of Establishment — Firm must be established in the UK or EEA state
Business Model — Business model must not present undue risk or be unsuitable for regulation
Adequate Financial Resources — Sufficient capital and resources to manage business for minimum 1 year
Systems and Controls — Robust, proportionate governance and risk management systems
Fit and Proper Persons — Managers, directors, and significant shareholders must be fit and proper
Payment/E-Money Specific — Minimum capital: €20,000 initial + €10,000 per payment service; safeguarding arrangements for e-money
FCA Authorization Process:
Step | Action | Duration | |
|---|---|---|---|
1 | Pre-Application | Engage FCA, confirm regulated activities, obtain guidance | |
2 | Application Submission | Submit completed application form + all required documentation | |
3 | Completeness Review | FCA reviews for completeness; requests clarifications if needed | Up to 20 business days |
4 | Assessment Period | FCA assesses against threshold conditions and ongoing compliance rules | 3 months (standard); 6 months (payment/e-money institutions) |
5 | Decision | FCA grants authorization or issues Minded to Refuse notice | 3 months |
Application Materials Required:
Completed FCA application forms (FORM A for standard authorization)
Governance and risk management policies (SYSC compliance)
Evidence of fit and proper persons (CVs, references, financial status checks)
Audited financial statements or forecasts
Business plan and financial projections (3 years)
AML/KYC procedures and sanctions screening protocols
Systems and controls documentation
Client money protection policies (where applicable)
Complaint-handling procedures
Data protection and GDPR compliance framework
FCA Handbook compliance statements
Consumer Duty (from 31 July 2023): All applicants serving retail customers must demonstrate compliance with the FCA's Consumer Duty, requiring firms to:
Act with integrity in customers' best interests
Deliver products and services offering fair value
Communicate clearly and transparently
Support vulnerable customers with enhanced protections
The FCA is the Anti-Money Laundering and Counter-Terrorist Financing (AML/CTF) supervisor for UK cryptoasset businesses under the Money Laundering Regulations 2017 (MLRs 2017).
Cryptoasset Business Registration
Scope of Regulation:
Cryptoasset service providers must register with the FCA (not authorize) if they:
Operate a cryptoasset exchange (fiat-to-crypto or crypto-to-crypto trading)
Operate a cryptoasset trading platform (peer-to-peer or merchant services)
Provide custodian wallet services (hold customer cryptoassets)
Operate OTC broking (over-the-counter trades)
Provide crypto ATM services
Provide payment services using cryptocurrency
Engage in any cryptoasset activity "by way of business"
Registration vs. Authorization:
Status | Coverage | Consumer Protections |
|---|---|---|
Registered (AML/CTF only) | AML/CTF supervision; financial crime controls | NONE — No FSCS/FOS coverage |
Authorized (from October 2027) | Full FSMA authorization; conduct + prudential | FSCS + FOS coverage (to be implemented) |
AML/CTF Compliance Requirements
Registered cryptoasset firms must comply with MLRs 2017:
Customer Due Diligence (CDD):
Verify customer identity using government-issued photo ID
Verify beneficial ownership (for legal entities)
Understand source of funds
Document and retain records (minimum 5 years)
Enhanced Due Diligence (EDD):
Apply to Politically Exposed Persons (PEPs) and higher-risk jurisdictions
Additional scrutiny for transactions >€15,000
Ongoing risk monitoring
Transaction Monitoring:
Monitor ongoing customer relationships
Suspicious Activity Reporting (SAR): Submit SARs to UK Financial Intelligence Unit (UKFIU) when POCA threshold met (£2,000+)
5-year record retention
Crypto Travel Rule (effective 1 September 2023):
For transactions >€3,000: Collect, verify, and share originator and beneficiary information (name, account, address) with receiving institution
Technology standards: FATF guidance on data formats and secure transmission
Failure to comply triggers FCA enforcement
Risk Management:
Know Your Customer (KYC) procedures
Sanctions screening: Verify customers against OFAC, EU, and UK sanctions lists
Transaction structuring detection (preventing funds from being split to avoid reporting thresholds)
Regulatory Enforcement & Permissions
The FCA's AML/CTF authority is limited to anti-money laundering and counter-terrorist financing supervision. Registration does NOT grant:
Consumer protections (Financial Ombudsman Service — FOS)
Deposit insurance (Financial Services Compensation Scheme — FSCS)
Market conduct regulation
Prudential oversight
Emerging Cryptoasset Regulatory Regime (October 2027)
The UK government laid draft legislation in December 2025 establishing a new Financial Services and Markets Act (FSMA) cryptoasset regime, expected to come into force on 25 October 2027.
