United Kingdom

United Kingdom — FCA Small Payment Institution (SPI) Registration 2026

The FCA Small Payment Institution (SPI) registration is the most accessible route to regulated payment services in the United Kingdom — no minimum capital requirement, €3M monthly transaction cap, and a 6–7 month registration timeline. The definitive starting point for UK fintech startups seeking FCA regulatory standing before scaling to full Authorised Payment Institution (API) authorization.

REGULATOR

FCA (Financial Conduct Authority)

CAPITAL REQUIRED

None

MONTHLY CAP

€3M per month

LAST UPDATED

April 2026

— Last updated: April 2026 · 12 min read

What is the UK FCA Small Payment Institution?

The Financial Conduct Authority (FCA) Small Payment Institution (SPI) registration is an FCA authorization that allows companies to provide regulated payment services in the United Kingdom under the Payment Services Regulations 2017 (PSRs 2017) — the UK implementation of the EU's PSD2, which remained in UK law post-Brexit. Unlike the full Authorised Payment Institution (API) license, the SPI registration has no minimum capital requirement and a significantly lighter regulatory burden — making it the most accessible FCA payment authorization for startups and growing fintech companies.

Once registered as an SPI, the firm is listed on the FCA Register as a regulated payment service provider — the definitive public record of UK-authorized financial services firms. This FCA Register listing is recognized by UK banks, payment scheme operators, and business counterparties as confirmation of regulated status.

Feature	Details
Regulator	FCA (Financial Conduct Authority)
Registration type	Small Payment Institution (SPI)
Framework	Payment Services Regulations 2017 (PSRs 2017)
Min. capital	None
Monthly transaction cap	€3M per payment service activity
E-money float cap	N/A (SPI cannot issue e-money)
Mind and management	UK-based — CEO and MLRO must be UK-resident
MLRO	Required — UK AML/KYC expertise
Timeline	6–7 months total
FCA Register listing	Yes — publicly accessible
Upgrade path	Authorised Payment Institution (API)

SPI vs. API: The Critical Distinction

The UK has two tiers of payment institution authorization. Choosing the right tier from the outset determines your operational ceiling and compliance obligations.

Feature	SPI (Small PI)	API (Authorised PI)
Min. capital	None	£125,000 (or higher depending on services)
Monthly transaction cap	€3M per service	None
E-money issuance	Not permitted	Not permitted (requires EMI)
Passporting (EU)	No (post-Brexit)	No (post-Brexit)
FCA registration	Yes — on FCA Register	Yes — on FCA Register
Safeguarding	Required for applicable services	Required
Compliance burden	Lower	Higher
Timeline	6–7 months	9–18 months
Best for	Startups, testing market, limited volume	Established operators, full-scale
Upgrade path	→ API when volumes exceed €3M	→ EMI if e-money issuance required

SPI as Entry Point

The SPI registration is specifically designed as the entry point for payment businesses entering the UK market. The €3M monthly cap is not a ceiling imposed in perpetuity — it is a threshold that triggers the requirement to upgrade to full API authorization. Many UK fintech companies launch under SPI, prove their business model, and upgrade to API as transaction volumes grow. Zitadelle AG advises on both SPI registration and SPI-to-API upgrade pathways.

Permitted Payment Services Under SPI Registration

An SPI registration covers the payment services defined in the Payment Services Regulations 2017. The following activities are permitted (subject to the €3M monthly cap per service):

•Execution of payment transactions — credit transfers, direct debits, and payment orders
•Payment initiation services (PIS) — initiating payment orders on behalf of clients from their payment accounts held at other banks
•Account information services (AIS) — aggregating and presenting client account information from multiple financial institutions (Open Banking)
•Issuing payment instruments — prepaid payment instruments, payment cards (not e-money issuance)
•Merchant acquiring — accepting payment cards and other payment instruments on behalf of merchants
•Money remittance — receiving and transmitting funds without a payment account created in the payer's or payee's name
•Payment gateway services — facilitating online payment transactions between buyers and merchants

What SPI Does NOT Cover

E-money issuance:Issuing electronic money (e-wallets, stored value) requires a separate FCA Electronic Money Institution (EMI) registration or full EMI authorization. SPI does not cover e-money issuance.

Unlimited transaction volumes:The €3M monthly cap per payment service applies strictly. Exceeding this threshold without upgrading to API constitutes operating outside authorization scope.

