• Whitepapers  >
  • New FCA Safeguarding Regime: How can firms prepare?

New FCA Safeguarding Regime: How can firms prepare?

Published on: 02/03/2026 00:00

Financial Conduct Authority (FCA) issued PS25/12 and Approach Document V7 PSR2017 & EMR2011 for safeguarding of customer funds by Payment Firms effective from 7 May 2026.  

How should firms prepare for 7th May 2026?

Firms should be prepared for:

  • Annual Safeguarding Audit by a qualified auditor and submission of the audit reports to the FCA in prescribed form within set timeframes.  Firms will need to evidence comprehensive records prescribed under the new safeguarding regime for the full period to facilitate the audit 
  • Increased FCA regulatory scrutiny through monitoring & new monthly reporting requirements
  • Significant adverse findings or breaches may trigger supervisory or enforcement action.

To implement the new safeguarding requirements following actions will be required:


1. Governance Framework

  • Enhanced governance specific to safeguarding arrangements 
  • Appointment of key accountable senior manager

2. Segregation Reconciliation

  • At least daily reconciliation of all relevant accounts 
  • Maintenance of records and demonstrate audit trail

3. Resolution Pack

  • Pack with specific minimum criteria and thresholds
  • To be submitted on 48-hour notice from the FCA for inspection

4. Policies & Procedures

  • Update for compliance with new regime & Firm’s business model 
  • Subject to annual audit review

5. FCA Returns

  • Monthly FCA Returns with submission within 15 days 
  • Notification of breaches and errors in writing to the FCA

6. Unidentified funds

  • Record of unallocated & unidentified funds
  • Process to monitor ageing, timely action and audit trail

7. Risk Diversification

  • Effectively manage or introduce concentration risk 
  • Evidence the rationale and mitigation where limited diversification

8. 3rd Parties & Bank Letters

  • Enhancement to third-party due diligence processes 
  • Prescriptive requirements for annual bank letters

9. Insurance or Guarantees

  • Amendments to policy clauses to ensure compliance 
  • Operational and cost implications

10. Investments in Liquid Assets

  • Ensure asset selection aligns with new safeguarding requirements 
  • Demonstrate that arrangements effectively protect client funds adhering to liquidity, diversification & credit risk appetite

What are the key changes under the new FCA safeguarding regime?

Governance

Alongside general requirements, the new rules impose substantial governance obligations which include specific requirements:

  • Appointment of single senior personnel:  Person with sufficient authority to be responsible for Firm’s compliance with the safeguarding regime;
  • Oversight: The individual actively oversees & reports to the governing body;
  • Reporting:  The governing body must review formal reports at least annually; and
  • Record-Keeping: Maintain comprehensive records including resolution arrangements.
Impact:
  • The FCA’s Dear CEO letter of 3 February 2025, together with enhanced governance requirements signals increased scrutiny & accountability for safeguarding
  • Resulting regulatory obligations, combined with annual audits, require Firms to establish clear and robust safeguarding governance.  This may require a dedicated forum chaired by the responsible SMF and supported by key senior stakeholders
  • Firms should also implement a clear 3LOD model, with compliance and/or internal audit providing oversight of the safeguarding framework, alongside timely, accurate MI and integration into wider strategic and operational decision-making.

Reconciliation

The regime introduces prescriptive requirements for safeguarding reconciliation processes, including a minimum requirement of daily reconciliations.  Non-standard reconciliation methods may be used where appropriately documented and capable of meeting audit thresholds.

Firms are also required to define reconciliation cut-off times aligned with their operating model.

Impact:
  • Review and enhance systems & controls to ensure accurate reconciliations supported by audit trails including documented processes to track fund transfers across all channels 
  • Record-keeping systems must support the independent calculation and separate maintenance of safeguarding requirements and client ledgers. 
  • Demonstrate appropriate staff training and effective oversight and control arrangements for reconciliations.

Resolution Pack

Requirement to maintain a comprehensive and up-to-date Resolution Pack (separate from wind-down plan), which is capable of being retrieved within 48 hours.  It must be in a prescribed format, with certain minimum thresholds and identified inaccuracies remediable within 5 business days.

This to ensure in the event of insolvency the FCA and other relevant stakeholders have immediate access to the information to facilitate the timely and orderly return of funds.

Impact
  • Requirement of materially more detailed, structured and readily retrievable information which must function as a well-organised information repository rather than a static document which represents a significant operational challenge for many Firms
  • Firms without standardised client terms and conditions face additional complexity
  • Maintain it as a living document with discrepancies corrected within five business days which necessitates developing ongoing controls and the retention of evidence
  • Reconfiguration of IT infrastructure, data management, periodic accessibility testing and staff training needs to be demonstrated to ensure accountability & compliance.

Policies & Procedures

There is no one-size-fits-all solution, however Firms should expect to address common regulatory themes and expectations as per the new safeguarding regime.

Impact
  • Firms must review and update their safeguarding policies and procedures to ensure compliance with new safeguarding rules
  • Auditors are expected to review the policies, which should be specific and tailored in accordance with the business model and operating arrangements.

FCA Returns

Firms are required to submit a monthly regulatory return to the FCA detailing their safeguarding arrangements within 15 business days after the end of month.It will require information on how funds are safeguarded, the number of clients, any non-standard reconciliation methods and detailed breakdown of balances, accounts and assets. 

