Insights

FCA Safeguarding Regime – Preparing for the Interim Rules in May 2026

By 5th March 2026May 21st, 2026No Comments10 min read

The FCA published their Safeguarding Policy Statement 25/12 on 7 August 2025 describing the changes to the safeguarding regime for payments and e-money firms. In their Policy Statement the FCA describe the “Interim rules” which will apply from 7 May 2026 – firms should have reviewed the requirements and started preparing for when the interim rules come into effect. The main changes to the safeguarding requirements are outlined in a previous Article. This Article takes a look at some practical things you should be doing now to prepare for the end of the implementation period.

Gap Analysis

It is always sensible to start from first principles so performing a Gap Analysis between your current safeguarding arrangements and the new requirements is a logical place to start. Your findings should identify and prioritise the key work areas, inform the allocation of responsibilities, guide training requirements, support Board oversight and provide evidence of work done for audit purposes.

Start by mapping current safeguarding policies, processes and arrangements against the new requirements to identify and prioritise gaps. Once the gaps have been identified, allocate responsibilities and schedule work to resolve them. Work will likely need to start by updating your primary policy documents (e.g. Compliance Policy and Safeguarding Policy) to align with the new requirements. Following the update of the policy documents you should update and operationalise your safeguarding procedures.

Governance arrangements

Safeguarding should already be a topic that is reported to the Board as part of compliance related management information. Actions that could be undertaken now include:

  • Report the findings of the safeguarding Gap Analysis to the Board and seek approval for the actions / resources required to close identified gaps.
  • Review the safeguarding risks applicable to your business and ensure that they are within scope of your risk management framework and are up to date. Update the Risk Register accordingly.
  • Develop safeguarding related compliance reporting metrics / information for ongoing provision to the Board, e.g. information on reconciliations performed, differences identified and resolved, Relevant Funds safeguarded, safeguarding audit issues and progress made to resolve.

Training and Awareness

Changes in operational safeguarding procedures and controls will inevitably require the provision of training:

  • Provide Board-level awareness training to facilitate oversight. It is key to have Board support for policy changes, approval of safeguarding arrangements and resourcing of controls.
  • As changes in safeguarding processes are developed, staff training will need to be developed to support operational implementation.

Reconciliations

Reconciliations are a key safeguarding control and have been, and continue to be, a particular focus of the FCA’s requirements. Work that could be done now includes:

  • Establish which days will be ‘Reconciliation Days’ – keep a record / maintain a calendar and make sure that systems and resources will be in place to support reconciliations on each of those days.
  • Review documented reconciliation processes, which should already exist and be approved by the Board, to identify where process changes may be necessary.
  • Consider whether you can perform internal and external reconciliations in accordance with FCA requirements or whether a non-standard method will need to be used (in which case an audit opinion will need to be obtained).
  • Review the resources allocated to reconciliation activities to make sure that reconciliations can be performed on each Reconciliation Day (allowing for staff absence or departure).
  • Consider whether internal systems require updating to provide timely information to support D+1 reconciliations.
  • Ensure that banking partners used to provide the safeguarding bank accounts are able to provide the required information at a suitable frequency to support the external reconciliation process.
  • Work through the processes required to resolve reconciliation differences, e.g. paying in any shortfall in safeguarded funds (due to timing differences)
  • Establish what would be considered ‘material’, considering the specific circumstances of the firm, in order to guide when notifications to the FCA are required (i.e. if internal records are “materially” out of date, inaccurate or invalid).

Resolution Pack

The most significant part of the new safeguarding requirements is the introduction of a requirement for firms to maintain a ‘Resolution Pack’. This CASS-style Resolution Pack brings payments firms into line with other financial service firms already required to maintain such records.

  • Define the format of your Resolution Pack. The FCA does not prescribe a standard format so firms will need to consider the objectives of a Resolution Pack when defining the initial format and then develop the pack over time.
  • Identify the information that will be within scope of your proposed format and establish whether the source documents will be replicated in the pack itself or whether links/references would instead be included.
  • Pre-existing third-party arrangements and acknowledgment letters can be used initially, subject to review/renewal rules. Check that you have acknowledgement letters on file for all safeguarding accounts (bank accounts and investment accounts where safeguarded funds are held) and establish when these should be updated.
  • Consider if direct feeds from banking APIs could be used to show real-time balances in the safeguarding accounts for inclusion in the Resolution Pack.
  • Run realistic insolvency simulations to validate the completeness and usability of the Resolution Pack. When the time comes, incorporate the Resolution Pack in your Wind Down Plan and Risk Register.
  • Develop processes to ensure the ongoing maintenance and update of the Resolution Pack (and assign responsibility).

