Blog
FEBRUARY 20, 2026 • 5 MIN READ
How to Complete the FCA Safeguarding Monthly Return (Guide for APIs, EMIs, SPIs and SEMIs)
Fiona Jelly,
Founder & CEO of Complyfirst
This applies to PIs/EMIs in the UK
The Bigger Picture: FCA Safeguarding Reform
Before we zoom into the “how-to’s” of the monthly return, it’s worth stepping back on the bigger safeguarding changes happening around it.
The new safeguarding regime goes live on 7 May, and it’s basically the biggest overhaul of safeguarding rules since the PSRs and EMRs came into force.
It’s been driven by some high-profile firm failures, including Ipagoo in 2019, which exposed issues like poor record-keeping, years of delays, and customers recovering less than half of their funds.
So the FCA is trying to close those gaps, and the direction of travel is tighter controls, more evidence, and more frequent reporting.
So what does that actually look like in practice? Let’s break it down.
TL;DR
The FCA’s new monthly safeguarding return requires UK APIs, EMIs, SPIs and certain SEMIs to submit detailed information on how relevant funds are safeguarded under the PSRs and EMRs. The return covers safeguarding methods, balances, reconciliations, record-keeping, breaches and resource-vs-requirement comparisons, and must be submitted via RegData within 15 business days of month-end. Firms should now assess scope, confirm which sections apply, and implement repeatable monthly reporting processes ahead of the new regime effective 7 May 2026.
Five Core Safeguarding Changes
At a high level, the FCA is tightening safeguarding across five key areas:
- Daily reconciliations: The FCA expects reconciliations at least once on each “reconciliation day” rather than every business day, comparing safeguarding requirements vs safeguarding resource, i.e. what you should be holding vs the amount actually sitting in accounts.
- Resolution packs: These must be maintained as a live document containing: all safeguarding accounts and custodians, a list of agents and distributors, step-by-step procedures for returning funds, and copies of safeguarding contracts.
- Annual safeguarding audits: These must be completed for most firms (unless safeguarded funds are under ÂŁ100k over the past 53 weeks). The auditor must be qualified and have safeguarding experience. The first audit is due within six months of period end, then four months thereafter.
- Stronger third-party oversight: Firms are expected to manage who holds their safeguarded funds and/or how funds are invested, and what you’ll do if insurances or guarantees lapse, with documented decisions and the ability to act quickly.
- A new monthly FCA safeguarding return: All firms must submit a new monthly return to the FCA, and we’re going to zoom in on exactly what that return asks for now.
The objective for this return is to ensure the FCA receives regular and comprehensive information about a firm’s safeguarding of relevant funds.
What Does the FCA Monthly Safeguarding Return Require Firms to Report?
At a high level, this monthly return covers:
- Your safeguarding method
- Balances
- Institutions where funds are held
- Resource vs requirement
- Reconciliations
- Record-keeping
- And notifiable breaches
Who Must Submit the FCA Safeguarding Return?
And the question every firm asks: does this report apply to me?
- It applies to all safeguarding institutions. That includes APIs, EMIs, and SPIs and SEMIs where they have opted into safeguarding.
- And the “what you need to report” is any relevant funds safeguarded under the PSRs or EMRs.
When and How to Submit the FCA Safeguarding Return
The return needs to be submitted within 15 business days after month-end via the FCA RegData platform. The first month is May, so 15 business days after month-end would be 19 June. Make sure to mark that in your diaries!
Which Sections of the FCA Safeguarding Return Apply to Your Firm? (Conditional Reporting Explained)
Now there is one key consideration with this return, namely that sections are conditional:
- Sections 1, 2 and 9 apply to all firms
- Sections 3–8 apply only if you were required to safeguard during the period
- Sections 10–17 only apply for unrelated payment services, so if you’re an EMI providing UPS unrelated to your e-money issuance, a SEMI who opted in, or a credit union who opted in
Data Fields Needed for Submission: Section-by-Section Breakdown
Now on to the data fields you’ll need to collect.
If you were required to safeguard during the period, sections 1–9 apply:
| Section | What you need to report on |
|---|---|
| 1. Basic set-up | Your firm name, category of safeguarding institution, and details on your last safeguarding audit. |
| 2. Safeguarding method | If you were in scope for safeguarding, what method did you use (segregation, insurance/guarantee, or some combination), the number of clients you safeguarded for, and any use of non-standard internal reconciliation procedures during the period. |
| 3. Balances | Simply your highest and lowest safeguarding requirement during the period. |
| 4. Where funds are held | If segregation is used: the institution where funds are held, the type of account, number of accounts, total amounts held, country, and whether the contract is fixed-term or has a notice period. For insurances/guarantees: name of insurer or guarantor, amount covered, date of expiry, and total overdue premiums. For investment in secure liquid assets: the asset type, name of custodian, and total value of assets held at the end of the period. |
| 5. Resource vs requirement | You report what you’ve actually safeguarded across bank accounts, segregated funds not yet placed, relevant assets, and any insurance/guarantee cover. Then you compare that to what you should be safeguarding (including any amounts received but unallocated to an individual client). Then you work out whether you had an excess or shortfall at month-end and disclose what you did to fix it. |
| 6. The D+1 (Day plus 1) segregation check | You report your requirement vs resource from your last internal reconciliation, along with any adjustments made. |
| 7. Reconciliations | Did you carry out internal reconciliations using your own records every reconciliation day, and did you carry out external reconciliations using external evidence (e.g. bank statements)? |
| 8. Record-keeping | This is your inventory of all safeguarding accounts and assets, including how many accounts you had at the start of the month, how many you opened, how many you closed, and how many you had at the end of the month. Then you confirm how many of those accounts are covered by an acknowledgment letter, and if letters are missing, explain why. |
| 9. Notifiable breaches | This is where the FCA is basically asking: did anything happen this month that you were required to notify them about under CASS, for example material errors in records, failed reconciliations, unresolved discrepancies, material shortfalls, insurance/guarantee about to expire without replacement lined up, or any other breach of duty under CASS 15. |
For firms providing unrelated payment services, i.e. payment services unrelated to the issuance of e-money, you repeat the same checks as above in sections 10–17.
EMIs who provide UPS, SEMI opt-in firms, and credit union opt-ins may have to complete this section.
Practical Next Steps
- Determine scope: Are you required to safeguard (did you opt in), and do sections 10–17 apply based on your business model?
- Can you automate this? You’ll be doing this monthly, so a canned extract will be essential.
- Diary submissions: They’re due 15 business days at the end of each month.
Make Monthly FCA Safeguarding Reporting More Manageable with Complyfirst
The move to a mandatory monthly FCA safeguarding return changes the rhythm of reporting for UK APIs, EMIs and SPIs. The rules themselves are familiar, the challenge is pulling everything together consistently within a 15-business-day window each month.
Safeguarding data usually sits across finance, operations and compliance, so without the right structure it can turn into a manual consolidation exercise at month-end. Complyfirst addresses this by connecting directly to underlying safeguarding data and integrating with the FCA’s RegData platform, removing repetitive data entry, spreadsheet-based aggregation and reconciliation mismatches.
With automated data collection, built-in validation, structured approvals and clear audit traceability, firms can move from reactive month-end reporting to a controlled and repeatable FCA submission process.