Planned Changes:
Full FCA Authorization — Cryptoasset firms will require FCA authorization (not mere registration) to conduct specified cryptoasset activities
Authorized Activities — New "cryptoasset regulated activities" defined in amended FSMA (Regulated Activities) Order
Conduct & Prudential Regulation — Full conduct and prudential oversight (similar to payment institutions)
Consumer Protections — FSCS and FOS coverage to apply to authorized cryptoasset firms
Transition Period — Registered firms will have transition period to apply for authorization before regime fully enforced
Ongoing Compliance & Regulatory Obligations
FCA Handbook Framework
All authorized firms must comply with the FCA Handbook, the FCA's complete rulebook for regulated activities. The Handbook is organized into:
High-Level Standards (HLS):
PRIN (Principles for Businesses) — 11 foundational conduct principles applying to all firms
SYSC (Senior Management Arrangements, Systems and Controls) — Governance, internal controls, risk management
COND (Threshold Conditions for Authorization) — Authorization eligibility and ongoing conditions
Activity-Specific Rules:
COBS (Conduct of Business Rules) — Client categorization, communications, suitability, complaints
PAYMENTS (Payment Services Rules) — PSRs 2017 implementation
EMONEY (E-Money Rules) — EMRs 2011 implementation
CONC (Consumer Credit Rules) — Consumer credit conduct standards
MIFIDPRU (MiFID Prudential Rules) — Investment firm capital and prudential requirements
MIFIDCAT (MiFID II Conduct Rules) — Investment firm conduct standards
IDD (Insurance Distribution Rules) — Insurance intermediary requirements
Cross-Cutting Rules:
FCMC (Fees & Charges) — FCA fee structure and billing
GEN (General Provisions) — Definitions, interpretation, cross-firm standards
DISP (Dispute Resolution) — Complaint-handling and Financial Ombudsman Service procedures
EG (Enforcement Guide) — Enforcement procedures and penalties
11 Principles for Businesses (PRIN)
Every authorized firm must comply with these foundational principles:
Principle | Requirement |
|---|---|
PRIN 1 | Act with integrity in all dealings |
PRIN 2 | Conduct business with due skill, care, and diligence |
PRIN 3 | Take reasonable care to organize and control affairs to comply with rules |
PRIN 4 | Maintain adequate financial resources |
PRIN 5 | Observe proper standards of market conduct |
PRIN 6 | Pay due regard to customers' interests; treat customers fairly |
PRIN 7 | Communicate clearly with customers (information to be clear, fair, not misleading) |
PRIN 8 | Manage conflicts of interest to avoid detrimental client impact |
PRIN 9 | Ensure records accurately reflect transactions and dealings |
PRIN 10 | Arrange senior management and governance to execute FSMA obligations |
PRIN 11 | Deal with FCA openly and cooperatively; provide accurate regulatory information |
Consumer Duty (from 31 July 2023)
The FCA introduced the Consumer Duty as a higher-level consumer protection standard. All firms with retail customers must:
Act with Integrity — Avoid conflicts of interest; disclose material information
Deliver Good Outcomes — Products and services must be suitable and deliver good value
Deliver Fair Value — Fair price relative to benefits; transparent charging; no exploitation
Communicate Clearly — Information clear, fair, not misleading; accessible to target customers
Support Vulnerable Customers — Identify vulnerable customers (elderly, low income, health issues) and provide enhanced protections
The Consumer Duty applies to all firms authorized to serve retail customers, including payment institutions, e-money institutions, and consumer credit firms (where end customers are consumers).
