CASS 15 Safeguarding Audit

What Is a CASS 15 Safeguarding Audit?

CASS 15 is a new chapter of the FCA's Client Assets Sourcebook, introduced by Policy Statement PS25/12 and in force from 7 May 2026. It applies to authorised payment institutions (also known as API’s), authorised and small e-money institutions, and credit unions that issue e-money in the UK.

The rules require these firms to safeguard relevant funds (being customer money received for payment transactions or in exchange for e-money), by holding it in designated accounts at approved banks, or in qualifying liquid assets, kept strictly separate from the firm's own money.

Under the new regime, any firm that holds £100,000 or more in relevant funds during a 53 week period must arrange an annual safeguarding audit and submit the resulting report to the FCA. This audit must be conducted by a registered auditor, regulated by a recognised supervisory body such as the ICAEW. Prior to CASS 15, safeguarding reviews could be carried out by compliance consultants with no auditor registration or professional accountability to the FCA. That is no longer permitted.

The key changes introduced by CASS 15 include, but are not limited to:

  • Mandatory annual safeguarding audit conducted by a registered auditor and submitted directly to the FCA by the firm, replacing the previously informal and inconsistently applied review process;

  • Daily reconciliations of safeguarded funds, both internal and external, on every business day;

  • Resolution packs must be maintained per CASS 10A. These will contain all documentation an insolvency practitioner would need to identify and begin returning customer money and must be retrievable within 48 hours of appointment;

  • Monthly safeguarding return submitted to the FCA providing standardised data on the firm's safeguarding position;

  • Named senior manager accountability with a single director or senior manager responsible for operational oversight of the regime and annual reporting to the board;

  • Third-party due diligence requirements on all banks, custodians, and other parties involved in holding or managing relevant funds; and

  • Prescribed acknowledgement letters now mandatory in a standard template form (CASS 15 Annex 1) for every relevant funds bank account and relevant assets account, replacing the previously guidance-based expectation

Who needs a Safeguarding Audit?

sdvasdv

CASS 15 Safeguarding Audit Checker | Black Maple

Do you need a CASS 15
safeguarding audit?

Answer four questions to find out whether your firm has a legal obligation to appoint a registered auditor under FCA PS25/12 and SUP 3A.

FCA PS25/12 · In force 7 May 2026
Find out in minutes whether your firm needs a safeguarding audit

This tool follows the decision logic of CASS 15 and SUP 3A as introduced by the FCA's Payments and Electronic Money (Safeguarding) Instrument 2025. Your result includes the relevant regulatory references.

What the Audit Covers..

sdvasdv