Fintech engineering · onboarding pipeline
Verify FCA authorisation during fintech onboarding
The problem
When a fintech onboards a new partner (an introducer, an AR, a referral source), someone has to verify the partner is FCA-authorised for the activity. The manual workflow is brittle: paste the FRN into FCA Connect, screenshot, hope the screenshot still matches reality six months later when audit asks. Lapsed permissions are the silent failure mode.
How Stratum fits
The FCA Verification API drops into your onboarding pipeline as a single request. Pass the firm's FRN, get back authorised status + permissions + key individuals + the FCA list version timestamp. Pair the response with your CRM or onboarding-CRM (Persona, Alloy, etc) so the audit trail sits next to the rest of the partner record. Webhooks for permission changes are on the roadmap; until then, the SM&CR Directory cross-link catches removed individuals.
One request
# Request
curl https://api.stratumapis.com/v1/fca/firms/202000 -H "x-stratum-key: $KEY"
# Response
{ "firmReferenceNumber": "202000", "name": "Example Fintech Ltd", "status": "Authorised", "permissions": ["Arranging deals in investments"], "listVersion": "2026-05-05" }Set $KEY from your dashboard.
Frequently asked
How do I match a partner without an FRN?
Pass `?name=` to the search endpoint. We return ranked candidates with confidence scores for human review.
Do you support webhooks on permission changes?
Roadmap. Today: poll `/v1/fca/firms/{frn}` daily and diff `permissions[]`. The Stratum snapshot table powers this internally.
Is this MiFID-II appropriate?
We surface the data the FCA Register publishes. MiFID-II checks (suitability, appropriateness) layer on top — they're your platform's call.