Shearman & Sterling | FinTech | Setting Up in the UK
This links to the home page

Setting Up in the UK

Shearman & Sterling’s FinTech Foundry team is committed to fostering the growth of global FinTech and supporting our clients and the wider FinTech ecosystem. With six offices in the UK and Europe, we have a deep understanding of cross-border regulation, fundraising, M&A and capital markets, making us an ideal partner to support the expansion of FinTechs every step of the way.

In this section, we highlight some of the key considerations for FinTechs when setting up operations in the UK, along with additional information on the UK FinTech market.

Key Considerations

Below are some key legal considerations for FinTechs that wish to scale their business to the UK. While this list is not exhaustive, and every factor may not be relevant to every business, the considerations below are intended to help direct your thinking and to focus your attention on potential issues that should be addressed.

UK FinTech Regulation

  • Depending on a FinTech firm’s activities, a FinTech firm may be subject to a regulation in the UK.
  • The key financial regulators in the UK are the Prudential Regulation Authority (prudential regulator of banks, building societies, credit unions, major investment firms and insurers), Financial Conduct Authority (conduct regulator of all firms and prudential regulator for smaller investment firms and insurers), the Payment Systems Regulator (regulates payment systems) and the Information Commissioner’s Office (data privacy regulator responsible for GDPR and other data privacy regulation administration and enforcement).
  • The UK is known for its open markets, taking a principled risk-based approach to regulation, and has been at the forefront of creating an environment for competition and innovation in FinTech. This includes developing FinTech solutions through the Financial Conduct Authority’s (FCA) Regulatory Sandbox, allowing firms to test new products and services in a controlled environment, and then leading the initiative to create a global sandbox, allowing users to run tests across geographies simultaneously.

UK Tax Law

  • How UK tax rules apply will depend on a variety of factors, including the type of entity used, means of capitalization and activities carried out. It is common to conduct business through a UK-incorporated company, but business can also be conducted through UK branches of non-UK companies.
  • The UK's corporation tax rate, at 19%, is one of the lowest rates of tax in the G20, and applies to the worldwide profits of UK incorporated companies or, in respect of non-UK companies, to the profits attributable to its UK branches.
  • The UK does not operate a group consolidation regime for corporation tax purposes but a similar result can be achieved through a group relief system permitting the transfer of losses between UK sub-group members.
  • The UK does not generally impose withholding tax on dividends paid by UK companies. The UK imposes withholding tax of 20% on interest and royalty payments; however, such withholding tax may be eliminated or reduced under domestic law or the UK's extensive double-tax treaty network, or no withholding may be imposed if paid to certain EU affiliates.
  • VAT, with a standard rate of 20%, is generally charged on supplies of goods and services, and credit for VAT incurred may be available. Certain goods and services, like supplies of financial services, may be exempt from VAT, but suppliers of such goods and services may be restricted in their ability to obtain credit for VAT incurred. UK members of the same corporate group may, by application to HM Revenue & Customs, be treated as a single entity for VAT purposes such that transactions between them do not give rise to a VAT charge.

Digital Banking and Nonbank Activities

  • FinTech firms that accept deposits in the UK are subject to UK regulatory requirements and regulatory oversight as a bank.
  • The Open Banking Implementation Entity creates software standards and industry guidelines for Open Banking.
  • The PRA is responsible for granting authorization for all UK banks. Once authorized, a UK bank is supervised by the PRA for prudential requirements and by the FCA for conduct requirements.
  • Where a FinTech firm partners with a UK regulated firm, depending on the involvement of the FinTech firm, the FinTech firm may need to obtain authorization too.
  • Regulatory authorization may be required if a FinTech firm engages in nonbank financial activities, like money transmission, credit broking or certain digital asset transactions.
  • Firms that engage in digital nonbank activities should be cognizant of whether additional UK laws or regulations apply, for example, the e-money regulations, consumer credit rules, rules relating to payment services, market abuse regulations and anti-money laundering requirements.

Digital Assets and Tokenization

  • Regulation of digital assets depends on the nature of the assets and the type of activity involved, with decisions as to the regulation that applies being made on a case-by-case basis.
  • Certain activities carried out in relation to digital assets that are within the UK regulatory perimeter will require a firm to be authorized and/or be subject to regulation, including:
    • Firms issuing or creating digital assets. Capital-raising activities generally are subject to FCA (UKLA) rules and regulations. Initial coin offerings and other token issuances may be considered securities. Rules relating to collective investment schemes may also be relevant;
    • Firms advising on or buying and selling digital assets;
    • Firms and platforms that facilitate transactions between participants;
    • Firms that provide secure storage for or that hold tokens; and
    • Firms marketing digital asset products and services.
  • Firms that engage in digital asset activities should be cognizant of whether additional UK laws or regulations apply, for example the e-money regulations, rules relating to payment services, market abuse regulations and anti-money laundering requirements.

