Payment and E-Money Firms Safeguarding Audit

The FCA now requires firms covered by Payment Service Regulations and Electronic Money Regulations to have an ‘Annual Audit of Compliance with Safeguarding Requirements’

16 February 2021


In July 2020, the FCA released some finalised guidance for firms covered by the Payment Service Regulations (PSR) and Electronic Money Regulations (EMR) with respect to Coronavirus. The document set out expectations on how firms under these rules should manage safeguarding customers’ funds, but for the first time included a requirement for these firms to have an ‘Annual Audit of Compliance with Safeguarding Requirements’.

The full guidance can be read here

Auditors already had a responsibility to report to the FCA any breaches they found under the PSR or EMRs which are of material significance to the FCA, but there was no separate client money (CASS) style audit required.


A fresh development

So it is quite an unusual situation that the FCA have asked EMI and PSR firms to have an 'audit' of their safeguarding arrangements, but without any clear guidance on the content of the audit or the format of the report.

It's also a little unclear when this applies from and when the deadline is. We are assuming that it is 4 months after the year end, in line with other similar FCA reporting requirements, and applies to year ends from July 2020.



The FCA uses the term 'audit', which is usually reserved for statutory audits, or CASS audits where there is a specific audit framework, but there is no audit standard by the Financial Reporting Council in this instance.

The FCA guidance requires that the firm is to ask the auditor to provide an opinion addressed to the firm on:

This is very similar wording to a Reasonable Assurance Client Money (CASS) audit. The approach to the engagement will therefore be similar, and will involve an examination of the various safeguarding provisions during the year and at the end of the period, to ensure the firm has controls in place and has complied with them. At the end of the engagement, the auditor will provide a letter addressed to the firm covering the points mentioned above.


Can we help?

Shipleys works with a number of firms affected by this new requirement and we will be working with our clients on the new safeguarding audit obligation. Please get in touch if you would like further information.


Specific advice should be obtained before taking action, or refraining from taking action, in relation to this summary. If you would like advice or further information, please speak to your usual Shipleys contact.

Copyright © Shipleys LLP 2021

Current Issues

Offshore Reporting Funds

An overview of the tax treatment of offshore investment funds and the effect on UK investors when the fund applies for ‘offshore reporting fund’ status.

Financial Services Update – June 2022

In this issue we cover the latest compliance and policy developments for the sector, plus the implications of fresh FCA guidance.

Making your inheritance tax allowances count

More and more estates are now subject to paying inheritance tax (IHT), but much can be done to mitigate liability by using the available allowances.