PS25/12: New policy statement on changes to the safeguarding regime for payments and e-money firms

The rationale behind the shift

In 2024 the FCA published their Financial Lives Survey. The results reported that e-money organisations safeguarded approximately £26 billion in relevant funds, a large increase from £11 billion in 2021, with one in ten UK e-money account holders using it as their primary transactional account. Despite this, the FCA highlighted that inadequate safeguarding remains widespread, with insolvencies between 2018 and 2023 exposing a 65% shortfall in client funds on average.

Consequently, robust safeguarding arrangements are critical, especially given that these funds are not protected by the FSCS. The ‘end-state rules’ (the Post-Repeal Regime) set out in PS25/12 will ultimately see the safeguarding requirements of the EMRs and PSRs replaced with a ‘CASS’ style regime.

Key details from PS25/12 – what payments and e-money firms need to be aware of PS25/12 sets out the FCAs final rules and guidance on the interim rules (the Supplementary Regime) for safeguarding in the payments and e-money sector. This regime builds on the existing legislative provisions in the Electronic Money Regulations 2011 (EMRs) and Payment Services Regulations 2017 (PSRs).

As outlined by the FCA, the rules apply to all:

• authorised payment institutions (excluding those solely providing payment initiation services or account information services)
• authorised e-money institutions
• small e-money institutions
• credit unions issuing e-money in the UK.

The Supplementary Regime will take effect on 7 May 2026. It’s important to note that the FCA has extended the implementation period from the proposed six months to nine months following the effective date. While this provides some relief, the timeline remains tight given the scope of changes required. Notably, the requirement to review existing third-party arrangements within three months of the rules coming into force remains unchanged.

What actions do payments and e-money firms need to take?

In our insight ‘CP24/20: Changes to the safeguarding regime for payments and e-money firms’, we outline the challenges and opportunities this regulatory shift presents to payments and e-money firms. We recommend reviewing this against your individual organisation’s circumstances.

The key changes made because of the CP24/20 consultation are summarised below.

Improved books and records

• Clarification that third-party data may be used for the purpose of creating and maintaining their internal records where no other reasonable method exists.
• Reconciliations required once per 'reconciliation day' (excluding weekends, bank holidays, and relevant market closures) instead of business day as previously proposed in CP24/20.
• Safeguarding requirements must be applied separately for e-money and payment services.
• Firms may adopt non-standard method of internal safeguarding reconciliation. However, it is required to document how it will meet its obligations to its clients under the safeguarding rules. This must be reviewed by an independent auditor who should confirm in a written report that the proposed method meets the firm’s obligations.

Enhanced monitoring and reporting

• The requirement for a limited assurance engagement where a payments firm claims not to have been required to safeguard relevant funds during the audit period has been removed.
• Exemption from safeguarding audit requirements where firms have not safeguarded relevant funds above £100,000 for a period of at least 53 weeks.
• First safeguarding audit submission extended to six months after the audit period (previously four).
• FCA to offer guidance during the nine-month implementation period.

Strengthened safeguarding practices

• Investment in secure, liquid assets remains tightly defined. However, the FCA has indicated that following the implementation of the Supplementary Regime, it may consider whether any changes are necessary.
• Clearer requirements for insurance policy or guarantee renewals, including contingency planning if coverage lapses. This includes consideration of its financial position, including whether it is appropriate to place the firm into a process under the PESAR or the Insolvency Act 1986 so that a claim can be made under the policy or comparable guarantee before the cover lapses.

How Crowe can help you

To prepare for the evolving safeguarding requirements, early engagement and strategic planning will be critical to overcoming resource constraints, managing operational costs, and ensuring compliance. As experienced auditors in the financial services sector, Crowe can not only assist you as qualified auditors, as required by the new regulations, but can also help you get prepared and flag any areas of concern early so these can be rectified.

By investing in staff training, updating frameworks, and reviewing third-party arrangements, organisations can not only meet regulatory demands but also unlock opportunities for process optimisation, enhanced efficiency, and stronger market positioning.

If your firm would like support on getting ahead of these changes and maximising the opportunities presented, please get in touch with your usual Crowe contact.