The UK’s Financial Conduct Authority has raised concerns that some payment firms are not adequately protecting their customers’ money. These concerns are particularly acute in the current economic crisis. The FCA has thus proposed new guidance to clarify its expectations of payment firms around safeguarding client money and prudential risk management. Stakeholders are invited to comment by 5 June 2020.
Concerns that payment firms are leaving consumers at risk
The FCA has raised concerns that some payments institutions and e-money institutions have not implemented payments regulations as it expected. With growing numbers of consumers using alternative payment providers and an economic crisis in full flow, it is keen to remedy this swiftly. In particular, it wants to ensure that payment firms are effectively protecting their customers’ money and have robust risk management frameworks in place.
Consultation on temporary guidance
To address these concerns, the FCA plans to issue some temporary guidance to clarify payment firms’ obligations in respect of safeguarding and prudential risk management. The guidance may serve as a checklist for payment firms to ensure they are operating in accordance with the FCA’s expectations.
The FCA is inviting stakeholders to comment on its proposed guidance by 5 June 2020. Eventually, the FCA plans to incorporate the temporary guidance into its Payment Services Approach Document, which contains its main guidance for payments firms in these areas.
The scope of the proposed guidance is outlined below.
Proposed guidance on safeguarding
Under UK payments regulations, payment firms are required to take measures to safeguard “relevant funds” (as defined in the regulations). This is to protect customers in the event of the payment firm’s insolvency. For example, e-money issuers need to safeguard the funds they receive in exchange for issuing e-money and authorised payments institutions must safeguard sums they receive for the execution of payments transactions.
The Approach Document already contains detailed guidance as to how funds may be safeguarded. The FCA is now proposing to provide further clarifications as to its expectations, in order to strengthen firms’ practices. These include:
- Reconciliation processes to be clearly documented. Where there is potential for discrepancies (for example, where funds are held in one currency in respect of a payment transaction in another), firms are required to make reconciliations at least daily. The FCA clarifies that it expects firms to clearly document this reconciliation process, and to provide an accompanying rationale, in order to help with the distribution of funds in the event of insolvency.
- Notifications of non-compliance. Firms are required to notify the FCA of their failures to comply with safeguarding or reconciliation requirements. In this regard, the FCA expects to be notified of failures to keep up to date records of relevant funds and safeguarding accounts and where a firm is unable to comply due to the decision by a safeguarding credit institution to close a safeguarding account.
- Naming of client accounts. Safeguarded funds are required to be held in separate accounts with an authorised credit institution or authorised custodian. The FCA expects the names of such accounts to include the word “safeguarding” or “client”. Where this is not possible the FCA wants payment/e-money institutions to provide evidence confirming that the account has been appropriately designated.
- Acknowledgement from safeguarding institution. Those providers of safeguarding accounts are not allowed to have any interest (such as a security interest) in them. The FCA wants payment firms to obtain an acknowledgement from the credit institution / custodian confirming this (and has provided a proposed form of acknowledgement letter).
- No other amounts to be mixed into safeguarding accounts. The FCA underlines the importance of ensuring that no other amounts are improperly mixed into a safeguarding account. It clarifies that the reason for this is that such mixing may cause delays in returning funds to customers if the firm becomes insolvent.
- Periodic reviews of appointments of credit institutions, custodians and insurers. The FCA expects appointments of credit institutions, custodians and insurers to be reviewed whenever a firm believes that anything affecting the appointment decision has materially changed and, in any event, at least once a year.
- Funds due to be safeguarded not available to meet commitments to card schemes or other third parties. The FCA expects that e-money issuers which issue, and allow customers to make payments with, e-money before receiving the corresponding funds from the customer should not treat amounts due which are subject to safeguarding requirements as available to meet commitments it has to card schemes or other third parties to settle the relevant payments transactions.
- Protection of unallocated funds. Where firms are not able to identify which customer is entitled to the funds it has received, the funds will not qualify as “relevant funds” (to which safeguarding requirements apply). However, the FCA expects firms to protect these funds, for example by segregating them, and to take measures to identify the relevant customer.
- Annual audit of compliance with safeguarding requirements. The FCA clarifies that it expects firms which are required to be audited to arrange specific annual audits of their compliance with safeguarding requirements. It also expects firms to satisfy themselves that the proposed auditor has sufficient skills, resources and expertise in auditing compliance with safeguarding requirements.
- Small payments institutions to protect customer money too. Whilst not subject to safeguarding requirements, the FCA notes that it expects small payments institutions to keep a record of funds received from customers and the accounts into which those funds are paid. It also encourages these institutions to voluntarily opt in to meeting the safeguarding standards.
- No misleading information on treatment of funds in insolvency. The FCA emphasises the need for firms to avoid misleading customers about how much protection they will get from safeguarding. For example, firms should not imply that customers’ claims would be paid in priority to the costs of distributing the safeguarded funds.
Proposed guidance on prudential risk management
Payments firms are required to meet certain prudential requirements in order to be authorised by the FCA. The FCA is now proposing additional guidance in the following areas:
- Governance and controls. The FCA expects authorised payments institutions and electronic money institutions to have robust governance arrangements, effective procedures, and adequate internal control mechanisms. It also expects governance arrangements to be tailored to the business model and reviewed regularly.
- Capital adequacy. The FCA emphasises the importance of ongoing, accurate calculations and reporting and outlines best practice around the representation of intra-group receivables.
- Liquidity and capital stress testing. The FCA expects firms to carry out liquidity and capital stress testing and use the results to inform decisions, for example around resources, systems and controls.
- Risk-management arrangements. The FCA highlights that firms should assess the need for committed credit lines to manage liquidity exposures and outlines best practice in respect of managing intra-group risk.
- Wind-down plans. The FCA clarifies that firms are required to have a wind-down plan to manage their liquidity and resolution risks, and sets out what the plan should cover.