In addition there may be a requirement for additional ad-hoc returns and requirements to provide additional documents on demand and details of any breaches or non compliance.

Impact 
  • Firms will need to adjust internal processes, systems and controls to meet the requirements on an ongoing basis
  • Ensure the data to populate the FCA return is accurate and of high quality
  • Appropriate Return submission processes would need to be established and provide the accountable person sufficient oversight of the FCA submission
  • Firms must confirm any notifiable breaches and errors in writing to the FCA.

Unidentified Funds

Funds which cannot be immediately identified on receipt must be recorded according to new rules and in any event by the end of the business day following the day of receipt.

Where a Firm is unable to determine if funds received constitute relevant funds or other funds, it must treat and record those funds as unidentified relevant funds while it establishes the nature and the identity of the client to whom they relate.

After taking all steps, if the Firm is unable to identify the funds or the client concerned, it must return funds to the payer or original source.

Impact
  • The new regime requires funds to be promptly identified, accurately recorded and safeguarded.  To achieve these outcomes, it must carry out assessment of systems to ensure identification of relevant funds to support timely investigation and resolution
  • Ensure systems enable relevant funds to be distinguished, monitored and escalated, so that they are allocated to correct clients or returned to the payer in prescribed timeframe
  • Process to monitor ageing of funds and in particular, demonstrate that these are resolved within the one day and that any failure is promptly identified, escalated and remediated
  • Demonstrate that arrangements deliver the intended outcome of protecting client funds, through appropriate MI, escalation mechanisms and accountability for resolution.

Diversification

The new regime expects Firms to effectively manage concentration risk and protect funds from undue exposure.  To achieve this outcome, the Firms must periodically assess if it is required to diversify third parties with which they deposit, hold, invest, insure or guarantee relevant funds.

The rules formalise and strengthen existing supervisory expectations with conduct assessments at an appropriate frequency, document the assessment and conclusions and set clear rationale for approach, including where it determines that diversification is not necessary or is limited.

Impact
  • Diversification requirement is not mechanistic and expected to attract rigorous FCA supervision and potentially enforcement
  • Firms must exercise judgement and evidence the rationale for their diversification decisions, including how risks are mitigated where diversification is limited
  • Meeting the rule may involve using multiple safeguarding banks or insurance/guarantee providers, requiring additional due diligence and monitoring
  • For firms with complex operations or limited resources, the changes may represent a material operational and financial impact, requiring scalable and sustainable safeguarding arrangements aligned to the objective of protecting relevant funds.

3rd Party Services & Bank Letters

Firms must exercise due skill, care and diligence in the selection, appointment and ongoing review of any third party involved in safeguarding arrangements including parties who provide accounts for receipt, deposit or holding of relevant funds or assets, insurance or guarantees.

The rules also introduce prescriptive requirements for bank acknowledgment letters that Firms must request from authorised credit institutions and custodians used to safeguard relevant funds and also update such letters at least annually in accordance with FCA requirements to ensure that they remain accurate and compliant with safeguarding obligations.

Impact
  • The Firms must establish robust internal processes for ongoing assessment, monitoring and documentation of all third parties used for safeguarding including maintaining due diligence checklists, risk assessment frameworks, and record-keeping systems to ensure that all relevant factors are considered and evidenced
  • Implement procedures to review bank acknowledgement letters and ensure that all letters use the prescribed wording. Some banks had used non-standard variations in the past and the Firms must obtain updated letters to comply with the new requirements
  • Requirements under new rules are similar to rules for client money letters for which the auditors adopted a strict approach.

Insurance

Although the Firms may safeguard relevant funds using insurance policies or comparable guarantees, the approach under the new regime is codified into mandatory including prescribed rules for rights or powers to cancel policies and timeframe for notification to the FCA.  

Impact
  • Firms using insurance or comparable guarantee methods of safeguarding must review existing agreements to ensure they comply with the requirements in the new rules
  • Where an existing insurance policy or guarantee does not meet the mandatory requirements, the Firm should seek amendments to ensure compliance
  • Termination and other clauses by insurers may lead to some policies being invalid
  • Firms must consider operational and cost implications and ensure that any arrangements continue to deliver effective protection of relevant funds.

Investments

New regime allows Firms to safeguard relevant funds by investing in secure, liquid assets but must ensure that investments meet the criteria of the new rules and able to evidence that such arrangements protect client funds effectively and comply with all relevant regulatory requirements

Impact
  • Firms that safeguard relevant funds by investing in secure, liquid assets must maintain an appropriate liquidity strategy and credit risk policy, supported by procedures that ensure asset selection aligns with FCA requirements
  • Firms that use an asset manager have additional verification responsibilities for the Fund Manager.
  • Review existing holdings and make any necessary adjustments to comply with the definitions incorporated into the new rules
  • Demonstrate that the investment arrangements effectively protect client funds while adhering to liquidity, diversification and credit risk standards.


    Download whitepaper

    To download the full whitepaper, please enter your details below: (*required)

    DOWNLOAD WHITEPAPER
    Muj malik

    Muj malik

    Associate Partner
    Connect with Muj