How to Get FCA Regulated as a Fintech Startup in the UK (2026 Guide)
How to get FCA regulated as a UK fintech startup in 2026 — which licence you need, what it costs (£100K+), and how to operate legally while waiting.
On this page(15)
- The Short Answer
- The FCA Regulatory Map for Fintech
- AISP vs PISP vs EMI — Which Do You Need?
- AISP (Account Information Service Provider)
- PISP (Payment Initiation Service Provider)
- EMI (Electronic Money Institution)
- The FCA Application Process
- Step 1: Prepare the Application Pack (2–4 months)
- Step 2: Submit via Connect (Week 1 of formal process)
- Step 3: FCA Assessment (3–18 months)
- Step 4: Authorisation and Ongoing Compliance
- How to Operate Legally While Your Application Is Pending
- The FCA Sandbox
- Common Application Mistakes
- Related Reading
Building a fintech product in the UK without understanding the FCA regulatory framework is one of the most common and most expensive mistakes early-stage founders make. You can build the product — but you cannot launch it legally without the right authorisation. The technical side of this is covered in our fintech SaaS development guide.
This guide covers which FCA licence you need, how to get it, how long it takes, and how to operate legally in the meantime.
The Short Answer
The FCA licence you need depends on what your product does. For most fintech SaaS products: reading bank account data requires AISP registration, initiating payments requires PISP authorisation, issuing accounts or e-money requires EMI authorisation. The process takes 3–18 months depending on the regime. While you wait, operating under a BaaS provider’s licence is the standard approach.
The FCA Regulatory Map for Fintech
| What Your Product Does | Regulatory Category | Timeline | Min. Capital |
|---|---|---|---|
| Reads bank account data (Open Banking) | AISP Registration | 3–6 months | None |
| Initiates payments from bank accounts | PISP Authorisation | 6–12 months | €20,000 |
| Issues payment accounts / IBANs | EMI Authorisation | 12–18 months | €350,000 |
| Issues prepaid cards | EMI Authorisation | 12–18 months | €350,000 |
| Holds e-money / user funds | EMI Authorisation | 12–18 months | €350,000 |
| Transfers money (remittance) | Payment Institution | 9–15 months | €125,000 |
| Investment advice / execution | FCA Authorisation (FSMA) | 12–24 months | Varies |
| Consumer credit / BNPL | FCA Authorisation (CCA) | 12–24 months | Varies |
AISP vs PISP vs EMI — Which Do You Need?
AISP (Account Information Service Provider)
What it covers: Reading and displaying bank account data with user consent. Your product can show a user their balances, transactions, and account details from multiple banks in one interface.
Typical products: Personal finance management apps, expense trackers, credit scoring tools, open banking data aggregators.
Authorisation type: Registration (lighter-touch than full authorisation).
Timeline: 3–6 months.
Capital requirement: None.
PISP (Payment Initiation Service Provider)
What it covers: Initiating payments directly from a user’s bank account, bypassing card networks.
Typical products: Pay-by-bank checkout flows, B2B payment platforms, rent payment tools, payroll initiation.
Authorisation type: Authorisation (more extensive than AISP registration).
Timeline: 6–12 months.
Capital requirement: €20,000 initial capital, ongoing capital requirements based on transaction volume.
EMI (Electronic Money Institution)
What it covers: Issuing e-money (balances stored in your platform), payment accounts with IBANs, prepaid cards, and holding user funds.
Typical products: Neobanks, expense management platforms with company cards, payroll wallets, marketplace escrow accounts.
Authorisation type: Full EMI authorisation (most complex).
Timeline: 12–18 months.
Capital requirement: €350,000 initial capital (or €125,000 for small EMI with restrictions).
The FCA Application Process
Step 1: Prepare the Application Pack (2–4 months)
The FCA application requires:
- Regulatory Business Plan — detailed description of your business model, products, target market, and how you intend to manage regulatory obligations
- Financial Projections — 3-year financial forecasts including capital adequacy calculations
- Compliance Framework — AML/CTF policies, sanctions screening procedures, fraud prevention framework, complaints handling policy
- Governance Structure — organisational chart, board composition, senior management function (SMF) applications for key individuals
- Wind-Down Plan — how you would wind down the business in an orderly manner if needed
- IT Security Assessment — description of your technology architecture, data security measures, and business continuity plans
- Safeguarding Arrangements — how you will protect client funds (EMI only)
This documentation typically requires a compliance consultant or specialist lawyer. Budget £20,000–£80,000 for preparation — a cost that sits on top of the fintech SaaS development costs for building the product itself.
Step 2: Submit via Connect (Week 1 of formal process)
The FCA’s online portal (Connect) is where applications are submitted. Ensure every section is complete before submission — incomplete applications are returned and restart the clock.
Step 3: FCA Assessment (3–18 months)
The FCA has a statutory 3-month period to assess complete applications. In practice, most applications receive requests for additional information (RFIs) that pause the clock. Complex applications (EMI, payment institutions) regularly take 12–18 months.
Step 4: Authorisation and Ongoing Compliance
Once authorised, ongoing obligations include:
- Annual regulatory reporting (financial returns, transaction data)
- Notification of material changes to the business
- CASS (Client Asset Sourcebook) compliance for safeguarding (EMI)
- Annual compliance monitoring programme
- Staff training records
- Regular AML/CTF risk assessments
How to Operate Legally While Your Application Is Pending
This is the practical problem most founders face: you cannot launch a regulated fintech product without FCA authorisation, but getting authorised takes up to 18 months.