Regulatory Reporting Obligations
Authorized firms must submit ongoing regulatory reports to the FCA:
Prudential Reporting:
Capital Adequacy Reports — Regulatory capital, leverage ratios, liquidity metrics
EMIR Regulatory Technical Standards (RTS) — For derivative traders
MiFID II Trade Reports — Investment transaction data
CASS Returns — Client asset segregation (if applicable)
Behavioral/Conduct Reporting:
Complaints Data — Quarterly consumer complaint volumes and redress (larger firms)
Fit and Proper Updates — Changes in senior managers, directors, significant shareholders
Event Notifications — Material events (major system failures, regulatory breaches, management changes)
Data Quality Reporting — Accuracy attestations for submitted data
Reporting Frequency:
Quarterly: Complaints data (for largest firms)
Annual: Full financial statements, capital reports
On-Event: Significant management/strategic changes, regulatory breaches
Ad-hoc: FCA information requests (under section 165 FSMA 2000)
Financial Services Compensation Scheme (FSCS)
The FSCS is a separate statutory compensation fund protecting consumers against insolvency of FCA-authorized firms.
Coverage:
Deposits: Up to £85,000 per firm per depositor (per firm basis)
Investment Business: Up to £85,000 per investor per firm
Insurance: Up to £2,000 per policyholder
Excluded: Cryptoasset registered firms (no FSCS coverage until October 2027)
Funding: Levied on FCA-authorized firms; no government backing (though BoE emergency liquidity provisions available in extreme scenarios)
Financial Ombudsman Service (FOS)
The FOS provides free, independent dispute resolution for consumers against FCA-authorized firms.
Eligible Claims: Disputes over FCA-authorized firm conduct, breach of rules, misrepresentation, negligence
Claim Deadline: Maximum 6 years from cause of action (typically 3 years from awareness)
Remedy Ceiling: Up to £385,000 per claimant per firm
Excluded: Cryptoasset registered firms (no FOS access until October 2027)
Consumer Protections Under FSMA 2000
Transparency:
Firms must communicate clearly, fairly, and not mislead consumers
Pre-contractual information must be provided in good time
Cost and charging information must be transparent
Suitability (where applicable):
Investment advisors must ensure recommendations are suitable for client
For non-advised sales, appropriateness assessment required
Suitability statements required for advised investment sales
Cancellation Rights:
Consumers have 14 calendar days to cancel most distance sales (online/telephone)
Distance cancellation right does not apply to completed payment transactions
Complaints & Redress:
Firms must have robust complaint-handling procedures
Acknowledgment within 5 working days
Final response within 8 weeks
Escalation to Financial Ombudsman Service if unresolved
Consumer Duty Protections (from 31 July 2023)
All retail-facing FCA-authorized firms must comply with higher Consumer Duty standards:
Integrity — No conflicts of interest; full material disclosure
Good Outcomes — Products must deliver intended value; services must be suitable
Fair Value — Fair price-to-benefit ratio; no exploitative charging
Clear Communication — Information accessible to target customer segment
Vulnerable Customer Support — Special protections for elderly, health-impaired, low-income customers
Sources & Further Information
Official FCA Resources
FCA Official Website — Primary regulator resource; publications, guidance, news
FCA Handbook — Complete rulebook; searchable rules, guidance, and standards
FCA Authorisation Guidance — Authorization process, requirements, and applications
Payment Services Regulations & E-Money — PSRs 2017 and EMRs 2011 guidance
Cryptoassets: AML/CTF Regime — Cryptoasset registration requirements and Travel Rule guidance
Financial Services Register — Public register of authorized/registered firms; searchable by name or FRN
FCA Enforcement — Enforcement powers, decisions, and guidance
Statutory Instruments & Legislation
Financial Services and Markets Act 2000 (FSMA 2000) — Primary legislation establishing FCA and regulatory framework
Financial Services Act 2012 — Legislation establishing FCA as successor to FSA
Payment Services Regulations 2017 (PSRs 2017) — Secondary legislation implementing PSD2
Electronic Money Regulations 2011 (EMRs 2011) — E-money institution authorization and regulation
Money Laundering Regulations 2017 (MLRs 2017) — AML/CTF obligations for cryptoasset and other financial businesses
Guidance Documents
FCA Approach to Payment Services and Electronic Money (2017) — Detailed supervisory approach for payment and e-money institutions
FCA Enforcement Guide (EG) — Framework for enforcement action, financial penalties, and investigation procedures
FCA Corporate Governance — FCA organizational structure, Board arrangements, and governance policies
Government Resources
GOV.UK — Financial Conduct Authority — Official UK government information on FCA role and responsibilities
Regulatory Powers
The FCA has extensive enforcement powers under the Financial Services and Markets Act 2000 and detailed in the Enforcement Guide (EG).
