The FCA website is pretty good at explaining which forms are relevant. If you’re not sure, there’s a number you can call: 0300 500 0597.
In our case we filled our application through the connect portal.
These are the forms we filed in our application:
- Core details form — the longest form, common to all applications
- Investment management supplement form — this form is specific to the type of permissions we applied for: investment management and advice
- Checklist declaration wholesale form — quick and easy
- Owners and influencers form — quick and easy
- Disclosure events form — quick and easy
- Long form A for every regulated member of staff (CFs) — every staff member will need one, the form itself isn’t too hard to complete, but the supporting documentation for each function needs to be appropriate. If you submit a weak case for someone to occupy a function they lack experience for, expect to be called in for an interview.
- IT self assessment — quick and easy
- Detailed IT controls form — only if requested, although you’re almost guaranteed as a Fintech startup. Be aware it’s quite long and daunting, but don’t worry if many aspects don’t make sense (ie. do you have an auditor?). Just leave them blank.
You will also need to attach supporting documents:
- Financial statements / projections — these must be in line with the amount of capital you will have available on hand before the license goes live (outlay), so be careful not to over-inflate the figures. Also bear in mind the FCA will appreciate a business looking to grow slowly and cautiously.
- Regulatory business plan — follow a regulatory business plan template as they’re not looking for something too elaborate (5 to 10 pages suffice), here are the main sections: background, business opportunity and customer base, proposed business activity (referring to both regulated and nonregulated activities carried out) and outsourcing arrangements with third parties (due dill., contingency plans, etc).
- Business continuity procedures (BCPs) — as a young business these will get a lot of scrutiny, so don’t skimp out.
- Compliance monitoring procedures — use a template for this
- Organisational chart
- CVs & explanations why each member is suitable for his regulated function
- Other skills & competence justifications
- Penetration test results — be prepared to spend £2k to £3k on a third-party. Don’t bother with re-tests as this process is purely a rubber stamp exercise. No early stage tech startups is in a position to undertake a legitimate pen test, sadly the FCA doesn’t understand this.
Advice with the forms
Most of the above you can fill or create yourself. In our case, we went through most of the forms with a member from the innovation hub. We could have just as easily asked a compliance consultant to double check. Either way, I recommend having someone experienced go through the filing. Some things don’t always make sense, especially since some of these forms were designed for much larger firms. If something doesn’t make sense just leave it empty.
Be organised. There are going to be many forms and follow up correspondences. This is a great place to use version control and keep everything in separate folders every time an exchange takes place.
Be very thorough when filling out the forms. For example for Form As, make sure all months are accounted for in the professional history — any gap will get flagged by the system and cause delays. Nothing here is meant to trick you, but follow the instructions on each form very rigorously as this will save you time.
With regards to the supporting documents, we stubbornly created those ourself. In hindsight an experienced compliance person could have provided us with templates and saved us a lot of time. As a side note, we’re not big believers in templates, but they’re a great place to get started until you find time to create the real thing.
Good luck getting through this step! In the next Chapter we will cover the next 6 to 9 months of the application process.