Skip to main content

Written by Catherine Ruberry
Regulatory Policy and Development Manager

Written by Matt Raver
Managing Director

Congratulations, you’re in! Your firm leaped over Becher’s Brook and is now safely ensconced in the Winner’s Enclosure.

Yes, you’re authorised and regulated by the Financial Conduct Authority. You’re raring to go, with just a little trepidation as to how your business model will actually work, and your best-laid financial plans come to fruition. How will the first six months turn out?

Keeping tabs on newly authorised firms is a key challenge for the FCA. With some 60,000 firms to supervise, your firm would likely be a small needle in a very big haystack.

Until recently, your firm would probably escape supervisory attention, unless caught up in a thematic review, or something untoward happened.

However, the FCA recognises that enhanced supervisory attention in the initial stages of authorisation is a good thing and it has therefore introduced its “Early and High Growth Oversight” scheme.

Piloted in April 2022, the scheme assists firms meet the regulatory challenges they face in the early years after becoming authorised. Having seen many firms, especially those experiencing rapid growth, struggle after authorisation, the initiative was designed to offer enhanced supervision of firms’ activities, to help them navigate the regulated sphere and understand, as they grow, what is required for them.

It also allows the FCA to keep an eye on businesses transitioning into fully functional regulated entities, with the aim of avoiding harm that often accompanies “overreach” – firms growing more rapidly than their systems and controls can handle – or, where harm may arise in a very short time.

The FCA takes seriously its responsibility to guide and mentor firms in their first few months; especially those with potential to grow rapidly. So, if you are a such a firm, you may at some point find a couple of questionnaires in your in-box.

The Firm Summary Report, “EHGO” (Early and High Growth Oversight) poses a series of questions on a firm’s activities since it became FCA authorised and focusses on post authorisation changes to the firm’s activities. It also seeks to identify deviations from representations made during the FCA application process including with respect to the firm’s business model, utilisation of regulatory permissions, senior personnel and financial information.

The “Regular Data Request” (“RDR”) form is not linked to the FCA application process, and covers topics such as revenue, regulatory capital, client money and financial crime. There are also sector-specific questions including for the investment management and ‘alternatives’ sectors.

The FCA has indicated that firms in the Early and High Growth Programme are likely to receive further requests for specific documentation.

So, it would be prudent to ensure, from day one, that all essential policies and procedures are present and correct. To this end, a consultant like RQC Group, with deep knowledge of industry best practice, can be an invaluable resource. Indeed, Q18 of the Firm Summary Report specifically enquires whether the firm receives an independent audit of its systems and controls.

These forms, especially the Firm Summary Report, reflect a number of the common themes identified by the FCA in the Early Oversight programme. Highlighted themes include:

Regulatory permissions

The FCA found some firms held permissions they didn’t use or shouldn’t have applied for. It checked that firms held and fully used the correct regulatory permissions. When challenged by the FCA, two firms cancelled their permissions once they understood the regulatory requirements.

In our experience, firms sometimes face challenges where two permissions are relatively similar, for example ‘Managing an AIF’ (when managing and operating an alternative investment fund) and ‘Managing investments’ (when managing a segregated mandate).

Financial projections

Firms typically submit financial models to the FCA before receiving their permissions but after they start to trade, and at times find that revenues are not as projected. The FCA has worked with firms to understand how they were performing and tailor their plans appropriately.

The financial model forms the basis for a firm’s initial regulatory capital amounts and compositions. Sometimes, changes to the model require a regulatory capital adjustment (such as injecting additional capital) to avoid breaching the capital requirements.

Business model changes

Firms often change their business models in the first years of trading. This affects the permissions they require. The FCA has helped firms to understand the regulatory requirements applying to their business, and the permissions for which they should apply.

In our experience, the FCA is particularly unimpressed where a business seeks authorisation as a simple operation, but later attempts to shoehorn in a host of regulated personnel or functions not anticipated in the original plan. Growth should appear organic, and consistent with the application submitted.

Financial promotions and marketing

Helping firms better understand the requirements (they have since provided webinar training to at least 500 participants).

Regulatory reporting

Answering firms’ questions and supporting them, which has resulted in more timely and better quality submissions.

Based on their findings from the pilot firms, the FCA has also provided some insights to help firms seeking authorisation, notably:

  • making sure that you have read relevant information and guidance (such as ”Portfolio Letters” – sector specific communications from the FCA);
  • registering for access to, and familiarising yourself with, the FCA’s online systems at an early stage; and
  • ensuring your engagement with the Regulator remains open and transparent.

So, should your firm be selected for the FCA’s Early and High Growth Oversight scheme – embrace it!

At RQC Group we have extensive experience of engaging with the FCA and can assist you at every stage of your journey. A newly authorised and high growth firm does face unique regulatory challenges, but with the right advice you can start as you mean to go on, build operational resilience and set the best possible foundation for its future success.

Appendix – content of the Early and High Growth Oversight (“EHGO”) and Regular Data Request (“RDR”) Forms

1 Has the firm’s business model changed since authorisation?


Is the firm using all regulated permissions granted to it?

