API vs SPI vs RAISP vs EMI: Which UK Payment Licence Should You Get in 2026?

API vs SPI vs RAISP vs EMI: Which UK Payment Licence

Quick summary. The FCA issues four core UK payment licences. Authorised Payment Institution (API) suits firms above €3m monthly volume — initial capital £20k–£125k, takes 6–10 months. Small Payment Institution (SPI) suits early-stage firms under €3m monthly — no capital, takes 3–6 months. RAISP suits AIS-only firms — no capital, takes 3–6 months. Authorised Electronic Money Institution (AEMI) is required for stored-value, prepaid cards and digital wallets — initial capital £350k, takes 9–15 months. Choose based on services, volume and growth trajectory.

Quick answers

• What's the difference between API and EMI?

• Should I start with SPI or go straight to API?

• Which licence allows prepaid cards?

• Which licence is fastest?

• Which licence is cheapest?

• Decision framework

The Financial Conduct Authority issues four core payment licences in the United Kingdom: the Authorised Payment Institution (API) licence, the Small Payment Institution (SPI) registration, the Registered Account Information Service Provider (RAISP) registration, and the Electronic Money Institution licence (which itself comes in Authorised and Small variants). Each licence permits a different scope of regulated activity, carries different capital, safeguarding and governance requirements, and follows a different authorisation pathway. Choosing the right licence is one of the most consequential strategic decisions a UK fintech founder makes: it shapes the cost and timeline of authorisation, the operating cost base post-authorisation, the addressable market and the upgrade path as the business scales.

This guide explains exactly what each licence is, who it suits, what it costs, how long it takes, and how to choose between them. It is written for fintech founders, CFOs, general counsel and investors evaluating UK payment authorisation in 2026.

At-a-glance comparison

The "right" licence depends on the business model, target volume, services and growth trajectory. The sections below explain each licence in detail and provide a decision framework.

Authorised Payment Institution (API)

The Authorised Payment Institution licence is the FCA authorisation that permits a non-bank firm to provide regulated payment services in the United Kingdom under the Payment Services Regulations 2017 (PSRs 2017). It is the most common UK fintech payment licence after small payment institution registration and is used by merchant acquirers, money remitters, payment platforms, open banking firms and corporate payment providers.

An API can provide every payment service permitted under the PSRs 2017: services enabling cash to be paid into or withdrawn from a payment account, the execution of payment transactions, the issuing of payment instruments, merchant acquiring, money remittance, payment initiation services and account information services. There is no volume cap on payment activity. An API cannot, however, issue electronic money (which requires an EMI licence) or accept deposits or lend on its own account (which requires a credit institution authorisation).

Initial capital is tiered by services: £20,000 for money remittance only, £50,000 for payment initiation services, and £125,000 for payment execution, the issuing of payment instruments and merchant acquiring. Where services span multiple tiers, the highest tier applies. Ongoing own funds are calculated under one of four methods (A, B, C or D) assigned by the FCA having regard to business model and scale.

Safeguarding under the new PS25/12 / CASS 15 regime is mandatory from 7 May 2026 for every API providing services that involve holding customer funds. The CASS 15 obligations include a statutory trust over customer funds, daily reconciliation, monthly FCA safeguarding returns, an annual safeguarding audit by an FRC-approved auditor, and a CASS 10-style Resolution Pack retrievable within 48 hours.

Governance is examined rigorously at the gateway. The FCA expects a board with majority non-executive directors, an independent chair, executive senior managers covering CEO, CFO and MLRO at minimum, clearly defined first, second and third lines of defence, and senior managers with demonstrable payment services experience. The Senior Managers and Certification Regime (SM&CR) applies in full.

Realistic end-to-end timelines are six to ten months from submission for a well-prepared application, twelve to eighteen months for an application that attracts material FCA challenge. Refusal rates are approximately one in five.

The API is the right licence for: any firm planning to process more than €3 million in average monthly payment volume, any firm offering payment initiation services or account information services as a meaningful part of its business, merchant acquirers, B2B and B2C money remitters at scale, payment platforms with corporate or institutional customers, and firms that intend to upgrade to EMI status within a few years (the API is the natural intermediate step).

