Safeguarding Client Funds at an EMI: FCA Rules, Segregation Accounts, and Audit Requirements

Safeguarding is the cornerstone of client protection at an electronic money institution. Unlike deposits held at a bank — which benefit from FSCS protection up to £85,000 — e-money held at an EMI is protected through safeguarding: a regime that requires the EMI to ring-fence client funds so they are protected in the event of the firm's insolvency. The FCA has repeatedly found deficiencies in how EMIs implement safeguarding, and it remains one of the most common supervisory findings across the sector. Getting it right is not optional.

The Legal Framework

Safeguarding obligations for EMIs derive from Regulation 21 of the Electronic Money Regulations 2011 (EMRs 2011). For payment institutions executing payment transactions, equivalent obligations apply under Regulation 23 of the Payment Services Regulations 2017. The FCA's Approach Document for Payment Firms and Electronic Money Institutions (updated most recently in 2023) provides detailed guidance on how the FCA interprets and applies these requirements.

In essence, the regime requires that funds received from e-money holders — the float — be safeguarded by one of two methods: the segregation method, under which funds are held in a designated safeguarding account at an eligible credit institution or central bank; or the insurance method, under which an insurance policy or guarantee from an authorised insurer covers the full outstanding float. In practice, virtually all UK EMIs use the segregation method. The insurance market for e-money float coverage is extremely limited and the premiums are prohibitive except for very small operations.

Eligible Institutions for Safeguarding Accounts

Not every bank account qualifies as a safeguarding account. The EMRs 2011 require that segregated funds be held at a credit institution authorised under the Capital Requirements Directive (CRD) — in the UK, this means an institution authorised by the PRA and FCA, or an overseas institution authorised in an equivalent jurisdiction. The account must be clearly designated as a safeguarding account, typically in the account title or through a formal acknowledgment letter from the credit institution confirming the safeguarding status.

This acknowledgment letter — sometimes called a safeguarding confirmation — is a key document. It should confirm that: the account is a safeguarding account under the EMRs 2011; the credit institution acknowledges the segregation status of the funds; and the institution agrees not to exercise any right of set-off or netting against the safeguarding account for the EMI's own debts. Many EMIs underestimate the difficulty of obtaining properly worded acknowledgment letters — banks are frequently reluctant to provide them in the precise form required by the FCA, and the negotiation process can significantly delay the launch of operations.

Calculating the Safeguarding Amount

The safeguarding obligation applies to the "relevant funds" — broadly, the e-money float outstanding at any given moment. The EMI must calculate this figure at least daily and ensure the safeguarded amount matches or exceeds it. Where there is a discrepancy — for example, because funds received have not yet been transferred to the safeguarding account — the EMI must top up the safeguarding account promptly. The FCA expects same-day top-up where feasible and not more than next-business-day in most circumstances.

Multi-currency operations add complexity. Where the EMI holds customer balances in multiple currencies, the safeguarding account must cover the full float across all currencies. Some EMIs use a single sterling safeguarding account and calculate FX conversion risk as a buffer above the minimum. The FCA's guidance suggests this approach is acceptable provided the methodology is documented, consistently applied, and accounts for intraday FX movements.

Reconciliation Obligations

A daily internal reconciliation is required, comparing: the total relevant funds outstanding (the liability side) against the amount held in the safeguarding account (the asset side). The reconciliation must be documented and retained. Where a shortfall is identified, it must be reported to the board or equivalent governance body and remediated. Persistent or unexplained shortfalls are a serious regulatory finding.

The FCA distinguishes between reconciliation errors (which may result from timing differences in settlement) and safeguarding failures (which indicate systemic control weaknesses). It expects EMIs to have automated reconciliation processes for material volumes — manual spreadsheet reconciliation is rarely adequate for firms processing more than a few million pounds monthly.

The Annual Safeguarding Audit

Regulation 24 of the EMRs 2011 requires EMIs to arrange for an annual audit of their safeguarding arrangements. This must be conducted by a qualified external auditor and must cover: the adequacy of the safeguarding method used; the accuracy of the daily reconciliation process; compliance with the segregation requirements; and the adequacy of the acknowledgment letter from the credit institution. The audit report must be submitted to the FCA as part of the firm's annual regulatory reporting.

Firms frequently treat the safeguarding audit as a formality. The FCA does not. It expects the auditor to provide a genuine opinion on the effectiveness of controls, not merely confirmation that the account exists and is labelled correctly. Qualified audit opinions, or management letters identifying control weaknesses, will attract FCA follow-up.

Practical Challenges for High-Risk EMIs

For EMIs serving high-risk sectors — iGaming, crypto, FX brokers — the safeguarding challenge is compounded by the difficulty of maintaining the safeguarding bank account itself. Many UK banks are unwilling to provide safeguarding accounts to EMIs with high-risk client bases, particularly where the source of client funds involves gambling proceeds or crypto conversions. This creates a risk concentration problem: the EMI may be dependent on a single banking relationship for safeguarding, and if that relationship terminates, the entire business model is at risk.

Wind-down planning must address this scenario explicitly. The FCA expects EMIs to have contingency arrangements for safeguarding account replacement, including identified alternative institutions willing to provide safeguarding accounts and an estimated timeline for migration.