After years of payment firm failures leaving customers £65 out of every £100 short, the FCA is finally wielding the regulatory hammer that should have come sooner.
The financial services graveyard is littered with payment firms that promised to keep customer money safe but failed spectacularly when it mattered most. Between Q1 2018 and Q2 2023, the average customer of a failed payment firm recovered just 35% of their funds. Let that sink in for a moment: two-thirds of customer money simply vanished.
Now, with e-money institutions alone safeguarding £24bn in customer funds (up from £11bn in 2021), the FCA has decided enough is enough. Policy Statement PS25/12, published on 7 August 2025, introduces the most comprehensive overhaul of safeguarding requirements since the regulations were first introduced. This initiative aligns with FCA’s Safeguarding efforts to enhance customer protection, and frankly, it’s long overdue.
Understanding FCA’s Safeguarding Initiatives
The Regulatory Context: Why Now?
The timing isn’t coincidental. The payments industry has exploded over the past five years, with new entrants launching ambitious plans to disrupt traditional banking. Many succeeded in acquiring customers but failed at the boring, unsexy work of operational discipline.
The FCA’s own data paints a stark picture. Customer funds under safeguarding have more than doubled in three years, but the operational sophistication of many firms hasn’t kept pace. Daily reconciliations were often treated as nice-to-have rather than essential. Monthly reporting was inconsistent. Audit requirements were basic.
Meanwhile, customers increasingly relied on these services for day-to-day banking needs, not just occasional payments. The potential consumer harm grew exponentially, but the regulatory framework remained largely unchanged since 2021.
PS25/12 is the FCA’s response: a comprehensive “Supplementary Regime” that brings safeguarding requirements closer to what you’d expect from a bank, without quite imposing full banking regulation.
Dissecting the New Requirements
The new regime applies mandatorily to authorised payment institutions (APIs) and e-money institutions (EMIs), with small payment institutions (SPIs) able to opt in voluntarily. Here’s what’s changing:
Daily Safeguarding Reconciliations
This is perhaps the biggest operational change. Every business day (excluding weekends, UK holidays, and foreign-market closures), you’ll need to reconcile your safeguarded customer funds against what you actually hold across all safeguarding accounts.
For many smaller MSBs, this represents a fundamental shift in finance operations. If you’re currently doing weekly or monthly reconciliations, you’ll need new systems, processes, and potentially additional staff time. The good news is that modern banking APIs and accounting software can automate much of this work, but you’ll need to invest in the setup.
Mandatory Monthly Safeguarding Returns
The FCA wants regular, standardised reporting on your safeguarding position. This isn’t just about compliance; it’s about early warning systems. By requiring monthly submissions, the regulator can spot potential issues before they become customer-harming failures.
The return format will be prescribed, so you’ll need to ensure your systems can generate the required data in the specified format. Start mapping your current data against the likely requirements now, rather than waiting for the final templates.
Annual Safeguarding Audits
Perhaps the most significant change for smaller operators is the introduction of mandatory annual safeguarding audits by qualified auditors. However, the FCA has provided a crucial exemption: if you haven’t safeguarded more than £100,000 of relevant funds at any point in the previous 53 weeks, the audit isn’t required.
This threshold is clever regulatory design. It protects genuine micro-operations from disproportionate costs while ensuring that any MSB handling meaningful customer funds gets professional scrutiny. If you’re growing, expect to cross this threshold and plan accordingly.
Codified Resolution Packs
Resolution packs aren’t new, but the FCA is making the requirements more explicit and demanding faster retrieval times. These aren’t documents you can file away and forget about. They need to be living documents that accurately reflect your current operations and can be quickly accessed when needed.
Account Segregation Requirements
If you’re currently co-mingling e-money funds with unrelated payment service funds, those days are over. The FCA requires separate safeguarding accounts for different types of customer money. This makes sense from a resolution perspective but will require operational changes for many firms.
Diversification Expectations
The FCA expects you to spread safeguarding across multiple third-party institutions rather than concentrating everything with one bank. This reduces single points of failure but increases operational complexity. You’ll need documented assessments of your diversification strategy and clear rationales for your choices.
