Key strategies and challenges in building resilient financial services businesses in the UK

May 2025  |  SPOTLIGHT | BANKING & FINANCE

Financier Worldwide Magazine

May 2025 Issue

The UK government has emphatically declared economic growth as its paramount objective and provided growth-focused remits to financial services (FS) regulators aimed at fostering investment and innovation.

This initiative signals a significant pivot toward a ‘pro-growth agenda’, with the UK government urging regulators to adopt a more growth-oriented mindset. The drive toward economic expansion is not just rhetoric; it is backed by actionable insights and proposals from regulators, whom earlier this year laid out a blueprint for 50 or so growth proposals aimed at advancing growth and competitiveness in the UK, and, more recently, launched a five-year strategy to support growth.

The proposals encompass a wide array of measures, such as supporting international promotion of the UK FS sector, opening up to more innovative firms and cutting barriers between regulators, simplifying the prudential framework for smaller financial institutions, simplifying the handbook and streamlining regulatory requirements, removing redundant returns, and focusing on the digitalisation and timely handling of authorisation applications.

These steps are designed not just to stimulate growth but to make the UK a more attractive destination for businesses looking to innovate and expand here. However, these proposed measures are by no means intended to materially lower the regulator’s expectations. Instead, they aim to make the regulatory process more seamless and conducive to fostering innovation and growth, while aiming to drive clarity and proportionate flexibility within the regulatory framework.

For businesses considering setting up shop in the UK, this presents a valuable opportunity. Regulators have outlined a series of enhancements to the authorisation process aimed at bolstering support for start-ups and growing firms. These include the assignment of dedicated case officers and supervisors for entities in their early and high-growth stages, and extended pre-application support to certain applicants.

Moreover, the regulators plan to indicate more frequently their approval intentions, a move that could significantly ease the funding acquisition process for start-ups.

However, it is important to note that while the process and communication with regulators may become more streamlined, the high standards for securing authorisation remain unchanged. Businesses must demonstrate a comprehensive understanding of regulatory requirements, including a detailed business plan, a clear rationale for its strategy and robust risk management practices.

Additionally, the authorisation process demands patience and meticulous planning, with applicants encouraged to factor in project management time and contingency plans. While regulators will continue to uphold high expectations, they also seek to streamline processes. They expect firms to apply measures that are proportionate to their nature, scale and size.

The UK government’s focus on growth may not automatically or immediately equate to the removal of regulation. Rather, it urges regulators to consider flexibility, efficiency and proportionality to help improve the ease of operating in the FS sector and reduce "unnecessary administrative burdens" as well as address outdated, ambiguous or conflicting requirements. The UK government is set to publish a Financial Services Growth and Competitiveness Strategy this spring, which is expected to outline further steps to support the sector’s expansion and strengthen its global standing.

The FCA’s recently published five-year strategy is underpinned by a commitment to be a smarter regulator by being predictable, purposeful and proportionate in its processes and decision making, which is welcomed by the industry. Global uncertainty, jurisdictional disparity, financial resilience and demographic changes are all important challenges.

Needless to say, any business seeking to do business in the UK needs to consider multifaceted issues. From considering its business strategy and structuring, to company law and governance requirements, financial projections and taxation, data protection, technology, artificial intelligence (AI) and cyber security, intellectual property (IP), trademarks and domains, competition, employment law to regulatory, risk management, compliance and financial crime requirements.

Some essential considerations for applicants before they seek authorisation from UK regulators are outlined below.

Business model, strategy and structuring. Presenting a business model that is both credible and meticulously thought through and crafting a narrative for the business that showcases a robust, well-structured, and operationally and financially resilient model that stands up to rigorous scrutiny, is crucial. This involves a deep dive into the overall structure, ability to meet threshold conditions, governance composition, applicable capital requirements and financial projections of the applicant, to ensure the business and individuals are fit and proper. The business plan needs to include clear explanations for why specific permissions are sought, demonstrate adequate resources and describe how risk management is not just a policy but a practice, ensuring the business is primed for effective supervision.

Governance. Firms must meet standard governance expectations set by regulators. They must ensure that their boards and senior management have the adequate skills and experience to effectively oversee their firms. The senior management function or equivalent applications for individuals should clearly state why the firm considers these individuals to be suitable for the roles for which they have been selected, and include relevant evidence. Boards must have appropriate conflicts of interest management procedures, adequate management information and appropriate succession plans. Evidence of disclosure and barring service criminal record checks are required for senior management function holders and individual controllers of the applicant firm. The timing element in obtaining these checks alongside shareholder controller detail will need to be factored into the overall project plan.

