Customer funds safeguarding

safeguarding-customer-fundsDomain: paymentsType: process

Description

A working safeguarding program enforces the legal premise that customer funds held by a payments institution or e-money issuer are not the institution's funds. The components are segregation of those funds in a dedicated account at a regulated credit institution (or in approved liquid assets, depending on the regime), daily reconciliation between the customer-liability ledger and the safeguarding-account balance, and a documented insolvency-protection mechanism (usually a statutory trust or equivalent guarantee) that survives the institution's own failure. The regimes layer with similar shapes and different specifics. PSD2 Article 10 covers payment institutions; EMD2 Article 7 covers e-money institutions with end-of-business-day-after-receipt segregation. MiCA Article 75 extends an analogous regime to crypto-asset service providers, with separate accounting expected for fiat holdings versus custodied crypto-assets. The UK FCA framework (PSRs 2017 Regulation 23 and EMRs 2011 Regulations 20-22) sits on a comparable structure, with the 2024 Dear CEO letter and the Modulr and Pockit enforcement actions tightening reconciliation and qualifying-account expectations meaningfully. US state Money Transmitter Licenses operate on a permissible-investment list (cash equivalents, US government securities, qualifying bank deposits) with quarterly or monthly reconciliation, and post-FTX, Voyager, and Celsius the state regulators have collectively tightened scrutiny on segregation in practice. The insolvency angle gives this regime its bite. The customer of a safeguarded institution is not a creditor of the institution in the ordinary unsecured-claim sense; the safeguarding regime exists to make that legal posture operationally enforceable when the regulator arrives during a wind-down. Reconciliation breaks are the commonly-seen enforcement trigger. A one-off break with a documented cause and a same-day correction reads as operational noise; a sustained break reads as evidence the segregation is theoretical rather than actual, and that is the finding that draws supervisory action. Evidence formats that hold up include safeguarding-account bank statements signed by the credit institution, daily reconciliation reports keyed to the customer-liability ledger, and external auditor confirmations against both ledgers.

Applicability

Applies when: sector is fintech.

How predicates are evaluated

Required by (5 regulations)

PSD2
Article 10 — safeguarding requirements for payment institutions.
Directive (EU) 2015/2366
US MTL
Per-state permissible-investment requirements; cash equivalents + US government securities + qualifying bank deposits; quarterly/monthly reconciliation; post-FTX-Voyager-Celsius regulator attention on segregation.
Bank Secrecy Act, 31 U.S.C. §§5311-5336; 31 CFR Chapter X; per-state Money Transmitter Acts
Source →
EU EMD2
EMD2 Article 7 — safeguarding by end-of-business-day-after-receipt; segregation in qualifying credit institution OR insurance/guarantee; 2024 EBA Guidelines tightened operational expectations.
Directive 2009/110/EC of the European Parliament and of the Council of 16 September 2009
Source →
EU MiCA
MiCA Article 75 custody-of-crypto-assets segregation + recordkeeping + daily reconciliation; parallel framework for client-fund-safeguarding in CASP services involving fiat-currency holdings.
Regulation (EU) 2023/1114 of the European Parliament and of the Council of 31 May 2023
Source →
UK FCA Payments
PSRs 2017 Regulation 23 + EMRs 2011 Regulations 20-22 — segregation in safeguarding account at authorized credit institution OR insurance/guarantee; 2024 FCA Dear CEO letter tightened reconciliation + qualifying-account expectations; recent FCA enforcement actions (Modulr, Pockit) signal supervisory attention.
Payment Services Regulations 2017 (SI 2017/752); Electronic Money Regulations 2011 (SI 2011/99); FCA Handbook
Source →

Fulfilled by (1)

In-house build · high effort

Magist does not accept payment from vendors. Methodology.

Evidence formats

safeguarding bank statements
daily reconciliation reports
auditor confirmations

Magist provides legal information based on publicly available regulatory sources. It does not constitute legal advice and does not create an attorney-client relationship. Consult a licensed attorney in your jurisdiction before making compliance decisions.

Description

Required by (5 regulations)

PSD2

Article 10 — safeguarding requirements for payment institutions.

Directive (EU) 2015/2366

US MTL

Per-state permissible-investment requirements; cash equivalents + US government securities + qualifying bank deposits; quarterly/monthly reconciliation; post-FTX-Voyager-Celsius regulator attention on segregation.

Bank Secrecy Act, 31 U.S.C. §§5311-5336; 31 CFR Chapter X; per-state Money Transmitter Acts

Source →

EU EMD2

EMD2 Article 7 — safeguarding by end-of-business-day-after-receipt; segregation in qualifying credit institution OR insurance/guarantee; 2024 EBA Guidelines tightened operational expectations.

Directive 2009/110/EC of the European Parliament and of the Council of 16 September 2009

Source →

EU MiCA

MiCA Article 75 custody-of-crypto-assets segregation + recordkeeping + daily reconciliation; parallel framework for client-fund-safeguarding in CASP services involving fiat-currency holdings.

Regulation (EU) 2023/1114 of the European Parliament and of the Council of 31 May 2023

Source →

UK FCA Payments

PSRs 2017 Regulation 23 + EMRs 2011 Regulations 20-22 — segregation in safeguarding account at authorized credit institution OR insurance/guarantee; 2024 FCA Dear CEO letter tightened reconciliation + qualifying-account expectations; recent FCA enforcement actions (Modulr, Pockit) signal supervisory attention.

Payment Services Regulations 2017 (SI 2017/752); Electronic Money Regulations 2011 (SI 2011/99); FCA Handbook

Source →