How to get a banking licence

…that’s my job - with an awful lot of help from the team. Here’s the magic ingredients:

  1. Have a vision :mondo:
  2. Assemble diverse and skilled team :space_invader::girl::man::princess::man_with_turban:
  3. Read :eyeglasses: all the banking rules and regulations (if you didn’t know them all ready)
  4. Raise funds :moneybag:
  5. Talk with regulators
  6. Submit banking licence application to regulators (that’s where we are now - taken 9 months to do that…:hourglass_flowing_sand:)
  7. Talk with regulators some more complete lots of forms and documents :computer:
  8. Build and launch :rocket: the bank :tada::mondo: (will be another 10-14 months :alarm_clock:)
  9. Happy customers :grinning::confetti_ball:

:tada:Amazing use of emoji Paul, most impressive :open_mouth:

Are you guys able/allowed to share any of the things you’ve had to submit, even with some of the data redacted?

1 Like

Hmmm interesting question. Let us ponder this for a little while. I can certainly think of large swathes that we should be able to share.


Chicken and egg question - but are there any areas / aspects that interest you the most? If you don’t know I could start with a few topic areas in this forum and share a little about each. Thoughts please?!

I’m interested in what are they main things you have to “prove” to the regulators in order to get a license … for example, what do they want to know (if anything) about your technology, security risks, how you are not just going to take people’s money & run? If you point me to the application form outline I can tell you what else might sound interesting.

I guess there’s also a wider awareness piece to be written about what it actually means to be a bank. I’m sure most people don’t realise that you don’t actually “deposit” money to a bank, you “lend” it to them and they promise to give it back to you when you need it … which is why the FSCS exists as an insurance in case your bank “loses” your money :money_with_wings:

Hmm and notes and coins :moneybag: represent a fraction of the money supply so the concept of “depositing” money becomes even more obscure.

The 40 page application form :cold_sweat: and supporting notes can be found here: (the top 2 documents in the list) although the application form itself is just a very small part of the overall process. To give you some idea we have had a variety of meetings, phone calls and our licence application process is backed up by around a thousand pages of ‘content’. For example, our capital plan (called the ICAAP) runs to about 130 pages long.

And just a few words on the ‘regulators’ of which there are two (formed on 1 April 2013) as successors to the FSA (Financial Services Authority), they are the PRA (Prudential Regulation Authority) and the the FCA (Financial Conduct Authority) this is called the ‘twin peaks’ approach to regulation and plays out in the banking application process with us (hopefully) being authorised by the PRA and jointly regulated by both the PRA and FCA.

I’ll let you have a flick through the application form :eyeglasses: to see what aspects you find of interest :microscope: and/or we might just move this discussion on by covering the broad elements that we are sharing and explaining with the regulators.

1 Like

I thought this would be interesting to share. It’s from the PRA and it is probably the most concise summary of how they assess our banking application. What I’ll do is open out each point a little to explain how we have gone about addressing the criteria with Mondo. If this is of use/interest?!


From a geeky perspective I’m curious to see what you have to prove around IT, given that you’re building your own core banking system rather than buying an off-the-shelf product. I had a quick look at the IT questionnaire, and it looks like they’re also want to know about your project management & development methodologies, which should be interesting since I guess you’re trying to be more flexible and agile than any other bank has ever been.

/cc @jonas :computer:

1 Like

Good question @futureshape. I wish we knew the answer! I’ll try my best to give some insight, but to be honest, at this stage of the application process the IT is not the focus of the regulators.

So far we’ve written our development practices down as policies on a high level. For example “All code is kept in version control and a full audit log of changes is maintained”, “Code can not be promoted without an auditable code review by another person”. As we progress with the application process and IT build we will have to go into more detail.

Before we are granted a license we will conduct a full external IT audit. I suspect that the regulator will rely on that report in their assessment.


Is there also PCI DSS compliance on the horizon?

On 20 January 2016 the PRA and FCA (the regulators) launched a New Bank Unit together with new website (much more usable!). For the avoidance of doubt we’re in the purple box, the 3rd of 5 stages called ‘application’


Yes, very much :slight_smile: I had to add some stuff to this post because posts must be at least 20 characters long…

1 Like

When we applied for our credit license, we also completed an “IT Questionnaire.” A lot of the focus was on the redundancy/resiliency of our production systems, rather than on methodology. There’s a requirement for a separation of operations and engineering, which makes a devops approach challenging (but not impossible). We also had to demonstrate that our product design process treated our customers fairly and that we had proper quality controls to safeguard the quality of our products. Largely this meant documenting what we were already doing (scrum, TDD, BDD) rather than changing our approach.

Thanks for sharing that information Ben and it all sounds very familiar!

1 Like

Hi Mondo,

Any update on the banking licence? Any way we can get the BofE to hurry up? Online petition or something… Carney mentioned there was no contingency planning taking place for a #brexit so I hardly believe they are particularly busy at the moment!

I note above it says 9 or so months to build the bank as one of the stages after getting the licence, is that still the case or is the alpha/ beta that you are conducting effectively eradicating that planned time i.e. A go live almost imminently after you get your licence is a possibility?

Hi @jamesbrierley, thanks for checking in! We are hopeful that we will receive our authorisation with restrictions (AWR) in the next 3-6 months. That’s when the mobilisation phase starts. Some of the critical IT functions can only be built during that time. In particular the connectivity with FPS and BACS payments schemes and the current account switching service are blocked by AWR. It’s a lot of work :slight_smile:

To give you a rough estimate, I’d be very happy if we got the full licence by the end of the year!


I assume it’s one of those situations where you don’t even get to see the technical documentation until you’ve got your PRA number?

We had that with MyLicence - couldn’t even get any docs until our FCA number came through :frowning:

Fascinating read so far. Is there any more info that can be shared on the process?

Hi Chris, we will try and share as much as we can! Are there any bits that especially interest you or that you’d like to hear more about?