Financial Services

Six a day? FCA sets out reconciliation rules to address safeguarding risks for UK payment and e-money firms

Published on 17th December 2025

Steps include both internal and external safeguarding tests and a second 'day after receipt' check

Payment card reader

The Financial Conduct Authority (FCA) has for a long time identified weak reconciliation practices as a significant safeguarding risk for payments and e‑money firms.  The Payment Services Regulations (PSRs) and Electronic Money Regulations (EMRs) set outcomes but are silent on the mechanics, and firms have relied on high‑level guidance in the FCA’s approach document. That flexibility has led to inconsistent practice and, in too many cases, inadequate reconciliation procedures. 

The FCA is now moving to detailed, binding rules that set out what must be reconciled, how and how often, how discrepancies must be addressed, the records firms must keep and when to notify it of issues.

The reconciliation changes are part of the FCA's wider safeguarding reforms to protect UK consumers, with the final rules for payments and electronic money firms due to apply from May 2026.

What reconciliations will be required?

  • Internal safeguarding reconciliation. A daily test that the “safeguarding resource” equals the “safeguarding requirement”.
  • "D+1" comparison. A second, daily internal check confirming that, by close of business on the day after receipt – that is, "D+1" –  relevant funds that should be held with a safeguarding institution are actually in designated safeguarding accounts or invested in relevant assets.
  • External safeguarding reconciliation. A daily comparison of the firm’s internal records to third‑party records (for example, safeguarding banks, persons providing accounts for relevant funds, and authorised custodians). Insurance policies and guarantees are excluded from the external reconciliation.

Frequency and reconciliation point   

  • Daily cadence. Internal and external reconciliations must be performed at least once on each business day. Weekends, bank holidays and any day when the relevant foreign market is closed do not count as business days.
  • Fixed reconciliation point. Firms must select reconciliation points and use the same time every business day. Reconciliations are based on the records as at the corresponding reconciliation point (so far as possible for external reconciliations). 

Internal records and data sources

  • Use of internal records. For the internal safeguarding reconciliation, firms must use the values in their own records and ledgers (for example, the payment accounts they operate, their cash book or other internal accounting records), rather than figures taken directly from banks or custodians.
  • Third‑party data to build internal records. Recognising payments firms’ reliance on partners for data, the rules allow firms to use third‑party data to create and maintain internal records where no other method could reasonably be employed. In practice, near real‑time feeds – for example, via API (application programming interface) –  from safeguarding banks can populate the firm’s ledgers, provided those data are incorporated into and controlled within the firm’s internal accounting records.
  • Prescriptive data. The FCA has deliberately avoided prescribing which data sources to use. It expects firms to assess appropriateness case by case. Identifying data sources, data traceability, controls and potentially service level agreements (SLAs) with banking and payment partners are likely to be a core focus of firms’ implementation planning. 

Separate pools for e‑money and unrelated payment services

Electronic money institutions (EMIs) that also provide unrelated payment services must safeguard e‑money funds separately from funds for those unrelated services, and run separate internal and external reconciliations for each pool. Practically, these EMIs (73, according to the FCA) may, therefore, need to perform up to six reconciliations per business day, with associated record‑keeping and notification requirements.

How the internal safeguarding reconciliation works

The core internal reconciliation confirms that everything that should be safeguarded is safeguarded—that is, the total safeguarding resource matches the total safeguarding requirement.

Firms must also confirm that, by D+1, all relevant funds are actually held with a safeguarding institution: either in designated safeguarding bank accounts or invested in permitted secure, liquid relevant assets. 

External safeguarding reconciliation

Firms must reconcile their internal records to third‑party records from safeguarding banks, persons providing accounts for relevant funds, and authorised custodians, using the same daily reconciliation point (so far as possible). Insurance policies and guarantees are excluded from the external reconciliation.

Non‑standard internal reconciliation methods

Firms can adopt a non‑standard internal reconciliation method if they document in writing why the method meets safeguarding obligations; and obtain a written report from an appropriately qualified independent auditor confirming compliance (separate from the annual audit).

