THE IMPORTANCE OF AUTHORISATION
Authorisation is one of the key techniques used by the FCA to regulate financial services.
It attempts to efficiently identify and mitigate harm and combines the four stages detailed below to achieve this:
- Identify current or potential harm
- Determine the cause, extent and potential development of harm
- Examine all remedy tools, decide which can resolve or mitigate harm cost effectively
- Evaluate the potency of harm
The threshold conditions are the main regulatory tool operated to achieve this. These lay out the minimum standard that firms and its individuals need to have to satisfy so as to be granted authorisation.
Following this, the authorised firm or individual is shared online in the FCA financial services register. They are also relied upon to keep up these standards, or they risk losing their permissions or authorisation, in the case of an individual.
HOW FIRMS ARE EVALUATED AGAINST THE THRESHOLD CONDITIONS (COND).
Judgements are made based on facts, and as such each application is assessed on a case by case basis as some may be more complex than others. In doing so, the FCA considers the following factors.
Location of offices: the firm’s head office must be located in the UK, however, it considers the location of the firm’s directors rather than the location of the office as stated on Companies House.
Appropriate resources: this includes capital adequacy requirements, for instance, along with skilled individuals.
Ability for firms to be supervised effectively: particularly, the complexity of business structures and how this will impact the authorised business.
Conduct: this connects with the fitness and propriety of the firm and its individuals to operate the activities for which they seek authorisation.
Business model: this concerns how the firm makes its money and future business strategy.
Along with information provided, the regulator will also use a range of additional information, including:.
- Existing information held.
- Market research and intelligence.
- FCA contact centre information and facts, complaints and FOS data.
- Experience supervising similar firms.
- Specific information held on the firm or individual (which would include previous judgements).
A proportionate approach.
The FCA apply their judgement, based upon these facts, to determine whether firms and individuals meet the conditions. Some judgements might be relatively simple to make. Others are harder.
The FCA will also consider the principles of good regulation, including proportionality, and recognise the differences in the companies of regulated firms and individuals. In their approach to authorisation, they see to it that the information they demand from firms and their level of scrutiny is proportionate to the actual or potential harm they could lead to. They consider a range of factors. These include the sector the firm operates in, its activities, its business model, the size of the firm (based upon customer numbers), financial metrics, scale and risk to market stability, and any negative intelligence.
The regulator will only require firms to furnish them with information that they rationally require to help them analyze whether it meets their minimum standards. The FCA will already keep information on firms they have previously authorised to provide specific financial services. If these firms later apply to vary the sorts of regulated services they provide, then the FCA will only call for additional information that is directly relevant to the new activities to make their assessment. If they have reason to believe that the risk of harm a firm poses is above they would normally expect, then they may increase their level of review and require the firm to provide much more information. This may come about if, for example, their initial assessment shows cause for issue.
Similarly, if they decide that the risk of harm is lower than they would normally expect, they can reduce the level of their scrutiny. In all cases, firms must definitely still meet their minimum standards. It is crucial that firms understand the Threshold Conditions and Fit and Proper test when they make their application for authorisation. This next section aims to help explain what a number of these conditions mean.
Assessing firms. In assessing firms the FCA make judgements based on the facts of each case. As an example, one condition for authorisation is that the head office of a UK incorporated company should be in the UK. Because there is no definition of ‘head office’, they use their judgement to decide whether the condition is met. A key factor they consider is the location of the directors and senior management who take material day-to-day decisions about the firm’s central direction.
A different condition for authorisation is that a firm must have appropriate resources, and this means much more than purely funds. When assessing a firm’s funds, they expect it to meet several tests. For instance, it should expect to meet its liabilities as they fall due and the controllers of the firm should be solvent. However, this does not mean that a firm must consistently project profitability within a certain amount of time from authorisation but that it will always have sufficient capital and liquid resources available to it.
The FCA recognise that not all firms will achieve success; some will fail. Their assessment tests that, should a firm fail, it would do this in an orderly way, so that its withdrawal from the market protects against or minimises risk to consumers and market integrity.
Where relevant, their assessment also gauges the influence on a firm’s financial resources of belonging to a group.
While they will take a firm’s finances into account when assessing whether it meets this condition, they will also consider the skills and experience of people in key roles. They will also assess how adequately the firm’s policies, procedures and systems, as an example, manage customers in financial difficulty, and its systems for safeguarding sensitive customer data and helping prevent financial crime.
