In May 2026 there will be a change in the safeguarding requirements that are applicable to UK authorised Electronic Money Institutions (“EMIs”) and Payment Institutions (“PIs”). These new requirements will be implemented from 7 May 2026 in line with the FCA’s Safeguarding Policy Statement 25/12 (published on 7 August 2025). In the Policy Statement the FCA describes the new requirements, referred to as the “Interim rules” – these are summarised below. Firms should already be working to understand the new requirements and identify where changes to their existing safeguarding arrangements are required.
Reconciliations
Firms are required to perform internal and external safeguarding reconciliations at least once each “reconciliation day” (which includes weekdays and excludes weekends, bank holidays, and relevant foreign market closures). This is not so much a new requirement, rather a clarification of the previous ‘daily’ reconciliation requirement.
Clarification is provided in relation to internal aspects of the reconciliations and an allowance for the use of non-standard methods of internal reconciliation subject to an audit opinion being provided. The internal part of the reconciliation must compare the D+1 “Segregation Requirement” (which is the amount of customer funds that should be safeguarded at the end of the previous day), against the D+1 “Segregation Resource” (which is the actual amount held in safeguarding accounts). Any shortfall must be corrected immediately, and firms must use their own funds if necessary to make up the difference. This is more clarification rather than anything new.
There is a requirement to notify the FCA if internal records are materially out of date, inaccurate or invalid, if unable to perform a reconciliation or are unable to remedy a discrepancy in the reconciliations (firms will need to decide what is “material” considering their specific circumstances with notifications typically being made ‘without delay’).
Resolution Pack
A significant change is the requirement for firms to maintain a CASS-style “Resolution Pack” (as a “living document” rather than in a prescribed format) with content describing areas including:
- Where and how Relevant Funds are held, including:
- a document identifying the institutions used to provide the safeguarding bank accounts, or relevant insurance / guarantee, and their contact details
- executed Acknowledgement Letters or executed insurance policy / bank guarantee; and
- step-by-step procedures for moving and returning funds.
- Organisational arrangements, including:
- a document detailing the individuals within the firm who are critical to the performance of the operation of the safeguarding processes, inc. the role that has been allocated with overall safeguarding operational oversight
- a document detailing the individuals within the firm who have access to the safeguarding bank accounts and their respective authority; and
- a document describing arrangements for access to systems required for producing components of the Resolution Pack.
- Safeguarding controls, including:
- a document describing the internal and external reconciliation processes
- a record of safeguarding reconciliations (internal and external aspects), including date performed, process carried out, discrepancies identified and actions taken to resolve
- a link to the most recent reconciliation performed
- a document describing arrangements for access to systems required for performing reconciliations; and
- an assessment of materiality to support the decision whether to notify the FCA of a material discrepancy.
- A list of the firm’s agents and distributors, if applicable, and contact details.
- The firm’s safeguarding policies and procedures or references to the documents where these can be found.
The objective of the Resolution Pack is to help ensure payments firms maintain, and can easily retrieve, information that would help achieve a timely return of relevant funds to customers (e.g. in the event of insolvency).
Monthly FCA Safeguarding Return
The FCA are introducing a monthly Safeguarding Return on the basis that the regular reporting of information facilitates the FCA’s targeted and proactive supervision and assessment of risks within payments firms. The Safeguarding Return is a new report that will need to be submitted within 15 business days of each month end. Certain other existing FCA reports will be simplified to avoid areas of duplication. An example of the Safeguarding Return can be found in the FCA’s Policy Document.
Annual safeguarding audit
The FCA views safeguarding audits as a key tool in improving safeguarding standards across the payments sector, with regular audits providing essential assurance to both the FCA and firms’ Boards. The new rules require safeguarding audits to be performed by ‘qualified auditors’ (not necessarily the firms’ existing statutory financial auditor), a change that is aimed at ensuring a more consistent quality in audit work.
Firms must still take reasonable steps to ensure that an auditor has the “required skill, resources and experience”. Firms should already have a defined process for the performance of due diligence on their auditors. Since this would previously have included ‘consultants’ as well as financial auditors the process may require some update.
Safeguarding audit reports will need to be submitted to the FCA within 4 months of the end of the audit period, although a period of 6 months is allowed for the submission of the first audit report to facilitate transition.
Strengthening safeguarding practices
Guidance regarding when the safeguarding requirement starts and ends will be provided in a new version of the FCA’s Approach Document. Other areas relevant to strengthening safeguarding practices, leading up to the implementation date, include:
- Due Diligence on Third Parties – The FCA consulted on the requirement for firms to exercise due skill, care and diligence when appointing third parties used to meet safeguarding requirements (i.e. safeguarding accounts, insurance policies and guarantees). This obligation for selecting, appointing and periodically reviewing third-parties already applies to firms and will be codified in the new rules.
- Diversification – The new rules require payment firms to consider whether the diversification of third-parties used for safeguarding customer funds is appropriate and to mitigate concentration risk, if deemed necessary by management. The FCA acknowledged that the frequency of review would depend on the type of firm and the third parties being used. For completeness, it would be advisable to record decisions made by the Board regarding diversification and include, or reference, these decisions in the Resolution Pack.
- Investment of Relevant Funds – Whilst the FCA have some discretion to expand the range of approved secure, liquid assets, they continue to maintain their low risk tolerance towards broadening the types of assets considered secure and liquid and have not, within the interim state rules, chosen to expand the types of assets in which firms may invest customer funds.
Insurance and Comparable Guarantees
Importantly, requirements to manage changes have been introduced in relation to addressing risks faced by firms when the insurance / guarantee is approaching renewal date in order to avoid potential “cliff-edge” scenarios. Firms will be required to take the following actions no later than 3 months before their insurance policy or guarantee expires:
- Decide whether it intends to continue using the insurance or guarantee method and notify the FCA of this intention.
- If a firm does not have a replacement or renewal in place, it must submit a plan to the FCA describing how it will move to the segregation method if the insurance policy or guarantee is not replaced or renewed.
- If a firm cannot safeguard all relevant funds through segregation, it should consider its financial position, including whether it is appropriate to place the firm into insolvency so that a claim can be made under the policy or comparable guarantee before the cover lapses.
Renewal does not need to take place within the 3 months – the actions are instead designed to formalise the renewal approach and prevent potential cliff-edge scenarios where customer funds are not adequately protected due to late or failed renewals.
We provide advice to UK and EU fintech firms on all regulatory matters and are able to advise UK firms on how best to prepare for the FCA’s Interim Rules on safeguarding. These are the first set of changes and must be addressed by firms in good time. The preparation of the ‘Resolution Pack’ will need to be carefully considered and Flawless Money can provide valuable input. Please feel free to reach out to us if you need assistance on safeguarding or any other regulatory matters applicable to your fintech payments business.
