© 2025 Macro Global. All Rights Reserved.
Traverse the article
On 7 May 2026, the FCA’s new safeguarding Supplementary Regime for payment and e‑money firms goes live, tightening reconciliation discipline, monthly reporting, audits and resolution‑readiness across the board. You can download the FCA Policy Statement PS25/12 (PDF) here.
It’s happening because the market got bigger and messier: in 2024 EMIs safeguarded ~£26bn, PIs ~£6bn on any given day, and failed firms showed an average 65% shortfall—a trust gap the rules are designed to close.
This piece translates PS25/12 into what actually changes and how cross-border operators should respond, designing “reconciliation days” around foreign-market closures, separating e-money and unrelated payment-service pools, evidencing third-party diligence, and maintaining a resolution pack that can be produced within 48 hours.
At the end, a no‑fluff vendor box maps each requirement to practical controls in Macro Global’s NetRemit—a bank‑grade, ISO‑compliant, white‑label remittance suite built for MTOs, banks, and fintech with fast go‑live, audit trails/four‑eyes controls, and integrations that matter in practice, to help you evidence, not over‑claim, compliance.
Quick Reference: What’s New in PS25/12 Safeguarding Regime
Here’s the shorthand: what shifts, what stays, and what firms can’t ignore.
- Reconciliations: Daily on reconciliation days (exclude weekends, UK holidays, and relevant foreign market closures); fixed points; external only on reconciliation days (pages 15–16).
- Internal method: Simplified D+1 requirement vs D+1 resource; top‑ups with own funds if needed (pages 15–16).
- Non‑standard methods: Auditor preview before use/change; frequency not relaxable (page 16).
- Audits: Annual for most; ≥£100k threshold; first submission 6 months, then 4; safeguarding auditor can differ from statutory (pages 19–21, 54).
- Monthly return: Mandatory; split reporting for EMIs also doing unrelated payment services (pages 22–24).
- Insurance/guarantee: Unconditional payout (bar insolvency certification); T3 months plan; T2 months FCA notice for first use/changes (pages 28–30).
- Resolution pack: 48 hour retrieval; annual report to the governing body (pages 16–19, 77).
- Go‑live: 7 May 2026; 9 months runway (pages 12, 61).
Why This Change: Growth, Failures and the FCA’s PS25/12 Response
- Safeguarding rules are being rebuilt because the sector grew too fast for the old guardrails.
- By 2024, EMIs were safeguarding ~£26bn and PIs ~£6bn daily, numbers far beyond the rules’ original design.
- In firm failures between 2018–2023, the average safeguarding shortfall was 65%, a chasm, not a rounding error. And while the FSCS may cover a bank failure, it does not cover a payments firm failure.
- PS25/12 closes that trust gap with stricter reconciliations, audits, and resolution readiness.
Who is in Scope under PS25/12 (Payment Institutions, EMIs, SPIs)
Not every payments firm is caught. Knowing if you are in or out is the first filter.
- Authorised PIs (excluding PIS only/AIS only institutions)
- Authorised EMIs, Small EMIs,
- Credit unions that issue e‑money.
- SPIs can opt in; if they do, all requirements apply.
Key Safeguarding Changes in PS25/12
The everyday mechanics of reconciliation, reporting, and audits are no longer optional extras.
Reconciliations tied to reconciliation days, with fixed points
Internal and external reconciliations must be performed at least once each reconciliation day excluding weekends, UK bank holidays, and days when relevant foreign markets are closed. Firms must set consistent reconciliation points and use them (pages 15–16). External reconciliations are only required on reconciliation days (page 16).
Separate pools, separate reconciliations. Funds for e-money must be safeguarded and reconciled separately from unrelated payment services; reporting is split too (pages 16, 24, 26).
A simpler internal method (D+1 → D+1)
You now compare D+1 segregation requirement vs D+1 segregation resource. If the resource is lower, top up promptly with own funds if needed (pages 15–16).
Non‑standard internal methods need auditor pre‑review
If you can’t use the standard method, you must document the approach and obtain an independent auditor’s written confirmation before use, and again before any material change. You cannot relax frequency (page 16).
PS25/12 annual safeguarding audit requirements
Most firms must arrange a yearly safeguarding audit by a qualified auditor. Exempt if you haven’t been required to safeguard >£100,000 at any time in the prior 53 weeks (pages 19–21; see threshold table on page 54).
First submission: Within 6 months of the period end; subsequent audits: 4 months. The safeguarding auditor need not be your statutory auditor (page 21).
Monthly safeguarding return via RegData
Supervisors want a live pulse, not annual snapshots. That’s the reason for monthly returns. The return mirrors the D+1 requirement/resource view and confirms whether internal & external reconciliations were conducted each reconciliation day. EMIs/credit unions that also provide unrelated payment services must answer sections separately for each asset pool (pages 22–24).
