This is a much more conservative document than its consumer cousin. We shouldn't be surprised - authorisations is the core regulatory function that is most tightly defined by FSMA, with the emphasis on providing clarity and predictability to regulated firms and individuals. But there are some key areas for firms to focus on.

In reality, authorisations is far from a quiet backwater, and has been the focus of much of the key activity since the FCA's inception in 2013. Initially, the cause was the need to authorise consumer credit firms as they were moved across from OFT regulation, then last year was dominated by MiFiD II and PSD II authorisations. Now, looking ahead, 2018 will be consumed by Brexit and 2019 by SM&CR implementation. 

This part of the FCA - which deals with all the high volume regulatory transactions (not just authorising new firms and individuals) - has traditionally also been the area where many new approaches are trialled. And it is the focus of much system and process change, as the regulator seeks to upgrade its technology and become more efficient. 

So, while the Authorisations approach paper plays down some of the change the division is experiencing and instead emphasises more of its business as usual aspects, these shouldn't obscure the raft of difficult regulatory issues it will have to deal with over the coming years. Here are three to start with:

- Brexit: Barring a last minute deal with the EU on passporting (not much of a book on that one), the FCA (and the PRA) will soon need to start considering applications from EU firms to carry out regulated activities in the UK. They've both indicated their positive stance towards this, but they will still need to do it (and be seen to do it) properly. This will involve some difficult and sensitive risk appetite decisions. The basis on which they make these will need to be thoughtful, consistent and watertight.

- The process of implementing SM&CR will involve converting large numbers of current approved persons across to the new accountability regime. Much of this will be fairly straightforward in the first instance, but some of it won't be. And because the numbers involved are so much larger than for banks and insurers in 2015, it will present some hard choices. These are accentuated because the business models in other sectors will be less congruent with the new regime.

- The combination of Fintech the FCA's competition objective is creating new, idiosyncratic business models with (by definition) little or no track record. The FCA's Sandbox helps, but only with some of the issues and only on a small scale. There remains, for example, the question of handover when a firm is authorised and moves into Supervision. For the firm, this typically this involves a sharp drop-off in supervisory attention and assistance, while for the FCA there is a real challenge in understanding the performance of the firm's business model.

Navigating these and other challenges will stretch the FCA's authorisation approach over the next couple of years as it strives to become more efficient while ensuring its gateway role remains effective. 

For firms going through these gateways, the test will be to understand the motives and pressures behind the regulators' actions and, when necessary, to find ways of calming FCA concerns.