Small Payment Institution (SPI)

The Small Payment Institution registration is a lighter regime under the PSRs 2017 for firms with average monthly payment transactions of no more than €3 million. The volume cap is calculated over a rolling 12-month period and includes all payment services in scope of the registration. Firms that exceed the cap must transition to API status.

An SPI can provide most of the same services as an API: services enabling cash to be paid into or withdrawn from a payment account, the execution of payment transactions, the issuing of payment instruments, merchant acquiring and money remittance. It cannot, however, provide payment initiation services or account information services, both of which are reserved for authorised firms.

There is no initial capital requirement for an SPI. Safeguarding under CASS 15 is not mandatory, although voluntary safeguarding is strongly recommended and is increasingly expected by safeguarding banks. Many SPIs adopt CASS 15 in substance to support transition to API status.

Governance expectations are lighter than for an API but not minimal. The FCA expects a fit-and-proper management team, basic AML and financial crime controls, and adequate systems and processes for the activity. SM&CR does not apply in full to SPIs but the MLRO must be a fit and proper person and key individuals must be approved.

Realistic timelines are three to six months from submission. The FCA application fee for an SPI is £1,120 (Category 3), set out in the FEES Sourcebook.

The SPI is the right registration for: early-stage firms testing a payment business model, firms with a clear ceiling below €3 million monthly volume, niche or specialist payment firms (for example, single-corridor remitters or payment services for specific customer segments), and firms that intend to use SPI status as a stepping stone to API authorisation once the business is established.

The SPI's principal limitations are the volume cap, the inability to provide PIS or AIS, and the absence of an EU passport (which has not existed for any UK firm since 31 December 2020 in any case). The volume cap is the most operationally significant: firms approaching the cap must plan their API transition well in advance, as transition itself is a six- to ten-month authorisation process.

Registered Account Information Service Provider (RAISP)

The Registered Account Information Service Provider registration is a specialist, lighter regime introduced under PSD2 and the PSRs 2017 for firms providing only account information services. AIS is the regulated activity of providing consolidated information on payment accounts held by a customer with one or more payment service providers, accessed via the open banking APIs that account servicing payment service providers (ASPSPs, principally banks) are required to make available.

A RAISP can provide only account information services. It cannot hold or control customer funds, cannot provide payment initiation services, cannot execute payment transactions and cannot issue payment instruments or electronic money. The regulatory perimeter is narrowly defined and any firm whose activities extend beyond AIS must register or authorise differently.

There is no initial capital requirement for a RAISP. The firm must, however, hold appropriate professional indemnity insurance covering both its potential liability to ASPSPs (whose APIs it accesses) and to the customers whose accounts it accesses. The FCA does not specify a minimum coverage figure but expects insurance commensurate with the scale and risk of the activity.

Governance expectations focus on data security (because the firm handles sensitive customer credentials and account data), customer consent management (under both PSD2 and UK GDPR), and the firm's relationships with ASPSPs. AML obligations are limited (because the firm does not handle funds) but data protection obligations are extensive.

Realistic timelines are three to six months from submission. The FCA application fee for a RAISP is £1,120 (Category 3).

The RAISP is the right registration for: standalone account aggregation services, personal financial management apps that do not initiate payments, credit underwriting firms that use bank account data, accounting and tax software that integrates with bank feeds, and corporate cash management tools.

The RAISP's principal limitation is the AIS-only scope. Firms that need to initiate payments must either register or authorise as a PIS provider as well, or pursue full API authorisation. In practice many fintech business models that begin as AIS-only evolve to include payment initiation, in which case the firm must upgrade to a PIS-capable authorisation (most commonly an API with PIS permission).

Authorised Electronic Money Institution (AEMI)

The Authorised Electronic Money Institution licence is the FCA authorisation under the Electronic Money Regulations 2011 (EMRs 2011) to issue electronic money. Electronic money is defined as electronically (including magnetically) stored monetary value represented by a claim on the issuer, issued on receipt of funds for the purpose of making payment transactions and accepted by a person other than the issuer. In practice, e-money is what powers prepaid cards, digital wallets, stored-value accounts and most "neobank" propositions.

An AEMI can provide every service of an API plus the issuance, distribution and redemption of electronic money. There is no volume cap. The AEMI can passport its services across the EEA — though, as for all UK firms, the EU passport ended on 31 December 2020 following Brexit, and a UK AEMI must obtain separate EU authorisation to serve EU customers.