Financials and regulatory capital. A lack of financial prudence will cause internal and external risks. Regulators require firms to demonstrate sufficient capital to meet regulatory obligations. Applicants must consider various factors in their own assessments of adequate financial resources and wind-down planning, including ensuring they have robust systems and controls, governance, leadership and a culture that aims to mitigate the risk of harm to consumers and markets.

Operational resilience, outsourcing and cyber security. In-scope applicants are expected to have identified their important business services and set impact tolerances. There is also an expectation to have in place a strategy for outsourcing, as well as governance and oversight arrangements. Recent events of failure of various firms’ IT systems which led to significant customer issues highlight the importance of ensuring applicants have robust systems and controls in place for their operational and cyber resilience.

Risk management and compliance. Effective risk management and controls ensure that the business strategy is delivered in a well-governed and controlled manner and protects the interests of stakeholders. A clear risk management framework that identifies the key risks to their firm and is supported by a board approved risk appetite statement is key. The framework should include a supporting risk management framework, heat maps, policies and procedures, which clearly set out how the risks have been identified, and how they will be monitored, managed and reported.

Financial crime requirements. Preventing financial crime remains a top focus area for the regulators’ business plan and strategy. Applicants are required to have adequate financial crime systems and controls. They must assess financial crime risks, have comprehensive risk assessments, policies and procedures, and training frameworks, and ensure that their financial crime controls remain fit for purpose. Weak or incomplete risk assessments or policies can raise immediate red flags.

In addition, firms should also consider aspects relating to taxation, employment, competition, IP, data protection and IT requirements when setting up businesses in the UK. What are the tax obligations for the business and will this impact group structuring? Which rights and obligations need to be considered? Do individuals have the correct competency and capability, and are they fit and proper? Are there any potential concerns related to competition law that could affect the business? Have necessary trademarks and domain names to protect brand identity been secured? What are the implications of data privacy laws, especially those concerning the handling of customer data? Have the opportunities and challenges presented by digitalisation and AI capabilities been evaluated? What cyber security measures are in place?

Common pitfalls in the new entrant process often include insufficiently explained business models and a lack of detail as to what the applicant will be able to show it could do from day one to comply with the relevant requirements. To navigate these challenges, businesses must focus on presenting a credible, well-structured business model, ensuring robust governance, adequate people and financial resources, and operational resilience, among various other factors.

Important questions to ask are whether upcoming legislative and regulatory changes may impact the business proposition and whether these have been accounted for in the business plan and projections.

The UK’s FS industry stands at a pivotal moment, with the potential for the current and proposed regulatory changes to impact its growth and competitive landscape. Providing a stable, proportionate and certain environment for FS firms looking to invest or expand in the UK is critical.

While the regulatory landscape will continue to be rigorous, the emphasis on dialogue, support and clarity for businesses navigating the regulatory gateway heralds a potentially promising and encouraging era for innovation and growth in the UK’s financial sector.

 

Lisa Lee Lewis is a partner, Zaynah Bamgboye is a compliance manager and Rasheda Rahman is a senior knowledge lawyer at Addleshaw Goddard LLP. Ms Lewis can be contacted on +44 (0)20 7160 3042 or by email: lisalee.lewis@addleshawgoddard.com. Ms Bamgboye can be contacted on +44 (0)20 7544 5373 or by email: zaynah.bamgboye@addleshawgoddard.com. Ms Rahman can be contacted on +44 (0)20 7160 3088 or by email: rasheda.rahman@addleshawgoddard.com.

© Financier Worldwide

BY

Lisa Lee Lewis, Zaynah Bamgboye and Rasheda Rahman

Addleshaw Goddard LLP

©2001-2025 Financier Worldwide Ltd. All rights reserved. Any statements expressed on this website are understood to be general opinions and should not be relied upon as legal, financial or any other form of professional advice. Opinions expressed do not necessarily represent the views of the authors’ current or previous employers, or clients. The publisher, authors and authors' firms are not responsible for any loss third parties may suffer in connection with information or materials presented on this website, or use of any such information or materials by any third parties.