Rapid innovation has intensified competition in the payments market, and the ease by which small business users can access an increasing range of digital services has been accelerated by the upheaval caused by the Covid-19 pandemic.
Its perhaps unsurprising that the FCA has made payments one of its consumer priorities with a focus on:
Consumers making payments safely and with confidence;
Mitigating financial loss to consumers who make payments at the point of firm failure;
Ensuring the prompt and complete return of funds to consumers when firms that safeguard consumer funds fail; and Increasing access for consumers and businesses to a variety of digitised payment services
The 2020 “Dear CEO” letter addressed to payment and e-money firms reinforces this focus with a requirement to undertake independent safeguarding audits on an annual basis.
Although not all firms are required to commission an independent safeguarding audit, it is good practice to do so, since such an engagement is a prerequisite for any firm seeking authorisation and also ensures that adequate internal controls around operational, technology, accounting and risk management processes to mitigate against client loss and detriment continue to be well designed, operate effectively and are capable of being evidenced.
Robust safeguarding controls with a consumer focus, reinforced with an independent assessment demonstrates a firms compliance with the regulations through detailed and thorough controls testing and sample checking. Outcomes from such engagements allow the identification of areas for improvement or remediation.
How Grath can help with the Safeguarding Audit
Grath solutions can be leveraged to efficiently administer audit programmes, using a fully integrated risk and control framework, dynamically mapped to your Safeguarding regulatory obligations. Control accuracy is continually maintained and evidenced throughout the year, and is embedded seamlessly into day-to-day operations, thus reducing the discovery of evidence gaps prior to and during an audit. Subsequent remediation programmes can be served through our assurance module, allocating and tracking open tasks and action through to completion and reporting of progress through configured management reporting.