The Financial Conduct Authority (FCA) has issued a Dear CEO letter to Chief Executive Officers of payments portfolio firms, setting out its supervisory priorities for 2025. The Letter highlights three key outcomes that firms must focus on to ensure compliance, financial system integrity and consumer protection.
Whilst firms have made progress in governance, risk management and customer outcomes since the last review in 2023, the FCA insists that more work is required.
Three Key Outcomes for Payments Firms in 2025
The FCA has outlined three essential outcomes that firms must consistently deliver:
- Effective competition and innovation that meet customers’ needs
- Maintaining financial system integrity without compromise
- Ensuring customer funds remain safe
Each Outcome is analysed below, along with the key actions firms must take to ensure compliance.
- Effective Competition and Innovation
The FCA acknowledges that technological advancements such as Open Banking, Open Finance and digital currencies are reshaping the payments sector. However, whilst innovation has improved competition and customer experiences, the FCA warns that not all firms are consistently acting in customers’ best interests.
To address these concerns and ensure a well-functioning market, the FCA has outlined key regulatory focus areas for firms operating in the payments sector.
Key Regulatory Focus Areas:
- Consumer Duty Compliance: Many firms have successfully implemented the Consumer Duty framework, but others still fall short of expectations. The FCA will continue monitoring and enforcing compliance to ensure better consumer outcomes.
- Foreign Exchange Transparency: The Regulator is particularly concerned about the clarity of foreign exchange pricing in payment services. Firms must ensure consumers fully understand the cost of these services.
- Support for Innovation: The FCA will continue supporting firms via its Innovation Hub and Early & High Growth Oversight function, which has expanded its supervisory capacity by 50%.
- Financial System Integrity
A major priority for the FCA remains safeguarding the UK’s financial system from fraud, operational disruptions and regulatory breaches.
To strengthen the integrity of the financial system, the FCA has identified critical compliance considerations that firms must address. These include:
Financial Crime Prevention: Whilst some firms have enhanced their financial crime controls, weaknesses persist. According to the FCA, firms must:
- Strengthen governance and oversight mechanisms,
- Improve systems and controls to prevent fraudulent activities, and
- Comply with the APP fraud reimbursement rules for transactions carried out through Faster Payments and CHAPS.
Operational Resilience: The FCA has identified deficiencies in technological resilience and a lack of oversight in IT system changes.
- The March 2025 deadline requires firms to complete impact tolerance testing to ensure their business remains operational under stress.
- Firms must enhance cybersecurity measures and test their resilience against potential cyber-attacks, IT failures, or third-party risks.
- Keeping Customer Money Safe
The FCA remains concerned that some firms may not have the financial strength or controls in place to protect customer funds in the event of a business failure.
To mitigate these risks and enhance consumer protection, the FCA has set out key expectations for firms to strengthen their financial resilience and safeguarding practices.
Firms are required to safeguard funds by:
- Identifying relevant customer funds for safeguarding under the Payment Services Regulations 2017 and Electronic Money Regulations 2011;
- Conducting daily reconciliations and reporting any adverse safeguarding audit findings; and
- Ensuring that safeguarding insurance policies comply with FCA guidelines.
Firms are required to manage capital and prudential risks by:
- Meeting capital requirements on an ongoing basis;
- Ensuring they have adequate financial resources to mitigate risks; and
- Developing comprehensive wind-down plans for an orderly exit if needed.
The FCA intends to introduce new safeguarding rules in mid-2025, giving firms time to adjust their compliance frameworks.
Governance and Oversight
In addition to the above, the FCA also identifies weak governance and oversight as a key driver of compliance failures. To address this, CEOs must ensure that:
- Boards and Senior Management provide independent oversight and challenge key business decisions;
- Agents and distributors are properly monitored to minimize customer harm;
- Outsourced functions remain compliant with UK regulatory requirements;
- Hybrid business models comply with additional regulatory obligations; and
- Firms headquartered in the UK maintain operational decision-making at their UK offices.
Next Steps
The FCA expects Boards to discuss this letter and implement necessary changes to ensure compliance and risk management improvements. Firms that fail to meet regulatory standards may face enforcement action.
For further clarification, firms can contact the FCA Supervision Hub or their regular supervisory contact.
Conclusion
With increasing regulatory scrutiny and a fast-evolving payments landscape, payments firms must enhance compliance, risk management and customer protection to align with FCA priorities for 2025. Innovation and competition remain at the heart of the UK’s payments ecosystem, but firms must demonstrate high standards of governance, security and financial integrity to maintain trust and regulatory approval.
How can Complyport Help?
Complyport can support your firm in understanding and following these changes by providing:
- Regulatory Guidance: helping your firm understand the FCA’s expectations and providing expert advice on the relevant regulatory requirements;
- Documentation updates: assistance in drafting appropriate policies and procedural documents;
- Ongoing Support: providing ongoing support to ensure that your firm remains compliant as regulations evolve;
- Training: providing training sessions to educate staff on the practical requirements and best practices for compliance.
Complete the form below to book a FREE consultation.
Ask ViCA, your Virtual Compliance Assistant. Claim your complimentary 20 queries today!