Assessing individuals
The fit and proper test is a benchmark used to assess whether individuals appropriate to perform senior management functions or controlled functions. Firms subject to the SM&CR (eg all from 9th December 2019) are accountable for their own fit and proper assessment of individuals who hold senior management and certified functions. The FCA approve an individual only when we are satisfied they are fit and proper to perform the senior management functions or controlled functions that they have made an application for.
If the FCA are aware of something that suggests that an individual might not be fit and proper, they will consider how relevant and how important it is to the senior management function or controlled function requested.
Solo-regulated firms should conduct their own due diligence for a person they want to appoint in a controlled function before submitting applications to the FCA. Under the current FCA Approved Persons Regime (APR), they necessitate the firm to perform appropriate checks, but they do not specify what they should be.
This allows firms the flexibility to undertake them in a variety of ways. In implementing the SM&CR, the FCA and PRA have strengthened the checks that firms must perform, these checks include requiring regulatory references. For Senior Managers, a criminal record check is required. Additionally, the FCA also require each Senior Manager to have a formal Statement of Responsibilities setting out the areas for which they are responsible.
Different requirements relate to dual-regulated firms, which must get both FCA and PRA approval to appoint people to the most senior roles. These roles include, but are not limited to Chair, Chief Executive and Chair of the Audit Committee.
The FCA, along with the PRA where applicable, may interview individuals for roles that pose the most significant risk of harm, for instance, a Chair or Chief Executive of a dual-regulated bank or insurance company, to satisfy them that the individual is fit and proper. After authorisation, the regulators will hold them to account if there is misconduct at their firms. While their assessments in these cases will be different to the PRA’s, as they have different statutory objectives, they will continue to work closely with the PRA to minimise the administrative burden on firms.
When looking into whether individuals in key roles are suitable, the FCA assess if the people who will manage the business have the right skills and experience to do so without harming consumers or market integrity. They will examine the connections these people have with others outside the business, to ensure that the firm is not actually controlled from behind the scenes by people they have not approved. They also consider an individual’s history, including but not limited to, an individual’s employment and regulatory history and whether they have been involved
in misconduct, or any criminal activity or adverse civil proceedings.
While previous misconduct will be considered as portion of an application for an individual approval, it is not an automatic bar to being approved. The severity of the misconduct and time that has elapsed, the efforts taken to rehabilitate, the nature of the role applied for, and the controls in place to oversee the individuals conduct will all be considerations.
The FCA expect firms to take regulation seriously and plan how they will meet the standards of the regulatory system before they apply. When they consider the extent to which a firm has planned ahead they ask themselves whether the applicant is ready, willing and organised to be authorised as follows:
Ready
They will consider what preparation the applicant has done to submit their application.
Positive indicators include:
– reading information on our website
– making enquiries of the Contact Centre
– seeking legal/compliance advice
– being able to clearly articulate their regulatory obligations
Willing
They will consider the attitude of the applicant during the authorisation process.
Positive indicators include:
– being open and honest in all their dealings with us
– being proactive about getting information to us
– demonstrating initiative to understand their regulatory duties
– timeliness and availability of staff to deal with queries about the application
They are aware that while an applicant may be willing to correct mistakes or gaps in their application, they must also have satisfied the readiness question. They do not believe it is sufficient for an applicant to submit a poor application but show they are willing, with help from us, to address any deficiencies.
Organised
Firms should ensure that they have all the supporting documentation prepared and have the necessary arrangements in place to comply with regulations from the day they are authorised.
They will consider the following:
– why the applicant has applied now
– what is left outstanding that would prevent the firm from carrying on the activity they have applied for
– if the applicant were authorised today, would they be able to carry out the activity they have applied for
REFUSALS AND CANCELLATIONS
The FCA outlines how they will refuse applications where firms have failed to meet the minimum thresholds. The firm or individual will first receive a ‘minded to refuse’ letter stating the reasons why the case officer is considering refusal. For the most part the firm or individual will withdraw its application at this stage.
The Regulatory Transactions Committee (independent of the Application Assessment Team) decides on any refusal/ cancellations.
Firms and individuals can challenge decisions made against them by providing more evidence or at an interview. Challenges may possibly be made to the Regulatory Decisions Committee (independent committee that operates separately to the regulator).
If they decide the refusal stands, the applicant can refer the case to the upper-tribunal in order to fully exhausts the appeals process.
