Skip to main content
Sujets à suivre
Featured Insights
Voir tout
Voir tout
À propos de notre cabinet d’avocats
  • Accueil
  • Insights
  • New Safeguarding Rules for UK Payment Firms: What Banks and Insolvency Practitioners Need to Know
septembre 17 2025

New Safeguarding Rules for UK Payment Firms: What Banks and Insolvency Practitioners Need to Know

Authors:
Télécharger le PDF
Share

In this article, we examine (1) the new regime for safeguarding of customer funds applying to UK payment and electronic money institutions, (2) the impact these reforms will have on those firms and (3) in particular, the indirect effect the reforms will have on banks holding safeguarded funds and insolvency practitioners who manage the insolvency of a failed payment or electronic money institution.

In August 2025, the UK Financial Conduct Authority ("FCA") published a policy statement finalising its proposed rule changes. The purpose of these reforms is: (1) to increase oversight and monitoring of safeguarded funds to minimise shortfalls  (2) to return safeguarded funds to customers quickly on an insolvency; and (3) to provide the FCA with better data to identify and intervene in non-compliant firms.

Under the current regime, payment and electronic money institutions (and credit unions that issue electronic money) (together "Payment Firms") are required to safeguard customer funds they receive (a) to make a payment or (b) in exchange for electronic money issued by them to a customer (e.g. pre-paid cards). The safeguarding requirements are set out in the existing Payment Services Regulations 2017 ("PSRs") and the Electronic Money Regulations 2011 ("EMRs"). Safeguarding is currently achieved by requiring Payment Firms to either:

  • segregate relevant customer funds from their own funds and place them in a separate account with an authorised deposit taking bank or invest them in secure, liquid financial assets held with an authorised custodian; or
  • obtain an insurance policy from an authorised insurer or comparable guarantee from a bank covering the relevant funds.

These two requirements will remain; enhanced by increased oversight and monitoring obligations.

Why is the FCA changing the safeguarding regime?

The FCA has concluded that “some payments firms do not currently have sufficiently robust safeguarding practices” and “present an unacceptable risk of harm to consumers and market integrity.” According to the FCA, mobile banking and market developments are driving that risk; the proportion of UK consumers using Payment Firms to provide non-bank payment accounts rose from 1% in 2017 to 12% in 2024, while e-money institutions in the UK were safeguarding approximately £26bn of relevant funds in 2024, up from £11bn in 2021. Insolvency data underscores the problem. The FCA estimates that for Payment Firms that failed between Q1 2018 and Q2 2023 “there was an average shortfall of 65 % in funds owed to clients” (PS25/12, §2.3).

Which Payment Firms are impacted and when will the new rules apply?

The rules apply to:

  • All FCA authorised Payment Firms (other than those solely providing payment initiation or account information services).
  • Small Payment Institutions (as defined under FCA rules) may continue to opt in to safeguarding.
  • EEA Payment Firms operating in the UK in FCA supervised run-off (post-Brexit) are also in scope.

The FCA consulted on making changes in 2 stages: 

  • ‘Interim rules’ (the "Supplementary Regime") to supplement the existing safeguarding requirements, codify FCA guidance, improve record keeping and strengthen reporting and monitoring requirements – in each case by amending the EMRs and PSRs.
  • ‘End-state rules’ (the "Post-Repeal Regime") to replace and repeal the existing safeguarding requirements of the EMRs and PSRs with a ‘CASS’ statutory trust – client assets – style regime.

The Supplemental Regime will take effect as of 7 May 2026. Following industry feedback, the FCA will defer any implementation of the Post-Repeal Regime pending further consultation.

What are the principal changes to the safeguarding regime?

