Solutions

FCA Authorisation

Senior compliance and legal specialists running FCA authorisation, variation of permission and registration applications end to end, with the rhythm an FCA case officer recognises.

Senior compliance and legal specialists in FCA Authorisation

An FCA authorisation is rarely a paperwork exercise. The firm seeking permission has to evidence its business model, its controls, its people and its risk in a way that addresses what the FCA is currently focused on, not what the textbook centred around when it was written. Applications that go through cleanly are the ones that anticipate the supervisor’s questions before they are asked. Applications that drag, get stopped on the clock or come back with a long list of conditions tend to be the ones that were treated as a form-filling exercise.

When you instruct Arbor on an authorisation, you work directly with the senior compliance specialists who actually run the application.

Pregeshni Maduramuthu leads our compliance team and the day-to-day work of authorisations. Where the application needs senior legal input on group structure, governance, commercial terms or the wider corporate set-up, Kate Bennett brings the GC and corporate perspective.

The arrangement is simple: one named senior person owns the application from scope to authorised status, with the legal back-up where it actually matters.

Most law firms hand the operational side of an authorisation to a compliance consultancy. Most compliance consultancies need a law firm alongside for the legal and governance questions. Arbor combines both under one roof, with a single named lead, a single fee envelope and a single point of contact for your case officer.

WHAT YOU GET

What you get when you instruct Arbor on an FCA authorisation

A senior compliance specialist on the file from day one

Pregeshni leads the application personally. The team behind her is senior too: compliance specialists who have written, defended and lived inside FCA applications rather than only reviewed them. You will not be handed to a junior to draft the regulatory business plan, then to a partner to sign off the cover letter.

A bill you can defend internally

Big Law legal expertise alongside dedicated senior compliance support, at a rate that does not compound across the application. Most authorisations fit a fixed-fee structure for the pre-application phase, a fixed or capped fee for drafting and submission, and a separate scope for any post-submission FCA queries. You will know what the application costs before you decide to start it, and you will know before the meter ticks past it.

Advice calibrated to the permission you actually need

The wrong permission is more expensive than the right one. Sometimes the application you started preparing is not the application your business needs. Sometimes an exemption, an appointed representative arrangement, a small payment institution registration or a more limited Part 4A scope is the right answer. We will tell you what permission your business model actually requires, and what each route costs in time, capital, governance overhead and ongoing supervisory rhythm.

Sector context already on the page

We act for fintechs, payments and e-money businesses, corporate finance advisory boutiques, investment firms, asset and wealth managers, AI and digital-asset businesses entering the regulated perimeter, and international groups setting up regulated UK entities. We do not need a primer on what a payments authorisation expects of safeguarding, on how the FCA views a CF advisory firm’s PII, or on where an investment firm authorisation tends to come back with conditions.

A straight answer on whether you need this permission

Some firms do not actually need full authorisation, or they need a different authorisation from the one they think they need. We will tell you that on the first call rather than wait for the meter to run. Where we are not the right firm for the application, including where the matter is more specialised than our usual work, we will tell you that too and point you to someone who is.

How we work alongside your team and your case officer

We run the rhythm of the application: the FCA’s information requests, the iterations on the regulatory business plan, the meetings with your case officer, the points where the FCA pauses the clock and the points where you can restart it. Where you want us to handle the application end to end, we do that. Where you want to lead the application yourself and use us for senior input on the difficult sections, we do that too. You will not be surprised by a request for more fees three months in.

Highly skilled pragmatic professionals who supplement in-house teams with specialist knowledge and industry know-how.

Legal 500

Arbor balances legal expertise with practicality, helping to better adapt and react to any situation.

Legal 500 (2026)

The team are fantastic - they are highly efficient, commercial and collaborative. They are genuinely customer-focused and care about the client's needs. They consider the big picture and are by far the best value for money of all my external supports.

Legal 500

We are very confident they are able to handle whatever is necessary. They know the space and they have common sense.

Chambers & Partners (2026)

It is handy that if I know I need expertise, Arbor Law have it - they are so well rounded. It is a really efficient team.

Chambers & Partners (2026)

Highly skilled pragmatic professionals who supplement in-house teams with specialist knowledge and industry know-how.

Arbor balances legal expertise with practicality, helping to better adapt and react to any situation.

