Background
The FCA’s requirement for payment and e-money firms to undertake an annual safeguarding audit is linked to The Payment Services and Electronic Money Regulations. It seeks to ensure both compliance with regulatory requirements and assure customers and regulators that their funds are protected.
You can find out more about safeguarding audits in this article: Payment and e-money firms’ safeguarding audits – common questions answered.
Firms can strengthen their safeguarding approach in this area by using this 8-point checklist ahead of their audits.
8-Point CHECKLIST
1. Understand the current regulatory framework
Firms should prioritise time to become familiar with the relevant regulations and guidelines governing safeguarding in the UK. For starters, see the information provided by the FCA.
2. Establish internal safeguarding policies and procedures
It is vital to develop robust internal policies and procedures that outline how your organisation complies with the safeguarding requirements. Talk to an external specialist adviser or appoint a dedicated person in your organisation (see point 4). They can help to assess your operations and make recommendations on changes needed to shore up your safeguarding approach.
3. Ensure customer funds are segregated
It is paramount that you have appropriate mechanisms in place to segregate customer funds from your own operational funds. Maintain separate accounts or safeguard your trust arrangements to ensure that customer funds are protected, and not at risk in the case of insolvency.
4. Appoint a safeguarding officer
Designate a specific individual or internal team responsible for overseeing safeguarding measures across your firm. They should be tasked with understanding the regulatory requirements and ensuring your firm has a robust approach to the other 7 points in this checklist.
5. Perform risk assessments
It is important to conduct regular risk assessments. These should aim to identify potential vulnerabilities so you can develop appropriate risk mitigation strategies. The assessments should include evaluating risks associated with safeguarding, such as internal fraud, financial stability, or inadequate segregation of funds.
6. Maintain adequate documentation
To demonstrate your compliance and support the audit, it is crucial that your firm keeps detailed records of all your safeguarding activities. These records should include your policies, procedures, risk assessment outcomes, internal audit reports, and any other relevant documentation.
7. Regular training to bolster safeguarding awareness across the firm
Safeguarding should be viewed as a firm-wide responsibility. That’s why it is important to train employees on their roles and responsibilities regarding safeguarding measures. This includes educating them on the importance of segregating customer funds, detecting suspicious activities, and reporting any concerns or breaches.
8. Stay updated
And finally, keep abreast of any regulatory changes or updates related to safeguarding. Follow the FCA or our Financial Services team’s updates for news of the latest developments.
Can we help?
At Shipleys, we’ve been helping many payment and e-money issuing businesses comply with the latest regulations. For further information, contact one of our specialists shown on this page.
Specific advice should be obtained before taking action, or refraining from taking action, in relation to this summary. If you would like advice or further information, please speak to your usual Shipleys contact.
Copyright © Shipleys LLP 2023
Related Resources
Payment and e-money firms’ safeguarding audits – common questions answered
