FCA warns payment firms over safeguarding customer funds

In light of the impact of COVID-19 on firms’ business models, the Financial Conduct Authority (FCA) has issued finalised guidance to strengthen payment firms’ prudential risk management and arrangements for safeguarding customers’ funds.

This follows the consultation paper published on 22 May, which closed on 12 June. The regulator said it received responses from more than 60 organisations, including payment firms, trade associations and law firms.

While guidance for firms on safeguarding and managing prudential risk is already available in the FCA’s payment services approach document, it has found evidence from reviews of firms that some “are not complying with the regulations as we expect”.

The guidance applies to authorised payment institutions, e-money institutions, credit institutions and custodians. These types of companies were also sent a ‘Dear CEO’ letter today, outlining six key areas where non-compliance harms consumers.

1. Safeguarding – Firms must have appropriate and well-managed safeguarding arrangements so that, if a firm becomes insolvent, customers’ funds are returned in a timely and orderly way. They must be able to show that relevant funds are appropriately identified and managed on a day-today basis.

“We expect to see that firms have acted to review and remediate their safeguarding arrangements where required taking into account the guidance in our approach document and the guidance published today,” read the letter.

2. Prudential risk management – Firms must ensure they have adequate financial resources, which means meeting own funds requirements at all times, having sufficient regulatory capital to be able to incur losses while remaining solvent, or to fail in an orderly way. It also means having a sufficient quantity and quality of liquid assets to be able to pay debts and meet obligations as they fall due.

“During our recent supervisory engagement with the sector, we found several firms had calculated their own funds requirement incorrectly and others with inadequate governance and controls to manage prudential risk appropriately,” stated the FCA. “This has been brought sharply into focus by the impact of coronavirus because firms may not be able to readily raise external funding.”

3. Financial crime – All firms should be alert to the risk they could be used to facilitate fraud, money laundering, terrorist financing, bribery, corruption and other financial crime. Appropriate systems and controls must be in place to mitigate these risks and comply with financial crime reporting obligations.

“During recent supervisory engagement with the sector, which included firm visits, assessments and a review of 100 firms’ anti-money laundering processes, we found several firms were failing to take appropriate steps to properly manage their financial crime risks,” noted the statement.

4. Financial promotions and consumer communications – Consumers rely on the information provided in firms’ advertisements and websites to make decisions on whether to use a firms’ products, so the FCA outlined that financial promotions must be clear, fair and not misleading.

5. Governance and oversight – The letter stated that many firms’ regulatory issues are down to inadequate governance and oversight. “In particular, we have observed that many firms do not review their regulated processes sufficiently frequently to ensure that they remain compliant as the business changes or grows.”

The letter pointed out that UK-authorised firms must have head offices in the UK, while the directors and other senior management should be based in this UK head office.

6. Records management and reporting – Finally, the regulator stated that firms may be required to provide certain data and information through returns and ad hoc requests.

“Our work has highlighted material inaccuracies and omissions in the information that firms provide to us through regulatory reporting and responses to requests for information,” the letter read. “We have also found that in most cases, record keeping of regulated processes is inadequate to demonstrate they have been conducted in a manner which meets the requirements.

The letter, signed by director of retail banking and payments supervision David Geale, explained that the FCA welcomes the innovation and competition in payment services. “But, as with all growing markets, we are also monitoring it closely for any harms to consumers or market integrity it may cause.”

The FCA plans to conduct a full consultation later in 2020/21 on changes to its approach document. “This is likely to propose incorporating this additional guidance on safeguarding and prudential risk management.”

It will also give stakeholders a second opportunity to comment on any measures that the FCA proposes to apply permanently, building on the temporary guidance.

    Share Story:

Recent Stories


The Rise of Instant Payments
Instant payments are creating new business opportunities for banks by providing more touchpoints than ever. With these evolutions underway, Featurespace brought leading industry experts together to discuss how they are protecting customers from fraudsters in real time, utilizing innovative and disruptive solutions to reduce fraud. Click here to find out more.

Offloading Cyber Risk in the Cloud
As cyber attacks and data breaches are in the news on an increasingly regular basis - with regulatory penalties and customer trust on the line for financial services firms - it has never been more crucial to be compliant in the cloud.

This video, with Akamai’s EMEA director of security technology and strategy Richard Meeus, will help explain what your company can be doing to make sure it’s not embroiled in the next big fine or front-page scandal.