Frequency cannot be relaxed. Firms must not materially change a non‑standard method unless the same conditions are met. The non‑standard option is not limited by firm type; it is available to any firm that can justify – and obtain an independent auditor’s report confirming – that its method meets the safeguarding obligations.

In the market, it is expected to be relied on by acquirers, firms with payee‑liability business models, those undertaking multiple different regulated activities, and businesses with complex and global operating models.

Handling discrepancies

The handling of reconciliation discrepancies is governed by distinct rules, depending on whether the discrepancy arises from internal-D+1 reconciliations or from external reconciliations against third‑party records.

Internal and D+1 reconciliation discrepancies 

Determine the reason for the discrepancy and ensure any shortfall is paid into the relevant funds bank account as soon as possible or by the end of the day on which the reconciliation is performed; and any excess is withdrawn from the relevant funds bank account (the rules do not explicitly state this is required in relation to D+1 reconciliation discrepancies, although it is unclear why excess withdrawal would not apply to D+1).

For D+1 discrepancies, if it is not possible to use relevant funds to top up the relevant funds bank account, the firm must use its own funds to top up, even if this leads to a discrepancy between the safeguarding requirement and safeguarding resource. This rule is drafted expressly in the context of D+1 discrepancies; it is uncertain why a similar own‑funds top‑up is not specified for internal reconciliation shortfalls more generally.

External reconciliation discrepancies

These will need to be investigated and all reasonable steps taken to resolve without undue delay (unless the difference is solely a timing issue between systems).

If the discrepancy cannot be immediately resolved and any record indicates more relevant funds are required than are held, treat that record as correct and top up the relevant funds bank account using the firm’s own funds until resolved.

FCA notifications

A firm must notify the FCA in writing without delay if it is unable to or materially fails to:

  • conduct the internal safeguarding reconciliation in accordance with the rules;
  • pay any shortfall into or withdraw any excess from the relevant funds bank account (that is, it cannot comply with discrepancy remediation);
  • conduct the external safeguarding reconciliation in accordance with the rules; or
  • identify and resolve discrepancies arising from external reconciliations.

Also, firms must notify the FCA if, at any time in the preceding 12 months:

  • the amount of relevant funds safeguarded was materially different from the total aggregate amount required under the PSRs or EMRs; or
  • internal records and accounts of relevant funds were materially out of date, inaccurate or invalid.

Practical steps

  • Update safeguarding reconciliation policies and procedures against the new rules.
  • Strengthen record‑keeping and controls over internal ledgers (including data incorporated from third‑party sources).
  • Align systems and workflows to perform daily reconciliations at a fixed reconciliation point, with audit trails.
  • Confirm data sources, traceability and messaging with safeguarding account providers; revisit SLAs where needed.
  • Refresh discrepancy‑management processes and escalation paths.
  • Train staff on the new reconciliation requirements and controls.
  • If considering a non‑standard method, prepare the written justification and line up auditor capacity for the independent report.

Osborne Clarke is supporting payments and e‑money firms to interpret the rules, design proportionate reconciliation methods and controls (including non‑standard approaches), and implement practical, robust processes ahead of go‑live. Please contact us to discuss what these requirements mean for your business.

This is the first Insight in our series on the FCA's safeguarding regime for payments and e-money firms, which will next focus on how to navigate CASS 15 acknowledgement letters.  

Related articles
European Parliament recommends clear, proportionate rules and supervisory coordination for AI in financial services
17/12/2025 2 mins
Spain's Supreme Court requires using the address provided for tax notifications
24/10/2025 3 mins
International Funds Focus Quarterly | October 2025
16/10/2025 3 mins
FCA launches motor finance consumer redress scheme consultation in UK
14/10/2025 6 mins
Interested in hearing more from Osborne Clarke?

Register now for more insights, news and events from across Osborne Clarke

Sign up

* This article is current as of the date of its publication and does not necessarily reflect the present state of the law or relevant regulation.

Connect with one of our experts

Interested in hearing more from Osborne Clarke?

Register now for more insights, news and events from across Osborne Clarke

Sign up