Since April 2019, accident management companies conducting regulated claims management activities must hold FCA authorisation. This guide covers the authorisation process, CMCOB requirements, and the ongoing compliance obligations AMCs must meet.
When the FCA took over regulation of claims management companies from the Ministry of Justice on 1 April 2019, it brought accident management companies within scope of a far more rigorous regulatory framework. AMCs that advise on, investigate, or represent clients in relation to personal injury claims, credit hire claims, or vehicle damage recovery are conducting regulated claims management activities and must be FCA-authorised to do so.
The transition caught many AMCs off guard. Firms that had operated under the lighter-touch Claims Management Regulator found themselves subject to the FCA's full supervisory toolkit: the CMCOB sourcebook, the Senior Managers and Certification Regime (SM&CR), detailed conduct of business rules, and the requirement to demonstrate ongoing fitness and propriety. Non-compliance carries serious consequences, including enforcement action, financial penalties, and cancellation of authorisation.
The challenge for AMCs is that FCA compliance is not a one-off hurdle at authorisation. It requires ongoing investment in governance, staff competence, record keeping, complaints handling, and management information. Many firms struggle to embed these requirements into daily operations, particularly smaller AMCs without dedicated compliance functions.
Effective FCA compliance for an AMC starts with understanding which of your activities are regulated and which rules apply. The CMCOB sourcebook sets out conduct of business rules specific to claims management companies, covering areas such as client agreements, fee disclosure, introductions and referrals, and complaints handling. These sit alongside the FCA's overarching Principles for Businesses and the Consumer Duty requirements that apply to all authorised firms.
A practical compliance framework maps each CMCOB requirement to your operational processes, assigns clear ownership, and creates monitoring mechanisms to verify ongoing adherence. This means documenting your client engagement process, ensuring fee transparency, maintaining proper records of all claims management activities, and operating a compliant complaints procedure.
By centralising compliance activities in a structured workflow, AMCs can move from reactive compliance — scrambling before FCA returns or supervisory visits — to proactive, embedded compliance that becomes part of how the business operates day to day.
Follow these steps to build a compliance framework that meets FCA expectations for claims management companies operating in accident management.
Map every activity your AMC performs against the FCA's definition of regulated claims management activities. This includes advising claimants on their rights, investigating claims on behalf of clients, referring claimants to solicitors, managing credit hire arrangements where you are acting on behalf of the claimant, and handling vehicle damage recovery claims. Activities that fall outside regulated scope — such as providing services purely to insurers as a supplier — may not require authorisation, but the boundaries require careful analysis.
Under the Senior Managers and Certification Regime, your AMC must have approved Senior Managers in key roles, including the SMF1 (Chief Executive) and SMF17 (Money Laundering Reporting Officer) where applicable. Each Senior Manager must have a clear Statement of Responsibilities. Certification staff — those who can cause significant harm to the firm or its customers — must be assessed as fit and proper annually. All staff must be trained on the Conduct Rules.
CMCOB 4 requires CMCs to provide clients with a written agreement before undertaking regulated claims management activity. This agreement must clearly set out the services to be provided, any fees or charges (including how they are calculated), the client's cancellation rights (including the 14-day cooling-off period), and how complaints can be made. For AMCs, this is particularly important where the client may not fully understand what services they are receiving versus what is being provided by third parties such as solicitors or credit hire organisations.
As an FCA-authorised firm, your AMC must comply with the Dispute Resolution: Complaints sourcebook (DISP). This means having a written complaints procedure, acknowledging complaints promptly, issuing final response letters within 8 weeks, and informing complainants of their right to refer to the Financial Ombudsman Service. You must also submit complaints data to the FCA as part of your regulatory returns.
The FCA expects CMCs to maintain comprehensive records of all regulated activities. For AMCs, this includes records of client instructions, advice given, referrals made, fees charged, communications with clients and third parties, and complaints. Records must be retained for a minimum of 5 years (or longer for certain categories). Implement a structured filing system — whether digital or physical — that allows you to retrieve any client record promptly if requested by the FCA.
FCA-authorised CMCs must submit annual regulatory returns, including financial information, complaints data, and information about their regulated activities. The RegData platform is used for submissions. Ensure you have processes to collect the required data throughout the year rather than scrambling at submission time. Late or inaccurate returns can result in administrative sanctions.
Establish a compliance monitoring programme that tests adherence to CMCOB requirements on an ongoing basis. This should include periodic file reviews (checking client agreements, fee disclosure, and record keeping), complaints trend analysis, staff competence assessments, and a review of any regulatory developments that affect your obligations. Report findings to senior management and address any issues identified promptly.
Since July 2023, the FCA's Consumer Duty applies to all authorised firms, including CMCs. For AMCs, this means demonstrating that your services deliver fair value, that communications are clear and not misleading, that customer support is accessible, and that you actively avoid causing foreseeable harm. Consumer Duty requirements sit on top of CMCOB — meeting CMCOB alone is not sufficient.
Many AMCs provide a mix of regulated and unregulated services. It is essential to clearly delineate which activities are performed under your FCA authorisation and which are not. Blurring the boundaries creates regulatory risk and can confuse clients about their protections and complaint rights.
The FCA expects all staff conducting regulated activities to be competent. This means initial training on CMCOB requirements, the Conduct Rules, and your firm's specific procedures, followed by ongoing competence assessment. Document all training and assessment records — the FCA will ask for them.
If your AMC refers clients to solicitors, credit hire organisations, or other service providers, these arrangements must comply with both CMCOB rules on introductions and the broader legal framework (including LASPO restrictions on PI referral fees). Maintain clear records of all referral arrangements and the basis on which they operate.
The FCA regularly publishes Dear CEO letters, portfolio letters, and thematic reviews relevant to CMCs. Monitor these communications and assess their implications for your AMC. Responding proactively to FCA priorities demonstrates good governance and reduces the risk of supervisory intervention.
Permissions match the scope of activities actually performed by the AMC.
Including clear fee disclosure, service description, cancellation rights, and complaints information.
Identify potential gaps in your accident management processes with our free self-assessment tool. Not a substitute for professional advice.
Try these related tools — no sign-up required.
The LASPO 2012 referral fee ban fundamentally changed how accident management companies can work with personal injury solicitors. This guide explains the legal boundaries, compliant referral models, FCA requirements, and data protection obligations for PI referrals.
accident managementThe Whiplash Injury Regulations 2021 fundamentally changed how low-value whiplash claims are handled. This guide explains what accident management companies need to know about the OIC portal, tariff-based compensation, mixed claims, and the impact on PI referral revenue.
accident managementIn accident management, the first notification of loss triggers a chain of parallel actions — credit hire deployment, repair booking, and personal injury referral assessment. Getting FNOL right determines whether your client is mobile within hours or stranded for days.
SwiftCase helps AMCs embed FCA compliance into daily operations with structured workflows for client agreements, complaints handling, record keeping, and regulatory returns.
