FCA turns up the heat on the Payments sector – priorities for firms

On the 16^th March 2023 the FCA issued their priorities for Payment Firms in a Dear CEO letter. This sets out clearly the expectation of the FCA in a number of focus areas for payment firms to address in the current economic and cost-of-living crisis.

The areas listed within the Letter are not new areas and have been issued for some time. The advantage is that there is a large wealth of information across other financial services sectors to leverage good practice. The areas noted are wide ranging and will be important for you to prioritise based on your business need and own gap analysis, however, there is an increasing focus on the Payments sector and this is expected to increase due to the risks associated with payments, nature of the market and distributed business models.

The letter references three outcomes that have been set for payment firms to meet:

1. Ensure that your customers’ money is safe
2. Ensure that your firm does not compromise financial system integrity, and
3. Meet your customers' needs, including through high quality products and services, competition and innovation, and robust implementation of the FCA Consumer Duty.
    

Set out below is a brief summary of the outcome and how we can help to address the requirements.

Outcome i – ensure that your customers' money is safe

Priority 1: Safeguarding

We have seen increased focus of firms to develop, implement and imbed effective controls to protect customer funds in the unfortunate event that a firm enters insolvency. The FCA expects firms to have a robust control environment to ensure that if this happens firms can return all funds back to customers quickly.

The FCA refers to common failings around documentation of processes and definition of relevant funds, reconciliation processes and lack of due diligence.

Firms should meet the current requirement to have a Safeguarding audit (where a requirement to have a statutory audit occurs and firm is not a small Payment Firm). The Safeguarding audit does not need to be undertaken by the External Auditor but does require the firm to have the relevant skills and experience to conduct the audit.

The FCA expects that the Top Priority of firms are to ensure that customer funds are protected, and the firm are required to complying with the Approach Document.

Priority 2: Prudential Risk Management

Ensuring firms have sufficient financial resilience, capital, and manage capital and liquidity risks are vital to ensure the firm weathers the current and future economic environment especially if firms are reliant on external funding.

The FCA identified areas for improvement around liquidity risk and capital management, and lack of scenario planning and stress testing.

Firms are expected to ensure that they meet all regulatory requirements including: capital requirements, enhancing their risk assessment around liquidity and financial risk, defining risk appetite and key risk indicators, undertaking stress and scenario planning, and planning ahead to take account of future financial turmoil.

 

Priority 3: Wind-down planning

Firms should have a board approved wind-down plan that complies with the Approach Document, with clear triggers to commence an orderly, solvent, wind down. Common issues the FCA identified include: an over-optimistic time frame, lack of detail on the steps for winding-down, lack of wind-down triggers and lack of analysis of the costs and cash requirements.

Firms should have a board approved, regularly reviewed wind down plan that meets the guidance within the Approach Document.

 

Outcome ii – ensure that your firm does not compromise financial system integrity

For the past 2 years the FCA has focused on Financial Crime within the Payments Sector due to expected higher risk customer base and enhancements in systems of control. Due to the cost-of-living crisis and the nature of payment transactions, instances of fraud have increased making the need for robust controls and processes a necessity. As a result of these weaknesses the FCA has identified three priorities with respect to:

• Priority 1: Money Laundering and Sanctions, and
• Priority 2: Fraud

Firms should have robust controls in place to identify, manage, mitigate and where relevant report instances of Economic Crime over the life cycle of the customer. Firms should have regular reviews to ensure weaknesses are identified and remediated quickly.

 

Outcome iii - meet your customers’ needs, including through high quality products and services (implementing the Consumer Duty)

The implementation of the Consumer Duty (due July 2023) is a requirement for payment firms to ensure that firms deliver good customer outcomes and act in customer best interests. The FCA expects firms to be compliant and meet all requirements. Read our Consumer Duty article series to find out more.

There are a number of other cross cutting priorities that underpin the three priorities above:

• Governance and Leadership
• Oversight of agents and distributors
• Operational Resilience
• Regulatory reporting (including change in control
• Environmental, Social and Governance (including Diversity and Inclusion)

Firms are expected to take remedial action to address any deficiencies identified in their business in relation to this letter to ensure:

• Customer funds are protected
• Robust controls and processes are in place
• Firms are meeting customers needs
• Robust Governance (ESG and D&I)