DarkLight mode
News – 19.12.24
Buzzacott advises Rose Street Partners on its investment in Kenwood Damp Proofing PLC
Discover how Buzzacott supported Rose Street Partners on its investment in Kenwood Damp Proofing PLC … Read more
Insight – 18.12.24
Start-up guide: Everything you need to know about Tronc schemes to set your new hospitality business up for success
One challenge for new hospitality businesses is the management of tips and service charges. … Read more
Upcoming event – 16.01.25
VAT on Private School fees training
This in-depth, interactive training seminar is designed to provide school administrators, bursars, finance officers, accountants, and trustees with tailored support and expert insights on the practical implementation of VAT. … Read more
Find us quickly
130 Wood Street, London, EC2V 6DL
enquiries@buzzacott.co.uk T +44 (0)20 7556 1200
.jpg)
In the table below we have highlighted the key impacts that the proposals set out in the consultation paper will have on the safeguarding audit regime for APIs and EMIs.
Current position |
Proposed changes in CP24/20 |
|
| Which regulated firms require a safeguarding audit? | Currently, the guidance is set out in version 6 of the Approach Document (last updated November 2024) in which the regulator states that it expects APIs and EMIs holding relevant funds to arrange a specific annual audit of compliance with the safeguarding requirements under the PSRs and EMRs, if the firm is required to arrange an audit of its annual accounts under the Companies Act 2006. |
The regulator is proposing to codify the requirement for a safeguarding audit in rules, and to extend it to all payments firms (other than payment initiation service providers, small payment institutions (‘SPIs’) and credit unions that issue e-money, for which this will be guidance only). Even if the firm (with the above exception) was not required to safeguard relevant funds during the period, they will still require a ‘Limited assurance’ safeguarding audit. |
| Who can perform a safeguarding audit? | The audit can be performed by an audit firm or another independent external firm or consultant with the appropriate specialist skillset. | The audit must be performed by an independent, qualified external auditor. |
| What auditing framework is followed by the auditor? | There is no specific framework. | Auditors will be required to follow the audit standard to be produced by the Financial Reporting Council. |
| What should the audit report include? |
The auditor provides a ‘reasonable assurance opinion’ on:
|
An annual audit report, prepared in a prescribed format, confirming:
|
| Who is the report sent to? | The report is addressed to the institution. | The auditor must submit the report to the FCA. |
| What is the audit period? | Not mandatorily, however the FCA expected ‘some firms may wish to align the audit period with their account year end’. | No change. |
| What is the deadline? | There is no confirmed deadline. The FCA expects the report to be submitted to the firm’s management within 4 months of the audit period end date. | The report must be submitted to the FCA within 4 months of the audit period end date. |
The regulator plans to publish final interim rules with an accompanying policy statement within the first 6 months of 2025. Firms will then have a transition period of 6 months to implement the changes in the interim rules from when the final version is published. We recommend firms start planning for these changes and the new audit requirements now!
If you are an API or EMI and would like to discuss your safeguarding audit needs, please get in touch via the below form and a member of our specialist team will contact you.
Audit and assurance
1
.png)
2
Jay Patel
1 October 2024
Payroll
5
12 December 2023
