Dear CEO | Release Date: 4th July 2019
To read a longer summary of this Dear CEO letter, click here.
To access the original FCA document, click here.
Short Summary
The FCA’s letter to CEOs of non-bank payment service providers (PSPs) stresses the crucial role of safeguarding customer funds under the Electronic Money Regulations 2011 (EMRs) and Payment Services Regulations 2017 (PSRs). The letter highlights the potential for significant consumer harm if firms fail, given that APIs (authorised payment institutions) and EMIs (e-money institutions) are not covered by the Financial Services Compensation Scheme (FSCS). Firms must have robust measures in place to ensure that customer funds can be returned promptly and fully in case of insolvency.
The FCA’s recent review reveals common issues in safeguarding practices, including a poor understanding of what funds need to be segregated, delays in segregating funds, and inadequate reconciliation processes. Additionally, the oversight of risk management related to safeguarding was found lacking in many firms, with few able to demonstrate that operational changes had been assessed for their impact on safeguarding arrangements.
To address these deficiencies, the FCA outlines priority areas for improvement and provides examples of both compliant and non-compliant practices. It is essential for firms to review and, if necessary, enhance their safeguarding arrangements to align with regulatory requirements. Firms are expected to map their products or services to identify relevant funds and adjust their safeguarding strategies accordingly.
Key Take-Aways and Actions:
Firms must urgently review their safeguarding arrangements against FCA guidance and rectify any deficiencies to ensure compliance with EMRs and PSRs. They should update these measures regularly to reflect any changes in their business model. Firms must complete and return an attestation form by the specified deadline, notifying the FCA if unable to comply. Ongoing FCA reviews will focus on safeguarding practices, with potential enforcement actions for non-compliance.