EU passporting:Post-Brexit, UK SPI registration provides no EU market access. EU/EEA payment services require a separate EU EMI or API authorization (e.g., Bank of Lithuania EMI).

Cryptocurrency services:Crypto asset services are not covered under SPI registration. Separate FCA crypto asset registration is required for UK crypto businesses.

The Mind and Management Requirement

The Mind and Management requirement is the single most challenging aspect of UK SPI registration for non-UK-based operators. It is not a cosmetic requirement — the FCA applies it substantively and refuses applications where genuine UK management cannot be demonstrated.

Mind and Management Explained

The FCA requires that key decision-makers genuinely manage the SPI from the United Kingdom. This means the CEO and MLRO (Money Laundering Reporting Officer) must be UK-resident and actually involved in the day-to-day management of the UK payment business — not simply listed on company documents while operating from abroad.

The FCA specifically reviews: physical presence of key personnel in the UK, decision-making location (where material business decisions are made), management meetings location, and whether operational staff are genuinely UK-based. Nominee arrangements — where individuals are listed as management without genuine involvement — are rejected by the FCA and can lead to refusal or subsequent revocation.

Key Personnel Requirements

Role	Requirement
CEO	UK-based; operational control of the SPI from UK
MLRO	UK-resident; UK AML/KYC compliance expertise; genuine MLRO function
Directors	All meet FCA fit and proper criteria
Shareholders/controllers	All meet FCA fit and proper criteria
Other staff	Key operational staff genuinely UK-based

MLRO Requirements in Detail

The MLRO must have genuine expertise in UK AML/KYC compliance — not simply a title. The FCA assesses the MLRO's knowledge of UK-specific AML obligations under the Money Laundering Regulations 2017 (MLRs), the Proceeds of Crime Act 2002 (POCA), and FCA guidance on financial crime. Zitadelle AG assists with MLRO placement through our HRFinEase recruitment network for candidates who meet FCA's substantive requirements.

Full Compliance Requirements (2026)

AML/KYC Framework Requirements

•Full AML/CTF compliance programme aligned with UK Money Laundering Regulations 2017 (MLRs)
•Written AML/CTF policies and procedures covering all payment services
•Customer Due Diligence (CDD) and Enhanced Due Diligence (EDD) procedures
•Transaction monitoring systems and suspicious activity reporting (SAR) to the National Crime Agency (NCA)
•Sanctions screening — OFSI (UK Treasury) and UN sanctions list screening for all clients and transactions
•Annual AML/CTF risk assessment
•Staff training programme — documented AML/CTF training for all relevant staff

IT and Operational Compliance

•Secure and resilient IT systems for payment processing
•Business continuity and disaster recovery planning
•Fraud prevention and detection systems
•Data protection compliance — UK GDPR (post-Brexit data protection framework)
•Strong Customer Authentication (SCA) for applicable payment transactions — UK implementation of PSD2 SCA requirements

Safeguarding Requirements

For SPI registrations covering payment services where client funds are held — such as money remittance or merchant acquiring — the FCA requires safeguarding of client funds. This involves holding client funds in a designated safeguarding account at a UK credit institution, separate from the firm's own operational funds. The safeguarding obligation applies per-transaction from the moment funds are received.

Four-Stage Application Process

Zitadelle AG manages the SPI registration through four structured stages — from initial readiness assessment through FCA approval.

Suitability and Readiness Assessment

Zitadelle AG reviews the business plan, management structure, and operational setup. We assess whether the Mind and Management requirement is met, confirm CEO and MLRO qualifications against FCA standards, and identify any gaps requiring resolution before application submission. This stage prevents wasted application fees and FCA refusals.

Application Preparation

Compile the complete FCA SPI application package including all forms, policies, controller and individual forms, business plan, and AML/CTF compliance documentation.

FCA Submission

File the complete application via the FCA Connect portal. Pay the FCA application fee (sliding scale based on projected transaction volumes). The FCA will acknowledge receipt and assign a case officer. Zitadelle AG handles all FCA portal submissions and fee payments.

FCA Liaison and Registration

The FCA case officer reviews the application — typically requesting additional information, clarifications, or documentation. Zitadelle AG drafts all FCA correspondence responses, manages the case officer relationship, and tracks progress through the FCA's internal review process. Upon satisfactory review, the SPI registration is granted and the firm is listed on the FCA Register.