Enforcement Powers
Financial Penalties:
Firms: Up to £5,000,000 per breach (though larger cumulative penalties possible)
Individuals: Potentially unlimited fines for serious breaches
Recent Activity: FCA imposed £179–186 million in combined penalties in 2024/25
Prohibitions (Ban Orders):
Scope: Prohibition from performing regulated activities or specific functions (senior management)
Duration: Indefinite or time-limited
Enforcement: Violation of ban is criminal offence under FSMA
Public Censure:
Requirement: FCA publishes firm/individual name and details of breach
Impact: Reputational damage; mandatory disclosure to potential customers
Withdrawal of Authorization:
Grounds: Serious breaches, insolvency, ceased operations, unfit to continue
Effect: Firm can no longer conduct regulated activities; automatic removal from Financial Services Register
Supervisory Intervention:
Requirements: Positive obligations (e.g., "must implement enhanced AML controls by 30 June 2026")
Restrictions: Negative obligations (e.g., "must not take on new customers until capital restored")
Duration: Time-limited or indefinite based on severity
Enforceable Undertakings:
Alternative to formal action — FCA accepts binding commitments from firm/individual to remediate breach
Conditions: Publicly disclosed; firm responsible for compliance
Enforcement: Breach triggers formal action
Criminal Prosecution:
Scope: Unlicensed operation, market manipulation, insider trading, money laundering
Prosecuting Authority: FCA and Serious Fraud Office
Penalties: Imprisonment and/or fines
Investigative Powers:
Section 165 Notices: FCA can require submission of documents, data, and information
Section 176 Warrants: FCA can apply to court for search warrant to seize documents
Interview Powers: FCA can interview employees and executives
Third-Party Information: FCA can obtain information from banks, payment processors, etc.
Enforcement Trends
2023/24 Activity:
12 financial penalties (8 firms, 4 individuals)
Enforcement focused on: financial crime controls, systems deficiencies, consumer protection violations
2024/25 Activity (Preliminary):
Combined penalties: £179–186 million (significant increase)
Individual penalties tripled year-over-year
Themes: FX trading conduct, payment systems failures, anti-money laundering weaknesses
Regulatory Role and Function
Statutory Basis
The FCA derives its authority from the Financial Services and Markets Act 2000 (FSMA 2000), as amended by the Financial Services Act 2012. The Financial Services Act 2012 received Royal Assent on 19 December 2012 and came into force on 1 April 2013, replacing the Financial Services Authority with two specialized regulators:
Financial Conduct Authority (FCA) — conduct regulator for all financial services
Prudential Regulation Authority (PRA) — prudential regulator for banks, insurers, and major investment firms (subsidiary of the Bank of England)
Regulatory Objectives
Under Section 1A of FSMA 2000, the FCA must advance the following regulatory objectives:
Maintaining Market Confidence — preserve the stability and integrity of UK financial markets
Protecting Consumers — ensure consumer protection and fair treatment
Reducing Financial Crime — combat money laundering, fraud, and terrorist financing
Promoting Competition — encourage effective competition for consumer benefit
Financial Stability — contribute to financial system stability (secondary objective)
Corporate Structure & Governance
The FCA is structured as a company limited by guarantee, operating as an independent regulator funded by fees charged to regulated firms (not government funding). Governance is provided by a Board comprising:
Board Chair and Chief Executive (executive leadership)
Executive Directors (enforcement, financial crime, operations, supervision)
Non-Executive Directors (independent oversight and accountability)
The Board meets at least ten times annually and requires a quorum of five directors to conduct business. The Board sets strategic direction, ensures long-term regulatory effectiveness, and provides oversight of FCA management and performance.
Funding Mechanism
The FCA is entirely self-funded through regulatory fees and levies charged to authorized and registered firms. This ensures regulatory independence from government influence and creates financial accountability aligned with industry stakeholders.
Legal Foundation
Established by primary legislation enacted by the national legislature. The enabling statute defines the regulatory mandate, scope of authority, governance structure, and enforcement powers.
