diff --git a/api/app/Http/Controllers/Api/V1/FormBuilder/FormSubmissionController.php b/api/app/Http/Controllers/Api/V1/FormBuilder/FormSubmissionController.php
index 9df62aca..4fb8f1c2 100644
--- a/api/app/Http/Controllers/Api/V1/FormBuilder/FormSubmissionController.php
+++ b/api/app/Http/Controllers/Api/V1/FormBuilder/FormSubmissionController.php
@@ -14,6 +14,7 @@ use App\Models\FormBuilder\FormSubmission;
 use App\Models\Organisation;
 use App\Services\FormBuilder\FormSubmissionService;
 use Illuminate\Database\Eloquent\Model;
+use Illuminate\Database\Eloquent\Relations\Relation;
 use Illuminate\Http\JsonResponse;
 use Illuminate\Http\Resources\Json\AnonymousResourceCollection;
 use Illuminate\Support\Facades\Gate;
@@ -103,9 +104,8 @@ final class FormSubmissionController extends Controller
         if ($type === '' || $id === '') {
             return null;
         }
-        $map = (array) config('form_subjects');
-        $class = $map[$type]['model'] ?? null;
-        if ($class === null) {
+        $class = Relation::getMorphedModel($type);
+        if ($class === null || ! class_exists($class)) {
             return null;
         }
 
diff --git a/api/app/Http/Requests/Api/V1/FormBuilder/CreateFormSubmissionRequest.php b/api/app/Http/Requests/Api/V1/FormBuilder/CreateFormSubmissionRequest.php
index 99cbb55a..0145a537 100644
--- a/api/app/Http/Requests/Api/V1/FormBuilder/CreateFormSubmissionRequest.php
+++ b/api/app/Http/Requests/Api/V1/FormBuilder/CreateFormSubmissionRequest.php
@@ -4,11 +4,18 @@ declare(strict_types=1);
 
 namespace App\Http\Requests\Api\V1\FormBuilder;
 
+use App\FormBuilder\Purposes\PurposeRegistry;
 use Illuminate\Foundation\Http\FormRequest;
 use Illuminate\Validation\Rule;
 
 final class CreateFormSubmissionRequest extends FormRequest
 {
+    public function __construct(
+        private readonly PurposeRegistry $purposeRegistry,
+    ) {
+        parent::__construct();
+    }
+
     public function authorize(): bool
     {
         return true;
@@ -19,10 +26,8 @@ final class CreateFormSubmissionRequest extends FormRequest
      */
     public function rules(): array
     {
-        $allowedSubjects = array_keys((array) config('form_subjects', []));
-
         return [
-            'subject_type' => ['nullable', Rule::in($allowedSubjects)],
+            'subject_type' => ['nullable', Rule::in($this->purposeRegistry->allSubjectTypes())],
             'subject_id' => ['nullable', 'string', 'max:30', 'required_with:subject_type'],
             'idempotency_key' => ['nullable', 'string', 'max:30'],
             'is_test' => ['boolean'],
diff --git a/api/app/Services/FormBuilder/FormValueService.php b/api/app/Services/FormBuilder/FormValueService.php
index b34de01b..ba5c66c3 100644
--- a/api/app/Services/FormBuilder/FormValueService.php
+++ b/api/app/Services/FormBuilder/FormValueService.php
@@ -340,9 +340,8 @@ final class FormValueService
         }
 
         if ($subjectType === $entity) {
-            $map = config('form_subjects');
-            $model = $map[$entity]['model'] ?? null;
-            if ($model === null) {
+            $model = \Illuminate\Database\Eloquent\Relations\Relation::getMorphedModel($entity);
+            if ($model === null || ! class_exists($model)) {
                 return null;
             }
 
diff --git a/api/config/form_subjects.php b/api/config/form_subjects.php
deleted file mode 100644
index 0f00fb24..00000000
--- a/api/config/form_subjects.php
+++ /dev/null
@@ -1,52 +0,0 @@
-<?php
-
-declare(strict_types=1);
-
-/*
-|--------------------------------------------------------------------------
-| Subject Type Registry
-|--------------------------------------------------------------------------
-|
-| Authoritative list of subject_type values permitted on form_submissions.
-| Must match morph-map keys registered in AppServiceProvider.
-|
-| 'permission_check' format: '<PolicyClass>@<method>' — invoked to authorise
-| access to a submission for this subject. Omit when policy doesn't exist yet.
-|
-*/
-
-return [
-
-    'person' => [
-        'model' => \App\Models\Person::class,
-        'display_attribute' => 'name',
-        'permission_check' => \App\Policies\PersonPolicy::class.'@view',
-    ],
-
-    'user' => [
-        'model' => \App\Models\User::class,
-        'display_attribute' => 'name',
-        // TODO: add permission_check when UserPolicy is built (S2)
-    ],
-
-    'company' => [
-        'model' => \App\Models\Company::class,
-        'display_attribute' => 'name',
-        'permission_check' => \App\Policies\CompanyPolicy::class.'@view',
-    ],
-
-    'organisation' => [
-        'model' => \App\Models\Organisation::class,
-        'display_attribute' => 'name',
-        'permission_check' => \App\Policies\OrganisationPolicy::class.'@view',
-    ],
-
-    'event' => [
-        'model' => \App\Models\Event::class,
-        'display_attribute' => 'name',
-        'permission_check' => \App\Policies\EventPolicy::class.'@view',
-    ],
-
-    // 'artist' entry added when artist module lands
-
-];