The global payments industry has doubled in size since I organised my first event on the future of Banking in 2013, to $2.3 Trillion in annual revenue in 2023.
With the growth, there has been a number of challenges, including some notable failures to safeguard customer funds. Wirecard being the most prominent one in Europe, but FTX also comes to mind. In the UK, the FCA fined Charles Schwab UK £8.96 million for safeguarding breaches in 2020.
The insolvency of Ipagoo and Allied Wallet made it clear that funds held at an e-money institution must be segregated from other funds for them to be given priority to other creditors.
In addition, Banking-as-a-Service and embedded finance has increased the complexity of customer relationships, which has made safeguarding more challenging. Railsr, one of the leaders in embedded finance, filed for bankruptcy in 2023.
A review of safeguarding practices by the FCA showed that payments companies that act as an agent for a licensed entity, a typical BaaS usecase, don’t know if they are providing a payment service or not.
[S]some firms were unable to explain which payment services they provided in certain situations or identify when they were issuing e-money, nor was there clarity about when they were acting as agent or distributor for another payment service provider
– Safeguarding arrangements of non-bank payment service providers (FCA)
These are probably some of the cases that the FCA had in mind when they started their consultation on safeguarding for payment and e-money firms, called CP24/20.
In their consultation paper, the FCA writes that they opened supervisory cases relating to approximately 15% of firms that safeguard in 2023.
What’s more, amongst bankruptcy cases, the average shortfall in client funds was 65% between 2018 and 2023. If safeguarding requirements were met, this should be 0%.
To address these shortfalls, the FCA wants to bring similar safeguarding standards that the fund managers have to the payments space. These rules are referred to as the CASS regime.
The most direct impact on reconciliation in payments companies will come from point 1.9 and 1.10 in the consultation paper. The FCA wants to make it easier to identify weakness through standardised record keeping and more reporting.
The increased need for better safeguarding processes comes from the case of Iagoo and Allied Wallet, that made it clear that non-segregated funds are at risk in the case of a bankruptcy.
Safeguarded funds is all client funds held by the company. In theory, this should be easy to calculate. All funds that has been provided by a client for a payment or e-money needs to be safeguarded, minus what they have paid out and any fees charged by the payments institution.
In practice, maintaining an accurate record of client funds becomes challenging due to high volumes of payments, multiple systems having to be used to calculate the safeguarding provision, insufficient processes around capturing profits, payment bouncebacks and accidental co-mingling of corporate and client funds.
To solve these challenges, payment institutions need granular record keeping and journaling of each transaction. Building such record-keeping systems requires a rare talent for both accounting and engineering, which might be why so many Fintechs have failed to create adequate safeguarding and reconciliation processes.
Here is the consultation paper by the FCA:
https://www.fca.org.uk/publication/consultation/cp24-20.pdf
The new rules will be implemented in an interim period starting June 2025, followed by a CASS style regime in 2026. In the interim period, the focus will be on more prescriptive reporting requirements. Once the new CASS style rules go into effect, the goal is for safeguarded funds to be held in trust.
CP24/20 implications for reconciliation starting June 2025
- More detailed record-keeping and reconciliation requirements for safeguarding in line with CASS 7
- Each firm must have a resolution pac
- A monthly regulatory filling will need to be submitted to the FCA covering safeguarded funds and arrangements.
- An annual audit of safeguarding compliance
- A named person that is responsible for safeguarding compliance in the payments first
Safeguarding implications of CASS 7
Under the current safeguarding requirements, there is a distinction between safeguarding, and funds held in a safeguarding account.
Safeguarding can be achieved through segregating funds without holding them in a safeguarding account with a UK bank. Funds that need to be held in a safeguarding account has to be held with a UK credit institution, or a foreign bank approved by the FCA. Under the current rules, a payment firm needs to move safeguarded funds into the safeguarding account by the end of the next working day.
The rules outlined in CASS are much stricter. This makes it impossible to use the funds for liquidity to process payments on behalf of the client with another payments institution non approved by the FCA for safeguarding.
A firm, on receiving any client money, must promptly place this money into one or more accounts opened with any of the following:
(1) a central bank;
(2) a CRD credit institution;
(3) a bank authorised in a third country;(4) a qualifying money market fund.
Any client funds received must be allocated to that customer promptly, and no later than within ten business days of receipt. All funds received must be promptly classified as own funds or client funds. If the payment institution can’t identify the funds, they should consider returning them.
Leave a Reply