On 9 July 2020, the UK Financial Conduct Authority (FCA) published a ‘Dear CEO‘ letter (the “Letter“) addressed to Authorised Payment Institutions and E-money Institutions (“Firms”) highlighting 6 key areas where it has found that Firms are failing to adequately comply with their regulatory obligations under the Payment Services Regulations 2017 (“PSRs“) and the Electronic Money Regulations 2011 (“EMRs“). Accompanying the Letter was additional temporary guidance (the Guidance) setting out the FCA’s expectations for remedial action in these areas (supplementing existing guidance in the FCA Approach Document). Since both the Letter and the Guidance follow a short period of consultation on the relevant issues, the FCA also published a feedback statement providing information on the consultation responses received and how they have been reflected in the Letter and the Guidance.
The FCA identifies most of its areas of concern as arising from its normal supervisory engagement with the sector – in particular regular reviews of Firms’ compliance with customer protection principles and rules. However, it is also clear that the FCA is worried that the coronavirus pandemic may challenge the customer protection provided by Firms – some of which it notes are in relatively early stages of their growth and yet to become profitable.
The six key areas of concern identified by the FCA are:
1. Safeguarding: a previous sector review carried out in the first half of 2019 identified various practices that the FCA was not happy with and led to the FCA directing Firms in a letter dated 4 July 2019 to improve their safeguarding arrangements in certain key respects. In the Letter, the FCA notes its disappointment that problems remain in the following critical areas:
- the appropriate creation and maintenance of safeguarding accounts – including ensuring that they are suitably designated and that the account-providing credit institution, insurer or authorised custodian cannot exercise inappropriate set-off or other rights over them. A template letter to be exchanged with a safeguarding bank/custodian is supplied with Letter. The FCA also wants to see Firms carry out regular (at least annual) audits of their safeguarding arrangements, including review the identity of the third parties used;
- the mixing of customer funds in a Firm’s Safeguarding Account with its own funds. The FCA wants very regular reconciliations to prevent this occurring more than is absolutely necessary, particularly to ensure rapid return of the safeguarding account monies to customers in the event of a Firm insolvency. The FCA expresses the view that moneys in a safeguarding account are held on a form of statutory trust for the customers;
- a lack of clear records of safeguarded amounts and of evidence that reconciliations have been effected when required;
- Firms clearly recognising the time when the safeguarding obligation starts, particularly for EMIs that issue e-money and allow customers to spend that e-money before the customer funding of its purchase has been received by the EMI; and
- dealing with unallocated funds.
2. Prudential risk management: the FCA identifies concerns regarding Firms:
- not holding sufficient regulatory capital – including by virtue of calculating their own funds requirements inaccurately;
- not holding sufficient liquidity to ensure that they can always meet their liabilities as they fall due;
- having inadequate systems and controls to manage prudential risk appropriately; and
- needing to undertake better stress testing of their vulnerability to, and to establish improved approaches for dealing with, financial difficulties, including having appropriate crisis management and wind-down plans.
3. Financial crime: the FCA states that a review of the AML processes of 100 different Firms revealed several material failures in Firm systems and controls and emphasises the need for Firms to be aware of, and respond appropriately to, the financial crime risks inherent in their businesses, especially where innovative products or unusual business models are involved.
4. Financial promotions and consumer communications: the FCA has highlighted several issues with Firms’ promotions (advertisements and websites), including claims about services and pricing that cannot be substantiated, the inappropriate use of the word “free” when describing the costs involved in currency conversions and inaccurate statements regarding the protection provided to customers by safeguarding arrangements in the event of a Firm insolvency – including suggestions that statutory deposit-protection covers e-money balances or that EMIs are forms of bank
5. Governance and oversight: the FCA is clearly of the view that regulatory compliance, and the operation of appropriate compliance processes, is not being given sufficient focus in many Firms – including at director/senior management level. The rapid recent growth of many Firms is identified as a particular problem here, meaning that regulated processes are being reviewed and updated to reflect such growth sufficiently frequently.
6. Record management and reporting: Firms are instructed to ensure that they maintain records to document their compliance with the PSRs and EMRs and to enable them to respond in a timely manner to ad hoc information requests from the FCA.
For each of the above areas of concern the Letter states the action that the FCA requires to be taken by any Firm with deficiencies in its regulatory compliance and threatens that the FCA will “act swiftly and decisively” (including by cancelling or restricting a Firm’s permissions) if a Firm fails to meet its expectations. It also indicates that the FCA will be proactively identifying and contacting/visiting Firms where its analysis indicates that problems may exist in the identified areas.
The Letter closes with a timely reminder to Firms with EEA customers that, if they have not done so already, they will need to consider how the end of the Brexit transition period on 31 December 2020 will affect any ongoing relationship with those customers.
Read the original article here