Safeguarding Requirements for Payment and EMI Firms: A Complete UK Guide

What Is Safeguarding and Why Does It Matter?

Safeguarding is the regulatory obligation requiring payment institutions (PIs) authorised under the Payment Services Regulations 2017 (PSR 2017) and electronic money institutions (EMIs) authorised under the Electronic Money Regulations 2011 (EMR 2011) to protect customer funds. The core principle is straightforward: if a firm fails, customer money must be identifiable, separable and returnable — not mixed with the firm's own operating capital.

The FCA has repeatedly emphasised that safeguarding is not a mere technical exercise. It is a fundamental consumer protection measure. In its 2023 Portfolio Letter to payments firms, the regulator named safeguarding as its single highest supervisory priority for the sector. Firms that fail to safeguard properly risk enforcement action, requirements for additional capital, and restrictions on their permissions.

Who Must Safeguard?

Authorised payment institutions must safeguard relevant funds where the firm provides payment services and holds customer money at any point during the transaction chain. Small payment institutions (SPIs) are exempt from formal safeguarding requirements under PSR 2017, but this exemption does not apply once their monthly transaction volumes exceed €3 million.

Authorised EMIs must safeguard all funds received in exchange for electronic money from the point of issuance until redemption. Small EMIs benefit from a lighter regime but must still segregate funds.

Registered account information service providers (AISPs) and firms providing only payment initiation services without holding funds are not required to safeguard, as they do not handle customer money.

The Two Methods of Safeguarding

The regulations prescribe two permissible safeguarding methods. Firms must select one and apply it consistently across all relevant funds.

Method 1 — Segregation. The firm deposits relevant funds into a designated safeguarding account held with an authorised credit institution (bank), an authorised custodian, or the Bank of England. The account must be clearly identified as a safeguarding account and the bank or custodian must acknowledge in writing that it has no right of set-off or recourse against the funds. This is by far the most common method used by UK-authorised firms.

Method 2 — Insurance or comparable guarantee. The firm obtains an insurance policy or guarantee from an authorised insurer or credit institution that pays out an amount equal to the relevant funds in the event of the firm's insolvency. This method is rarely used in practice because finding insurers willing to provide such cover at a reasonable cost has proven difficult. The FCA has noted that firms relying on this method must ensure the policy provides genuine protection and does not contain exclusions that would undermine its purpose.

Segregation in Practice: Getting It Right

Firms using the segregation method must navigate several practical requirements that the FCA examines closely during supervision:

Designated accounts. Relevant funds must be placed in one or more accounts that are clearly designated as safeguarding accounts. The account title must make this designation clear to the bank. A generic business current account is not acceptable, even if the firm internally treats it as a safeguarding account.

Acknowledgement letters. The firm must obtain a written acknowledgement from the bank holding the safeguarding account confirming that: (a) the funds in the account are held for the benefit of the firm's customers; (b) the bank has no right of set-off, combination or counterclaim against the funds; and (c) the bank will not combine the safeguarding account with any other account. These acknowledgement letters must be kept on file and available for FCA inspection.

Timing of segregation. Funds must be segregated by the end of the business day following the day on which they are received. However, best practice — and the FCA's expectation for larger firms — is same-day or even real-time segregation. Any delay in segregation creates a window during which customer funds are at risk if the firm enters insolvency.

No mixing. Safeguarded funds must not be commingled with the firm's own funds. The only exception is a prudent estimate of fees that the firm is entitled to deduct, though many firms prefer to sweep fees out of the safeguarding account rather than mixing at the point of receipt.

Reconciliation Requirements

Reconciliation is the process of comparing the firm's internal records of customer balances with the actual funds held in safeguarding accounts. The regulations require this reconciliation to be performed daily at a minimum.

Internal reconciliation compares the firm's ledger of individual customer entitlements against the total balance shown as owing to customers.

External reconciliation compares the total customer entitlement figure against the balance confirmed by the safeguarding bank.

Any discrepancy must be investigated and resolved immediately. The FCA expects firms to maintain a documented reconciliation policy setting out the methodology, frequency, escalation procedures for breaks, and the governance arrangements for oversight.

Common reconciliation failures include: relying on manual spreadsheets that are prone to error; failing to account for in-flight transactions; not reconciling across all currencies and safeguarding accounts; and inadequate investigation of breaks.

Governance and Organisational Requirements

The FCA expects safeguarding to be embedded within the firm's governance framework, not treated as an isolated treasury function.

Board oversight. The firm's governing body must have adequate visibility of safeguarding compliance. This typically means regular reporting on reconciliation status, any breaks identified, and the adequacy of safeguarding arrangements.

Policies and procedures. Documented safeguarding policies must cover: the method used, account arrangements, reconciliation methodology and frequency, escalation procedures, roles and responsibilities, and review frequency. The FCA expects these to be reviewed and updated at least annually.

Wind-down planning. Firms must consider safeguarding in their wind-down plans. If the firm were to cease trading, how would customer funds be identified and returned? The FCA has made clear that a credible wind-down plan must address the practical mechanics of returning safeguarded funds.

Record-keeping. Comprehensive records of all safeguarded amounts, reconciliations, acknowledgement letters, and related correspondence must be maintained and available for regulatory inspection.

Common Safeguarding Failures

The FCA's supervisory work and published enforcement cases reveal recurring deficiencies:

• Failure to maintain proper acknowledgement letters from safeguarding banks
• Commingling safeguarded funds with the firm's operational funds
• Inadequate or infrequent reconciliation, particularly across multiple currencies
• Poor record-keeping making it impossible to determine individual customer entitlements
• Delayed segregation of funds beyond the permitted timeframe
• Failure to update safeguarding arrangements when changing banking partners
• Treating safeguarding as a finance function rather than a compliance obligation with board-level oversight

FCA Enforcement and Supervisory Focus

The FCA has taken enforcement action against several firms for safeguarding failures. In 2023, the regulator imposed requirements on multiple payment firms to improve their safeguarding arrangements, and in some cases required firms to appoint independent skilled persons under Section 166 of FSMA to review and report on safeguarding adequacy.

The FCA's approach signals that safeguarding is not an area where firms can expect leniency. The regulator views safeguarding failures as a direct threat to consumer protection and market integrity.

Practical Steps for Compliance

Audit your current arrangements. Review your safeguarding method, account structures, acknowledgement letters, reconciliation processes and governance arrangements against the regulatory requirements.

Stress-test your reconciliation. Ensure your reconciliation process captures all fund flows, currencies and accounts. Test what happens when breaks are identified — does the escalation process work in practice?

Review banking relationships. Confirm that all safeguarding accounts are properly designated, acknowledgement letters are current and complete, and that banking partners understand their obligations.

Embed safeguarding in governance. Ensure board reporting covers safeguarding status. Assign clear responsibility for safeguarding compliance to a named individual, typically the compliance officer or finance director.

Prepare for FCA scrutiny. Maintain an inspection-ready file containing acknowledgement letters, reconciliation records, policies and procedures, and governance minutes. The FCA may request this documentation at short notice.

Regulatory Outlook

The FCA is consulting on potential reforms to the safeguarding regime that could introduce statutory trust arrangements, giving customer funds enhanced legal protection in insolvency scenarios. Firms should monitor these developments closely, as any changes will require significant operational adjustments.

The direction of travel is clear: safeguarding standards will tighten, not loosen. Firms that invest in robust safeguarding infrastructure now will be better positioned for future regulatory requirements.