Changing of the safeguarding: what new regulations mean for payments and e-money
Payment and e-money institutions have both similarities and differences when compared to more traditional financial institutions. On one hand, they more readily leverage flexibility and contemporary technology to provide innovative, customer-centric offerings. On the other hand, people expect their money and assets to be equally safe, no matter whether they are held by firms like Revolut or those such as Nationwide and Lloyds TSB.
However, on paper – where regulations are defined – there are, for now, only differences. For instance, currently, payment and e-money institutions must abide by the Payment Service Regulations (2017) and Electric Money Regulations (2011), whilst other financial organisations who hold client assets are held accountable by the Financial Conduct Authority’s (FCA’s) more stringent CASS rules.
Yet following the FCA’s CP24/20 consultation, this is set to change – new safeguarding rules are inbound to bring payment and e-money institutions in line with their more established peers. Read on to discover how, why this matters, and what to expect.
A long time coming
So what has brought us to this point in time? With the payments industry evolving so fast, arguably, changes to regulations have been drawn out. However, in the last couple of years, the path to new safeguarding regulations has been cleared seeing progress accelerate at pace.
For instance, in 2023, it was announced that the FCA would gain “enhanced rule-making powers” to enforce safeguarding measures in the year to come. Now, in September 2024 this has been reaffirmed with the release of the FCA’s consultation on changes to the safeguarding regime for payments and e-money institutions, marking their first step to make new and improved safeguarding compliance a reality.
However, this has long been coming. After all, it is not only the FCA who have noted that “poor practices across the industry” of PSRs and EMRs are causing “significant consumer harm”, seeing them – in just one year – open supervisory cases concerning roughly 15% of firms who safeguard funds. It has also been in the press with headlines such as, “Wirecard scandal exposes chinks in UK safeguarding rules”, and customers themselves have felt the consequences due to poor reconciliation leaving safeguarding totals unknown and them without access to their funds.
Evidently, something has to change, especially given that in the first half of 2022, investment in UK Fintechs totalled at $9.1 billion – a huge amount considering that this is greater than what European Fintechs collectively raised. Ultimately, for the FCA, the payments industry is too big to fail.
The change that is already here
Despite merely a consultation being launched, this is noteworthy news for payments and e-money institutions. However, in reality, what the FCA is seeking to enforce, other financial institutions must already comply with.
For the likes of investment firms, insurance firms, and more (see a full list here), CASS regulations already exist. These are the inspiration for what the FCA is looking to introduce, and they themselves have described the prospective regulations as ‘CASS-style’.
As a result, the usual debate as to whether new regulations will be beneficial or harmful becomes muted. After all, the blueprint for these regulations is already in force for other institutions.
Fortunately, the verdict is resoundingly positive for CASS rules. This cannot be understated given that they played a pivotal role in restoring trust in financial services following the financial crises of the early 2000s by preventing the misuse of client funds and ensuring the protection and return of client assets in the case of insolvency – and they continue to do so today.
It is also important to note what happens when CASS regulations are not complied with – arguably this emphasises their importance even more:
- When the FCA discovered that Sonali Bank UK was experiencing significant delays with reconciling their client money accounts and breaching more parts of CASS 7 plus other regulations, they received a fine of £3.25 million.
- When Worldspreads Limited collapsed in 2012, revealing that they had a £13 million shortfall in client money accounts due to them mixing client funds with their own operational funds and manipulating financial statements in an attempt to hide this, their CFO was fined £11,900 and banned from ever holding any similar position.
- When Alpari UK limited went into administration, their failure to properly segregate client money became exposed. Despite the Financial Services Compensation Scheme (FSCS) compensating some people, other former clients did not regain their money for 869 days.
Ultimately, even if payment and e-money institutions might fear that additional compliance requirements will distract from innovation, they should welcome new CASS-inspired regulations. They offer a route to building trust, improving their own financial activities, and even having more timely access to data for purposes beyond compliance.
What will be required to meet new regulations?
Given the similarity between existing CASS regulations and the new safeguarding ones intended for payment and e-money institutions, it is unsurprising that the FCA’s CP24/20 consultation mentions ‘reconciliation’ nearly 250 times. After all, regular and accurate reconciliation is fundamental for CASS 7 compliance and other similar regulations.
However, reconciliation will not be the only requirement that firms are likely to have to abide by. Let’s take a look at what will likely be required:
- Reconciliation – underpinning vast amounts of the proposal will be the need for regular and accurate reconciliation. As a result, reconciliation will have to take place daily between internal records and ledgers, and between internal records and those of third parties. Doing so will make sure that client funds are appropriately segregated and that no shortfalls exist. It will also allow firms to have the relevant data they require for sending new reports to the FCA as part of these changes.
- Risk management – a “resolution pack” – similar to how banks and financial institutions must have recovery and resolution plans – will have to be maintained by payment firms. This will help when it comes to returning relevant funds to clients in a timely manner, should a collapse take place.
- Oversight – claims that regulatory activity is conducted is one thing; however, this doesn’t always guarantee that it actually is. Instead, evidence must be provided. As a result, the new regulations are therefore likely to see firms have an external auditor assigned to them who they must cooperate with. They will also be expected to submit a regulatory return to the FCA once a month to detail crucial information such as the amounts they have safeguarded, the reconciliations they have completed, any breaches, etc.
- Strong segregations – like how the onus is increasingly being placed on banks to make sure that the EMIs who they partner with are reputable, the new regulations will probably demand that payment firms exercise an increased level of due diligence to make sure that their safeguarding partners and other third parties are reputable. They will also be encouraged to diversify their use of third parties to minimise risk.
How to get ahead
At the end of the day, the popularity of e-money and payment firms is continuing to increase. For example, whilst in 2017 only 1% of consumers had an e-money account, by 2022 this had risen to 7%. Plus, in 2023, money held in e-money issuer safeguarding accounts and those by payment firms totalled £23 billion.
Undeniably, the usage of these businesses is growing. As a result, so too must their responsibility.
For some organisations, this will require new considerations and planning to implement additional but highly necessary procedures. However, for established institutions, it is what they have come to know and already do.
Fortunately, Aurum has the pleasure and know-how of working with both. Ensuring CASS compliance standards are met for Octopus Investments, Moneybox and others while creating flexible, scalable reconciliation processes to keep up with the ever-evolving requirements of some of the most exciting payment firms like Paytently, Payabl, Paynovate etc., Aurum’s reconciliation offers the best of both worlds.
To make sure that your firm doesn’t become like those that failed between 2018 and 2023 and had an average shortfall in customer funds of 65%, look no further than Aurum. Complete with the ability to create bespoke reports, automated and accurate reconciliation, and complete audit trails, book your Aurum demo today.