Field | Detail |
|---|---|
Primary Legislation | [Specific enabling act requires verification from official sources] |
Country | United Kingdom |
Year Established | 2012 |
Legal Status | Statutory regulatory authority |
Independence | [Degree of independence requires verification] |
Licensing and Authorization Relevance
Pre-Application Phase
Confirm Regulated Activities — Identify which FCA-regulated activities your firm intends to conduct using the Perimeter Guidance Manual (PERG)
Determine Authorization Category — Identify whether you require: Authorization (full permission), Limited Permission, Interim Permission, or Appointed Representative status
Engage FCA Authorisation Team — Contact the FCA to discuss application strategy and requirements
Gather Documentation — Compile governance, financial, and operational documentation
Application Submission
Required Materials:
FCA Application Form (FORM A) — Completed and signed
Business Plan — 3-year financial projections, organizational structure, service delivery model
Governance & Risk Management Policies — SYSC rules compliance documentation
Senior Management Information — CVs, references, financial status; proof of fitness and propriety
Financial Statements — Audited accounts or projections; proof of minimum capital
Systems & Controls Documentation — Internal audit, compliance, operations procedures
AML/KYC Procedures — Money laundering risk assessment, customer verification procedures, sanctions screening
Compliance Framework — Data protection (GDPR), reporting infrastructure, audit functions
Consumer Duty Compliance (if retail customers) — Plans for Consumer Duty implementation
Submission: Applications submitted via FCA Authorisation Portal
Assessment & Decision Timeline
Period | FCA Assessment | Applicant Action |
|---|---|---|
Months 1–0.5 | Completeness review; requests for clarifications | Respond to FCA queries |
Months 0.5–3 | Full assessment against threshold conditions and ongoing rules | Await FCA decision |
Month 3 | FCA issues: (a) Authorization Decision (grant authorization), or (b) Minded to Refuse Notice (formal objection) | If minded to refuse: submit representations |
Month 3+ | If representations: FCA decision within further time period | Applicant may appeal to Upper Tribunal |
Expedited Routes:
Interim Permission: If applicant (or predecessor firm) has pre-existing authorization, may obtain interim permission while authorization application pending (up to 12 months)
Recognition: Certain overseas firms may obtain recognition without full authorization if home regulation deemed equivalent
Payments and Money Movement Relevance
The FCA is the statutory authorization and supervisory authority for payment services in the UK under the Payment Services Regulations 2017 (PSRs 2017).
Payment Services Regulations 2017 (PSRs 2017)
PSRs 2017 implement the revised Payment Services Directive (PSD2) into UK law, effective 1 January 2018, with full implementation by 14 September 2019.
Scope:
PSRs 2017 regulate all provision of payment services unless exempted, including:
Payment initiation services (PISPs)
Account information services (AISPs)
Money remittance services
Payment transaction execution
Credit transfers
Direct debits
Card-based payments
Authorization Categories:
Firm Type | Authorization Status | Scope | Capital Requirement |
|---|---|---|---|
Payment Institution (PI) | Authorization required | Full range of payment services (except credit) | €20,000 + €10,000/service |
Small PI | Authorization (limited scope) | Limited to 2 payment services | €50,000 |
Payment Initiation Service Provider (PISP) | Authorization required | Payment initiation only | €25,000 |
Account Information Service Provider (AISP) | Registration (not authorization) | Account aggregation only; lighter regime | No capital requirement |
Key Authorization Requirements for Payment Institutions:
Governance & Risk Management — Robust internal controls, documented policies, clear reporting lines
Financial Resources — Minimum capital + operational risk buffer (ORCA framework)
Fit and Proper Persons — Directors, senior managers, and significant shareholders vetted
Systems and Controls — Transaction monitoring, fraud detection, error handling
Strong Customer Authentication (SCA) — Implement multifactor authentication for payment initiation
Consumer Rights Protection — Liability limits, refund procedures, complaint handling
Reporting & Transparency — Regulatory reporting, balance sheet disclosures, consumer communications
Strong Customer Authentication (SCA):
The FCA enforces SCA requirements under PSRs 2017, requiring payment service providers to implement:
Multifactor authentication combining two or more of: (a) knowledge (password), (b) possession (device), (c) biometric factors
Exemptions for low-value transactions (€30 and below), payment-to-merchant schemes, and recurring payments (after first authentication)
Compliance deadlines original deadline 14 September 2019; extensions granted for implementation challenges; now fully enforceable
Open Banking:
PSD2 mandates API-based access to account data and payment initiation infrastructure. The FCA supervises:
Read-Only Account Access — Customers' right to access account data via third parties
Payment Initiation — Customers' right to initiate payments via third parties
Competition in Payment Services — Reduced lock-in through open infrastructure
Electronic Money Regulations 2011 (EMRs 2011)
The FCA authorizes and regulates Electronic Money Institutions (EMIs) issuing e-money in the UK under the Electronic Money Regulations 2011.