Monthly Safeguarding Return

There is a new requirement to complete a monthly Safeguarding Return and ensure submission to the FCA within 15 business days of the month end. For this new reporting requirement not to become burdensome, an efficient process should be set in readiness.

  • Review the monthly safeguarding return (see the Appendices in the FCA Policy Document) to establish what information needs to be completed each month.
  • Consider whether systems require updating / development to provide the information required and what information can be automated from systems.
  • Ensure that appropriate resources are available to complete the returns on a monthly basis and within the 15 business day timeline. Dependency on a single person to complete the return will inevitably increase the risk of a failure to submit on time.

Safeguarding audits

The existing requirement for firms to organise an annual audit of their safeguarding arrangements will remain under the new regime, however, only financial audit firms will be able to perform the required audit work (consultant firms will no longer be able to perform safeguarding audits).

There is also a new exemption from the requirement to perform an audit however this is set at a low £100k threshold.

Actions to progress now:

  • Track your safeguarded balances – If you have safeguarded in excess of £100k customer funds at any time during the previous 53 weeks you are not eligible for an audit exemption.
  • Update the due diligence process applied to candidate auditors (noting the new requirement for financial audit firms to perform the work) to ensure that the chosen auditor has the “required skill, resources and experience”.
  • Take advantage of the extended deadline for the first audit. Discuss with auditors, including your current statutory financial auditor, the scope of work, their availability, costs and terms of engagement.
    Provision the cost of the Safeguarding Audits in your budgets and start organising/ collating documents to ensure a smooth audit process (this could be done as part of the work to build out your Resolution Pack).

Due Diligence on Third Parties

Review your existing processes for performing due diligence on partners used to provide bank accounts, insurance or comparable guarantees to ensure that the requirements of the new regime are included. The process must evidence that your firm has exercised due skill, care and diligence when appointing the partners. If not already doing so, consider the use of a due diligence checklist to coordinate and record the reviews (initial and ongoing).

Diversification

The new rules formalise the requirement to consider whether diversification is appropriate (something that firms may already and sensibly be considering). Note that diversification is not compulsory rather a decision for management.

  • Review current safeguarding arrangements to establish whether diversification (or further diversification) is appropriate, considering:
    • whether it would be appropriate to deposit Relevant Funds in safeguarding bank accounts opened at a number of different banks
    • whether it would be appropriate to limit the amount of Relevant Funds or Relevant Assets with particular providers, inc. those that are in the same group as each other
    • whether risks arising from the firms’ business model create any need for diversification (or further diversification)
      the market conditions at the time of the assessment; and
      the outcome of the due diligence performed on partner institutions.
  • Consider the costs of diversification – the maintenance of a safeguarding bank account involves significant fees that will need to be budgeted.
  • Ensure that the Board has been involved in the decision to diversify and ensure that records are retained.

We provide advice to UK and EU fintech firms on all regulatory matters. We are able to advise UK firms on how best to prepare for the FCA’s Interim Rules on safeguarding ahead of the May 2026 implementation date. Whether you are looking for expert input on the performance of a safeguarding gap analysis, defining a suitable structure for your ‘Resolution Pack’, seeking input on your reconciliation process or looking to develop governance and reporting arrangements we can assist. Feel free to reach out to Flawless Money if you need assistance on safeguarding or any other regulatory matters applicable to your fintech payments business.

Flawless Money provides advice to UK and EU fintech firms on all regulatory matters. We are able to advise UK firms on how best to prepare for the FCA’s Interim Rules on safeguarding ahead of the May 2026 implementation date. Whether you are looking for expert input on the performance of a safeguarding gap analysis, defining a suitable structure for your ‘Resolution Pack’, seeking input on your reconciliation process or looking to develop governance and reporting arrangements we can assist. Feel free to reach out to Flawless Money if you need assistance on safeguarding or any other regulatory matters applicable to your fintech payments business.

Tags:

Related articles

Insights Bringing crypto fiat flows within the CASS framework

Bringing crypto fiat flows within the CASS framework

Sophie Quaas
Sophie Quaas14th April 2026
Insights FCA Safeguarding Regime – Overview of the FCA’s Interim Rules

FCA Safeguarding Regime – Overview of the FCA’s Interim Rules

Sophie Quaas
Sophie Quaas24th February 2026
Insights The consumer duty

The consumer duty

Sophie Quaas
Sophie Quaas13th December 2025