The impact of new safeguarding rules on the UK payments industry in 2025

In September 2024, the FCA published the consultation paper CP24/20 on how they are planning to change the safeguarding regime for payments and e-money firms in 2025.

We expect you to take make it a top priority to ensure that your customers’ money is safe.

– FCA Dear CEO letter, 16 March 2023

The new rules will increase record-keeping and auditing requirements and ensure that customer funds are held under statutory trust.

The consultation paper outlines two stages for these rule changes: interim rules from June 2025 with a six-month transition period, and end-state rules at an unspecified date.

The interm rules focus on enhanced record-keeping and more reporting requirements. The end-state rules changes safeguarding rules to mirror the CASS regime in the investment industry.

Why are safeguarding rules changing?

Safeguarding rules are changing for two reasons:

1. The FCA is concerned about safeguarding practices in the payments industry. In 2023, the FCA opened supervisory cases against 15% of firms that safeguard. Amongst insolvent firms in 2018-2023, 65% had shortfalls in client funds.
2. A court ruling in the insolvency of Ipagoo LLC has meant that safeguarding regulations do not meet the standard of statutory trust. This means e-money holders are not as protected in a default as previously assumed.

Interim changes

In the consultation paper, the FCA identifies the following (rather fundamental) shortcomings in how firms safeguard customer funds today:

• Firms don’t know which funds to safeguard
• Firms don’t know how much they have safeguarded
• The safeguarded amounts are held in insecure ways

The current regulations don’t give the FCA enough information to properly monitor the firms. As a result, the consultation paper proposes a new monthly filing, and an annual safeguarding audit. The FCA will also introduce more prescriptive record-keeping and reconciliation processes in line with CASS 7.

Here is the full list of changes anticipated from the consultation paper:

More prescriptive record-keeping

Firms must:

• Have policies and procedures to ensure compliance
• Maintain a resolution pack
• Maintain accurate and timely books and records to identify relevant funds
• Carry out a daily internal and external relevant funds reconciliation
• Investigate reconciliation discrepancies and resolve it by the end of the business day when the reconciliation was performed

More frequent reporting

Firms must:

• Submit a monthly regulatory filing on safeguarding.
• Complete an annual safeguarding audit.
• Appoint a safeguarding offices.
• Notify the FCA if internal records are materially out of date, inaccurate, or invalid.
• Notify the FCA if the firm fails to do daily internal or external reconciliation.
• Notify the FCA if the firm has been unable to rectify a discrepancy.
• Notify the FCA if a material difference between the safeguarding requirement and safeguarded funds is discovered.

Safeguarding

Firms must:

• Consider diversification of safeguarded funds.
• Apply additional safeguards when using the investment or insurance methods of safeguarding.
• Make sure that accounts used to hold relevant funds that are not the designated safeguarding accounts are clearly identifiable, ideally with the word “safeguarding” used in the account name.
• Get an acknowledgement letter from institutions holding relevant funds that they are aware that they are holding the firm’s relevant funds.
• Review all third parties used for safeguarding purposes within three months after the interim rules go into effect, and continue reviewing them periodically afterwards.

End-state rules

The end-state proposed in the consultation paper is to change the regulations so that safeguarding meets the definition statutory trust. The e-money holder would act as a trustee over the funds, with the customer retaining beneficial ownership

This is done by applying the CASS rules from the investments industry.

While these changes are still being debated, and some important exceptions apply, the biggest change would be that customer funds have to be received directly into a safeguarding account.

This would have large effects on the cost of running a payments business in the UK precluding the use of other payment firms to receive customer payments. Any settlement that is not done from the safeguarding account would also have to be done using the firm’s own funds, greatly increasing the capital required for running a payments business.

There are some important exceptions mentioned. Only UK credit institutions are by default allowable as safeguarding accounts, the rules previously also included credit institutions in the EU approved by the FCA. This is now expanded to the OECD.

The FCA also exempts payments received into merchant acquiring accounts and accounts held with payment networks.

Potential effects on the payments industry

There is significant concern from the industry about the new rules. The EMA writes that they have a “fundamental disagreement with FCA’s approach” and “regimes like CASS /…/ are unsuitable for the real-time, dynamic nature of payment businesses.

Some of my thoughts if the end-state rules go into effect:

• More (all?) payments will be made from the safeguarded accounts. This means most payments will be executed by UK banks.
• Non-bank payment providers will become less competitive, as their cost goes up.
• International payments will get slower and more expensive. Companies like Wise will have to use their own funds to settle international payments, which could make correspondent banking a relatively better option for consumers.

Given these realities, it’s possible that the end-state rules will not become a reality in their current form. The interim rules look set to go ahead, but will also cause the FCA will get flooded with notifications about reconciliation failures.