Safeguarding customer funds has long been a cornerstone of regulatory oversight in the payments sector, but recent events have exposed serious shortcomings. Between 2018 and 2023, insolvency cases revealed an average shortfall of 65% in funds owed to customers — raising urgent questions about the effectiveness of existing protections. As payment and e-money firms continue to handle billions in customer money each day, the FCA is now taking decisive action to strengthen standards, improve oversight, and reduce the risk of future shortfalls.
Currently, firms must comply with the Payment Services Regulations 2017 (PSRs) and the Electronic Money Regulations 2011 (EMRs), supported by the FCA’s ‘Approach Document’. However, concerns around the clarity and consistency of these rules have prompted the FCA to introduce a new safeguarding regime under CASS 15, designed to raise standards and reduce risk by adopting many of the principles and expectations from its broader Client Assets (CASS) rule book.
What’s changing?
The new rules, first outlined in CP24/20 and now finalised in PS25/12, will be introduced in two phases. The Supplementary Regime, effective from 7 May 2026, brings targeted enhancements to existing safeguarding practices. The more ambitious Post-Repeal Regime has been deferred for now, pending further consultation and legislative reform.
The Supplementary Regime aims to improve clarity and consistency across the sector without imposing the most radical reforms originally proposed.
Resolution packs and accountability
Firms will be required to maintain a resolution pack containing key information to support the return of customer funds in the event of failure. A named individual must be responsible for safeguarding compliance, which may signal future alignment with the Senior Managers and Certification Regime (SM&CR).
Enhanced reconciliations and record-keeping
Record-keeping and reconciliation requirements will become more prescriptive. Firms must be able to demonstrate that they hold the correct amount of safeguarded funds at all times, with clear separation between customer money and other funds. These changes aim to improve transparency and reduce the risk of shortfalls.
Greater FCA oversight
The FCA will introduce a monthly data return and an annual safeguarding audit. Importantly, the audit must be conducted by a qualified auditor, not a consultancy firm, reinforcing the need for independent assurance.
Insurance policies under scrutiny
Firms using insurance or comparable guarantees to safeguard customer funds can continue to do so, but must now address the risks associated with non-renewal, delayed claims, and customer impact. These considerations should be reflected in wind-down plans, particularly where vulnerable customers may be affected.
The more far-reaching proposals (such as the introduction of a statutory trust over safeguarded funds) have been deferred due to legal uncertainties following the Ipagoo LLP Court of Appeal ruling. These changes will be revisited as part of the Treasury’s programme to repeal and replace the PSRs and EMRs.
Strengthening safeguards in payment firms
Wider regulatory context
The FCA’s Dear CEO letter from February 2025 outlined three key areas of focus for payment firms: promoting competition and innovation in line with Consumer Duty, maintaining the integrity of the financial system through financial crime and resilience controls, and keeping customer money safe through effective safeguarding and wind-down planning.
This aligns with the Treasury’s National Payments Vision, which sets out plans for a world-leading, customer-centric payments ecosystem powered by next-generation technology. To meet these ambitions, firms must embrace emerging technologies like AI to improve efficiency, customer experience, and fraud prevention — while also reducing the cost of compliance.
Regulatory scrutiny is intensifying. In the past year alone, 95 authorisations were revoked, and 52 PSPs have faced s166 reviews since 2020. With the Payment Systems Regulator set to be absorbed into the FCA, firms should expect continued oversight and evolving expectations.
Other structural challenges persist. Many payment firms struggle to access safeguarding accounts because major banks remain cautious about the sector. Under the Supplementary Regime, firms must show they have considered the need for diversification of funds across third-party providers and conducted enhanced due diligence. In positive news for the sector, the Bank of England is currently exploring whether it could offer settlement accounts with safeguarding facilities to non-bank payment service providers.
Practical challenges and risks
Even with stronger rules, customers remain outside the scope of the Financial Services Compensation Scheme (FSCS), leaving them exposed if a firm fails. Insolvency costs also remain a concern, with deductions historically averaging around 7% of client claims, and ultimately borne to the detriment of customers. However, the enhanced requirements, if effectively implemented by the industry, should result in lower insolvency costs in the longer term.
The Payment and E-money Special Administration Regime (PESAR), introduced in 2021 to speed up distributions, is also largely untested and is currently under review by the Treasury.
The FCA’s recent multi-firm review of wind-down planning found that while most firms had frameworks in place, many lacked the depth and integration needed to reflect the complexity of their operations. Wind-down plans must now consider liquidity needs, residual safeguarded funds, and practical wind-down triggers. Firms using insurance-based safeguarding must also account for potential delays in reimbursement and the risk of non-renewal.
What firms should do now
The FCA has allowed a relatively generous implementation period for the Supplementary Regime, but firms shouldn't delay. Early preparation will be critical to ensure a successful transition to CASS 15. Firms should:
- review their safeguarding arrangements against the new requirements, via a health check or gap analysis
- assign clear accountabilities and appropriate timeframes for the necessary changes
- design, implement, and validate a regulatory control mapping framework
- engage with a qualified auditor to ensure readiness for the annual safeguarding audit
- assess all shortfall risks inherent in fund flows and available mitigants, including insurance as a safeguarding method.
These reforms go beyond box-ticking compliance and set a higher standard for customer protection. By strengthening safeguards, they help ensure that funds are secure and trust in the payments system continues to grow. Firms that act now to embed robust safeguarding practices will meet regulatory expectations and enhance their resilience and competitive advantage in this growing sector.
For more information about the FCA’s safeguarding proposals and to discuss what they mean for your business, contact either Paul Staples or Shermeen Kazmi.
