A Closer Look at Safeguarding in Regulated Institutions

With all money held by Wirecard Card Solutions (WCS) recently frozen, questions are rightly being asked about safeguarding procedures and whether a consumer’s money being held with WCS is protected?  This short blog explains safeguarding and how safeguarding works in practice at regulated institutions like Nuapay.



Who is Wirecard Card Solutions (WCS)?


WCS is an Electronic Money Institute (EMI) authorised by the FCA.  Under their EMI licence, they hold a range of permissions, including permission to issue payment instruments, acquire payment transactions, and issue electronic money accounts.  For the most part, WCS is a business-to-business provider, selling its solutions to a range of other clients, such as Pockit, Curve and Anna Money, who in turn issue prepaid or e-money accounts directly to consumers.  Most customers would not know that they are using WCS’ solutions, unless they check the small print, which is normally found on the back of their payment card or at the bottom of the website like this one:


“The card and account is issued by Wirecard Card Solutions Ltd (“WDCS”) pursuant to license by Mastercard International Inc. WDCS is authorised by the Financial Conduct Authority to conduct electronic money service activities under the Electronic Money Regulations 2011 (Ref: 900051).”



How do EMIs and APIs protect customers money?


EMIs and Authorised Payment Institutes (APIs like Nuapay) have different regulations to banks and credit institutes.


Money held with EMIs or APIs is not protected by the Financial Services Compensation Scheme (the FSCS provides a government back guarantee for the first £85,000 of deposits isn’t relevant).


Instead, EMIs and APIs are subject to what are known as “safeguarding” protections that are outlined in the relevant bits of legislation (the Payment Services Regulation 2017 in the case of APIs or the Electronic Money Regulations 2011 in the case of EMIs).



What are the safeguarding protections that EMIs and APIs must adhere to?


Safeguarding requires that EMIs and APIs ringfence and protect client funds so that in the event the company is wound up funds are available to be distributed back to customers.  Under the safeguarding obligations there are certain requirements that we must meet:


  1. Funds must be safeguarded from the time they are received
  2. Funds must be segregated from the money of the actual business
  3. Funds must be placed in separate, specifically designated safeguarding accounts at a credit institution (although there are some alternative mechanisms that can be used, such as holding insurance bonds).  For APIs, this must be done by the end of the next business day after the funds are received, although at Nuapay we do this more frequently.
  4. Proper procedures and processes need to be put in place to show how the money is being safeguarded in accordance with requirements, including accurate records documenting the customers balances being held within the safeguarding accounts
  5. Plans need to be put in place for how customers will access the money in the event the firm is to become insolvent



How does that work in practice at Nuapay and other institutions?


Practices for actually safeguarding money can vary significantly among EMIs and APIs.


At Nuapay, all our GBP funds are safeguarded in real-time in accounts at a UK credit institution.   As soon as any funds are received into our accounts, we make an equivalent transaction moving the money into designated safeguarding accounts that are held with our clearing bank.  Given the nature of our accounts, this is done automatically as soon as the money is received.  Equally, when customers make payments from any accounts held with us, we automatically reduce the balances held in our safeguarding accounts in order to make the outbound payment.  Records are kept of the underlying customer balances both by us, and also our safeguarding account provider, so there is a real-time and accurate record of the funds customers hold with us.


The actual movement of money is monitored throughout the day by our Finance and Treasury teams.  This is then fully reconciled to ensure the balances in the safeguarding accounts match the balances we are holding for customers.


The procedures surrounding this are well documented, and work in a similar way for our customers who hold accounts with us that are denominated in Euros.


Our approach at Nuapay is above the regulatory minimum, providing additional protections to our customres. Other institutions may operating their safeguarding procedures differently, including waiting until the end of the business day to move net funds into separate safeguarding accounts.



Are there still risks for customers?


If proper safeguarding practices and procedures are in place, then the risk to the consumer of losing funds in the event of an API or EMI encountering an insolvency event is small.  The equivalent funds should be held in an account with a credit institution, particularly where organisations are safeguarding in real-time like Nuapay.


If, for whatever reason, the API or EMI triggers an insolvency event, then the FCA will distribute funds from the safeguarding accounts back to the customers that rightfully own them.  While this should ensure all customers get their money back, this approach may take several weeks or months to happen, meaning customers may have to wait to access their money.


If safeguarding is so rigorous, why did the FCA freeze WCS funds? 


The FCA routinely conducts audits of procedures.  Nuapay, for example, had a thorough audit of our safeguarding procedures carried out by the FCA in 2020.


In Nuapay’s case, the FCA found no changes to our safeguarding procedures were required.


However, in the broader market there have been some concerns about safeguarding practices by EMIs and APIs more generally.  Recent comments by the FCA stated:


“We have found evidence that some firms have not implemented the Electronic Money Regulations 2011 or Payment Services Regulations 2017 as we expect. Examples include commingling of customer and firm funds, firms keeping inaccurate records and accounts, and not having sufficiently effective risk management procedures.”


By requiring WCS to cease all regulated activities, in effect freezing accounts, the FCA was seeking to ensure that any money held in safeguarded accounts is protected and ringfenced to WCS’ customers. The FCA’s action, although controversial was clear in its rationale:


“Our primary objective is to protect the interests and money of consumers who use Wirecard.”


Given the proceedings at Wirecard over the previous week, the FCA needed to ensure sufficient funds were in the safeguarding accounts, and that the money was not being moved out of safeguarding accounts or back to other entities in the Wirecard Group.  If the FCA hadn’t frozen the accounts, and it is subsequently found there were insufficient funds in safeguarding accounts to return money to the consumers, then that would have been a worse outcome for customers.  Unfortunately, the FCA was caught between a rock and a hard place on this one.


How will customers get access to their money?


The FCA has now provided consent for WCS to resume operational activities.  They have imposed additional requirements on WCS in order to protect customer funds – this includes restrictions on where WCS can safeguard money, and restrictions on its ability to move its own assets.  Customers using services such as Pockit and Anna Money may be able to continue to use their accounts as per normal, with WCS continuing to operate now with these restrictions in place.

1000 600 Mark McCabe

Want to learn more?

or any press enquiries please contact Marie O’Riordan, Global Director of Public relations:
+353 87 39 333 71