Contact sales
FCA Introduces Stricter Due Diligence Rules

FCA Introduces Stricter Due Diligence Rules for Payment and E-Money Firms that Safeguard Client Assets

Introduction

Under the FCA’s interim rules outlined in CP24/20, Payment Service and E-Money firms will be required to conduct stringent due diligence when selecting institutions (such as authorised credit institutions and custodians) to hold client funds or assets. These rules aim to protect clients’ assets and reinforce a firms’ accountability for third-party risks. In this article, we consider how the interim rules set forth under CASS 15 require proper due diligence that further aligns the relevant funds regime to the existing chapters of the CASS sourcebook.

In response to the regulatory concerns around appropriate safeguarding practises, the FCA has adopted the approach under CASS 6.3 & CASS 7.13, extending these rules into the Payments Sector to ensure agents and distributors who may hold relevant funds in the transaction chain have been appropriated selected and assessed. This mitigates the material risk to recovery of client funds should such an agent or distributor fail. Initial and ongoing due diligence are therefore important control activities that give firms oversight, assurance around accurate segregation, reconciliations and identify the practical steps to client fund recovery should the firm fail.

It should also be noted, in a similar way to CASS 10 documentation, due diligence documentation is included in the new CASS 10A chapter in order to support the insolvency process following firm failure.

Adequate and properly conducted due diligence extends to both relevant funds and relevant assets requiring firms to exercise due skill, care and diligence when appointing third parties that provide accounts where relevant funds or assets are either received or deposited; relevant assets are managed; or insurance or comparable guarantees are provided, plus the periodic review of such third parties.

The rules under CASS 15.6 & CASS 15.9 can be summarised as follows:

Risk Assessment

Firms must assess the credit risk, financial stability, and overall robustness of potential third-party institutions. This involves evaluating the institution’s financial health, credit ratings, and stability within the market, thereby ensuring client assets are placed with reliable entities. In respect of relevant assets, such third parties must also hold the requisite permissions for managing investments and be overseen to ensure that relevant funds are invested only in accordance with the relevant funds regime. Consideration will also be given to the level of risk the third party undertakes in respect of investment and loan activities.

Client Asset Segregation

The effectiveness of client asset segregation controls must be assessed, ensuring that funds or assets held with a third party are adequately protected in case of insolvency or liquidation. Due diligence encourages firms to choose institutions with strong and embedded segregation policies.

Client balances

Third parties must be able to provide the value of relevant funds and assets to the firm on a daily basis.

Ongoing Monitoring

The interim rules demand ongoing monitoring of selected institutions, agents and distributors, meaning firms must continuously assess whether the third party remains suitable for holding client assets. Any change in the institution’s risk profile requires firms to review and, if necessary, adjust their arrangements promptly.

Transparency and Record-Keeping

Firms must keep records of their due diligence processes and provide clear documentation supporting their choice of institution. This requirement supports accountability and provides a traceable record of decision-making in case of inquiries or audits.

Capital and creditworthiness

Continual monitoring and assessment of third-party capital and creditworthiness is essential to safeguard and protect client assets that may be held at such institutions. The CASS rules are in place to protect clients’ assets if a firm or third-party institution becomes insolvent. Assessing capital and creditworthiness helps firms to identify third parties in financial stress. A financially unstable third party that’s likely to go bankrupt puts client assets at risk if they’re unable to return the funds or assets in the event of insolvency

By selecting financially sound institutions with strong capital and credit profiles, firms can ensure that client assets remain accessible and protected, even under adverse conditions.

Firm-wide risk

Firms should be encouraged to integrate due diligence governance frameworks into their broader risk management processes. By embedding these considerations into their oversight functions, firms ensure senior management is involved in evaluating and approving third parties holding relevant funds or assets.

Summary

The FCA’s new rules under CP24/20 place a heightened focus on robust due diligence practices for Payment Service and E-Money firms, requiring thorough assessment and monitoring of third-party institutions to safeguard client assets and mitigate insolvency risks. Grath’s integrated GRC platform empowers firms to meet these stringent requirements by enhancing oversight, streamlining due diligence processes, and automating ownership and accountability to save time, improve accuracy, and strengthen audit readiness. Contact us today to ensure your firm stays compliant and confidently protects client assets.

Discover the future of CASS and Safeguarding reconciliations
Your request has been submitted successfully
We will get in touch with you immediately via email.
Ok, thanks.