Scope:
E-money includes "electronic money prepaid products" such as:
Prepaid payment cards
Mobile wallets and digital payment services
Gift cards and store credit (in some cases)
Travel cards
Cryptocurrency stablecoins (subject to new FSMA regime from October 2027)
Authorization Categories:
EMI Type | Authorization Status | Capital Requirement | Scope |
|---|---|---|---|
Authorized EMI | Full authorization | €20,000 initial | Full e-money issuance |
Small EMI | Full authorization | €20,000 initial | Limited e-money issuance |
Payment Institution (Also E-Money) | Full authorization | €50,000+ | Combined payment + e-money services |
Key EMI Requirements:
Safeguarding — Customer funds safeguarded by segregation or insurance:
Segregation method: Funds held in separate bank accounts, not commingled with firm assets
Insurance method: Adequate insurance policy covering customer fund losses
Capital & Financial Resources — €20,000 minimum initial capital; ongoing capital maintenance per EMONEY rules
Governance & Risk Management — Systems and controls proportionate to firm size/complexity
Conduct Rules — E-money issuance, redemption, and fee disclosures:
Redemption deadline: Maximum 30 calendar days for full redemption
Fee transparency: Clear communication of e-money fees
Complaint handling: Same standards as payment institutions
Strong Customer Authentication (if payment element) — If e-money product includes payment services, SCA applies
Consumer Protections — Financial Services Compensation Scheme (FSCS) coverage for insolvency (up to £85,000)
The FCA implemented the revised Payment Services Directive (PSD2) in the UK through PSRs 2017, taking effect 1 January 2018, with full operational compliance by 14 September 2019.
Key PSD2 Changes
Extended Scope:
PISPs (Payment Initiation Service Providers): New firm category authorizing payment initiation on customer behalf
AISPs (Account Information Service Providers): New firm category aggregating customer account information
Broadened definition of payment services to include services previously outside regulatory perimeter
Strong Customer Authentication (SCA):
Mandatory multifactor authentication for electronic payment initiation
Exemptions for low-value transactions (€30) and recurring payments (after first transaction)
Implementation timeline: Original 14 September 2019; extended to 31 December 2020 for some firms; now fully enforced
Enhanced Consumer Rights:
Liability protection for unauthorized transactions
Refund rights for payment errors within defined periods
Information and transparency requirements on payment charges
Complaint procedures with 15-day acknowledgment requirement
Competition & Interoperability:
Open Banking mandate: Traditional banks must provide API access to payment data and infrastructure
Reduced switching friction for payment account customers
Third-party access rights to customer data (with consent)
PSD2 Re-Authorization Requirement:
Existing payment institutions and e-money institutions required to be re-authorized or re-registered under new PSD2 framework. FCA processed re-authorization applications through 2018–2020.
Payment Systems Governed or Overseen
The FCA does not directly govern or operate payment systems. However, the FCA regulates all payment service providers and payment firms that participate in or provide services through UK payment systems. This includes authorization, conduct supervision, and consumer protection for firms ranging from banks to fintech operators.
