Are non-bank payment service providers doing enough to protect customers’ funds?

A recent review by the Financial Conduct Authority (FCA) has revealed that some non-bank payment service providers (PSPs) are not doing enough to safeguard customers’ funds and it is urging them to take action. Instead of rushing to react however, PSPs must make sure they understand the safeguarding requirements fully before doing so.

Ensure that documentation is accurate, detailed and includes a clear rationale.

Specifically, non-bank PSPs have received a letter from the regulator asking them to provide a written declaration that they are compliant with the 2017 regulations by 31st July 2019. These regulations are designed to ensure that the claims of electronic money holders or payment service users are prioritised over other creditors in the event that a non-bank PSP becomes insolvent. As well as facing potential sanctions, such as licences being revoked or financial penalties and censures for breaches, PSPs that fail to comply with current regulations could face significant reputational damage.

The regulator’s decision to focus on safeguarding arrangements follows a recent review of non-bank PSPs – including electric money (EMIs) and authorised payment institutions (APIs) – to assess how well they meeting requirements to protect users’ funds.

The review identified a number of shortcomings, which some non-bank PSPs may need to address to ensure their compliance. For example, some of the firms surveyed by the FCA were unable to identify funds that should be safeguarded and take steps to segregate them on receipt by receiving them into a designated account. Others were failing to ensure that these safeguarding accounts were clearly designated as such. Some non-bank PSPs were not doing enough to ensure that agents or distributors were safeguarding relevant funds appropriately. Others were failing to perform reconciliations regularly and act on their findings quickly enough.

In order to avoid action from the FCA, all non-bank PSPs must take stock of the services they provide and familiarise themselves with the regulations – ensuring they have a clear understanding of how the requirements affect their operational activities.

Sarah Hallam, director and financial services specialist, Menzies

Firms need to be aware of the risks to customer funds and ensure they have clear oversight of safeguarding arrangements. The FCA has placed an emphasis on segregating relevant funds upon receipt. This means that regular checks are needed to confirm that the right amount of money is being safeguarded. Non-bank PSPs should also ensure that documentation is accurate, detailed and includes a clear rationale. These safeguarding arrangements should be kept under review and monitored regularly. This is especially important in a fast-growing industry sector.

Where the FCA finds inadequacies in firms’ safeguarding measures, it has pledged to take appropriate steps to help them, providing their self-assessments are honest, and reasonable attempts to comply with the regulations have been made. The firm should use the support of a compliance officer or adviser to ensure that the process is as effective as possible, with minimal operational disruption. In addition, there may be need for staff training, to ensure that skilled people are in the right roles and the firm’s safeguarding arrangements and documentation are well managed.

Whilst it may not be necessary for firms to communicate information around safeguarding to their customers, particularly if they are taking steps to improve internal processes, firms who comply with the FCA’s regulations may wish to promote this internally and to others in the industry.

Instead of rushing to make a declaration of compliance to the FCA, PSPs must ensure they provide an accurate response. It is better to flag areas where further attention may be needed and the steps the firm is taking to address them, than to ignore the matter altogether.

Sarah Hallam is a director and financial services specialist at accountancy firm, Menzies LLP.