These requirements apply to all business activities in this division.
licensing
Uk
Ongoing
FCA authorisation under FSMA 2000
Enforced by:
FCA
Financial Services and Markets Act 2000; Financial Services and Markets Act 2000 (Regulated Activities) Order 2001
General prohibition: criminal offence to carry on a regulated activity without authorisation (s.19). Up to 2 years imprisonment and/or unlimited fine (s.23). Application typically takes 6-12 months.
reporting
Uk
Ongoing
Anti-money laundering compliance
Enforced by:
FCA
Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017; Proceeds of Crime Act 2002
Must appoint MLRO, conduct business-wide risk assessment, implement CDD procedures, screen against sanctions lists, file SARs. Records retained for 5 years from end of business relationship.
certification
Uk
Annual
Senior Managers and Certification Regime
Enforced by:
FCA
Financial Services and Markets Act 2000; Financial Services Act 2012
Senior managers require FCA approval. Certification staff assessed annually for fitness and propriety. Conduct rules apply to almost all employees.
reporting
Uk
Ongoing
Financial promotions compliance
Enforced by:
FCA
Financial Services and Markets Act 2000; Financial Services and Markets Act 2000 (Financial Promotion) Order 2005; Financial Services and Markets Act 2023
Restriction on financial promotions: must be approved by authorised person or fall within exemption. FSMA 2023 introduced FCA gateway for approving promotions by unauthorised persons.
reporting
Uk
Ongoing
Complaints handling (FCA DISP)
Enforced by:
FCA
Financial Services and Markets Act 2000
Must have written complaints procedure, acknowledge within 5 business days, resolve within 8 weeks. Unresolved complaints may be referred to Financial Ombudsman Service. Biannual complaints reporting to FCA.
registration
Uk
Annual
Data protection (financial data)
Enforced by:
ICO
Data Protection Act 2018
Must register with ICO. Financial data is sensitive — enhanced security and breach notification requirements. Subject access requests must be handled within one month.
inspection
Uk
Ongoing
FCA Consumer Duty (Principle 12)
Enforced by:
FCA
Financial Services and Markets Act 2000
Effective 31 July 2023 (new/existing products), 31 July 2024 (closed products). Four outcomes: products and services, price and value, consumer understanding, consumer support. Annual board-level assessment required.
reporting
Uk
Ongoing
Operational resilience requirements
Enforced by:
FCA
Financial Services and Markets Act 2000
FCA PS21/3: firms must identify important business services, set impact tolerances, and remain within tolerances by 31 March 2025. Ongoing self-assessment required.