Stage 2 Application Documents

•Completed SPI application form (via FCA Connect portal)
•Safeguarding policy (for applicable payment services)
•Payment security policy — covering transaction security measures and incident management
•Transaction monitoring policy — describing monitoring procedures and thresholds
•Complaints handling policy — FCA-compliant complaints procedure
•Fraud prevention policy
•Controller forms for all shareholders holding 10%+ of shares
•Individual forms for all directors and the MLRO — personal declarations, criminal record disclosures, financial history, regulatory history
•Business plan and financial projections
•AML/CTF risk assessment and compliance programme

Timeline

Stage	Duration
Stage 1 — Readiness assessment	1–2 weeks
Stage 2 — Application preparation	4–8 weeks
Stage 3 — FCA submission	1 week
Stage 4 — FCA assessment and review	5–6 months
Total	6–7 months

UK SPI vs. Other UK Payment Authorizations

Feature	SPI	API (Authorised PI)	EMI Registration	EMI Authorization
Min. capital	None	£125,000+	£350,000	£350,000
Monthly transaction cap	€3M per service	None	None	None
E-money issuance	No	No	Yes (limited)	Yes
IBAN accounts	No	No	Yes (limited)	Yes
FCA Register listing	Yes	Yes	Yes	Yes
Timeline	6–7 months	9–18 months	9–12 months	12–18 months
Best for	Startup entry, testing market	Established, full-scale	E-money startups	Full e-money operations

Post-Brexit: UK SPI and EU Market Access

Post-Brexit, a UK FCA SPI registration provides no access to EU/EEA payment markets. This is one of the most important distinctions between UK SPI and EU EMI authorization.

•UK SPI authorizes payment services in the United Kingdom only — no EU passporting rights
•EU/EEA clients are technically accessible, but without EU passporting, marketing regulated payment services to EU retail clients raises compliance questions under EU national payment regulations
•UK SPI holders intending to serve EU clients should seek legal advice on their specific target markets' local payment regulations
•For genuine EU market access and 30-country EU passporting, a separate EU EMI (Bank of Lithuania or equivalent) is required
•Many global payment operators hold both a UK FCA authorization (SPI or API) and an EU EMI — covering both markets from their respective regulatory bases

The SPI-to-API Upgrade Pathway

The SPI is designed as a stepping stone, not a permanent regulatory home. As transaction volumes grow beyond €3M monthly per service, upgrade to API is required.

When monthly payment transaction volumes consistently approach or exceed €3M per payment service, the firm must apply to the FCA for full API authorization. The API application builds on the SPI's existing compliance infrastructure — the business plan, AML/CTF framework, and operational policies developed for the SPI registration form the foundation of the API application.

The API application requires additional elements not required at SPI stage — specifically, paid-up capital of £125,000 or higher depending on services, a safeguarding assessment relative to the larger transaction volumes, and a more detailed governance and business continuity framework.

Upgrade Advisory

Zitadelle AG plans the SPI-to-API upgrade pathway from the outset of SPI engagement. We structure the SPI compliance framework to be API-ready — minimizing the additional work required when volumes grow. This forward-looking approach prevents the common problem of building an SPI compliance framework that needs to be substantially rebuilt for the API application.

How Zitadelle AG Assists

UK readiness assessment — Mind and Management evaluation, CEO and MLRO qualification review
UK company incorporation (if required) — Companies House registration with appropriate payment services corporate purpose
CEO and MLRO placement — UK-resident payment professionals via HRFinEase
Full FCA SPI application preparation — all application forms, policies, individual and controller forms, business plan
FCA Connect portal submission — managing the complete FCA portal filing process
FCA case officer liaison — managing all FCA correspondence, information requests, and clarifications
AML/CTF compliance framework — UK-specific MLRs-aligned programme, SAR reporting, sanctions screening
Safeguarding account establishment — banking introductions for designated safeguarding accounts
Post-registration compliance support — FCA reporting, PSRs 2017 compliance maintenance
SPI-to-API upgrade planning and management — forward planning from the outset

Frequently Asked Questions

The FCA Small Payment Institution (SPI) registration allows companies to provide regulated payment services in the UK under the Payment Services Regulations 2017. It has no minimum capital requirement and a €3M monthly transaction cap per payment service — making it the most accessible FCA payment authorization for fintech startups entering the UK market.

Ready to Register as a UK SPI?

Zitadelle AG provides end-to-end support for FCA SPI registration — from Mind and Management readiness assessment through to FCA approval and post-registration compliance.