Initial capital is £350,000, substantially higher than the API. Ongoing own funds are calculated under Method D (specific to e-money issuance) which combines a 2% calculation against the average outstanding e-money in issue with the API own funds requirement for any payment services provided. The combined own funds requirement scales with the size of the e-money business.

Safeguarding under PS25/12 / CASS 15 is mandatory from 7 May 2026 for every AEMI in respect of both e-money in issue and any payment services provided. The CASS 15 obligations are the same as for an API.

Governance is examined to the highest standard the FCA applies in this sector. The board must include experienced non-executives with banking, payments or fintech backgrounds. Senior managers must demonstrate substantial e-money or banking experience. The chief risk officer role is generally expected to be filled by a senior individual with a regulated firm background. SM&CR applies in full. The FCA's gateway expectations for AEMI applications are higher than for any other payment licence.

Realistic end-to-end timelines are nine to fifteen months from submission for a well-prepared application. The capital contribution alone is substantially higher than for an API (the £350,000 minimum, often more for working capital), and the broader cost base of an EMI authorisation reflects the more rigorous regulatory requirements.

The AEMI is the right licence for: digital banks and neobanks that issue stored-value accounts, prepaid card issuers, digital wallet providers, multi-currency consumer accounts, payroll platforms that hold funds for employees, and any firm whose business model centrally involves stored value rather than only payment processing.

The decision between API and AEMI is one of the most important early-stage strategic decisions in UK fintech. API is faster, cheaper and lighter but does not permit e-money issuance. AEMI is heavier and more expensive but unlocks the full neobank and digital wallet model. Many firms begin as APIs and upgrade to AEMI status as their business model matures: this is a viable path but the variation of permission process is itself a six- to nine-month exercise and effectively a re-authorisation in substance.

Small Electronic Money Institution (SEMI)

The Small Electronic Money Institution registration is a lighter regime under the EMRs 2011 for firms with average outstanding e-money of no more than €5 million. SEMIs cannot provide AIS or PIS, cannot passport (in any case irrelevant post-Brexit), and face a lighter authorisation process and ongoing supervision than AEMIs.

Initial capital for a SEMI is not required, although the firm must demonstrate adequate financial resources. Safeguarding under CASS 15 is not mandatory, although the same considerations apply as for SPIs: voluntary safeguarding is strongly recommended.

Realistic timelines are four to seven months. The FCA application fee for a SEMI is £1,120 (Category 3).

The SEMI is rarely the right starting point for a serious fintech today. The €5 million outstanding e-money cap is reached very quickly by any successful e-money product, and the transition from SEMI to AEMI is itself a substantial authorisation exercise. Most firms that need an EMI authorisation are better served by going directly to AEMI and accepting the higher upfront cost.

The SEMI may be appropriate for: very narrow, niche e-money products with a hard ceiling on outstanding value (for example, employee benefit cards for a specific corporate client at limited scale), pilot products with a planned graduation to AEMI within a defined window, or firms testing a specific market segment before committing to full AEMI authorisation.

How to choose: a decision framework

The choice between licences is driven by four considerations: the regulated activities the firm needs to perform, the scale at which the firm will operate, the firm's growth trajectory and the firm's willingness to invest upfront in regulatory capacity.

Step 1: Identify the regulated activities. Map the firm's business model onto the eight payment services of the PSRs 2017 plus e-money issuance under the EMRs 2011. If the firm needs to issue stored value, prepaid cards or digital wallets, the answer is an EMI authorisation (AEMI or SEMI). If the firm needs only to provide account information services, the answer is a RAISP. If the firm needs payment services without e-money issuance, the answer is an API or SPI.

Step 2: Assess scale. If the firm will exceed €3 million in average monthly payment transactions (for PI activity) or €5 million in average outstanding e-money (for EMI activity), the answer is the authorised regime (API or AEMI). The volume caps come up faster than founders typically expect, particularly in B2C consumer fintech, and exceeding the cap without prior authorisation is a regulatory breach.

