The shape of FCA regulation in the UK keeps widening. More businesses are crossing into the regulated perimeter, and many do so before they expect to. New consumer credit categories such as Buy Now Pay Later are coming under full Financial Conduct Authority oversight from July 2026. Many neobanks, payment platforms, fintechs, wealth managers and advisers will need FCA authorisation before carrying on regulated activities. If you’re building a UK business that touches money, lending, advice or investment in any meaningful way, FCA regulation is part of your operating reality, often earlier than your roadmap assumes.

This guide draws on what we see across our work with hedge funds, fintech firms, wealth managers and advisory businesses. It covers when FCA regulation kicks in, what it involves day-to-day, what’s at stake when it goes wrong, and what investors look at before they commit capital. For more on the trigger points themselves, our piece on when to start thinking about FCA regulation goes deeper.

Why FCA regulation matters to more UK businesses than it used to

The Financial Conduct Authority is an independent regulatory body, formed in 2013, with an annual budget of around £780m [Source: FCA Annual Work Programme 2025/26] and responsibility for regulating around 42,000 firm UK firms. Its remit is to keep markets honest and competitive while protecting the people using them, against three operational objectives published on its own site: to protect consumers from bad conduct, to protect the integrity of the financial system, and to promote effective competition.

The day-to-day picture is broader than banks. FCA regulation reaches across:

• Banks, building societies and credit unions
• Claims management companies
• Consumer credit firms
• Electronic money and payment institutions
• Financial advisers and investment managers
• General insurers and insurance intermediaries
• Life insurers and pension providers
• Mortgage lenders and intermediaries
• Sole advisers and wealth managers

Buy Now Pay Later is the latest example. From 15 July 2026, BNPL agreements that have sat outside the regulated perimeter will come under full FCA oversight. Almost 11 million UK adults used BNPL in 2024 [FCA Financial Lives Survey, May 2024], with usage rising from £0.06bn in 2017 to over £13bn. Lenders will need to comply with the Consumer Duty and run affordability checks, with clearer upfront information on repayments. A temporary permissions regime opens between 15 May and 1 July 2026, with six months from there to secure full authorisation.

If you sell a financial product or build a platform that handles consumer money, the relevant question is when FCA regulation will apply to you, and in what form.

Signs your business is approaching FCA regulation

The trigger isn’t always obvious from the inside. Founders building fast-moving products tend to notice the regulatory perimeter only when they’ve half-crossed it. A few patterns crop up in our conversations with growing businesses:

• You’re planning to take customer funds or lend against them.
• Your product looks adjacent to advice, brokerage, dealing or asset management, even if you’ve avoided the labels.
• Your investors or partners are starting to ask about regulatory permissions.
• You’re hiring a compliance officer or budgeting for one.
• You’re considering an FCA-regulated entity as a route to a partnership, banking sponsor, or distribution deal.

The neobank story is a good illustration. Starling and Monzo had to be FCA authorised before they took a penny from customers. The same applies to sole wealth managers and independent financial advisers, who have to apply for FCA regulation before offering services. A wealth manager will typically hold an SPS statement and the right qualifications, alongside the ethical requirements set out in APER. That’s one example among dozens, which is why the application process can feel laborious before you’ve even traded.

Our blog on when to start thinking about FCA regulation walks through these triggers in more detail.

What FCA regulation actually involves day-to-day

Once you’re authorised, FCA reporting becomes a continuous obligation for the lifetime of your registration. Here’s what that looks like in practice.

Reporting through RegData

Every FCA-registered firm submits financial reports through RegData, the FCA’s online reporting platform, on a calendar of quarterly and annual filing deadlines. Reporting is structured and predictable. The calculations underneath aren’t. Most regulated businesses underestimate the complexity, and routine activities such as taking drawings, paying bonuses or recognising profits can quietly affect compliance status.

Capital adequacy

Many FCA-regulated firms have ongoing RegData reporting obligations, with requirements depending on permissions, firm type and prudential regime. Under the FCA’s MIFIDPRU regime, the permanent minimum capital requirement for MiFID investment firms is £75,000, £150,000 or £750,000 depending on permissions, as set out in MIFIDPRU 4.4.. The harder test is the Fixed Overhead Requirement (FOR), a measure of fixed costs over a three-month period, and for most firms FOR is the binding constraint.

