Does a FCA firm need an audit?

9 Jan 2024


If your company is regulated by the Financial Conduct Authority (FCA) and you’re figuring out if you need a statutory audit, there are important considerations to keep in mind.

Our key points below can also be useful for those who have recently changed FCA permissions or classifications. As this is a highly complex legal and regulatory area, we’d recommend that you seek specialist compliance advice in the first instance, in order to better understand your registration.

Do all UK companies need an audit?

Under UK law, as a starting point, all UK companies and limited liability partnerships (LLPs) require a statutory audit, unless an exemption is available based on specific criteria. The main factors that impact the ability of entities to claim exemptions are the size of the entity and the type of activity it carries out.

Please note that we have not considered the effects of being a member of a group as part of this article. If your entity is a parent or a subsidiary, there are additional factors to consider. Please get in touch with us if this is the case, and we can assist you further.

Size of your company

Section 477 of the Companies Act 2006 (CA2006) grants small companies an exemption from statutory audit.

A company may be small if it achieves any two of the following thresholds for two consecutive reporting periods:

  • Turnover: £10.2 million or below (pro-rated for periods longer or shorter than 12 months),
  • Total assets: £5.1 million or below, and/or
  • Average number of employees in the period: 50 or fewer.

Type of activities

However, many FCA regulated companies are excluded from qualifying as small companies and are not exempt from statutory audit, even if they meet the small size criteria above. Essentially, this is the case if your company is:

  • An authorised insurance company,
  • A banking company,
  • An e-money issuer,
  • A Markets in Financial Instruments Directive (MiFID) investment firm,
  • An Undertakings for the Collective Investment in Transferable Securities (UCITS) management company, or
  • A pension scheme, under certain conditions.

Many of these types of company carry out regulated activities. These are defined by the FCA handbook and are extensive. Some examples of the most common activities include, but are not limited to:

  • Dealing in (whether as principal or agent), arranging, managing, safeguarding and administering, or advising on investments,
  • Establishing, managing, operating, or winding up a UK UCITS, Authorised Investment Funds (AIF), or collective investment scheme,
  • Accepting deposits, issuing electronic money, advising on or entering into regulated mortgage contracts, credit broking, and entering into regulated credit agreements as lender, and other functions typical of banking, credit, or insurance institutions, and
  • Debt adjusting, counselling, collecting, or administration.

If you’re in doubt as to whether your activity falls under this category, we’d recommend that you contact your compliance consultant and seek legal advice.

MiFID investment firms

Whether your company falls under this category is a very complex area that requires careful consideration. Generally speaking, these are investment firms within the meaning of Article 2.1A of Regulation (EU) No 600/2014, other than:

  • A company which is exempt from the definition of an investment firm by Schedule 3 to the Financial Services and Markets Act 2000,
  • A company which is an exempt investment firm as defined by regulation 8 of the Financial Services and Markets Act 2000 Regulations 2017, and
  • Any other company which fulfils all the requirements set out in regulation 6(3) of those regulations.

What to do if your entity is not exempt from audit

UK company directors, and LLP designated members, are required to comply with a broad range of duties and responsibilities. If your company requires a statutory audit, these duties include appointing a UK statutory auditor and ensuring the financial statements are appropriately filed with the FCA, Companies House, and HM Revenue & Customs (HMRC) correctly and on time.

Penalties for failing to comply with these range from fines and loss of FCA permissions, to criminal proceedings taken against the directors or members personally.

Other considerations

It’s worth noting that even if your company doesn’t require a statutory audit under the CA2006 above, it may still need a Client Money and Custody Asset (CASS) audit, depending on its activities, even if it doesn’t have permission to hold client money.

Also, if your company or LLP has changed its FCA permissions, then there may have been a change in whether or not a statutory audit is required. However, if an audit was required in previous years due to being excluded from the small companies regime, then your company would have been classified as medium or large historically. You would therefore need to qualify as small for two consecutive years to take advantage of this exemption from a statutory audit.

How we can help

If you believe your firm requires an audit, it’s important to take action early, as the reporting deadline to the FCA is usually only 80 business days from your financial year end. We have extensive experience in auditing FCA regulated entities, please get in touch with Tom Alun-Jones if you need help in getting started.

This article is based on law and information available at 18 December 2023, is intended for information purposes only, and shouldn’t be taken as legal advice.

Contact Us

Tom Alun-Jones
Director, London

Key experience

Tom advises a range of commercial clients including owner-managed and international businesses across multiple sectors.