Step 3: Consider growth trajectory. Where the firm has a clear medium-term plan to scale beyond the small regime, the right answer is often to skip the small registration and authorise directly. The cost differential between SPI and API authorisation is significant but the cost of a subsequent SPI-to-API transition is also significant, and the time spent on transition is time not spent scaling the business. Investors increasingly expect a clear path to API or AEMI from the outset.

Step 4: Consider PIS and AIS. Payment initiation services and account information services are increasingly central to fintech business models, particularly in open banking, embedded finance and B2B payment automation. Both services require an authorised licence (API for PIS plus other services, RAISP for AIS-only). Firms with PIS or AIS in their roadmap should plan for the API or RAISP path from the outset.

Step 5: Consider EU access. Post-Brexit, no UK licence permits passporting into the EU. Firms that need EU customers must pursue parallel UK and EU authorisations. The UK and EU authorisation projects can be sequenced or run in parallel; the choice depends on the firm's primary market focus, capital and management bandwidth.

Step 6: Consider the upgrade path. Each licence has a defined upgrade path: SPI to API, SEMI to AEMI, RAISP to API (with PIS), API to AEMI. Each upgrade is a variation of permission process, in substance a re-authorisation, that takes six to twelve months. Where the firm's strategic direction is clear, authorising directly at the higher level often makes more sense than the staged approach.

Common scenarios and the right licence

• B2C remittance app targeting £20 million annual UK volume. API. Volume exceeds the SPI cap and the firm needs the operational headroom. Initial capital £20,000 if remittance only, otherwise £125,000.

• B2B corporate payment platform with £500 million annual processed volume. API at minimum, AEMI if the platform issues stored-value accounts to clients. Substantial governance and capital requirements.

• Personal finance management app pulling open banking data. RAISP. AIS-only scope, no fund handling, light registration.

• Embedded finance platform offering payment accounts and prepaid cards to corporate customers' end users. AEMI. The platform issues e-money and provides full payment services.

• Niche corridor remitter (UK to specific country) targeting £1 million monthly volume. SPI initially, with API transition planned at scale. Founders should monitor the cap and plan the transition early.

• Open banking PISP allowing merchants to accept account-to-account payments. API with PIS permission. PIS requires authorised status and £50,000 initial capital (£125,000 if combined with other services).

• Digital neobank for UK consumers. AEMI. Full e-money issuance, current account-style products, and the full governance and safeguarding requirements.

How Buckingham Capital Consulting can help

Buckingham Capital Consulting has advised UK payment institutions and electronic money institutions on regulatory licensing since 2013, well before the introduction of PSD2, PSRs 2017 and the new PS25/12 safeguarding regime. Over the past 13 years we have authorised and registered several firms across every UK payment licence type, including Authorised Payment Institutions, Small Payment Institutions, Registered Account Information Service Providers, Authorised and Small Electronic Money Institutions, merchant acquirers, money remitters, payment initiation service providers, open banking firms and corporate payment platforms.

We work with founders and senior management at the strategic stage to help them choose the right licence for their business model, scale and growth trajectory, factoring in the regulatory perimeter, capital and own funds, governance and SM&CR expectations, the timing and cost of authorisation, the post-authorisation operating cost base, and the upgrade path as the business scales. We then manage the full authorisation process as a single engagement, from application file preparation through FCA correspondence to authorisation and post-authorisation compliance.

For firms transitioning between licence types — SPI to API, SEMI to AEMI, RAISP adding PIS, or API upgrading to AEMI — we conduct gap analyses against the higher regime and project-manage the variation of permission. After authorisation, we provide ongoing compliance support including PS25/12 / CASS 15 safeguarding oversight, regulatory reporting, policy updates, governance reviews and preparation for FCA supervisory engagement.

If you are evaluating which UK payment licence is right for your business, planning a transition between licence types, or preparing a UK authorisation application, contact our team for an initial assessment.

Email: info@buckinghamcapitalconsulting.co.uk Tel: 0207 866 2512

Frequently asked questions

What is the main difference between an API and an EMI licence? An Authorised Payment Institution can provide payment services but cannot issue electronic money. An Electronic Money Institution can do everything an API can do and additionally issue electronic money: stored-value accounts, prepaid cards and digital wallet balances. The EMI requires £350,000 initial capital versus £20,000 to £125,000 for an API, faces a more rigorous authorisation process and higher ongoing requirements. EMI is the right choice for any business model that centrally involves stored value; API is sufficient for pure payment processing models.