Capital adequacy then comes down to whether your adjusted capital sits above the FOR. The detail matters:

• Tier 1 capital includes partner contributions and retained earnings.
• Adjustments are made for negative or positive partner current accounts.
• Drawings beyond current year profit reduce regulatory capital.
• Profit can’t be counted unless it’s audited profit, so mid-year profits don’t count.

Liquidity

Alongside capital adequacy, firms have to meet a Liquid Asset Threshold Requirement (LATR), built from one third of the FOR (one month’s fixed costs) plus Ongoing Liquid Asset requirements based on firm classification. Cash needs to be accessible within 30 days, and liquid assets together need to exceed the LATR.

Governance and ICARA

FCA-regulated investment firms also produce an annual ICARA report (Internal Capital and Risk Assessment) under the Investment Firms Prudential Regime. ICARA requires a three-year financial forecast, stress tested against scenarios such as a drop in AUM, the loss of a key staff member, or operational disruption. The report has to show how you’d respond and that you’d hold enough capital and liquidity through it. Risk-weighting itself sits with specialist FCA compliance consultants. It’s an ongoing cost firms should budget for separately.

What happens if you breach

If you fail to meet a capital or liquidity obligation, the breach has to be reported to the FCA immediately, with a special report covering the cause, the corrective action, and the preventative measures you’ll put in place. The FCA’s frameworks here have stayed consistent over the years, which is helpful for any business that designs for compliance early.

The cost of getting it wrong

The headline fine is rarely the biggest cost of an FCA breach. The operational and reputational fallout tends to compound over months, and it tends to land at exactly the wrong moment for an ambitious business.

Financial penalties are the starting point. A breach can also lead to increased capital requirements, restrictions on activities, enhanced supervisory monitoring, and ongoing reporting obligations. Where weaknesses are identified around capital adequacy, liquidity monitoring or governance, the FCA can require additional capital buffers, which feed straight back into distributions, growth plans and cash flow.

Heightened regulatory scrutiny is one of the most underestimated consequences. Enhanced supervision means more frequent data requests, more regulatory meetings, and detailed reviews of internal systems. The tone of the regulatory relationship shifts, and that shift influences how confidently the business operates in its market.

There’s also the operational cost at board level. When a compliance issue surfaces, senior management attention narrows immediately. Board meetings turn into remediation sessions, with external advisers brought in to rebuild internal reporting frameworks. Energy that should be going into growth and client relationships gets redirected into damage control, and that loss of momentum is the part that hurts most for entrepreneurial leadership teams.

The internal effects matter too. Compliance failures can put extra pressure on senior managers under SMCR and undermine confidence within finance teams. Restoring confidence inside the team usually takes structural rebuilding, not a one-line calculation fix.

If you’d like a fuller picture, we’ve written about the true cost of an FCA compliance breach in a separate piece. The short version: in regulated markets, resilience is a competitive advantage, and compliance done properly is protection for the business you’re trying to build.

What investors and acquirers want to see

When investors assess an FCA-regulated business, they don’t start with revenue projections. They start with risk. Regulatory discipline gets examined before performance and valuation, because in regulated financial services compliance functions as a proxy for credibility.

Institutional investors, private equity houses and sophisticated capital providers run rigorous due diligence that goes well beyond financial performance. They’ll ask:

• Have RegData submissions been filed accurately and on time?
• Has the business ever breached capital requirements?
• How is Own Funds monitored?
• Is liquidity stress-tested?
• Does the board receive regular regulatory reporting?
• Are governance records well kept and current?

Compliance weaknesses introduce uncertainty into a deal, and uncertainty reduces valuation. Strong compliance signals operational discipline and maturity, which is the through-line investors are reading for.

Capital adequacy is often where due diligence gets revealing. Investors want to understand resilience under stress, and they may test scenarios such as a rise in fixed overheads or market volatility hitting revenue. If your monitoring is retrospective, those questions become hard to answer with confidence. Our FCA Compliance Reporting Team works monthly rather than quarterly, so when an investor asks about scenario stress, you stop defending your position and start demonstrating control.

Governance comes under the same lens. Investors look for timely management accounts, clear oversight of regulatory metrics, documented policies, well-run audit processes and up-to-date company secretarial records. A business that can produce capital metrics and governance documentation quickly is signalling readiness for institutional capital. Fragmented systems slow due diligence down at the worst possible moment.