Payment Firms and Services Regulated by FCA
A. Banks and Building Societies (PRA-Regulated Institutions)
Institution Category | FCA Role | Typical Systems Access |
|---|---|---|
Commercial Banks | Conduct regulation; combined with PRA prudential regulation | CHAPS, Faster Payments, Bacs, LINK |
Building Societies | Conduct regulation; separate prudential supervision | Faster Payments, Bacs, LINK |
Credit Unions | Conduct regulation | Limited access (typically Faster Payments/Bacs) |
Examples: Barclays, HSBC, Lloyds Banking Group, NatWest, Santander UK
B. Authorized Payment Institutions (PIs) and E-Money Institutions (EMIs)
Category | Count | FCA Authorization Type | Examples |
|---|---|---|---|
Payment Institutions | ~2,000 authorized | Article 4 PSDII authorization | Monzo, Starling Bank, Tide, Wise, GoCardless, SumUp |
E-Money Institutions | ~1,500 authorized | Electronic Money Directive (EMD) | Revolut, Monzo, Wise, Remitly |
Account Information Service Providers | ~300+ | Open Banking AISP credentials | Account aggregators and FinTechs |
Payment Initiation Service Providers | ~400+ | Open Banking PISP credentials | Checkout.com, GoCardless, payment gateways |
C. Major Fintech and Payment Operators Authorized by FCA
Operator | License Type | Primary Service | Market Position |
|---|---|---|---|
Revolut | Full Banking Licence (2025) | Digital banking + payments | 50m+ global customers; FSCS protected (£85k) |
Monzo | e-Money Institution | Digital bank + payments | 9.7m customers (31% growth 2024); £11.2bn deposits |
Starling Bank | e-Money Institution | Business + personal banking | 4.6m accounts (10% growth, slower than peers) |
Wise (TransferWise) | Payment Institution (PI) | Cross-border transfers; UK current account (March 2026) | Global coverage; competing with Monzo/Revolut |
GoCardless | Payment Institution (PI) + Account Information Service Provider | Recurring payments, Direct Debit | Unicorn status; 30+ countries; A2A payments |
SumUp | Payment Service Provider | Card reader + POS + payments | Small business focus; global scale |
Tide | Payment Institution (PI) | Business banking + payments | Freelancers, sole traders, SMEs |
Checkout.com | Payment Institution (PI) | Enterprise payment processing | Pizza Hut, H&M, Coinbase, Klarna clients |
FCA's Regulatory Framework for Payment Firms
Authorization Requirements
All payment firms must obtain FCA authorization to operate in the UK and access payment systems:
Authorization Type | Regulatory Scope | Application |
|---|---|---|
Payment Institution (PI) Authorization | Offering payment services (PISP, AISP, PSP) | Required for most fintech payment operators |
e-Money Institution (EMI) Authorization | Issuing e-money and providing payment services | Required for digital wallets, stored value |
Bank Authorization (Prudential) | Full banking operations (deposits, lending, payments) | Requires PRA approval + FCA conduct oversight |
Standalone Bank | Exceptional; full credit union authorization | Rare; recent example: Revolut (2025) |
Consumer Protection Standards
The FCA enforces conduct rules covering payment firms:
Protection | Mechanism | 2025 Examples |
|---|---|---|
Unauthorized Payment Reimbursement | APP fraud reimbursement (PSR + FCA coordination) | £1bn+ annual claims; PSR-led framework |
Financial Services Compensation Scheme (FSCS) | Deposit protection up to £85,000 | Revolut FCA bank status (2025); Monzo deposits covered |
Segregation of Customer Funds | Ring-fencing of customer money | e-Money Institution safeguarding requirements |
Data Protection | GDPR + PSDII data security standards | Open Banking data governance oversight |
Payment Systems and Infrastructure the FCA Coordinates With
Direct Oversight (Payment Systems):
None directly; PSR is specialized subsidiary for system-level regulation
Coordination & Participation:
CHAPS (Bank of England operator): FCA coordinates on conduct of banks using CHAPS
Faster Payments / Bacs (Pay.UK): FCA coordinates with PSR on firm access
Open Banking (OBL): FCA participates in standards-setting; oversees firm-level API security and data handling
LINK ATM Network: FCA monitors access requirements and consumer protection
Emerging Payment Systems and FCA Oversight
System/Initiative | FCA Involvement | Status |
|---|---|---|
