Skip to content

Safeguarding Audits: Common Pitfalls and Best Practices

If you're a payment services provider or electronic money institution, safeguarding audits are crucial to ensure that your firm complies with relevant regulations and best practices when protecting your customers' funds. However, conducting safeguarding compliance audits can be complex, and there are some common issues and misunderstandings that you may encounter.

In this blog, we explore these issues and provide some guidance on how best to deal with them, based on our extensive experience and knowledge of the FCA's guidance and expectations on safeguarding.

The FCA's Approach to Payment Services and Electronic Money sets out the FCA's expectations and requirements for firms that provide payment services or issue electronic money. The FCA's approach covers various aspects of safeguarding. Despite the FCA's guidance, some firms may not be fully aware of the approach or may interpret it differently, leading to potential breaches or risks.

Here are some examples of common concerns that we see when completing audits:

  • Co-mingling of funds: Some firms may mix safeguarded funds with other funds, such as operational funds, fees, commissions, or third party funds. This can create confusion and difficulties in identifying and segregating the safeguarded funds in case of insolvency or other events. The FCA expects firms to keep safeguarded funds separate from any other funds at all times.

  • Reconciliation timings: Some firms may not reconcile their safeguarded funds frequently enough or may not have a clear and consistent process for doing so. This can result in discrepancies or inaccuracies in calculating the safeguarded funds, which may affect the firm's ability to repay its customers in full, if needed. The FCA expects firms to reconcile their safeguarded funds at least daily or more frequently if necessary.

  • Foreign exchange transactions: Some firms may not account for the currency fluctuations when dealing with foreign exchange transactions involving safeguarded funds. This can result in under- or over-safeguarding of funds, which may expose the firm or its customers to losses or liabilities. The FCA expects firms to ensure that they always safeguard the correct amount of funds in the relevant currency.

  • Due diligence on credit institutions: Some firms may not conduct adequate due diligence on the credit institutions they use to hold their safeguarded funds, such as banks or custodians. This can expose the firm and its customers to operational, financial, or reputational risks if the credit institution fails or does not comply with the applicable laws and regulations. The FCA expects firms to assess the suitability and reliability of their credit institutions on a regular basis and to diversify their risk exposure if possible.

These are just some of the common issues we encounter when conducting safeguarding audits, but there may be others depending on each firm's specific circumstances and activities. That is why it is important to have a robust and comprehensive safeguarding policy and procedure that reflects the FCA's guidance and your own business model. It is also advisable to seek external advice and support from experts who can help you review and improve your safeguarding arrangements.

At Thistle Initiatives, we specialise in conducting safeguarding compliance audits and health checks for payment service and e-money providers. We can offer either one or a combination of the following services:

  • Safeguarding audit: We will conduct an independent review of your compliance with the safeguarding compliance requirements, covering all aspects such as documentation, methods, systems, controls, and wind-down planning. We provide you with a detailed report that identifies our observations regarding your strengths and weaknesses, as well as recommendations for improvement. We can also help you implement the recommendations and monitor your progress.

  • Safeguarding health check: We will provide you with a high-level and generally more cost-effective assessment of your current safeguarding arrangements, focusing on the key areas of risk and compliance. We give you a summary of our findings and suggestions for enhancement. We can also support you with any follow-up actions that you may need to take.

By conducting a safeguarding compliance audit or health check, your business has the opportunity to gain several potential benefits, such as:

  • Improving your compliance with the FCA's rules and guidance, reducing the risk of regulatory action.
  • Enhancing your reputation and trust with your customers, partners, and stakeholders, increasing your competitive advantage and market share.
  • Strengthening your governance and risk management, improving your operational efficiency and resilience.
  • Preparing for potential challenges and disruptions, such as cyber threats or other operational resilience threats.

To conclude, finally safeguarding audits are an essential tool for payment service providers and electronic money institutions to protect their customers' funds and comply with the FCA's requirements and expectations. By addressing the common issues and best practices outlined in this blog, you can enhance your safeguarding arrangements and gain the potential benefits of compliance, reputation, governance, and resilience.

Author: Joel Bailey, Associate

How Thistle Initiatives can help you? 

Thistle Initiatives has supported payments firms for over 10 years as a trusted compliance and regulatory advisor. In addition to assisting you as-and-when, our team of specialists can serve as your right hand in meeting and complying with FCA regulations. We understand the importance of staying up-to-date and compliant and are dedicated to providing the guidance and support needed to do so.

If you would like to discuss further how we can help with safeguarding compliance audits, safeguarding health checks or assistance with drafting your safeguarding policy and procedure, and so potentially enhance your safeguarding arrangements, please contact us by calling 020 7436 0630 or sending an email to