With the FCA’s new safeguarding regime just six months from going live, now is the moment for firms to take stock of what’s coming.
First, a reminder of the regime’s purpose: to reduce shortfalls in safeguarded funds and ensure customers get their money back quickly and efficiently. For firms that became insolvent between Q1 2018 and Q2 2023, there was on average a shortfall of 65% in funds owed to clients. Just as importantly, the FCA has made clear that the new framework will strengthen its ability to detect failings early – and step in fast.
The new regime introduces a far more prescriptive approach to the treatment of relevant funds. This removes any room for interpretation, making it easier for supervisors to initiate formal enforcement proceedings for non-compliance. Firms will now fall under two CASS chapters (10A and 15), alongside SUP3 and SUP16 of the Handbook. While much of the regime formalises existing expectations, several elements represent a genuine step change.
One major shift is the requirement to designate an individual to oversee safeguarding compliance. This must be a senior figure—ideally a PSD or EMD individual – and the FCA expects firms to be able to evidence genuine oversight. This will go hand in hand with effective real time MI and control monitoring if the individual is to be able to do their job effectively. Remember, this person will be accountable to the FCA for any shortcomings.
Another significant addition is the mandatory resolution pack. Firms must be able to produce a pack within 48 hours – some components immediately. Accuracy is essential. The pack is a living document, not a static file. The latest reconciliations, for example, must always be included. Given the extent of the information to be contained in such a pack we anticipate firms will need to invest time to ensure that they have the right information and in developing appropriate systems and controls to ensure they can access it within the FCA’s required timetable.
Third-party selection is also tightening. Firms must carry out, document and meet a defined minimum standard of due diligence when choosing safeguarding providers -whether banks, insurers, or guarantors. Perhaps the most important point here is the ability of a firm to evidence the due diligence process. Moreover, it should be noted that this is in addition to auditor selection rules in SUP3, which will also apply.
On the subject of auditors, any firm subject to a safeguarding audit should note that, in its recent webinar, the FCA confirmed that the first audit period under the new regime must end by 13 May 2027. The latest date for submitting this first audit is 13 November 2027 (a maximum of six months after the end of the audit period on this first occasion, reducing to four months thereafter). However, firms are encouraged to maintain their existing safeguarding audit cycles and to complete an earlier audit if possible.
Finally, there is a new monthly ritual to observe: the safeguarding return. This is going to be a key part of the FCA’s intelligence gathering and oversight going forward – so the normal provisions apply to the submission (i.e. complete and timely) with failure to submit bringing consequences. Firms must submit a safeguarding return (see PS25/12 for the template) within 15 business days of each month-end. With the first reporting period covering June 2026, initial submissions fall due by 15 July 2026. Firms should expect the FCA to take a dim view of those who fail this requirement.
Against this backdrop, forward-thinking firms will prioritise five actions before May 2026:
- Conduct a gap analysis of current safeguarding procedures against the new rules.
- Build the resolution pack—and, critically, the systems to maintain and retrieve it.
- Appoint the Accountable Individual with clear oversight responsibilities.
- Update reporting processes to ensure compliance with SUP6 and familiarity with the new return.
- Strengthen third-party assessment procedures to meet FCA expectations.
The clock is ticking; firms that act now will be the ones ready when the new regime lands.
Further support, If you would like to discuss further or require support in the safeguarding sphere, please feel free to get in touch with us at Cosegic.
