FCA Application Evidence Checklist

FCA authorisation applications for payment institutions and electronic money institutions are evidence-intensive. The application form itself is only the starting point. Behind every section, the FCA expects supporting evidence that demonstrates the firm can operate within the regulatory framework. Weak evidence is one of the most common reasons applications are delayed or refused.

Governance evidence should include board terms of reference, committee structures, documented senior management responsibilities, escalation procedures, and records of board decision-making. The FCA wants to see that governance is operational, not aspirational. Minutes, policy approval records, risk acceptance decisions, and accountability maps are more useful than organisational charts alone.

Financial evidence must go beyond a spreadsheet of projections. The FCA expects capital adequacy calculations appropriate to the licence type, wind-down cost analysis, revenue and cost assumptions that are internally consistent, safeguarding calculations where applicable, and stress testing that reflects realistic scenarios. Every number should be traceable to an assumption, and every assumption should be defensible.

Compliance framework evidence covers AML policies, customer due diligence procedures, ongoing monitoring arrangements, sanctions screening processes, complaints handling, data protection, and financial promotions governance where applicable. Each policy should have a named owner, an approval record, a review schedule, and evidence that it has been implemented rather than simply written.

Safeguarding evidence is critical for EMI applications and relevant PI applications. The FCA expects to see the chosen safeguarding method, account arrangements, reconciliation procedures, third-party due diligence records, and wind-down planning for relevant funds. The evidence should demonstrate that the firm understands when the safeguarding obligation starts and how funds are protected throughout their lifecycle.

Operational resilience evidence should cover important business services, impact tolerances, business continuity arrangements, incident management procedures, and outsourcing governance. The FCA expects firms to show how they would continue to operate critical functions during disruption and how outsourced providers are governed and monitored.

A useful preparation technique is to review the evidence pack as if it were being examined by a case officer asking adversarial questions. For each policy, ask: who owns this? For each financial assumption, ask: what is the basis? For each control, ask: where is the evidence it operates? Gaps found during internal review are significantly less costly than gaps found during FCA assessment.

RegNexus RAV helps firms assemble, test, and strengthen their application evidence before submission. It structures policy hardening, financial validation, and case officer challenge simulation into a repeatable preparation workflow. For the full readiness checklist, see /resources/uk-payment-business-readiness-checklist or visit /uk-payment-business-setup for end-to-end market entry support.