If not, when are they likely to be used?

Reasons for delay, or non-usage?




Changes in personnel:

Partners and Directors

Introducers, Agents, or Appointed Representatives

7-8 Unregulated business: any deviance from business plan projections, revenue, over last 3 months?

Unregulated activities: any post-authorisation change?

9-12 Key questions: firm’s actual net profit, revenues and cash balances, compared to predicted levels, with explanation for deviations
9 Actual net profit, compared to predicted net profit
10 Actual revenues, compared to predicted revenues


Cash balances – compared to predictions

Explanation for difference in cash balance, from prediction

13-16 Client Assets Sourcebook (CASS) rules or safeguarding under Payment Services Regulations or Electronic Money Regulations 2017
17a, b Operational risk events, and type of risk

internal fraud,

external fraud;

employment practice and workplace safety;

clients, products and business procedures;

damage to physical assets;

business disruption;

execution, delivery and process management;


18 Do any external parties perform independent reviews/audits of your firm’s systems and controls?
19 Critical risks the business is currently facing

(mirrors ICARA’s themes; but “critical risks” wording used in place of “harms”)

20 (Sector-specific) – have you reviewed, taken steps to mitigate, risks in the “Dear CEO”/portfolio letter applicable to your firm?
21 Maintaining financial and non-financial resources needed to support an orderly wind-down?
22 Technology and Cyber Resilience – how many notifiable incidents in last 3 months (PRIN 11 and SUP 15.3)?
23 -24 Self-certification or IT Controls – any change, post authorisation?
25 Whistleblowing – process in place for staff to speak up, or to raise concerns?
26-28 Management information –

Relevant MI to manage risks associated with treating customers fairly/ good market conduct?

How often do senior management review the MI?

Any significant changes to business operations as a result?

29-31 How many complaints since authorisation?

What percentage resolved in customer’s favour?

How much redress paid out? (£GBP)

32-36 Financial crime:

Any material issues since authorisation?

Up-to-date AML Business-wide Risk Assessment?

– how often reviewed?

Suspicious activity reports: amount in £GBP for

internal fraud,

external fraud,

money laundering,

terrorist financing,


Any failed financial crime audit/assurance reports in past 12 months?

37 Vulnerable customers – what percentage?
38-39 Financial promotions issued – compliant with requirements?

Financial promotions approved – compliant with requirements?

RDR Form:

1-4 Revenue

Total income from regulated activities over reporting period

How regulated income has been generated (by product and services)

Other revenue (non-regulated activities)

Details of where non-regulated income has been generated

1-4 Regulatory Capital

Total capital resources requirement

Capital resources

Capital resources excess/deficit

What the capital is made up of



Client Money section

Client Money and Asset Return

1-4 Safeguarding section
1-12a Financial Crime section
1-2a Consumer Credit data: Lenders
1, 1a Consumer Credit data: Debt collection
1 Financial advisers and mortgage intermediaries
1-11 Information on Peer-to-Peer agreements
1-5 Investment and Wealth Management Firms
1-9 Alternatives
1-9 Contract for Difference
1-5 Insurance Intermediaries

Click for more on our FCA Authorisation services.


All courses are accessible on our bespoke web or app platforms immediately upon purchase.



All courses are delivered through fully-automated, interactive online visual solutions.



Courses cost from as little as £20 per Learner per Course, or £6 per Learner on Subscription.



A certificate is issued on successful completion of all courses for compliance-filing and all UK courses are CPD-certified.



All courses include regular ‘Check Your Knowledge’ sections throughout and an end-of-course Quiz.



Courses take from 30 to 90 minutes to complete and can be viewed and completed in multiple sittings.


Purchasing, Onboarding & Volume Discounts

You can purchase any combination of our broad range of e-Learning courses and onboard multiple users in your Firm, in just four quick and easy online steps:

  1. Select the courses and add them to your Basket
  2. Checkout and purchase your course(s)
  3. Sign In and Register your relevant employees/Users
  4. Allocate all your registered employees/Users to their course(s)

We’ll help you connect the dots with clear prompts and assistance throughout this quick and easy four-step process, which includes applying automated Volume Discounts depending on the number of courses you purchase, as follows:

Number of courses Volume Discount
10 – 24 Courses 2.5% Discount
25 – 49 Courses 5% Discount
50 – 99 Courses 7.5% Discount
100 – 149 Courses 10% Discount
150 – 199 Courses 12.5% Discount
200 – 249 Courses 15% Discount
250 – 299 Courses 17.5% Discount
>300 Courses 20% Discount

You will receive an enrolment email for each Course you sign Users up to.

Once registered and enrolled onto their course(s), your employees/Users will each receive a welcome email inclusive of their login credentials/instructions together with a separate enrolment confirmation for each of their courses.

All Clients have access to a centralised User Dashboard with Live Reporting on the progress of all your enrolled employees/Users and from where you can download all your employees/Users Course Certificates once they have successfully completed their courses. This is clearly explained in our Power User Guide, downloadable from your Account.