“Use it or lose it” is the FCA’s mantra around regulatory permissions. A Freedom of Information request from Financial News reveals that the FCA has written to 762 firms suspected of not carrying on regulated activities, that is to say not carrying on the activities for which “permissions” have been granted.

The permissions regime is core tenet of the UK’s regulatory regime. It is a sensible concept that, in theory, it leads to firms getting “permission” only for the activities that they carry out. Behind the FCA’s “Use it or lose it” campaign appears to be a rather unconvincing concern that  firms are holding permissions “purely to add credibility to their unregulated activities”.

The regulator is also concerned that where permissions lie dormant, the lack of experience in offering those services could present a risk to clients. But whilst “use it or lose” makes a lot of sense there are a number of scenarios that suggest that the FCA would be well advised to proceed with caution.

No firm in its right mind would elect for FCA authorization if it didn’t need to.

Gone are the days when firms got authorized because they wanted to. No firm in its right mind would elect for FCA authorization if it didn’t need to or, at the very least, if there wasn’t a reasonable prospect of its activities being deemed regulated activities. In many cases determining whether a particular activity requires authorization is relatively straightforward.

But as firms become more sophisticated, financial products become more innovative and questions around where (geographically) activities are deemed to be conducted become more complex, so too does establishing whether the activity requires authorization.

If a firm seeks a legal opinion as to whether to not a particular activity requires authorization, in our experience, nine times out of 10 the answer will be either “Yes” or “Probably”. “Yes” is no problem, “Probably” is harder to deal with. And since undertaking regulated activities without being authorized is a criminal offence it is not surprising that some firms will seek a precautionary authorization.

So there are grey areas between regulated activities and unregulated activities. There are also grey areas in relation to what individual permissions mean, and in some cases the permission will be subject to different interpretations depending on the relevant market. Further, the permissions regime does not cater for de minimus activities. Firms may well have permissions which are rarely used but if the intention is that they will be used, and that seems like a reasonable prospect, then firms should be allowed to keep them.

Giving firms a bit of wiggle room in relation to their permissions might actually go some way towards the regulator’s new competitive objective.

None of this is helped by the opaque window through which the FCA views a firm’s activities; its best evidence is, of course, the permissions that the firm has in the first place (but this doesn’t help if the object is to prove that certain permissions are not being used). As the FCA becomes more data led and seeks more and more information from the firms that it regulates it will be in a better position to understand a firm’s activities in more detail. If this fails it could resort to the more radical approach of having a conversation!

Whilst booting out firms that clearly have no need to be authorized makes sense, as does ensuring that firms don’t have permission that they are clearly never going to use, the FCA should avoid imposing too much of a straightjacket. Whilst I am not a fan of the regulator’s new competitive objectives, giving firms a bit of wiggle room in relation to their permissions might actually go some way towards this.