FCA issues new guidance on tougher UK payment sector rules as the regulator sharpens its supervisory framework for payments firms
The Financial Conduct Authority (FCA) has published fresh guidance on new and tougher rules for the UK payments sector, according to Law360. The guidance is directed at payments firms operating in the UK and addresses the implementation of what the regulator describes as more demanding compliance standards. The full content of the guidance is behind a paywall, but the story is filed under the FCA's insurance and payments regulation remit and marks the FCA's latest step in raising supervisory expectations for payment service providers. The move is consistent with the FCA's broader direction of travel: the regulator has been progressively tightening its grip on the payments sector over recent years, focusing on safeguarding requirements (the obligation of payments firms to ring-fence customer funds), anti-money laundering controls, and — most recently — consumer protection standards introduced under the Consumer Duty framework that came fully into force in 2023 and 2024. For payments firms, including e-money institutions (EMIs — companies licensed to issue electronic money) and authorised payment institutions (APIs), new guidance from the FCA creates an immediate compliance review obligation as firms map their current practices against the regulator's updated expectations. The UK payments market is one of the largest and most densely regulated in Europe, and FCA supervisory guidance — even when framed as non-binding — carries significant practical weight because firms are expected to demonstrate compliance with the FCA's stated expectations or explain their divergence.
Why this matters
FCA guidance on payments sector rules activates compliance and regulatory advisory work across a broad range of firms: challenger banks, e-money institutions, payment processors, and embedded finance providers all fall within scope. The practical effect of new guidance is that in-house legal and compliance teams must conduct gap analyses against the FCA's published expectations and, where gaps exist, produce remediation plans. External counsel are typically instructed to assist with the gap analysis, draft regulatory notifications, and in some cases coordinate with the FCA directly. The timing — with the Consumer Duty now fully embedded and the FCA signalling a more demanding supervisory posture — suggests this is part of a sustained regulatory intensification rather than a one-off guidance update.
On the Ground
A trainee on a payments regulation matter would assist with drafting compliance gap analysis memos comparing the firm's current practices against the FCA's new guidance, help maintain a remediation tracker to monitor corrective actions, and support the preparation of regulatory notification letters to the FCA where required.
Interview prep
Soundbite
FCA payments guidance forces every e-money institution and payment processor to run an immediate gap analysis against tougher compliance standards.
Question you might get
“What is the practical difference between FCA rules, guidance, and good practice, and why does that distinction matter for a payment firm's compliance obligations?”
Full answer
The FCA has issued new guidance setting out tougher expectations for UK payments firms, adding a fresh compliance obligation for e-money institutions and authorised payment institutions that must now map their practices against updated regulatory standards. This matters because FCA guidance, while technically non-binding, is treated as effectively mandatory by firms seeking to avoid supervisory challenge — creating an immediate advisory mandate for compliance and regulatory lawyers. The broader context is the FCA's sustained effort to raise standards across financial services following the Consumer Duty rollout, with the payments sector a particular focus given the rapid growth of challenger banks and embedded finance. Firms that delay their gap analysis risk being found non-compliant during an FCA supervisory visit, a risk that is especially acute for firms seeking to expand their regulatory permissions.
My notes
saved