FCA Variation of Permission Application: Adding or Changing Regulated Activities

When you need to add new regulated activities, change existing permissions, or modify regulatory requirements, you must apply to the FCA for variation of permission. For payment institutions, EMIs, and banks, variation applications are complex regulatory processes requiring comprehensive documentation, stakeholder management, and often extended timelines.

Understanding when variation is required, what the FCA expects, and how to navigate the process efficiently is critical. Delays in obtaining variation can prevent you from launching new products, entering new markets, or executing business strategy. Poorly prepared applications result in extended review periods, requests for additional information, and in some cases, refusal.

When an FCA Variation of Permission Application Is Required

You must apply for variation of permission when adding new regulated activities not covered by current permissions, changing how you conduct existing activities in ways that require different regulatory treatment, or modifying conditions or requirements attached to your permissions.

For payment institutions, common variations include adding new payment services beyond those originally authorised, expanding into e-money issuance requiring EMI status, extending operations into new jurisdictions, or changing business models materially affecting regulatory requirements. For EMIs, variations often involve adding payment services beyond e-money issuance, expanding safeguarding or custody services, or entering new markets.

Banks typically seek variations when adding new product lines, entering new business areas, or changing capital treatment of activities. The key test is whether what you want to do falls within your current permissions or requires regulatory approval to proceed.

The Application Process

Variation applications use the FCA's Connect system. You must provide detailed information about the new or changed activities you're seeking permission for, demonstrate you meet threshold conditions for the varied permissions, show you have adequate resources including capital, people, and systems, evidence appropriate governance and controls, and explain how the variation affects your overall business.

The FCA has 90 working days to determine straightforward applications, extendable to six months for complex cases. In practice, payment institution and EMI variations often take three to six months depending on complexity. Banking variations can take longer, particularly where they involve significant business model changes or raise novel regulatory issues.

What the FCA Assesses

The FCA evaluates whether you meet threshold conditions for the permissions you're seeking. This includes business model suitability for the proposed activities, effective supervision demonstrating the FCA can supervise you effectively, adequate resources including capital, liquidity, people, and systems, and appropriate governance and controls.

For payment institutions and EMIs, the FCA pays particular attention to safeguarding arrangements for new activities, financial crime controls appropriate to new risks, capital adequacy for increased scale or scope, operational resilience covering new systems or processes, and Consumer Duty compliance for new retail offerings.

The FCA also considers your track record. Firms with clean regulatory records and good relationships with supervisors typically experience smoother variation processes. Firms with compliance issues, poor regulatory engagement, or outstanding supervisory concerns face enhanced scrutiny and potential delays.

Payment Institution and EMI Specific Considerations

For payment institutions adding new payment services, the FCA examines whether your systems can handle the new services, whether operational and financial resources are adequate, whether safeguarding arrangements cover the new services appropriately, whether financial crime controls address new typologies, and whether governance and oversight extend to new activities.

EMIs seeking to add payment services beyond e-money issuance face particular scrutiny. The FCA examines the interaction between e-money issuance and payment services, safeguarding methodology and calculations across both activities, capital requirements reflecting combined activities, operational separation where required, and governance covering both e-money and payment services functions.

Application fees for payment institution and EMI variations are £1,250 for authorised payment institutions and EMIs, and £250 for small payment institutions. The FCA also charges supplementary fees for ongoing supervision based on the breadth of permissions you hold.

Capital and Financial Resources

Variation applications must demonstrate adequate capital and financial resources. This requires capital calculations reflecting the new or expanded activities, financial projections showing viability of the varied business, liquidity assessments demonstrating you can meet obligations, and contingency planning for stress scenarios.

For payment institutions and EMIs, capital requirements often increase when adding activities. You must demonstrate you hold or will hold adequate capital before commencing the new activities. The FCA won't grant variation if capital adequacy is uncertain or dependent on future fundraising that hasn't completed.

Systems and Controls

The FCA expects detailed information about systems and controls supporting new activities. This includes technology infrastructure capable of handling the activities securely and reliably, transaction monitoring calibrated to risks of the new activities, safeguarding systems for payment institutions and EMIs, financial crime controls addressing new typologies, operational resilience covering new systems and dependencies, and compliance monitoring ensuring ongoing regulatory compliance.

