Understanding the RPAA Safeguarding Requirement
The RPAA requires payment service providers (PSPs) to protect end-user funds if they hold client money at any point before transferring it to the beneficiary. The intent is simple: protect consumers in case a PSP becomes insolvent or misuses funds.
But not all business models are the same.
- ✅ If you maintain client balances or control float, you must safeguard those funds (typically through trust accounts, insurance, or guarantees).
- ❌ If you do not hold funds — for example, you only originate remittance instructions that are executed by regulated banking partners — then safeguarding may not apply.
When Safeguarding Is Not Required
Many remittance and foreign exchange providers do not maintain ongoing client balances. Instead, they initiate transactions directly through partner institutions.
In such cases, safeguarding obligations under RPAA are not triggered — provided that:
- Any funds received are only held for short durations (e.g., <24 hours).
- Funds are segregated from company operating accounts.
- Funds are used solely to complete the payout.
- There are strong reconciliation and contingency procedures in place.Best Practices (Even if You’re Exempt)
Even if your model does not trigger formal safeguarding, regulators expect risk management and transparency. That means:
✔️ Clearly documenting that you are not a deposit-taking institution. ✔️ Disclosing to customers that funds are either transmitted by partners or temporarily safeguarded only for operational settlement. ✔️ Implementing reconciliation, fraud monitoring, and incident response procedures.
This builds trust with both regulators and clients, while positioning your business for sustainable growth.
Why This Matters Now
The RPAA becomes fully enforceable in September 2025. All payment service providers operating in Canada must be registered with the Bank of Canada and have their compliance frameworks in place.
Fintechs that prepare now will be in a stronger position to:
- Secure registration smoothly,
- Avoid regulatory surprises, and
- Build customer confidence in their operations.
If you wish to have an audit of your proposed business model — reviewed and revised by a team of fintech professionals — please don’t hesitate to reach out. We help companies align with RPAA requirements, strengthen compliance frameworks, and prepare applications for the Bank of Canada.