Should I start with an SPI and upgrade to an API, or go straight to an API? The right answer depends on growth trajectory and capital availability. Starting with an SPI is appropriate for early-stage firms that genuinely have a hard ceiling below €3 million monthly volume, want to test a business model with limited regulatory cost, or face capital constraints that make immediate API authorisation impractical. Going straight to an API is appropriate for firms with a clear medium-term plan to exceed the cap, businesses that need PIS or AIS services from launch, or firms with the capital and bandwidth to absorb the higher upfront cost. The cost of subsequently transitioning from SPI to API often exceeds the saving from starting at SPI level, particularly when the management time required for the transition is factored in.

Can a RAISP also process payments? No. A Registered Account Information Service Provider is authorised only for account information services. To process payments, the firm must also obtain authorisation for the relevant payment service, which typically means upgrading to an API with PIS permission (for payment initiation), or to a full API or AEMI (for executing payment transactions). Many firms that begin as RAISPs eventually upgrade as their business model evolves: this is a common but non-trivial variation of permission process.

Which licence permits issuing prepaid cards in the UK? Prepaid cards involve the issuance of electronic money: the card balance is a stored-value claim on the issuer. Issuing prepaid cards therefore requires an EMI licence (Authorised or Small). An API cannot issue prepaid cards in its own right. APIs can, however, distribute prepaid cards on behalf of an authorised EMI as a programme manager or distributor, which is a common commercial arrangement.

How does the SM&CR apply differently across the UK payment licences? SM&CR applies in full to APIs and AEMIs, with the standard senior management functions (SMF1 Chief Executive, SMF2 Chief Finance, SMF17 Money Laundering Reporting Officer and others as relevant) requiring individual FCA approval. SM&CR applies in lighter form to SPIs and SEMIs: the MLRO and key individuals require approval but the full SMF framework does not. SM&CR does not apply to RAISPs in the same way, although the firm's directors and key individuals are subject to fitness and propriety assessment at registration.

Can I hold both an API and an EMI authorisation? Yes, in principle, although in practice firms holding e-money permission typically hold an EMI rather than maintaining both. The EMI authorisation includes everything an API can do: a firm with an EMI does not separately need an API. Some groups hold an API in one entity and an EMI in another for commercial or capital structuring reasons but the more common pattern is consolidation under a single EMI authorisation as the business matures.

What happens to my SPI registration if I exceed €3 million monthly volume? Exceeding the SPI volume cap is a regulatory breach: the firm is providing payment services beyond the scope of its registration. The firm must either reduce volume below the cap or obtain API authorisation before exceeding the cap on a sustained basis. SPIs approaching the cap should engage with the FCA proactively, plan their API transition six to twelve months in advance, and submit the variation of permission application well before the cap is breached. Firms that exceed the cap without prior authorisation face supervisory action including potential restrictions, requirements and (in serious cases) enforcement.

Is it easier to get an SPI than an API? Yes. SPI registration is a lighter process with a smaller application file, lighter governance expectations, no mandatory safeguarding, no mandatory CASS 15 audit. Realistic timelines are three to six months for an SPI versus six to ten months for an API. The trade-offs are the volume cap, the inability to provide PIS or AIS, and the eventual cost of upgrading to API status if the business scales.

Do any UK payment licences provide an EU passport in 2026? No. PSD2 passporting between the UK and the EU ended on 31 December 2020 following Brexit. No UK payment licence permits cross-border services or establishment in the EEA. UK firms wishing to serve EU customers must obtain a separate authorisation in an EU Member State (most commonly Lithuania, Ireland or the Netherlands for fintech models) and operate that authorisation in parallel with the UK licence. Conversely, EU firms wishing to serve UK customers must obtain UK authorisation.

How long does each UK payment licence take to obtain in 2026? Realistic end-to-end timelines from submission to authorisation are: API six to ten months, SPI three to six months, RAISP three to six months, AEMI nine to fifteen months, SEMI four to seven months. Add four to eight weeks for application preparation before submission. The single biggest controllable variable across all licence types is the quality and completeness of the application at submission. A polished, complete file dramatically reduces FCA information request rounds and shortens the timeline.