Image Image Image Image Image Image Image Image Image Image

Peer2Peer Finance News | September 23, 2019

Scroll to top


The road to regulatory approval

The road to regulatory approval

Keith Maner (pictured), compliance and technical manager at compliance specialists Thistle Initiatives, delves into the key issues surrounding Financial Conduct Authority authorisation for peer-to-peer lenders

Peer-to-peer lending is one of a number of regulated consumer credit activities requiring firms to have full FCA permission.

In line with its declared intentions to encourage competition in the retail markets, and to facilitate the path to authorisation for UK fintech businesses, the FCA has invested many resources in explaining the process to potential applicants.

Some details are below.

Thistle Initiatives has a wealth of knowledge and experience in assisting P2P providers in becoming directly authorised with the FCA or in becoming an Appointed Representative of its associated principal firm, Resolution Compliance.

To date, Thistle has a 100 per cent track record in obtaining authorisation for firms in respect of P2P lending with a variety of business models, from property to traditional consumer and business lending. We have been involved with almost twenty applicants for P2P and fintech authorisation over the past three years.

Key authorisation points to be aware of

  • At the point of authorisation, the FCA states that a firm must be ‘ready, willing and organised’ – namely, that it must have in place all elements of the business to carry out the regulated activities requested within the Part 4A permission. The FCA recognises that firms may be unwilling to commit resources until they gain certainty that the firm will gain authorisation. For example, there is a cost in capitalising in order to meet the capital requirements. So, in this instance, the FCA will need to know in advance how the firm intends to meet the capital requirements, but could permit the firm to capitalise just prior to authorisation.
  • A recent focus of the FCA has been around applicants’ IT platforms not being ready or sufficiently tested before authorisation, especially if the firm has built or operates its own IT platform. Ideally, the platform should undergo a penetration test (which focuses on cyber security, amongst other aspects), by way of a simulated attack on the platform looking for security weaknesses and access to the data. This test enables the FCA to assess whether the firm’s platform has sufficient defences in place to safeguard client data and funds.
  • The FCA has wide concerns around whether sufficient oversight is in place to reduce consumer detriment and whether sufficient and clear risk warnings are provided to lenders.
  • Concerning consumer detriment, P2P is not covered by the Financial Services Compensation Scheme; however, many P2P firms (such as one Thistle is currently supporting, which is coming from an established business abroad), build in a ‘contingency fund’. This fund aims to pay out on any defaulted loans. So, there is a fine balance to be met between building a contingency fund (which could potentially be regarded as a collective scheme, opening up another Pandora’s box) against over-charging borrowers.
  • The FCA needs to be satisfied that the structure does not constitute a collective investment scheme or alternative investment fund under the Alternative Investment Fund Managers Directive.
  • Systems and controls in relation to organising payments and repayments in conjunction with a third-party provider or custodian, if applicable, must be satisfactory.
  • Ascertaining the applicant’s experience in credit assessment and debt management is fundamental.
  • The FCA says that “firms must, among other things, take reasonable steps to ensure that personal recommendations are suitable for their client. As set out in our Policy Statement (PS16/8), this requirement will extend to personal recommendations in relation to P2P agreements from 6 April 2016.”

For more information on Thistle Initiatives, go to