Payment Institutions and EMIs in 2026: Critical Challenges and Expert Support

Payment institutions and electronic money institutions face a demanding regulatory year in 2026. Between mandatory safeguarding reforms effective May 2026, APP fraud reimbursement obligations, intensified FCA financial crime supervision, and operational resilience expectations, the compliance burden has never been heavier - while margins remain razor-thin.

For many firms, these converging pressures threaten viability. The FCA's data shows average customer fund shortfalls of 65% when payment firms fail, with EMIs averaging 80% shortfalls. This failure record is driving the sector's most significant regulatory overhaul.

The May 2026 Safeguarding Deadline

What's Changing:

Policy Statement PS25/12 introduces the most significant changes to safeguarding requirements since the regime's inception, effective 7 May 2026.

Why This Matters: Between Q1 2018 and Q2 2023, 12 payment firms became insolvent with an average customer fund shortfall of 65%. For EMIs specifically, the average shortfall was 80%. Where funds were available for distribution, it took an average of 2.3 years to return them to customers.

Key Requirements:

Daily Reconciliations: Complete internal and external safeguarding reconciliations at least once on each reconciliation day. Internal reconciliation compares what should be safeguarded with D+1 segregation requirement. External reconciliation compares D+1 segregation requirement with actual amounts in safeguarding accounts. Firms must remediate shortfalls promptly and withdraw excess funds.

Monthly Safeguarding Returns: Due within 15 business days of month-end. Returns capture reconciliation completion status, safeguarding account details, diversification arrangements, breaches, incidents, and senior management attestations. This gives the FCA real-time visibility enabling early intervention.

Annual Safeguarding Audits: Firms must appoint qualified auditors to conduct annual safeguarding audits (unless they haven't safeguarded more than £100,000 during a continuous 53-week period). Audits assess compliance, adequacy of systems and controls, and record accuracy.

Resolution Packs: Firms must maintain resolution packs retrievable within 48 hours containing all safeguarding accounts, agent/distributor information, reconciliation records, policies, procedures, acknowledgement letters, and organizational structure. This enables rapid customer fund return in insolvency scenarios.

Acknowledgement Letters: Standardized template letters must be obtained from all banks and custodians holding safeguarded funds. Letters must be reviewed annually, replaced when details change, and retained for five years after account closure.

Diversification Requirements: Firms must assess concentration risk and diversify safeguarding arrangements where a single provider holds significant customer funds.

Operational Impact: Most firms will need automated reconciliation software, real-time data aggregation from multiple sources, monthly return generation systems, resolution pack maintenance capabilities, and comprehensive audit trails. Manual implementation is impossible for most firms.

Action Required Now: By Q1 2026, assess current reconciliation processes, identify technology gaps, review banking relationships and diversification needs, obtain updated acknowledgement letters, engage auditors, and build monthly return capability. By 7 May 2026, achieve full compliance with daily reconciliation operational, monthly returns tested, resolution pack complete, and staff trained.

APP Fraud Reimbursement Costs

The Payment Systems Regulator's mandatory reimbursement requirements for Authorised Push Payment fraud took effect October 2024. Victims must be reimbursed within five business days with a £85,000 cap per claim. A 50/50 liability split applies between sending and receiving PSPs.

The Financial Challenge: APP fraud levels remain at record highs. For firms receiving fraud proceeds (often unwittingly through mule accounts), the 50/50 split means significant reimbursement costs. Small profit margins mean reimbursement obligations can quickly overwhelm revenue, especially for firms with inadequate onboarding controls allowing mule recruitment, weak transaction monitoring missing suspicious patterns, or poor customer due diligence on higher-risk segments.

What Firms Must Do: Enhanced onboarding with robust identity verification, enhanced due diligence on higher-risk segments, fraud marker screening, and source of funds verification. Real-time transaction monitoring detecting mule account patterns (rapid in/out, structured amounts, dormancy followed by activity), fraud typologies, velocity monitoring, and real-time blocking of suspicious transactions. Effective fraud warnings when payment patterns match known fraud types. Recipient screening against fraud databases and identification of mule account characteristics. Budget for reimbursements and ensure regulatory capital adequacy considering expected fraud losses.

