Exact matches only
Search in title
Search in content
Search in comments
Search in excerpt
Filter by Custom Post Type
Payment Services

Technology has transformed the payment services industry in recent years. Online and mobile payments now offer consumers real alternatives. But newer payment services providers (PSPs) have often found the banks’ traditional monopoly tough to break.

The EU recognised this in January 2018 when it introduced its revised Payment Service Directive (PSD2), part of whose purpose was promoting innovation and improving market access for PSPs.

Acknowledging the heightened security risk in the payment services arena created by the ‘growing technical complexity of electronic payments’, PSD2 brought in stricter new requirements around:

    • Security of electronic payments
    • Transparency of conditions and information from PSPs
    • The rights and obligations of users and providers of payment services

The FCA now requires all applicants seeking authorisation as PSPs to provide evidence of robust IT security policies and procedures – and a detailed risk assessment.

The FCA’s recent temporary additional guidance on safeguarding requirements stipulates that all EMIs and those payment services firms that must comply with Companies Act 2006 auditing requirements must undertake, on at least an annual basis, an audit with another independent external firm or consultant who has the appropriate specialist skill in auditing compliance with the safeguarding requirements under the PSRs/EMRs, taking into account the nature and scale of the firm’s business. Our expert payments services team are able to provide the support necessary for firms to comply with these latest requirements.

Our Payment Services team has in-depth knowledge of the regulatory compliance requirements facing PSPs. We apply our experience and expertise to create a service tailor-made to your precise needs.

Among the firms we work with are:

Among the many ways we can help PSPs are:

FCA applications

Applying for authorisation as a payment service provider (PSP) requires submitting a wide array of documentation. This includes a regulatory business plan, a suite of compliance policies and procedures, and an IT security risk assessment. We can provide template documents and work with you to tailor these to your specific circumstances. We can also carry out a gap analysis on your current policies and procedures – and help you address any action points identified.

Small payments institutions registration

We can help with your registration as a small payment institution (SPI or small PI) and ensure you’re up to date with your regulatory requirements.

REP018 submissions

We can provide payment service providers with effective support and guidance on completing and submitting REP018 operational risk reports.


We have extensive experience of auditing firms in the payment services space – whether on compliance issues generally, or specifically in areas such as safeguarding, complaints policies and procedures, or training programmes. In line with EBA and FCA guidance, we can provide services such as an extensive audit of a firm’s safeguarding framework procedures as well as the firms wider compliance requirements.

Financial crime policy and procedures

Working closely with our Financial Crime team can help PSPs update their policies and procedures in line with a risk-based approach, as required by the Money Laundering Regulations 2017.

Limited Network Exclusion (LNE) and Electronic Communication Exclusions (ECE)

We are able to assist firms that are required to report to the FCA under Payment Services Regulations, even where the firm is not FCA regulated. These include the Electronic Communication Exclusion auditing requirements for telecoms businesses and the FCA’s reporting obligations on payments and e-money firms under the Limited Network Exclusion.

Regulatory returns

If you’d like help submitting regulatory returns via Gabriel (the FCA’s online system for collecting and storing regulatory data from firms), we can also help with this.

We’re always happy to hear from businesses operating in this space. So if there’s anything at all you’d like some help, advice or support with, please don’t hesitate to get in touch.

Contact us on 0207 436 0630 or email

Popular Services

Sector Services

    Get in touch

    Choose an area of expertise*

    Latest Blog

    FCA to charge for SM&CR changes and hike new firm fees
    November 24, 2020

    Review of adviser capital adequacy
    November 18, 2020

    Latest News

    The 2020 Peer2Peer Finance News Power 50 – Firms of Influence
    October 8, 2020

    Global Advisory Experts Awards – Financial Services Compliance Consultancy Firm of the year
    September 7, 2020

    “The Payment Service Team at Thistle really helped making a difficult process, so much easier. Thank you for all your help.”

    Caroline Plambeck / jumblebee

    “Thistle helped us to become registered as an Account Information Service Provider (AISP) with the FCA. They were highly proactive and provided detailed guidance and feedback on what was a complex application process. Our caseworker Shazana was experienced and always available to answer any questions we had. We would not hesitate in using Thistle again for any of our compliance needs.”

    Glenn Drake / QuickFile

    “We used Thistle Initiatives to handle our Payment Services compliance obligations namely re-authorisation of SPI licence. Very professional service. Kept us informed step by step and assisted with all documentation. Many thanks to Nadia Lemard and her team. I would definitely put Thistle on your ‘short list’ of potential compliance consultants.”

    Geoff Tully / Senit Remittance Ltd

    “Thistle Initiatives provided professional support and guidance to achieve Orient Exchange’s Small Payments Re-Registration. Thank you for your assistance.”

    Kishore Lalwani / Orient Exchange