×

Resources

Payment and E-Money Firms Safeguarding Audit

Resources

Payment and E-Money Firms Safeguarding Audit

This page was last updated on June 2, 2023
Since 2021, the Financial Conduct Authority (FCA) has required firms covered by The Payment Service Regulations and Electronic Money Regulations to have an ‘Annual Audit of Compliance with Safeguarding Requirements’. Here we explain the implications.

BACKGROUND

Back in July 2020, the FCA released guidance for firms covered by the Payment Service Regulations (PSR) and Electronic Money Regulations (EMR) indicating they expected regulated institutions to arrange specific annual audits of their compliance in line with the safeguarding requirements of the PSR/EMR.

In 2021, this became a requirement with the FCA expecting firms to perform an independent safeguarding audit on an annual basis.  Interestingly, auditors had already had a responsibility to report to the FCA any breaches they found under the PSR or EMR which were of material significance. However, no separate client money (CASS) style audit had been required.

LACK OF CLARITY AND ASSUMPTIONS

When the FCA stipulated the requirement for safeguarding audits, it didn’t give clear guidance on the content of the audit, or the format its report should take. Even now, the FCA has still not provided details of the period the assurance opinion should cover.

The FCA does, however, expect that most firms may wish to align the period with their accounting year-end.

Neither the temporary guidance published in July 2020, nor the consultation in January 2021, set out the timing of the reports –  including a deadline for when the reports should be submitted.

Similar to Client Asset (CASS) reports, it may be reasonable to assume the safeguarding audit should be completed within 4 months of the period end date to mirror the CASS regime requirements, with the report itself following a similar format.

IMPLICATIONS FOR FIRMS

In this regard the FCA uses the term ‘audit’, which is usually reserved for statutory audits, or CASS audits where there is a specific audit framework. Saying that, no audit standard has been issued by the FCA.

The FCA guidance simply requires that the firm is to ask the auditor to provide an opinion addressed to the firm on:

This is very similar wording to a Reasonable Assurance Client Money (CASS) audit. The approach to the engagement has similarities and involves an examination of the various safeguarding provisions during the year, and at the end of the period. This is to ensure the firm has controls in place and has complied with them.

At the end of the engagement, the auditor then provides a letter addressed to the firm covering the points mentioned above.

CAN WE HELP?

Shipleys has been working with many firms affected by this requirement and has a track-record in conducting robust and reliable safeguarding audits to meet the FCA’s requirements. Please get in touch if you would like further information.


Specific advice should be obtained before taking action, or refraining from taking action, in relation to this summary. If you would like advice or further information, please speak to your usual Shipleys contact.

Copyright © Shipleys LLP 2023

Current Issues

What to bear in mind when setting up a bank account for your UK subsidiary

Overseas businesses often underestimate what is involved when setting up a bank account for their UK subsidiary. In this interview with Metro Bank, we explain the key issues.

Understanding the tax implications of divorce

Tax may not be uppermost on the minds of a couple getting divorced, but a well-drafted settlement can minimise tax liabilities during the upheaval.

Taxation and Divorce

By planning a divorce settlement carefully, it should be possible to minimise the tax cost of transfers under the divorce settlement