Intensified Financial Crime Supervision

Financial crime is the FCA's top enforcement priority, accounting for 74% of investigations opened in 2024/25. Payment institutions and EMIs face particular scrutiny due to historical control weaknesses, speed and cross-border capability making them attractive to criminals, and sector-wide failings identified in thematic reviews.

FCA's February 2025 Dear CEO Letter set out three mandatory outcomes: effective competition and innovation, not compromising financial system integrity, and consumer protection and fair treatment. Financial crime pervades all three.

Specific PI/EMI Vulnerabilities: Transaction speed making it difficult to stop suspicious transactions once initiated. Cross-border complexity requiring understanding of multiple jurisdictions' sanctions regimes and money laundering typologies. Open business models accepting customers declined by banks. Rapid growth struggling to scale compliance infrastructure at pace. Third-party reliance creating oversight challenges through outsourced onboarding, screening, and monitoring.

What the FCA Expects: Robust business-wide risk assessment analyzing your specific business model, not generic templates. Effective transaction monitoring with systems calibrated to detect your specific risks, not vendor defaults, with regular testing and tuning. Quality sanctions screening of all required parties with effective investigation of alerts. Comprehensive due diligence with complete beneficial ownership identification and adequate source of funds verification. Proactive suspicious activity reporting with timely, quality SARs to NCA. Senior management accountability with appropriately senior MLRO, board oversight, meaningful management information, and adequate resources.

Recent Enforcement Trends: VREQs (Voluntary Requirements) imposing restrictions like prohibiting new customer onboarding, limiting transaction volumes or values, requiring customer segment exits, or mandating skilled person reviews. Section 166 Skilled Person Reviews for independent assessments where weaknesses identified. License restrictions or revocations where controls are fundamentally inadequate.

Operational Resilience and Business Continuity

While not new for 2026, operational resilience remains critical following multiple high-profile payment firm outages. The FCA expects identification of important business services, mapping dependencies and vulnerabilities, setting impact tolerances, testing resilience through scenarios, and maintaining incident response and recovery capabilities.

Specific PI/EMI Challenges: Technology reliance means outages directly prevent service delivery with no branch fallback. Third-party dependencies on banking partners, scheme providers, technology vendors, cloud providers, and BaaS providers create cascading failure risks. Concentration risk from relying on single providers for critical services. Rapid change from fast product development increasing vulnerability introduction risk.

What Firms Must Build: Comprehensive mapping of all systems, dependencies, and failure modes. Impact tolerance setting defining maximum tolerable disruption. Scenario testing of key failures (third-party failure, cyber attack, technology outage). Third-party management with enhanced due diligence and ongoing monitoring. Recovery capabilities proven through testing. Communication plans for customers, regulators, and stakeholders during incidents.

Profitability and Capital Sustainability

Many payment institutions and EMIs operate unprofitably or on thin margins. Revenue challenges from intense competition driving down fees and customer expectations of low/no-fee services. Cost pressures from regulatory compliance (safeguarding systems, fraud prevention, financial crime controls), technology investment, customer acquisition costs, and growing capital requirements.

FCA Concerns: Business model sustainability, thin capital buffers unable to absorb shocks, dependence on future funding rounds that may not materialize, and risk of disorderly failure impacting consumers.

The Viability Question: An uptick in business failures is inevitable as unprofitable firms run out of runway, regulatory costs increase, APP fraud reimbursement erodes margins, and capital requirements grow. Firms must demonstrate credible paths to profitability or face potential FCA intervention requiring orderly wind-down.

What Firms Must Do: Realistic business planning with honest assessment of profitability considering full regulatory compliance costs, fraud and credit losses, and technology investment needs. Capital adequacy maintaining sufficient capital for regulatory minimums, growth plans, unexpected losses, and wind-down scenarios. Cost management prioritizing spending on core regulatory obligations, technology enabling compliance, and differentiated customer value while reducing unsustainable customer acquisition, excessive marketing, and premature internationalization. Strategic clarity about competitive positioning and path to sustainable economics.

Consumer Duty Compliance

Consumer Duty took effect July 2023 but remains an area of ongoing FCA focus in payments sector. The four outcomes—products meeting customer needs, fair price and value, consumer understanding supported, and appropriate consumer support—create specific challenges for payment firms.

