Show me the money! How to Successfully Manage Safeguarding Arrangements
Safeguarding has been the subject of intensive FCA activity recently, including a thematic review, Dear CEO letters, attestation requests, and restrictions on regulated activity. It was also considered by the High Court earlier this year. We take a look at what’s required and why a straightforward concept can be challenging in practice.
What is safeguarding?
Safeguarding is how e-money issuers and payment institutions are obliged to protect customers’ funds. These requirements exist as non-bank PSPs are not covered by the Financial Services Compensation Scheme (FSCS) and it’s the appropriate policy that customer funds are protected in the event of their service supplier becoming insolvent.
Safeguarding applies to ‘relevant funds’ – funds received in exchange for e-money, funds to be used in a payment transaction and the proceeds of inbound payments. Sums due to the firm, e.g. applicable fees and charges, are not ‘relevant funds’ and nor are the firm’s own operating funds or capital. The obligation to protect relevant funds starts as soon as the firm receives (or otherwise takes responsibility for) the funds and, generally, ends once the funds are paid out to the payee (or their PSP).
What does it involve?
This obligation can be met through three steps:
- Clear separation between the customer-related flows and the firm’s own funds;
- Immediate, upon arrival, segregation of relevant funds from non-relevant funds;
- Safeguarding of relevant funds which are still held at the end of the business day after the day on which they were received.
For non-bank PSPs that don’t have Bank of England settlement accounts, there are three safeguarding methods, which create a segregated asset pool from which customers can be repaid in the event of the firm’s insolvency:
- place funds in a designated safeguarding account held at an appropriate bank;
- invest in secure, liquid assets and place them with an authorised custodian;
- take out a specialist insurance policy or comparable guarantee.
The FCA has serious concerns
On the face of it, this all seems logical and straightforward. However, the FCA has repeatedly publicised its concerns regarding the safeguarding measures taken by non-bank PSPs:
- In H1 2019, the FCA reviewed the safeguarding arrangements at 11 non-bank PSPs which led to all non-bank PSPs being asked to review their safeguarding measures and submit an attestation to the FCA.
- In its February 2020 Sector Views, the FCA highlighted that customers may suffer loss or harm through poor safeguarding controls.
- The FCA’s 2020/21 Business Plan indicated that they would take swift action where firms fail to meet safeguarding requirements.
- In July 2020, the FCA published a Portfolio Strategy Letter for non-bank PSPs which, amongst other things, called out safeguarding arrangements as an area for concern and asked firms to review and remediate in light of additional guidance published.
- Also in July 2020, the FCA published some temporary additional guidance on safeguarding which addressed matters such as safeguarding account designation, reviews of safeguarding suppliers and annual safeguarding audits.
The safeguarding requirements of the Payment Services Regulations 2017 were considered by the High Court in the case of SuperCapital. Based on the language of the Regulations, the Judge concluded that a statutory trust arises when non-bank PSPs segregate and safeguard relevant funds. The SuperCapital case also highlighted that difficulty that administrators can have in recovering all of a customer’s money if the non-bank PSP does not undertake appropriate reconciliations or ensure that all relevant funds are appropriately safeguarded.
Given the FCA’s clear focus on the matter, non-bank PSPs which are found not have appropriate safeguarding measures can reasonably expect some rapid intervention, such as restrictions on their regulated activities. Maintaining appropriate safeguarding measures is a pre-requisite to maintaining authorisation. The FCA’s showed its preparedness to intervene in the cases of Glint Pay, Ipagoo, SuperCapital and Wirecard Solutions. With the FCA looking for non-bank PSPs to undergo annual audits of their safeguarding compliance, such firms can reasonably expect to face demands from multiple angles to “show me the money”.
What are the challenges?
Clearly, there are material gaps between the approach taken by some non-bank PSPs and the FCA’s expectations. These gaps can arise for a number of reasons, including:
- Supply – Only a limited range of banks, custodians and insurers provide safeguarding services which can make it difficult for non-bank PSPs to get a clearly-designated account and confirmation that the provider has no rights or interest in the relevant funds.
- Business model implications:
- Determining which firm owes a safeguarding duty to whom in a multi-PSP scenario (e.g. multi-layered payment chains, indirect access models, multi-channel models, de-coupled accounts and payment cards).
- Understanding the impact of running a pre-funded model with upstream payment processors;
- Maintaining sufficient liquidity when processing transactions in real-time but making segregation and safeguarding adjustments on a batch basis whilst also avoiding using relevant funds to meet settlement-related commitments to card schemes or other third parties.
- Undertaking effective oversight of sizeable agent and distributor networks.
- Safeguarding relevant funds even if they cannot be allocated to a specific customer.
- Product/service implications:
- Determining which funds are ‘relevant funds’ when providing a mix of services (e.g. foreign exchange service alongside a payment service).
- Ensuring that records of customer entitlement and funds protected keep pace with the execution of transactions.
- Undertaking reconciliations frequently enough when firms are increasingly offering cross-border payments and multi-currency accounts.
- Evidencing that a firm never holds relevant funds beyond the end of the business day after the day on which they were received.
- Keeping relevant funds arising from independent payment services and e-money issuance separate.
- Speed – Not acting quickly enough to segregate or safeguard relevant funds, such that commingling occurs.
Practical steps to successful safeguarding
Despite the range of challenges that can make a straightforward concept something of a minefield in practice, there are several steps that non-bank PSPs can take to ensure that the segregated asset pool is both sufficient and not excessive. These include:
With new non-bank PSP continuing to enter the market, customers increasingly using digital banking alternatives and the uptake of Open Banking on the rise, the potential consumer and market harm from poor safeguarding is likely increasing. Which means that safeguarding is unlikely to become a lesser priority for the FCA in the short-to-medium term. The FCA plans to consult on updates to its Approach Document in Q1 2021, including making the temporary guidance published in July 2020 permanent. The consultation presents an opportunity for non-bank PSPs to inform the FCA’s thinking regarding safeguarding requirements.
Non-bank PSPs have a commercial imperative to adequately protect customer funds as customer trust is fundamental to their continued growth and that trust might well be diminished by further warnings and examples of inadequate protection.
A ‘no-deal’ end to the Brexit Implementation Period would bring the freedom to use safeguarding partners outside of the EEA.
Overall, now is a great time for non-bank PSPs to check that their safeguarding measures are in good shape, including the partners and auditors they use.
BCS is here to help, whether through advice, support with safeguarding partner selection, designing safeguarding measures into payment flows, or reviewing the appropriateness of current safeguarding arrangements.
 https://www.fca.org.uk/publication/forms/safeguarding-attestation-authorised-payment-institutions.pdf and https://www.fca.org.uk/publication/forms/safeguarding-attestation-electronic-money-institutions.pdf