Walker Guidance

, ,

RPAA Safeguarding Requirements: Protecting End-User Funds for Payment Service Providers

Published by Nancy Walker

Canada’s Retail Payment Activities Act (RPAA) introduces a supervisory framework for Payment Service Providers (PSPs) operating in Canada. One of the most important obligations under the RPAA is the requirement to safeguard end-user funds.

The purpose of these safeguards is straightforward: if a PSP experiences financial distress or operational failure, customer funds must remain protected and recoverable.

For startups building payment platforms, digital wallets, remittance services, or embedded payment products, understanding how to structure safeguarding arrangements is a critical early compliance step.

This article explains how the RPAA safeguarding requirement works, the mechanisms available to PSPs, and how these protections interact with broader operational risk obligations under the Bank of Canada’s supervisory framework.

What Are “End-User Funds”?

Under the RPAA framework, end-user funds refer to money that a PSP holds on behalf of its customers while performing a payment function.

This can occur in situations such as:

  • funds stored in a digital wallet
  • funds awaiting transmission in a remittance transaction
  • balances held for payment processing or settlement
  • stored value balances used within payment applications

Because these funds belong to customers rather than the PSP itself, the regulatory framework requires PSPs to protect those funds from the PSP’s own financial risks.

The RPAA Safeguarding Requirement

The Retail Payment Activities Regulations (RPAR) require Payment Service Providers that hold end-user funds to implement measures ensuring that those funds are protected in the event the PSP becomes insolvent or unable to continue operations.

In practice, PSPs must implement one of two primary safeguarding approaches:

  1. Segregation of funds, typically through trust or custodial arrangements
  2. Insurance or guarantee mechanisms that protect customer balances

The objective of both approaches is to ensure that customer funds remain accessible and recoverable even if the PSP fails.

The regulatory framework can be reviewed in the Retail Payment Activities Regulations (SOR/2023-229):

https://canadagazette.gc.ca/rp-pr/p2/2023/2023-11-22/html/sor-dors229-eng.html

The Bank of Canada has also published a high-level overview of safeguarding expectations:

Click to access Safeguarding-of-end-user-funds-At-a-glance.pdf

Segregation of End-User Funds

The most common safeguarding approach is segregation of customer funds from the PSP’s own assets.

In this model, funds held for customers are placed into segregated accounts at regulated financial institutions, often structured as trust accounts.

Segregation helps ensure that customer balances are not commingled with the PSP’s operating funds, reducing the risk that those funds could be claimed by creditors if the PSP experiences financial distress.

Common implementation approaches include:

  • trust accounts held at Canadian banks
  • custodial arrangements with financial institutions
  • segregated accounts dedicated to payment activity

When properly structured, segregation ensures that customer funds remain separate from the PSP’s corporate assets.

Insurance or Guarantee Arrangements

The RPAA framework also permits PSPs to safeguard funds through insurance policies, guarantees, or similar risk-transfer mechanisms.

These arrangements must provide protection that is equivalent to safeguarding customer balances in the event the PSP becomes insolvent.

In practice, this approach may involve:

  • insurance coverage protecting stored balances
  • guarantees issued by financial institutions
  • other mechanisms that ensure customer funds remain protected

Organizations considering this approach should carefully assess whether the proposed arrangement satisfies the regulatory objective of protecting end-user funds.

Operational Risk and Safeguarding

Safeguarding end-user funds does not operate in isolation. The RPAA also requires PSPs to maintain operational risk management and incident response frameworks designed to ensure that payment services remain secure and reliable.

These frameworks address risks arising from:

  • system outages
  • Cybersecurity incidents
  • internal operational failures
  • third-party service providers

The technical implementation of these controls is often closely tied to the architecture and security of the PSP’s payment infrastructure.

A technical overview of operational risk frameworks for payment service providers can be found here:

https://amicuscyber.com/articles/rpaa-operational-risk-framework/

Additional guidance on Cybersecurity expectations for PSPs under the RPAA can be found here:

https://amicuscyber.com/articles/rpaa-cybersecurity-requirements/

Practical Challenges for PSPs

In practice, safeguarding arrangements often raise complex operational and legal questions for early-stage fintech companies.

For example:

  • Which financial institutions are willing to host safeguarding accounts?
  • How should funds be segregated across payment flows?
  • How should safeguarding arrangements interact with wallet or stored-value systems?
  • How should safeguarding structures work for cross-border payment platforms?

Because safeguarding requirements intersect with banking relationships, corporate structure, and payment architecture, they are often addressed alongside broader RPAA compliance planning.

Independent Review Requirements

Certain PSPs must also conduct independent reviews of their operational risk and incident response frameworks under the RPAA regulatory framework.

These reviews evaluate whether a PSP’s operational controls, systems, and procedures effectively manage operational risks affecting payment services.

An explanation of the RPAA independent review requirement can be found here:

https://amicuscyber.com/articles/rpaa-independent-review-requirement/

Independent assessments often evaluate infrastructure security, monitoring capabilities, and the resilience of payment processing systems.

Final Thoughts

The safeguarding of end-user funds is one of the core consumer protection elements of Canada’s Retail Payment Activities Act.

Payment Service Providers must ensure that customer funds remain protected, segregated, and recoverable in the event of financial distress or operational disruption.

For fintech startups and payment platforms, addressing safeguarding requirements early—alongside operational risk, Cybersecurity, and independent review obligations—can significantly reduce regulatory friction during RPAA registration and supervision.

Related Technical Resources

Operational Risk Framework for Payment Service Providers

RPAA Cybersecurity Requirements

RPAA Independent Review Requirement

Nancy Walker

Welcome to Walker Guidance! Your trusted resource for expert advice on compliance and legal matters tailored to Fintech companies, MSBs, and payment service providers. Here, we break down complex regulatory requirements, contracts, and governance strategies into actionable solutions to help your business thrive. Let’s work together to ensure you stay compliant, build trust, and drive sustainable growth in a rapidly evolving landscape.

Recent posts