Data Privacy

  • UK law currently reflects the EU GDPR, and this is likely to continue after the UK completes its exit from the EU.
  • There are seven principles that apply to all forms of processing personal data, which include being transparent, minimizing the collection of data and keeping data safe.
  • FinTech firms need to be able to demonstrate their data protection compliance, which requires an understanding of the issues and keeping records of decisions made.
  • The fines for non-compliance can be the greater of €20 million and 4% of worldwide turnover.
  • GDPR gives individuals significant rights to access personal data, have data rectified/erased and 'rights to be forgotten' and to receive compensation for damages suffered as a result of non-compliance.

IP Protection

  • IP in the UK is generally protected by a combination of patents, copyright, trademarks and confidentiality.
  • Copyright and confidentiality arise automatically, but patents and trademarks have to be applied for.
  • FinTech firms must enter into proper agreements with contractors, consultants, and other service providers to secure ownership of IP developed for them.
  • FinTech firms should keep records of their development of works, such as software and databases, as evidence of their ownership of the unregistered IP.

Regional UK FinTech Hubs

The UK is widely considered to be one of the leading countries in FinTech throughout the world. When scaling a FinTech to the UK, companies have the option of setting up operations within a number of different regions, each with their own distinct characteristics, strengths and talent pools. The map below provides a description and some defining traits of each of these regional FinTech hubs within the UK.
Interact Icon


Click on each location to learn more.


FCA FinTech Regulatory Sandbox

To learn more about the FCA Regulatory Sandbox and other FinTech Regulatory sandboxes throughout the world, we invite you to visit our Global FinTech Regulatory Sandbox Map. The map includes helpful information for each sandbox, including launch date, governing commission, law & regulations, the environment and eligible products.

In 2015, the Financial Conduct Authority launched its regulatory sandbox program, which is open to authorized firms, unauthorized firms that require authorization and technology businesses seeking to innovate within the UK financial services market. The sandbox provides firms with:
  • the ability to test products and services in a controlled environment;
  • reduced time-to-market at a potentially lower cost;
  • support in identifying appropriate consumer protection safeguards to build into new products and services; and
  • better access to finance.

Eligibility criteria include whether the product or service is intended for the UK financial services market, novelty of the product or service, consumer benefit, whether there is a genuine need to participate in the sandbox and readiness for testing. Sandbox participants are also required to have a significant UK presence (i.e., a certain level of staff presence or a head office located in the UK) and to secure any contractual agreements with third parties before testing, and may be required to have a UK bank account to be able to carry out testing.

For sandbox participants, the FCA may be able to offer the following:
  • Individual guidance on how certain of the FCA’s requirements apply in the context of the specific test;
  • Waivers or modifications to existing FCA rules for the purpose of the testing period, although national and international law still applies;
  • No enforcement action letters given that participants deal with the FCA openly, keep to the agreed testing parameters and treat customers fairly; or
  • Informal steers on potential regulatory implications of a new product or service.

Testing within the sandbox environment is intended for a limited duration, which has typically lasted between 3-6 months.

Contact to get in touch with a member of the FCA’s sandbox team

Glossary of Relevant Regulators & Government Organizations

There are a number of regulators and government organizations that play a direct role in supporting and upholding the integrity of the FinTech and financial services industries. FinTechs scaling their business to the UK may look to these regulators and organizations for guidance and may be required to register their business with one or more of these entities, depending on the company’s activities.

Bank of England

The Bank of England is the central bank of the UK. The Bank of England is responsible for setting monetary policy, maintaining and testing financial stability and supervising payment and settlement systems, CCPs and CSDs. Further, its role is to understand how FinTech development may affect financial stability and to apply FinTech to the central bank’s capabilities. The Bank of England supports FinTechs through its FinTech Hub, which serves as the main point of contact for FinTechs at the Bank of England.

Competition and Markets Authority (CMA)

The Competition and Markets Authority is the UK’s competition regulator, seeking to promote competition for the benefit of consumers, both within and outside of the UK. The CMA is responsible for investigating mergers and acquisitions, protecting consumers from unfair trading practices, investigating markets and taking action against business and individuals that take part in cartels or anti-competitive behavior, among other things.

Department for International Trade (DIT)

The Department for International Trade helps secure UK and global prosperity by promoting and financing international trade and investment, and championing free trade. They are an international economic department, responsible for bringing together policy, promotion and financial expertise to break down barriers to trade and investment and helping businesses succeed. Moreover, DIT promote British trade and investment across the world (including FinTech), whilst working with the industry to foster conditions for growth across the domestic ecosystem and support international expansion initiatives.