The Banking Relationship Impact
Don’t underestimate how these changes will affect your banking relationships. Banks are already using PS25/12 as an opportunity to “re-paper” existing safeguarding accounts and step up their oversight of MSB clients.
Expect more due diligence questions, more frequent reviews, and potentially higher costs. Some banks may decide that the enhanced oversight requirements make smaller MSBs uneconomical and exit relationships. Others may see this as an opportunity to differentiate by providing excellent service to compliant operators.
The diversification requirements will also force you to establish relationships with multiple institutions. Start these conversations early, as opening new safeguarding accounts is time-consuming and banks are becoming more selective.
Practical Implementation Strategy
With go-live set for 7 May 2026, you have approximately 18 months to get everything operational. Here’s your roadmap:
Phase 1: Assessment and Planning (Now through Q1 2025)
Start by conducting a gap analysis against the new requirements. Map your current safeguarding processes, identify what needs to change, and estimate the costs involved. This includes system changes, process redesigns, potential additional headcount, and increased professional service costs.
Engage with your current safeguarding bank(s) about the changes and how they’ll affect your relationship. Start identifying additional institutions for diversification.
Phase 2: System Development and Relationship Building (Q2-Q3 2025)
Implement the system changes needed for daily reconciliations and monthly reporting. If you’re building custom solutions, this takes time. If you’re buying third-party software, factor in integration and testing time.
Open new safeguarding accounts as needed for segregation and diversification. Document your diversification strategy and decision-making rationale.
Phase 3: Pilot Testing (Q4 2025-Q1 2026)
Run parallel processes for daily reconciliations and monthly returns alongside your existing procedures. This will flush out issues while you still have time to fix them without regulatory pressure.
Commission a dry-run safeguarding audit with a qualified auditor. Treat this as a learning exercise rather than a compliance box-tick. Use the findings to refine your processes before the requirements go live.
Phase 4: Go-Live Preparation (Q2 2026)
Switch fully to the new processes at least one month before the 7 May 2026 deadline. This gives you buffer time to address any last-minute issues.
Ensure your resolution pack is current and test retrieval procedures. Train all relevant staff on the new processes and emergency procedures.
The Strategic Opportunity
While PS25/12 undoubtedly creates compliance costs, it also presents strategic opportunities. The enhanced requirements will likely force some smaller, less well-capitalised competitors out of the market or into consolidation scenarios.
For MSBs that invest properly in compliance infrastructure, this becomes a competitive advantage. You can market your enhanced safeguarding procedures as a differentiator, particularly when targeting larger corporate clients or regulated entities that care about counterparty risk.
The operational discipline required by daily reconciliations and regular reporting will also improve your internal financial controls and management information. Many MSBs will discover that the enhanced visibility into their safeguarding position helps with cash flow management and business planning.
Special Considerations for Different Business Models
The impact of PS25/12 varies significantly depending on your business model:
High-volume, low-value processors may find the daily reconciliation requirements particularly challenging due to the sheer number of transactions to track.
B2B payment facilitators with longer settlement cycles need to pay particular attention to the timing aspects of safeguarding calculations.
Multi-currency operators face additional complexity in reconciliation and reporting, particularly around foreign exchange rate calculations for safeguarding purposes.
Rapid-growth MSBs need to be especially careful about the £100k audit threshold and should probably plan as if they’ll exceed it.
Looking Beyond Compliance
The smart play here isn’t just to achieve compliance with PS25/12, but to use it as a foundation for operational excellence that supports your growth ambitions. The enhanced systems and processes you’ll build can be leveraged for management reporting, investor relations, and due diligence processes if you’re considering fundraising or exit scenarios.
Moreover, if you’re currently an SPI but planning to apply for API or EMI status, implementing these requirements voluntarily now will smooth your authorisation process later.
The FCA’s PS25/12 represents a maturation of the payments regulatory framework. It’s recognition that the industry has grown up and needs grown-up oversight. The MSBs that embrace this reality and invest properly in compliance infrastructure will be the ones that thrive in the next phase of industry evolution.
Start planning now, invest in the right systems and relationships, and treat this as an opportunity to build competitive advantage through operational excellence. Your customers’ funds depend on getting this right, and your business’s long-term success does too.