Third-Party Bank, Custodian and Insurer Diligence
It’s no longer enough to pick a safeguarding bank—you have to show why and manage concentration risk. Due skill, care and diligence over banks, custodians and insurers, plus an explicit duty to consider diversification (no quota’s documented judgment is expected). Acknowledgement letters remain key (pages 25–26).
Insurance and Guarantee Method under PS25/12
Using insurance to safeguard is still possible, but the FCA has locked down conditions to avoid weak cover.
- Payout must be unconditional apart from certification of an insolvency event (pages 29–30).
- No later than 3 months before expiry, decide your path; if renewal isn’t secured, be ready to switch to segregation (pages 28–29).
- Notify the FCA at least 2 months before first use, and for changes to cover or provider (pages 29–30).
- Assess operational risk, including short term liquidity impacts (pages 28–29).
Resolution Pack and 48-Hour Retrieval Obligation
Failure scenarios must be drill-ready, not theoretical hence the 48-hour pack rule. Maintain a CASS 10A resolution pack with agreements, acknowledgement letters, agent/distributor lists, and reconciliation records retrievable within 48 hours by an administrator or on FCA/BoE request (pages 16–19). Your governing body must receive at least an annual report on CASS 10A compliance (rule 10A.1.14R; page 77).
PS25/12 Go-Live Date and Transitional Relief Rules
There’s a long runway, but not a free pass—transitional relief only softens the edges.
- Go‑live: 7 May 2026 confirmed in the policy instrument’s commencement clause (page 61) and the “Next steps” section (page 12).
- Runway: 9 months from publication; first audit submission extended to 6 months for the first cycle (pages 12, 21).
- Transitional provisions: you don’t need to record why you selected third parties appointed before go‑live; existing acknowledgement letters can be relied on initially, subject to review/replace rules (pages 33–34).
Not happening (yet): The more radical “Post‑Repeal Regime” (statutory trust/CASS‑style end‑state) is not being implemented now. The FCA will watch how this regime beds in over a full audit period, then decide next steps (page 11).
Why this PS25/12 is Good For Customers and the Market
Stricter safeguarding isn’t bureaucracy—it’s how shortfalls get spotted early and funds returned faster.
- Cleaner books, fewer shortfalls: Daily discipline (on reconciliation days) and a simpler D+1 test make misses visible faster (pages 15–16).
- Faster return on failure: Resolution packs that you can produce inside 48 hours materially reduce friction for administrators (pages 16–19).
- Independent oversight: Annual audits where it matters; proportionate threshold at £100k (pages 19–21, 54).
- System resilience: Documented judgment on third‑party diversification curbs concentration risk (pages 25–26).
Cross-Border Payments: PS25/12 Challenges for EMIs & PIs
For remitters and cross‑border PSPs, the friction is operational: multi‑currency flows, time zones, non‑UK holidays, multiple counterparties, and dual asset pools (e‑money vs unrelated payment services).
- Reconciliation day design: Use the foreign market closure carve out properly and set fixed reconciliation points that match corridor realities (pages 15–16).
- Two pools, two views: Keep ledgers, reconciliations, and monthly returns separate for e‑money vs unrelated payment services (pages 16, 24, 26).
- Counterparty concentration: Evidence your thought process; quotas aren’t prescribed, but complacency won’t fly (pages 25–26).
- Insurance/guarantee discipline: Build a T3 months decision checkpoint and T2 months notifications for first use/changes (pages 28–30).
- Resolution readiness: Make the 48 hour retrieval a drill, not a hope (pages 16–19).
- Don’t over sell tokenisation: The FCA did not expand the list of secure, liquid assets; treat tokenisation as an operational enhancer, not a safeguarding asset strategy for now (page 27).
What Firms Should Do Now to Prepare for PS25/12
PS25/12 gives firms until May 2026, but the work is front-loaded. A sensible roadmap looks like this:
- Confirm your scope: Check whether you are an authorised PI, EMI, SPI opting in, or a credit union issuing e-money. Scope determines which requirements apply in full.
- Rework your reconciliation calendar: Define reconciliation days and fixed points that reflect corridor realities time zones, FX cut-offs, and non-UK holidays.
- Split safeguarding pools: Keep e-money funds separate from unrelated payment-service funds in ledgers, reconciliations, and reporting.
- Plan your safeguarding audit: If balances are likely to exceed £100k, line up an independent safeguarding auditor now. Early engagement avoids scramble at the first 6-month deadline.
- Embed monthly RegData returns: Build the D+1 requirement/resource check into monthly workflows. Ensure data extracts can separate pools cleanly for reporting.
- Re-assess third-party providers: Document the reasoning behind your bank, custodian, or insurer choices. Explicitly consider diversification and keep acknowledgement letters current.
