It has been a busy couple of weeks for payments regulation – the go-live of the APP scam reimbursement rules, the FCA feeding back on its findings related to implementation of the Consumer Duty by payments firms and the FCA’s publication of its proposed new framework for safeguarding. The safeguarding proposals are particularly interesting – here is what caught my eye:

  • Whilst there are various aspects of the proposed new requirements that payments firms will already be complying with, both the interim and end-state measures will have a real world impact in terms of compliance burden, individual accountability, compliance resource and existing operating practices that will have to be addressed by firms. The end result of the proposals would not simply be business as usual.
  • It’s clear that using operational accounts as a staging location prior to relevant funds hitting safeguarding accounts will be no more, save for in a small number of circumstances. This could have an operational impact on firms, particularly for any pay-in arrangements, and that needs to be impact assessed by firms.
  • There is a degree of “SMCR creep” flowing from the requirement to allocate a responsible person for oversight of compliance with safeguarding rules. If I was a payments firm, I would be trying to clarify whether there are any broader obligations to which such a person is subject or whether other aspects of the SMCR regime – which doesn’t apply to payments firms – should now be treated as requirements or guidance applicable to the firm or that particular individual.
  • It is arguably going to be harder to invest relevant funds in secure, liquid assets at a time when higher interest rates has made that option more attractive to firms. This is where there is arguably a misalignment between the corresponding provisions in CASS 7 on use of qualifying money market funds and the proposals in CASS 15, and I would not be surprised if there is advocation for a lighter touch to make this safeguarding option more facilitative.
  • Reading between the lines and if alignment with CASS 7 is the ultimate goal, I have a bad feeling for the insurance or guarantee method of safeguarding, in that I do not think it is long for this world.
  • Firms shouldn’t underestimate the codification of guidance as rules – it is easier to supervise and enforce breaches of rules than it is to supervise and enforce regulatory expectations delivered via guidance. That impacts compliance burden and risk profile and potentially changes the supervisory environment in which payments firms operate.

We’re looking forward to discussing these points further with clients and the industry more broadly in what remains an interesting time for payments