FCA's Safeguarding Overhaul: Why Firms Need to Act Now-and How to Prepare

On 7 August 2025, the Financial Conduct Authority published Policy Statement PS25/12, confirming sweeping changes to the UK's safeguarding regime for payment and e-money institutions. The new Supplementary Regime takes effect on 7 May 2026.

This is the most significant overhaul since safeguarding rules were introduced-and it's driven by stark evidence. Between Q1 2018 and Q2 2023, payment and e-money institutions that became insolvent had average shortfalls of 65% of their customers' fund. In some cases, firms held as little as 35% of what they were supposed to be safeguarding.

The FCA's reforms are designed to prevent this from happening again. Firms don’t have much time to prepare-and the requirements are substantial.

What's Changing?

The Supplementary Regime introduces six core requirements:

1. Daily reconciliations. Firms must reconcile customer funds at least once every business day.

2. Monthly reporting. Firms must submit monthly returns to the FCA detailing total safeguarded funds, how they're held, and where.

3. Annual audits. Most firms will require an annual safeguarding audit by a qualified auditor (exemption only for firms that have never safeguarded more than £100,000).

4.Resolution packs. Detailed documentation to support orderly wind-downs and swift return of funds - including reconciliation statements, safeguarding account details, and governance records. Firms must maintain this pack that can be produced within 48 hours in case of insolvency.

5. Named governance oversight. Boards must designate a named individual responsible for safeguarding compliance, with active board-level involvement.

6. Acknowledgement Letters: Banks providing safeguarding accounts must confirm funds are held for customers and segregated from the firm’s own money.
‍

Why This Is a Governance Issue, Not Just Compliance

Safeguarding failures are often governance failures. The FCA is signalling this can't be delegated to operations teams and forgotten. Boards need to answer:

- Do we know exactly where customer funds are held?

- Can we reconcile accurately on a daily basis?

- Could we return funds swiftly if we failed tomorrow?
‍

What Firms Should Do Now

With several months until the deadline, five priorities matter most:

1. Gap analysis against new requirements

2. Audit readiness (auditor capacity will be constrained closer to the deadline)

3. Systems capability for daily reconciliation and monthly reporting

4. Resolution pack creation (requires cross-functional coordination)

5. Governance alignment (appoint oversight and engage the board early)
‍

How the Right Banking Partner Helps

For payment and E-money institutions, choosing where to safeguard customer funds has become a strategic decision - not just an operational one.

At Bank of London, we hold 100% of deposits unencumbered at the Bank of England. We don't lend them. We don't leverage them. We offer API-driven safeguarding accounts designed for payment firms, with real-time reconciliation, transparent reporting, and FSCS protection.

This model isn't just compliant with the new regime - it exceeds it. Because when customer funds are involved, minimum standards aren't enough.

The firms that take safeguarding seriously will benefit from stronger operational resilience, clearer audit trails, and better preparedness for the statutory trust - based regime the FCA has confirmed will follow.

May 2026 seems far away. It's not. The time to act is now.