- Tighten insurance/guarantee arrangements: If you rely on insurance, add a T3 months renewal checkpoint and T2 months FCA notification trigger to your compliance calendar.
- Test your resolution pack: Run a retrieval drill to prove agreements, acknowledgement letters, agent lists, and reconciliation records can be produced inside 48 hours.
- Engage your board: Prepare a safeguarding update for your governing body, covering audit plans, reconciliation discipline, and resolution-pack readiness.
How NetRemit Supports PS25/12 Safeguarding Compliance
NetRemit provides the audit trails, reporting, and four-eyes controls firms need to evidence compliance in practice.
- Reconciliation discipline + scheduling: NetRemit supports robust reconciliation and lets teams schedule and run batch jobs, with extensive audit trails and logging (event tracking, tracing, reporting) to evidence what happened and when.
- Operational reporting & data exports: 40+ data‑rich reports with Power BI / SSIS integration help you extract the numbers supervisors and auditors ask for; logs and reports are exportable to feed internal governance and regulatory submissions.
- Four‑eyes control & change accountability: Maker‑Checker (authorise & review) plus granular user/group access control reduces key‑person risk and creates a clean approval trail for reconciliations, adjustments, and settings.
- Admin Centre for separation of concerns: Centralised configuration of business rules, AML limits, fraud screening, EDD metrics, routing, and partner settings supports clear operational boundaries across teams and functions.
- Third‑party oversight: TPP Health Check Monitor and partner management features help you keep tabs on counterparties and supporting providers; the marketplace integrations simplify onboarding and switching.
- Customer & payment rails: Multiple initiation and pay‑out options, including Open Banking, cards, POS, e‑wallets, plus Swift/Nostro‑Vostro interfaces, reduce manual workarounds that often break reconciliations.
- Security & standards: ISO‑compliant platform with strong authentication, encryption, and hardening, useful when you’re evidencing control strength alongside safeguarding processes.
Conclusion: FCA PS25/12 and the Future of Safeguarding
This isn’t red tape for its own sake. It’s the FCA forcing operational truth: accurate records, predictable reconciliations, documented counterparty choices, real audits, and a resolution pack that works under pressure. Cross-border players can turn this into an edge if they line up calendars, asset pools, and counterparties with the same rigor they bring to growth.
FAQs on FCA PS25/12 Safeguarding Regime
PS25/12 is the FCA’s May 2025 policy statement introducing a supplementary safeguarding regime for payment institutions (PIs), electronic money institutions (EMIs) and small payment institutions (SPIs). The rules go live on 7 May 2026.
The rules apply to authorised PIs (except PIS-only/AIS-only), authorised EMIs, small EMIs, and credit unions issuing e-money. SPIs can choose to opt in.
Reconciliation days are all business days excluding weekends, UK bank holidays, and relevant foreign market closures. Internal and external reconciliations must be performed once each reconciliation day.
Most firms must arrange an annual safeguarding audit unless their safeguarded balances stayed below £100,000 during the prior 53 weeks. First audits must be submitted within 6 months of period end, then within 4 months thereafter.
Firms must file a monthly return via FCA’s RegData system confirming reconciliations and showing safeguarded funds vs resources (the D+1 test). EMIs offering unrelated payment services must report pools separately.
Firms must show due skill, care and diligence in selecting banks, custodians and insurers, and explicitly consider diversification of providers. Acknowledgement letters remain mandatory.
The payout must be unconditional apart from insolvency certification. Firms must plan renewal decisions 3 months before expiry and notify the FCA 2 months before first use or any changes.
A resolution pack is a set of safeguarding records and documents that must be retrievable within 48 hours for administrators or regulators. It includes agreements, acknowledgement letters, and reconciliation records.
The supplementary regime begins on 7 May 2026, with a nine-month transition period and some relief for pre-existing third-party arrangements.
Turn PS25/12 Compliance into a Competitive Edge
Strengthen reconciliations, audits, and resolution readiness with NetRemit
Ready to get started?
We can’t wait to show you what’s possible with NetRemit.
Related Posts
15 August 2025 NetRemitNextGen Banking
Stablecoins: A New Era in Cross-Border Payments
Traverse the article What’s Holding Back Global Payments, and How It Can Be Fixed Behind the Buzz! The Technology That Powers Stablecoin Payments Unlocking the $23 Trillion Opportunity in...
30 May 2025 NetRemitNextGen Banking
NetRemit’s Role in Future-Proofing Money Transfer Operations
NetRemit’s remittance software helps money transfer operators scale, stay compliant, and thrive in an evolving cross-border payments landscape. Know how!
21 May 2025 NetRemitNextGen Banking
Navigating BaFin, AML6, and GDPR Compliance in International Money Transfer
Explore BaFin, AML6, and GDPR compliance essentials for secure and regulated remittance operations.