Regulatory business plan

This page sets out why a Regulatory business plan is important and our expectations for what should be included within it.

In this section

Key points

  • The RBP is the key document describing a firm’s business proposition including how their business model will achieve viability and sustainability.
  • The RBP should include details on the financial projections and route to profitability, and on the governance and risk management arrangements.
  • In addition, the RBP should also capture the customer journey, details on operational resilience, policies and procedures.
  • The RBP should be subject to independent review and challenge. It should be consistent with other documents (such as the ICAAP and ILAAP).
  • The RBP should consider conduct risk and the Consumer Duty requirements throughout the document.

RBP key document

An RBP is the key document describing a firms' business proposition

  • RBP's are essential to allow firms to articulate their business proposition to all stakeholders including their prospective investors
  • RBPs must be subject to the necessary internal governance including independent review and challenge
  • RBPs are also essential for us as they form an important part of our assessment of a new bank application
  • RBPs must be clear, consistent, concise and well thought out.

What is an RBP important?

The RBP is a key document describing a firm’s business proposition. It contains details on what the firm plans to do, how their prospective bank will be set up and how their business model will achieve viability in the short term and sustainability in the medium to longer term. In addition, the RBP explains the risks that their business model poses and how these will be mitigated.

RBPs are essential for firms. They help firms focus on how they want to direct their activities and organise their resources. RBPs should also demonstrate that all material risks inherent in the proposed business models have been identified, assessed and mitigated. RBPs are also useful for communicating the firm’s business plans to other stakeholders, such as their prospective investors.

The RBP is the core document that will support a firm’s pre-authorisation engagement with us and is one of the key documents required to be submitted as part of both our pre-application engagement and as part of a new bank application. Based on the information provided, we will assess whether or not a firm will meet (and is likely to continue to meet) the minimum requirements for a bank.

Overall, a clear, concise and well thought out RBP will give comfort to both us and the firm that they will have a safe and sound business that is well governed and controlled. We expect there to be one RBP which is used for all stakeholders (rather than separate documents provided to us compared to investors for example).

What should an RBP include?

Below we have set out some of the key points to be covered in an RBP. However, this is not an exhaustive list and will vary by firm. As such, it is up to the firms to ensure that their RBP provides a comprehensive and detailed picture of their business proposition and that they read as holistic documents.

Business model and financials Business strategy Details of products, delivery channels and target market
  Route to profitability Short-term viability and longer-term sustainability (competitive advantage, sources of funding, market research and how the bank will make money)
  Financial projections Forecast balance sheet and income statement) including notes or breakdown of key account items) as well as key performance indicators - growth targets, returns, capital and liquidity metrics. 
Culture, governance and risk management Funding Owners and controllers
  Corporate governance Structure, board, senior management and governance arrangements
  Risk management and control framework, including staffing
  Details of the firm's values and culture and how it will drive the right behaviours and reduce the potential for customer harm
Customer journey
 Products, pricing, delivery channels, complaint handling, on-boarding arrangements (including Anti-Money Laundering/Know Your Customer processes) and customer service and support
Conduct Risk Assessment and Consumer Duty
 Conduct risk assessment framework incorporating the firm’s developed systematic plan for carrying out conduct risk identification inherent to its business. Please see more detail on the Conduct Risk Assessment page. Bank’s approach to implementing the Consumer Duty requirements
Operational resilience
 Business continuity
 Business continuity and recovery options summarised
  IT IT infrastructure and systems and timescales for implementation and testing
  Outsourcing
 Details of key outsourcing arrangements
Policies, procedures and plans
 Scope of permission
 Details of the regulated activities you wish to undertake
  Operational and regulatory policies and procedures
  Mobilisation plan (if using this route)

What are the common challenges with RBPs?

Our review of the RBP is a key part of a firm’s assessment – both during our pre-application engagement and as part of our assessment of a new bank application. It is therefore important that they are well-considered. We encourage firms to consider how they will ensure that their RBPs sufficiently address the below points.

  • Independent review and challenge – This is important, as what makes sense to the author may not be clear to another reader. An independent review by someone other than the author (for example a board member) of the RBP will help to ensure the following:
  • Readability – The RPB is clear and easy to read, highlighting what core assumptions have been used and why these are considered to be realistic and appropriate;
  • Feedback – The RPB adequately addresses all feedback previously provided, both in terms of granular and overall holistic messages; and,
  • Practical length – The content and amount of detail in the RBP will depend on the scale and complexity of the business model and the risks that it poses, but we would emphasise quality over quantity, which minimises repetition and only contains what is needed.
  • The information within the RBP should be consistent within the document and with other documents as well – The RBP needs to be comprehensive, coherent, and consistent throughout, so that changes made to one part of the document are reflected elsewhere. It also needs to align with other relevant documents, (for example the capital and liquidity documents). Ensuring that the RBP has been subject to the necessary internal governance including independent review and challenge will significantly help with this.
  • Conduct risks and the Consumer Duty requirements need to be considered and reflected throughout the document – We recognise that a firm’s consideration of conduct risk and customer harm will evolve as the business grows, but it is important that the RBP provides evidence that conduct risk and customer outcomes have been considered from the outset and not just as an afterthought or as a standalone section.

Back to top

This page was last updated 13 March 2026