Option 1: Appointed Representative (AR) arrangement. An Appointed Representative operates under the regulatory umbrella of an FCA-authorised firm (the Principal). The Principal takes regulatory responsibility for your activities. AR arrangements are available for specific regulated activities and require finding a willing Principal firm and agreeing commercial terms.
Option 2: BaaS provider model. Partner with a BaaS provider (Modulr, Swan, Railsr) that holds the relevant EMI or payment institution licence. Your product operates under their regulatory umbrella. This is the most common approach for early-stage fintech startups and allows you to launch and validate before committing to the full authorisation process. For a detailed breakdown of BaaS costs and providers, see what is Banking as a Service.
Option 3: Technology-only model. Build the product components that do not require authorisation (the UI, data analytics, dashboard), and integrate with an FCA-authorised partner for the regulated activities. Structure the product so you are providing technology services, not regulated financial services directly.
The FCA Sandbox
The FCA operates an Innovation Hub and Regulatory Sandbox that allows fintech startups to test regulated products in a controlled environment before full authorisation.
The sandbox is suitable for: testing novel products where the regulatory treatment is unclear, products that genuinely cannot be tested without limited live market access, and startups that need to demonstrate viability before committing to a full authorisation application.
Apply at fca.org.uk/innovation. Applications are assessed in cohort rounds.
Common Application Mistakes
Underestimating the documentation requirement. The FCA business plan for an EMI authorisation is a 50–100 page document covering every aspect of the business model, risk management, and compliance framework. Founders who treat it as a startup pitch deck produce applications that are rejected or return extensive RFIs.
Naming key individuals who are not ready. FCA applications require Senior Managers and Certification Regime (SMCR) applications for key individuals. These individuals are assessed by the FCA for fitness and propriety. Naming a technical co-founder who has never been through regulatory scrutiny without preparing them is a common delay.
Insufficient capital. Applications submitted without the required minimum capital in place are rejected. For EMI, €350,000 must be in the business’s accounts.
No compliance officer. A credible compliance framework requires a named, qualified compliance officer. The FCA will ask about their experience and qualifications. Naming a founder as their own compliance officer with no regulatory background is a red flag. Choosing the right enterprise web application development partner who understands the technical compliance requirements is equally important.
Zulbera builds the technical infrastructure for FCA-regulated fintech products — compliant data architecture, PSD2 flows, KYC integrations, and safeguarding system design. See our FinTech industry practice page for the full scope, or request a private consultation if you are building a UK fintech product and need a technical partner who understands the regulatory context.
Related Reading
- FinTech Software Development at Zulbera — the verticalised practice page: PSD2, Open Banking, PCI DSS, DORA, KYC/AML
- Fintech SaaS Development — full technical guide for compliant financial platforms
- What Is Banking as a Service (BaaS)? — how to operate under a BaaS provider’s licence while awaiting FCA authorisation
- Custom SaaS Development for Fintech, HealthTech, and B2B Platforms — compliance architecture by vertical
- Software Development Agency in the UK — UK market development context
- Custom SaaS Development Cost in 2026 — budget planning for regulated fintech builds
Frequently Asked Questions
How do I get FCA regulated as a fintech startup in the UK?
To become FCA regulated as a fintech startup: (1) determine which regulatory category applies to your product (AISP, PISP, EMI, or payment institution), (2) prepare your application including a detailed business plan, financial projections, compliance framework, wind-down plan, and key person details, (3) submit the application via Connect (the FCA's online portal), and (4) respond to FCA queries during the assessment period. The process takes 3–12 months for registration-based regimes and 12–18 months for full authorisation.
Do I need FCA authorisation to build a fintech product in the UK?
It depends on what your product does. You need FCA authorisation or registration if your product: initiates payments on behalf of users (PISP), provides access to account information (AISP), issues e-money or payment accounts (EMI), provides investment advice or executes trades, or arranges consumer credit. You do not need FCA authorisation to build software tools that display financial data without accessing live bank accounts, process payments via an FCA-authorised payment processor (Stripe, Adyen), or provide financial education content.
How long does FCA authorisation take for a fintech startup?
FCA registration (for AISP/PISP under Open Banking) takes 3–6 months. Full EMI (Electronic Money Institution) authorisation takes 12–18 months. Payment Institution authorisation takes 9–15 months. The FCA has statutory assessment periods of 3 months (for complete applications) but processing times in practice are longer due to application quality issues and FCA query rounds. Budget for 18 months from application to authorisation for any full licence.
How much does FCA authorisation cost for a fintech startup?
Direct FCA costs: application fee of £1,500–£25,000 (varies by firm type and income), annual fee of £1,000–£50,000+. Indirect costs are significantly higher: legal fees for application preparation (£20,000–£80,000), compliance officer salary or consultancy (£50,000–£150,000/year), minimum capital requirements (€350,000 for EMI, €125,000 for small EMI, €20,000 for payment institution), and compliance infrastructure (systems, policies, training). Total first-year cost of FCA authorisation is typically £100,000–£300,000.
Can I operate a fintech product in the UK while my FCA application is pending?
Yes, in some cases. If you applied for FCA registration before 13 January 2020 and were listed on the FCA's Temporary Registration Regime (TRR), you could operate while your application was processed. For new applicants, you generally cannot conduct regulated activities while your application is pending. However, you can: develop your product in a sandbox environment, partner with an FCA-authorised firm that provides the regulated services under their licence (the BaaS model), or operate as an Appointed Representative (AR) of an FCA-authorised firm.
