E-money firms are scandal waiting to happen; deposit protection, more regulation required

Published on 24th July 2020

Rachel Wolcott, Sr. Editor, Regulatory Intelligence Reuters and Accelus News

UK electronic money institutions (EMI) are a client money scandal waiting to happen requiring deposit protection as well as enhanced capital buffers and inclusion in the Senior Managers Regime (SMR), leading industry officials said. Questions about their financial health, which may have been worsened by the pandemic, have made their safeguarding arrangements an area of particularly serious regulatory concern.

“If [EMIs] are becoming systemically important utilities and they have control of people’s money while in transit or they hold these client monies for a while then they have to be regulated in a different way,” said John Byrne, chief executive at Corlytics, a regulatory risk data and analytics company in Dublin.

The 2,000-plus Financial Conduct Authority (FCA)-authorised EMIs, authorised payment institutions (API) and small payment institutions (SPI) operating in the UK are not covered by the Financial Services Compensation Scheme (FSCS). SPIs, which provide the same services as APIs but with smaller amounts of money, lack safeguarding obligations.

That means if EMIs or other payment firms go bust customers may lose their money if safeguarding arrangements have not been made or firms dipped into client money to stay afloat. This lack of FSCS coverage has upped regulators’ sense of urgency around EMIs’ safeguarding of client money, officials said.

The problem first appeared in 2018 when the FCA put Premier FX, a money remittance firm, into administration and some customers lost hundreds of thousands of pounds. The FCA launched a fraud investigation, which continues, in part to discover what happened to Premier FX customers’ money.

DAMN COULD BURST

“[Premier FX] hasn’t really hit the headlines much, probably because it was quite a small firm, although the personal losses for some individuals were huge. Clearly, if one of the bigger payment firms went down, there would equally be no government-backed compensation scheme for e-money or payment services firms. Many people will think their deposits are protected by compensation schemes if they are dealing with regulated entities, but they are not. It is a bigger scandal that’s waiting to happen, and the regulators and legislators have had plenty of notice,” said Thomas Donegan, a partner in Shearman & Sterling’s London financial institutions advisory and financial regulatory practice.

Payment services firms, EMIs, APIs and SPIs, were established under the Payment Services Regulations separate from the Financial Services and Markets Act 2000 and were excluded from the FSCS.

The FCA’s recent ” Dear CEO” letter and additional guidance to EMIs and payment services firms again highlighted safeguarding arrangements and prudential obligations however for customers of firms in financial trouble now it may be too late.

“Payment services firms do have these segregation requirements effectively similar to client assets, client money, but we’ve seen before with firms like Lehman and MF Global that firms don’t always segregate client money correctly. We’ve seen countless times going back to almost every banking scandal over the last 30 years that when firms are in trouble you often find people scooping into the client money to stay afloat. If everyone segregates client money properly, never mis-applies, in theory there should be some client money there. However customers are looking at an insolvency process that can last 10 years whereas the FSCS can be done within a week or in complicated cases a year and a half,” Donegan said.

LEGISLATION NEEDED

The UK government should enact legislation to bring EMI and other payment services firms into the FSCS, he said.

Unfortunately, it often takes firm failures — and there could be several — for the FCA be able to issue tougher guidance, a senior official said. It will be a while before enforcement actions appear, but experts expect several, just like the regular fines for client money failings meted out over the past six years.

Byrne said: “The big payment providers need to be regulated from a prudential point of view rather than just a conduct of business point of view. There isn’t enough prudential regulation on the bigger firms. Can they stay in business without capital injections all the time from the private equity side? They can’t hold capital if they run through it at a rate of knots,”

THE FCA AND EMIs: STEEP LEARNING CURVE

The first Payments Services Directive (PSD) came into force in 2007, followed by several updates PSD2 in 2018 and the Electronic Money Regulations 2011 ( EMR).