  • Books & Records and Reconciliations: Payment Firms must maintain accurate, up-to-date records and accounts to distinguish safeguarded (relevant) funds from other funds at any time and without delay. Internal and external safeguarding reconciliations must be performed at least once each reconciliation day (excluding weekends, bank holidays, and days when relevant foreign markets are closed). Internal reconciliations compare the Payment Firm's own records, while external reconciliations compare internal records to third-party (e.g., bank) statements. Discrepancies must be promptly identified and resolved, with any shortfall in safeguarded funds immediately rectified using the Payment Firm's own funds if necessary.
  • Resolution Pack: Each Payment Firm must maintain a CASS 10A resolution pack containing key documents and information to facilitate a timely return of relevant funds in the event of insolvency. The pack must include: a master document index, details of all institutions holding relevant funds or assets, executed agreements (including acknowledgement letters), insurance/guarantee policies, lists of agents/distributors, group entities involved in safeguarding, and third-party service providers.The pack must be kept up to date and reviewed at least annually.
  • Annual Safeguarding Audit: Most Payment Firms must appoint a qualified auditor to conduct an annual safeguarding audit, providing a reasonable assurance report to the FCA on the adequacy of the Payment Firm's safeguarding arrangements and compliance with the rules. Payment Firms that have not been required to safeguard more than £100,000 of relevant funds are exempt from the audit requirement. The audit must cover all relevant funds, regardless of the safeguarding method used, and must be submitted within four months of the period end (six months for the first audit after the rules take effect).
  • Monthly Safeguarding Return: Payment Firms must submit to the FCA a new monthly safeguarding return within 15 business days of each month-end. The return requires detailed information on the safeguarding requirement, methods used, reconciliations, shortfalls and rectifications, breaches and details of accounts, assets, and insurance/guarantee arrangements. This enhances the FCA's ability to monitor compliance and identify risks.
  • Third-Party Due Diligence & Diversification: Payment Firms must exercise all due skill, care, and diligence in selecting, appointing and periodically reviewing third parties (i.e. deposit taking banks, insurers and/or custodians) that hold relevant funds or assets or provide insurance/guarantees. Payment Firms must consider the need for diversification of third parties to mitigate concentration risk and must document their assessment and decisions.
  • Secure, Liquid Assets: The FCA has confirmed a list of eligible secure, liquid assets in which Payment Firms may invest safeguarded funded (e.g., certain government securities, qualifying UCITS funds). Payment Firms must ensure that investments are safe, liquid, and accessible in the event of mass redemptions or insolvency.
  • Insurance/Guarantee Enhancements: Where Payment Firms use insurance or comparable guarantees as a safeguarding method rather than cash in a segregated bank account, the insurance policy/guarantee must not contain any condition or restriction on payout other than certification of an insolvency event. Payment Firms must decide at least three months before expiry whether to renew or replace the policy/guarantee. If no replacement is in place with less than three months remaining, the Payment Firm must plan to safeguard all relevant funds using the segregation method and notify the FCA. If unable to do so, the Payment Firm should consider entering administration to trigger a claim under the policy.
  • Daily D+1 Segregation Requirement: The "D+1 segregation requirement" obliges Payment Firms to compare, at the end of each reconciliation day, the amount of relevant funds that should be held in safeguarding accounts (the requirement) with the actual amount held (the resource). Any shortfall must be immediately rectified, and excess funds must be withdrawn.
  • Enhanced Notification and Breach Reporting: Payment Firms must notify the FCA without delay if they are unable to perform reconciliations, if records are materially inaccurate, or if there is a material safeguarding breach. The monthly return also requires disclosure of notifiable breaches and remedial actions taken.

What impact will the rules have on insolvency practitioners of Payment Firms?

The FCA’s objective is that, on insolvency, “relevant funds can be returned to customers as quickly and fully as possible.” The expectations are that:

  • The enhanced record keeping and daily reconciliation should (assuming compliance) provide immediate clarity in the form of a ledger of the safeguarded funds held. In the FCA's words, it should reduce the "significant time and resources" currently required to trace those beneficially entitled to the funds.
  • The CASS resolution pack will provide a live repository of contracts, accounts, agents, custodians and insurance documents to ensure that insolvency practitioners can promptly start the process of returning funds without wasting administrative time identifying transaction partners.
  • The FCA's view is that the annual safeguarding audits and monthly data returns should identify shortfalls before failure, lowering the “average shortfall of 65 %” that insolvency practitioners presently encounter.
  • Clear Insurance Payout Mechanism – The new CASS 15.5.4R states that the insurance proceeds must be paid into a safeguarding account “promptly” on insolvency, with no defences other than certification of the insolvency event, giving IPs more certainty of access to insurance cover. If an insurance policy has less than three months to run and no renewal is in place, Payment Firms (potentially in conjunction with insolvency practitioners) must consider a timely appointment of administrators “so that a claim can be made under the policy” before cover lapses.
  • Interaction with PESAR – while entry into the Payment & Electronic Money Institution Special Administration Regime (“PESAR”) remains optional, the FCA signals that it may consult on additional rules for non-PESAR insolvencies once the Supplementary Regime is fully implemented.

Overall, the new framework should equip insolvency practitioners with better information and a ring-fenced pool of cash and financial assets for distribution to customers. It should also ensure the FCA (and insolvency practitioners) benefit from earlier sight of deteriorating Payment Firms so that insolvency appointments can be initiated earlier to protect consumers or averted as appropriate.

What do banks holding safeguarding accounts need to consider?

Banks that hold safeguarding accounts for payment and e-money institutions should be aware of the following key points:

  • Account Designation and Segregation: Under the new rules, safeguarding accounts must be clearly designated as such, ideally including the word "safeguarding" in the account name. The account must be in the name of the payment or e-money institution, not an agent or distributor, and must not be used to hold any other funds or assets (see CASS 15.7.2R, 15.7.5R, 15.7.6R).
  • Acknowledgement Letter: The bank must sign an acknowledgement letter in the form prescribed by the FCA (CASS 15 Annex 1). This letter confirms that the bank is aware the account is for safeguarding customer funds, that the bank has no right of set-off or recourse against the funds (except as permitted by regulation), and that it will release the funds on demand to the Payment Firm or an insolvency practitioner, subject to limited exceptions (see CASS 15.7.7R–15.7.11R; CASS 15 Annex 1).
  • No Right of Set-Off or Security: The bank must not exercise any right of set-off, security, or combination of accounts over the safeguarding account, except for fees and expenses relating to the operation of the safeguarding account or after all customer claims have been paid (see CASS 15 Annex 1).
  • Release of Funds: The bank must release all funds in the safeguarding account on proper notice and instruction from the Payment Firm or an appointed insolvency practitioner, except where a permitted right of set-off applies (see CASS 15 Annex 1).
  • Ongoing Review and Replacement: If there are changes to the account details, parties or errors in the acknowledgement letter, a new letter must be executed. If the account is transferred to another bank, a new acknowledgement letter must be obtained from the new account provider (see CASS 15.7.14G–15.7.15R).
  • Next Steps: Banks should begin to prepare for their Payment Firm client base to engage with them to review their processes and documentation to enable the Payment Firm's compliance with the FCA's safeguarding regime.

If you have any questions, please do not hesitate to reach out to us.

Auteurs

Compétences et Secteurs liés

Domaines de compétences

Stay Up To Date With Our Insights

See how we use a multidisciplinary, integrated approach to meet our clients' needs.
Subscribe

Follow us

© 2025 Mayer Brown. All Rights Reserved

 

 

Mayer Brown is a global legal services provider comprising associated legal practices that are separate entities, including Mayer Brown LLP (Illinois, USA), Mayer Brown International LLP (England & Wales), Mayer Brown Hong Kong LLP (a Hong Kong limited liability partnership) and Tauil & Chequer Advogados (a Brazilian law partnership) (collectively, the “Mayer Brown Practices”). The Mayer Brown Practices are established in various jurisdictions and may be a legal person or a partnership. PK Wong & Nair LLC (“PKWN”) is the constituent Singapore law practice of our licensed joint law venture in Singapore, Mayer Brown PK Wong & Nair Pte. Ltd. More information about the individual Mayer Brown Practices and PKWN can be found in the Legal Notices section of our website.

“Mayer Brown” and the Mayer Brown logo are the trademarks of Mayer Brown.

Attorney Advertising. Prior results do not guarantee a similar outcome.