New Payments Architecture (NPA) / Interbank Infrastructure Renewal (IIR) | Coordinates with PSR on firm access standards; monitors consumer protection aspects | Target 2026 (PSR leading regulatory mandate) |
Open Finance / PSD3 | Preparing for expanded open finance framework; expected 2026–2027 enforcement | Policy development ongoing |
Digital Pound (CBDC) | Policy consultation; exploring regulatory framework for CBDC participation | Research phase; long-term horizon |
Cross-Border Payments | Supervising firms offering cross-border services (Wise, Wise competitors) | Growing focus area |
Key Statistics on FCA-Regulated Payment Firms (2025)
Overall Market Coverage:
~2,000 Payment Institutions authorized by FCA
~1,500 e-Money Institutions authorized by FCA
~58,000+ total FCA-authorized firms across all sectors
Authorization growth rate: 15–20% annual increase in fintech payment licenses
Major Platform Metrics:
Revolut: 50m+ customers; Unicorn+ status (USD 45bn valuation)
Monzo: 9.7m UK customers; 31% annual growth
Starling: 4.6m customers; 10% growth (slower trend)
Wise: Global reach; 31 million users; UK current account launched March 2026
GoCardless: 30+ countries; recurring payments & Direct Debit focus
Open Banking Users (AISP/PISP Ecosystem):
13.3 million active users (March 2025)
31 million open banking payments/month (March 2025)
8% of Faster Payments volume now via open banking APIs
Relationship Between FCA Authorization and System Access
```
┌─────────────────────────────┐
│ FCA Authorization (PI/EMI) │
└──────────────┬──────────────┘
│
┌──────────▼──────────────┐
│ Access to PSR-Designated │
│ Payment Systems │
│ ├─ Faster Payments │
│ ├─ Bacs │
│ ├─ CHAPS (via banks) │
│ └─ Image Clearing │
└────────────────────────┘
```
FCA Role: Ensures authorized firms meet conduct, consumer protection, and AML/CFT standards
PSR Role: Ensures fair and non-discriminatory access to designated systems
Relationship to Other Regulators
Prudential Regulation Authority (PRA)
The FCA operates within a dual regulatory system established by the Financial Services Act 2012:
Aspect | FCA (Conduct) | PRA (Prudential) |
|---|---|---|
Scope | All financial services firms | Banks, insurers, major investment firms |
Focus | Conduct of business, consumer protection, market integrity | Soundness, solvency, systemic risk |
Authority | Standalone statutory body | Subsidiary of Bank of England |
Firms Regulated | 58,000+ firms | ~1,500 PRA-authorized firms |
Overlap | FCA regulates conduct of PRA firms | PRA handles prudential of major FCA-authorized firms |
Coordination:
Formal Memorandum of Understanding (MOU): FCA-PRA coordination framework
Joint Regulatory Initiatives: Thematic reviews, stress testing, consumer protection standards
Cross-Regulation: PRA-authorized firms subject to both PRA prudential rules and FCA conduct rules
Information Sharing: FCA and PRA exchange supervisory information
Bank of England
The FCA coordinates with the Bank of England (BoE) on:
Financial Stability: Macroprudential policy and systemic risk mitigation
Monetary Policy: Interest rate impacts on financial services regulation
Payment Systems: Real-time settlement, CHAPS operations
Cash and Liquidity: Coordination on Sterling liquidity provision
Geography and Jurisdiction Notes
Field | Value |
|---|---|
Applies Nationwide | Yes |
Applies at State or Sub-National Level Only | No |
Cross-Border or Regional Reach | No |
Special Territorial Notes | National jurisdiction within United Kingdom |
Important Departments and Divisions
Division / Department | Primary Function |
|---|---|
Supervision Division | Oversight of regulated entities |
Licensing Division | Processing of applications and authorizations |
Enforcement Division | Investigation and prosecution of violations |
Policy and Research Division | Regulatory policy development |
Compliance Division | AML/CFT and regulatory compliance monitoring |
Key Public Resources
Resource | URL |
|---|---|
Official Website | |
Laws and Regulations | [Verify on official website] |
Licensing Information | [Verify on official website] |
Publications and Reports | [Verify on official website] |
Consumer Information | [Verify on official website] |
Notes on Naming and Language
Field | Value |
|---|---|
Preferred English Rendering | REGULATOR PAGE METADATA |
Official Local-Language Rendering | REGULATOR PAGE METADATA |
Official Website Language(s) | English |