The FCA, however, did not establish a dedicated team for the sector until 2017 at the earliest. Early on it had less than one full-time employee dedicated to EMIs, while it authorised 200-300 EMIs a year. Meanwhile the EMI, payment services markets had, officials said, moved ahead of the regulator which faced a steep learning curve.

The 2018 Premier FX scandal was probably the catalyst for the FCA to increase headcount, visit conduct a multi-firm review and publish two “Dear CEO” letters ( 2019 and 2020) as well as finalised guidance, officials said.

The 2019 multi-firm review covered 11 non-bank payment service providers (PSPs) to assess how well they met the requirements
for safeguarding service users’ funds set out in the Payment Services Regulations 2017 (PSRs) and EMRs. The FCA reported poor safeguarding understanding and compliance. Firms were required to attest they had carried out a review of safeguarding arrangements and were satisfied they were compliant.

SOME EMIs ALREADY SYSTEMICALLY IMPORTANT

No one yet knows how systemic EMIs’ and APIs’ safeguarding and financial sustainability issues are, including the FCA, because it will have been unable to visit many. It is simply a matter of the number of firms versus FCA resources.

Officials suspect, however, there is enough of a minority in trouble to merit more regulatory attention if not intervention. It is at times such as these, they said, when Ponzi scheme frauds are revealed and finding a hole in firms’ safeguarding account is more likely too.

“It’s interesting the regulator is locking onto client assets. It’s always been a risk but now they’re putting it up there as the number-one risk. I think where this is going is the payment providers are going to be regulated as if they are any other financial institution. They got a bit of leeway because they were new entrants and the regulators have a competition and innovation mandate,” Byrne said.

The Bank of England’s Financial Policy Committee’s July 2019 Financial Stability Report expressed concerns about EMI’s impact on wider financial stability.

“It has become increasingly difficult, within the current framework, for any one of [the UK regulators] to assess risks across the overall payments network. Where innovators are seeking to develop new payment methods and infrastructures, the Bank will be vigilant to the potential impacts on the stability of the financial system,” it wrote.

The committee said it would assess “developments in the scope and nature of regulation for payments and other innovative financial services to ensure the approach reflects their systemic importance”.

How far regulators will go with further EMIs rules will depend on how big the risks become. Regulators’ innovation and competition mandate means these firms have benefited from a less stringent regime as countries sought to be attractive to EMIs and fintechs more generally.

“There’s a fairly delicate balance between encouraging these companies to invest and establish businesses in the UK, and regulating their activities. As the number of people who switch to using these services, as opposed to traditional ones, increases, the risks will crystallise. A lot of fintechs are geared more toward tech rather than financial services and some may lack compliance expertise and financial experience. Also, traditionally, a lot of tech companies fail. That’s the model. But when financial services firms fail, there are consequences for a lot of people,” said Mathew Orr, a senior associate in Shearman & Sterling’s litigation practice in London and who formerly worked at the FCA.

ACT LIKE A BANK, OFFER BANK-LIKE SERVICES BUT… NOT A BANK

Already a small number of these EMIs have amassed large market shares and even though they are not banks, they behave like them offering bank-like services while not being a bank and, crucially, providing no FSCS protection.

“When a small number of payment providers have a large part of the market share they are going to be systemically important utilities just like banks are, but they aren’t run like that. If you have a tech company that’s an essential part of the [financial] infrastructure and its propped up by private equity funds that’s never been profitable it doesn’t matter what the regulators do. What the regulators need to do is look at whether [a business model] is sustainable and profitable. The issue with the payment providers is they’ve got to a place where they’ve acquired enormous scale and have amassed huge amounts if investor capital, but if they’re loss making, they’re not sustainable. If you look at all the banks and all the sustainability criteria they have to meet, you have to ask the question — the banks would not be left to run their businesses like this?” Byrne said.

Originally printed 16 July. Reprinted with permission from Thomson Reuters Regulatory Intelligence. (https://legal.thomsonreuters.com/en/products/regulatory-intelligence)

________________________