Financial Conduct Authority (FCA)

The Financial Conduct Authority is UK’s principal financial services regulator, responsible for maintaining the stability of the UK’s financial markets and the conduct of its financial services firms. The FCA oversees minimum standards for financial services products, such as pensions, credit cards, ISAs and investments and performs a supervisory role with banks and other payments institutions. The FCA also manages its Regulatory Sandbox program, provides tailored regulatory support for innovative FinTech firms and gives feedback to firms developing automated advice and guidance models.

HM Revenue & Customs (HMRC)

HM Revenue & Customs is the UK’s tax, payments and customs authority, responsible for collecting funds that pay for the UK’s public services and helping families and individuals with targeted financial support.

HM Treasury

HM Treasury is the UK government’s economic and finance ministry, maintaining control over public spending, setting the direction of the UK’s economic policy and working to achieve strong and sustainable economic growth. HM Treasury works closely with other government organizations, regulators and industry bodies to champion FinTech within the UK and leads on the country’s FinTech Sector Strategy, aimed at preserving the UK’s position as a global FinTech hub.

Information Commissioner’s Office (ICO)

The Information Commissioner’s Office is an executive non-departmental government body responsible for upholding information rights in the public interest, promoting openness by public bodies and data privacy for individuals. The ICO is responsible for enforcing the data protection legislation in the UK, including the General Data Protection Regulation (GDPR) and Data Protection Act 2018.

Open Banking Implementation Entity (OBIE)

The Open Banking Implementation Entity was created by the UK’s Competition and Markets Authority and the UK’s nine largest banks to create software standards and industry guidelines to foster competition and innovation in UK retail banking. The OBIE works with financial institutions, FinTechs and technology providers to design industry specifications and standards related to the implementation of Open Banking within the UK.

Payments Systems Regulator (PSR)

The Payments Systems Regulator is a subsidiary of the FCA and is responsible for ensuring that payments systems operating effectively within the UK. The PSR sets payments systems standards and imposes requirements regarding system rules and frequently collaborates with market participants and industry bodies to shape its policymaking.

Prudential Regulation Authority (PRA)

An arm of the Bank of England, the Prudential Regulation Authority is responsible for the prudential regulation of banks, building societies, credit unions, insurers and major investment firms. The PRA supervises these firms through a rounded, robust and comprehensive view of their activities and risk profile to determine whether they are being operated in a safe and sound manner.

Glossary of UK FinTech Industry Bodies

One of the strengths of UK FinTech is the industry bodies underpinning the ecosystem. These industry bodies play a direct role supporting FinTech within the UK (or a respective region within the country), and often seek to fulfill their mission through industry events and education, collaboration with government and regulators and partnerships with financial institutions and other financial services firms.

Innovate Finance

The Innovate Finance’s primary aim is to accelerate the UK’s leading position in the global FinTech sector - they serve as a single-access point to the FinTech ecosystem, and through their own innovation and partnership programs, they strive to connect their members to customers, investors, policymakers, educators, talent and key commercial partners - all those operating within the FinTech sector.

FinTech Scotland

FinTech Scotland was founded in January 2018 as a joint initiative by Lloyds Banking Group, HSBC, University of Edinburgh, Scottish Government and Scottish Enterprise. The organisation is now supported by a broad range of global financial services, technology and professional services firms, as well as University of Edinburgh and University of Strathclyde, the Financial Conduct Authority, Scottish Government and Scottish Enterprise. FinTech Scotland is an independent body and in January 2020 was formally recognized for the development for the FinTech cluster in Scotland.

FinTech North

FinTech North is an events initiative championing FinTech in the Northern Powerhouse. They aim to generate collaboration and knowledge share by building a FinTech community across the Northern Powerhouse, enhance reputation of the Northern Powerhouse as a FinTech region and generate tangible economic benefit for the region and the cities within it.

FinTech Wales

FinTech Wales is a not-for-profit organization set up by HM Treasury’s FinTech Envoy for Wales and the Welsh government that aims to make Welsh FinTech a pillar of the global economy - nurturing talent while connecting and enabling the sector’s ecosystem.

FinTech West

FinTech West is the place for disruptive startups, dynamic scale-ups and established enterprises in Bristol. They share ideas, what’s working (and what isn’t) and how they can shape the future of our industry.

FinTech NI

FinTech NI is an industry association and the independent voice of FinTech in Northern Ireland. They aim to champion and empower participants in the local FinTech ecosystem to be successful on a global stage.

FinTech Alliance

FinTech Alliance is a multifaceted digital engagement platform that brings the global FinTech ecosystem together to explore, engage and do business. They are a community-driven platform for the whole FinTech industry, where all the profits are reinvested back into the FinTech sector, providing a fully inclusive environment to support FinTech growth and empower UK business with comprehensive information, services and intelligence.