The countdown has begun. In just six months, the Financial Conduct Authority’s (FCA) new supplementary regime on safeguarding rules for payments and e-money firms will take effect. Are you ready to comply?

It’s been three months since the FCA published Policy Statement PS25/12, which is designed to ensure consumer funds are returned quickly and cost-effectively should a payments firm fail. The regulator expects firms to familiarise themselves with the new rules and establish systems and controls now before the regime comes into force.

This is not just a box-ticking exercise. It’s a significant change, requiring a shift in mindset and systems by payments and e-money firms.

What are the key changes under PS25/12?

• Daily reconciliations: Safeguarded funds must be reconciled every business day. Non-standard methods require an independent auditor’s report and disclosure in monthly returns.
• Annual safeguarding audits: These are mandatory for most firms, with a six-month grace period for the first submission. If the firm did not safeguard over £100,000 of relevant funds at any point in the previous 53 weeks, it will not be required to arrange a safeguarding audit.
• Due diligence: Both at appointment and periodically, firms must perform due diligence to assess third parties that hold relevant funds.
• Insurance conditions: Safeguarding insurance policies or comparable guarantees must not include restrictions on payout, except for confirming an insolvency event.
• Contingency planning: At least three months before an insurance policy or guarantee expires, firms must have a plan. If renewal or replacement is not secured, they must be ready to safeguard funds via segregation.
• Safeguarding obligation: Clarification will be added to the Approach Document to state that the obligation to safeguard inbound transactions begins once the firm becomes entitled to the funds. For example, this may occur when the funds are credited to an account in the firm’s name.
• Resolution packs: Firms must maintain comprehensive, regularly updated packs to ensure timely return of client funds in insolvency scenarios.
• Monthly FCA returns: Firms must meet these new reporting requirements confirming safeguarding practices and reconciliation outcomes.
• Post-Repeal Regime: Following feedback to the consultation in December 2024, the FCA has decided to not implement the Post-Repeal Regime without further consideration or consultation.

Why FCA safeguarding rules matter for payment and e-money firms

These rules are designed to protect consumers, strengthen market integrity and reduce operational risk for payments and e-money firms by aligning them more closely with the expectations of other financial firms set out in the FCA’s Client Assets Sourcebook (CASS).

Firms that fail to implement robust safeguarding controls may face increased scrutiny from the FCA, potential fines and reputational damage, which can have long-lasting impacts on customer confidence and business growth. Early adoption of these requirements will better position firms for compliance and audit readiness.

How firms should prepare for 7 May 2026 compliance

• Review PS25/12 and CASS 15 rules and guidance to understand the new requirements.
• Develop a CASS 15 rules matrix mapping each rule to existing controls and processes.
• Produce a funds and system flow diagram to understand the full CASS footprint.
• Perform a gap analysis to identify non-compliance with the rules and create a plan to address. enhancements required to processes, systems and/or controls.
• Update policies and procedures to demonstrate alignment with CASS 15.
• Train relevant staff on governance, control frameworks and operational changes.

Firms need to make sure they have all the relevant safeguards in place before the 7 May 2026 deadline. Our CASS specialists can provide support for your firm’s compliance journey.

If you have any questions, please contact Nav Sarai.

Related insights