WHY ARBOR

What the first phase of an authorisation looks like

The shape depends on the type of permission and where you are in the process, but the first four weeks tend to follow a similar pattern.

In the first week, we want to understand the business: the activities you intend to carry on, the customers and counterparties, the proposed governance and senior management structure, the funding and capital position, and the systems and controls you have in place or plan to build.

The output of week one is a one-page note on the permission you should apply for, the structure that supports it, the points the FCA will most likely focus on, and a working plan and timeline for the application.

In the second and third weeks, we work to that plan in documents: the regulatory business plan, the governance memorandum, the financial projections, the SMF allocation and statements of responsibility, the compliance monitoring plan, the policies and procedures the FCA expects to see, and the supporting evidence pack. We brief in the format that suits you, including board papers, working drafts and iterative calls with the senior team.

By the fourth week, the application package is ready for submission, with internal sign-off complete, the case officer briefed, and the post-submission rhythm agreed: how questions will be handled, who responds in what timeframe, and when you should expect to be authorised. If the application is going to take longer than the standard timeline, we agree that with you and the FCA before the work starts rather than once the clock has been stopped.

OUR APPROACH

Where we go deepest: payments and e-money, CF advisory firms, and new permissions for emerging regulated activities

Three application types sit at the centre of our authorisation work and bring most of the recent matters.

Payments and e-money authorisations are an Arbor strength. We act for new entrants across small payment institutions, authorised payment institutions, e-money issuers and digital-asset payments businesses, on both new authorisations and variations.

The work that matters here is rarely the form: it is the regulatory business plan, the safeguarding arrangements, the capital adequacy position and the operational resilience evidence that supports the rest of the application.

Corporate finance advisory firms are another area where Arbor is particularly active. New CF advisory firms in their first eighteen months are at the most exposed point in their lifecycle: working out which permissions they need, what their PII has to cover, how SMCR maps onto a small senior team, and how to manage the rhythm of FCA touchpoints the team did not have to think about when they worked at a larger firm. We have built the application playbook for this segment and run it end to end.

New permissions for emerging regulated activities – including digital assets and cryptoassets, AI-led financial services, embedded finance arrangements, and regulated activities adjacent to non-regulated tech businesses – are where the regulatory perimeter is still moving. We will tell you what the position currently is, what we think it is going to be, and where the FCA’s published policy aligns or diverges from how it is actually supervising.

Our support

Our FCA authorisation services across the full application lifecycle

Pre-application diagnostic and permission analysis

Permission scoping, regulatory perimeter analysis, exemption and AR-route comparison, a clear view of the time, cost and operational impact of each option before you commit to a route.

New Part 4A authorisations

Full FCA authorisations across investment firms, asset and wealth managers, advisory firms, consumer credit, mortgage and insurance intermediation, and the broader population of regulated activities under FSMA.

Payments and e-money authorisations and registrations

Authorised and small payment institution applications, e-money issuer authorisations and registrations, the safeguarding, capital and operational resilience pieces that sit underneath each, and the variation work that comes with expanding services.

Variation of permission

Adding, removing or modifying regulated activities, expanding into new client categories, restructuring permissions following corporate change, and managing the interaction between the variation and the wider business plan.

Corporate finance advisory firm authorisations

End-to-end authorisations for newly-spun-out CF advisory boutiques, including regulatory business plan, SMF allocation, PII, compliance monitoring and the ongoing rhythm of the FCA relationship in the first eighteen months.

Appointed representative arrangements

AR principal agreements, AR onboarding and oversight frameworks, and the applications and risk-management work that have moved up the regulator’s agenda since the AR regime was tightened.

Cancellation and exit of permission

Cancellations, run-off arrangements and the regulatory and customer-protection work that has to be planned around exit from a regulated activity.

Post-authorisation support and the early supervisory relationship

The first eighteen months after authorisation are when most firms make the compliance mistakes that follow them for years. We can stay on the file as outsourced compliance, Virtual GC or on an ongoing-advisory basis to keep the regulatory rhythm running as the business scales.

Speak to us

Get in touch today

The sooner the right specialist sees the application, the cleaner the process tends to be. Send us a short note about the permission you are thinking about and Pregeshni will come back to you personally to talk it through. The first conversation is on us, and if we are not the right firm for the application we will tell you and, where we can, point you to someone who is.