When the compliance infrastructure is strong, the commercial impact compounds. Fundraising processes move faster, investor confidence rises, valuations are better protected, and your negotiating position strengthens. Compliance often reads as a cost centre on the inside, but during a raise it reads as a control framework, and that’s the reading that matters most. We’ve explored this further in our piece on FCA compliance and fundraising.

How to set up your compliance function from the start

The simplest way to make FCA compliance manageable is to design for it from day one. The businesses that struggle most are the ones running compliance reactively, scrambling to meet deadlines on top of operational growth.

A few principles run through everything we see work in practice:

• Get the financial infrastructure right at the start. Work with an accountant who understands FCA-regulated businesses so the systems are correctly established before you trade.
• Run monthly financial reporting, not quarterly or annual. Treat every month-end as if it were a year-end. That gives you a clear picture of capital adequacy and liquidity well before the regulatory deadlines.
• Track capital adequacy and liquidity thresholds proactively. Early warnings beat exception reports.
• Standardise processes and centralise data. A single source of truth for compliance data keeps regulatory filings consistent and lets you respond to any FCA query without rebuilding the workings each time.
• Build governance discipline into board reporting. Capital and liquidity oversight should sit inside management information, with regulatory reporting reviewed monthly.

The other big choice is in-house versus outsourced. Both work, depending on the shape of your business.

Outsourcing FCA compliance reporting tends to make sense if you lack in-house expertise, if compliance is draining too much internal time, or if you want scalable support as the business grows. Specialist providers bring accuracy and high-level expertise without the overhead of a full-time compliance team.

Keeping it in-house may suit you better if you already have a dedicated compliance team with FCA reporting experience, or if you need highly bespoke fund-specific frameworks with full internal control.

Most businesses we work with use a hybrid: the financial data and forecasts sit with us, while the risk-weighting on ICARA and the regulatory submissions sit with specialist FCA compliance consultants.

How we help businesses through FCA regulation

Wilson Partners has a dedicated FCA Compliance Reporting Team, alongside our Corporate Finance, Audit and CoSec teams. We work with hedge funds, private equity groups, fintech firms, wealth managers, financial advisers, brokerage and dealing firms, lenders, and multinational asset managers with a UK presence. We’re big enough to count, small enough to care.

Our FCA compliance services cover monthly or quarterly monitoring of your Capital Resource Requirement and Liquid Asset Threshold Requirement, full RegData reporting (Own Funds, Liquid Assets, Monitoring Metrics, Balance Sheet, Income Statement), and early insights into potential compliance deficits so you can act before deadlines bite. By treating every month-end as if it were a year-end, we give clients a clear view of their financial standing well in advance, which means we tend to prevent compliance issues rather than fix them.

We work on a bespoke fixed-fee model, not time-based billing, and we tailor the package to your needs across monthly financial management, quarterly reporting and annual compliance work. Whether you’re at the start of FCA authorisation or already managing your first billion of AUM, the goal is the same: clear, proactive financial oversight that builds compliance into your strategy from day one.

If you’d like to talk through your compliance position with the team, we’d love to hear where you are on the journey. See our FCA compliance reporting page or our financial services sector page for more on how we support FCA-regulated businesses.

FCA regulation in the UK: common questions

How much does FCA compliance reporting cost?

The cost varies depending on the structure and complexity of your business. Multiple entities, consolidated reporting requirements or cross-border structures push the workload up. We work on a bespoke fixed-fee model rather than time-based billing, tailored to your needs across monthly financial management, quarterly reporting and annual compliance work.

What is ICARA reporting?

ICARA (Internal Capital and Risk Assessment) reporting is a mandatory requirement for FCA-regulated investment firms under the Investment Firms Prudential Regime (IFPR). Each year, firms produce a three-year financial forecast and stress-test their assumptions against scenarios such as a drop in AUM, the loss of a key staff member, or operational disruption.

Has FCA regulation changed much in recent years?

The core financial reporting obligations, capital adequacy and liquidity monitoring, alongside ICARA assessments, have been in place for years with only minor adjustments. The regulatory perimeter is widening though, with consumer credit categories such as Buy Now Pay Later coming under FCA oversight from 15 July 2026.