Generic descriptions are inadequate. The FCA expects specific detail about how systems will work, what controls will apply, how you'll monitor effectiveness, and how you'll respond to issues.

Governance and Senior Management

Variation applications must show appropriate governance for the expanded business. This includes Senior Managers & Certification Regime arrangements with appropriate skills and experience for new activities, board oversight of new activities with relevant expertise, risk management frameworks covering new risks, and management information providing visibility into new activities' performance and risks.

If new activities require additional Senior Management Functions or changes to Statements of Responsibilities, these must be addressed in the variation application or through separate applications submitted concurrently.

Impact on Reporting and Compliance

Adding or changing activities affects regulatory reporting obligations. You must understand and document how the variation changes what you report, when you report it, and what data you need to collect. For payment institutions and EMIs, this includes transaction reporting, prudential returns, complaints reporting, and any sector-specific reporting requirements.

The FCA expects you to have systems capable of producing required reporting from day one of operating under varied permissions.

How Buckingham Capital Consulting Helps

Since 2013, we've specialised in helping payment institutions, EMIs, and banks navigate variation of permission applications successfully.

We start by determining whether variation is actually required for what you want to do. Not every business change needs regulatory approval. We assess whether your proposed activities fall within existing permissions, whether variation is required, or whether alternative approaches might work. This prevents unnecessary applications and associated costs.

For applications that are required, we provide end-to-end support. We draft variation applications comprehensively addressing all FCA requirements, prepare supporting documentation including capital calculations, financial projections, systems descriptions, governance arrangements, and compliance frameworks. We complete forms and submissions through the Connect system, and manage the application process including responding to FCA questions and requests for information.

Business model and strategy documentation must demonstrate that new activities make sense and are sustainable. We help you articulate your business case clearly, explain how new activities fit your overall strategy, demonstrate market opportunity and demand, and show how you'll operate activities profitably whilst meeting regulatory obligations.

Capital and financial resources documentation requires technical accuracy. We prepare capital calculations under relevant requirements, develop financial projections showing viability, assess liquidity requirements and sources, and prepare stress testing and contingency scenarios. Our work satisfies the FCA's expectations for rigour and conservatism.

Systems and controls documentation must be specific and credible. We document technology infrastructure and capabilities, describe transaction monitoring and financial crime controls, detail safeguarding systems and calculations for payment firms, explain operational resilience arrangements, and outline compliance monitoring approaches. We provide the level of detail the FCA expects without unnecessary complexity.

Governance and SMCR documentation shows appropriate oversight and accountability. We review or prepare Senior Manager Statements of Responsibilities reflecting new activities, document board oversight arrangements, describe risk management frameworks, and explain management information covering new activities.

Throughout the application process, we provide FCA liaison managing relationships with supervisors, responding to queries and requests efficiently, addressing concerns or objections constructively, and keeping you informed of progress and issues.

When the FCA raises concerns or requests modifications, we help you assess the implications, propose solutions acceptable to the regulator, and negotiate outcomes that work for your business whilst satisfying regulatory requirements.

Post-approval, we support implementation ensuring you meet conditions attached to varied permissions, establish required systems and controls before commencing activities, complete any additional SMCR applications needed, and begin operating under varied permissions compliantly.

Why Variation Applications Demand Expertise

Variation applications are complex regulatory submissions requiring technical accuracy, comprehensive documentation, and effective regulator engagement. Applications that are incomplete, unclear, or inadequately supported face delays, additional information requests, and potential refusal.

The cost of delays is substantial. Missed product launch windows, delayed market entry, and inability to execute strategy all impact revenue and competitive position. The cost of refusal is worse, forcing you to either abandon plans or undertake expensive remediation before reapplying.

Well-prepared applications that address FCA expectations comprehensively proceed more smoothly with shorter review periods and fewer complications. The investment in proper application preparation is modest compared to costs of delays or refusal.

Contact Buckingham Capital Consulting to discuss your variation of permission needs. With over 14 years of specialist expertise helping payment institutions, EMIs, and banks obtain regulatory permissions, we know what the FCA expects and how to deliver applications that succeed.

Email us at info@buckinghamcapitalconsulting.co.uk or call 0207 866 2512