Payments Sector Challenges: Disclosure complexity as many customers don't understand the difference between e-money and deposits, lack of FSCS protection, safeguarding arrangements and limitations, or fee structures. Vulnerable customers including those declined by banks, financially vulnerable, susceptible to fraud, struggling with digital interfaces, or facing language barriers. Product design questions around high fees for low-value transactions, complex fee structures, limited customer support channels, and inadequate fraud protections.

What FCA Expects: Clear communication in plain language about protections, fees, help access, and failure scenarios. Fair value assessment with evidence that fees are reasonable considering costs to serve, customer base nature, and alternatives. Adequate support appropriate for complexity, customer characteristics, vulnerability considerations, and fraud assistance needs. Outcomes monitoring with regular analysis and action when poor outcomes identified.

How Buckingham Capital Consulting Helps

Since 2013, Buckingham Capital Consulting has specialized in supporting payment institutions and electronic money institutions through regulatory challenges. We understand your business models, economics, and specific pressures.

Safeguarding Implementation Support: Gap analysis against PS25/12 requirements, technology vendor assessment and selection, reconciliation process design and testing, resolution pack development, monthly return design and submission support, acknowledgement letter implementation, auditor engagement support, diversification strategy and banking relationship establishment, staff training and procedure documentation, project management through to May 2026 deadline.

APP Fraud Prevention Framework: Onboarding enhancement for mule detection, transaction monitoring calibration for fraud typologies, real-time blocking system design, fraud warning effectiveness testing, customer education program development, capital planning for reimbursement costs, Consumer Duty alignment for fraud protection.

Financial Crime Control Enhancement: Comprehensive gap analysis against FCA expectations, business-wide risk assessment development, transaction monitoring system selection and calibration, sanctions compliance framework implementation, CDD/EDD process improvement, SAR quality enhancement, MLRO support (interim, outsourced, or advisory), remediation program management, FCA engagement and correspondence support.

Operational Resilience Assessment: Important business service identification, dependency mapping, impact tolerance setting, scenario testing design and execution, third-party risk management framework, incident response plan development, recovery capability assessment, FCA reporting and self-assessment support.

Business Model and Viability Assessment: Realistic regulatory cost forecasting, capital planning and adequacy assessment, scenario analysis for regulatory changes, wind-down planning, strategic options assessment.

Consumer Duty Compliance: Product and service assessment against four outcomes, disclosure review and improvement, fair value assessment, vulnerable customer framework, outcomes monitoring design, remediation planning.

Why Choose Buckingham Capital Consulting: Over 14 years focused exclusively on payment institutions, EMIs, and related regulated sectors. Practical implementation - we don't just identify problems, we implement solutions that work operationally. Technology understanding enabling informed technology choices. Regulatory intelligence tracking all FCA developments and supervisory priorities. Proportionate approach with solutions scaled to your firm's size, complexity, and budget. Proven track record successfully supporting numerous PIs and EMIs through authorization, growth, and regulatory challenges.

The Critical Path Forward

2026 is a make-or-break year for payment institutions and EMIs. The safeguarding deadline alone requires significant investment and preparation. Combined with APP fraud costs, financial crime scrutiny, and profitability pressures, many firms face existential challenges.

Firms that succeed will:

• Start safeguarding implementation now, not April 2026

• Invest in fraud prevention to minimize reimbursement costs

• Maintain robust financial crime controls preventing regulatory intervention

• Operate sustainable business models with credible paths to profitability

• Demonstrate strong governance and risk management

Firms that fail will:

• Underestimate implementation complexity and cost

• React to regulatory deadlines instead of planning ahead

• Prioritize growth over compliance

• Operate unprofitable models dependent on funding that doesn't materialize

• Face regulatory restrictions forcing business wind-down

The sector consolidation predicted for years is beginning. Well-controlled, profitable firms will thrive. Weak operators will exit.

Contact Buckingham Capital Consulting today to discuss how we can help you navigate 2026's challenges. With over 14 years of specialist expertise in payment institutions and EMIs, we help you build sustainable businesses that satisfy regulators, serve customers well, and achieve commercial success.