Folio 05 Insights Article

Payment Service ProviderPayment & EMI Licences

Safeguarding end-user funds under the RPAA: the three routes

Section 20(1) of the RPAA gives a registered payment service provider three ways to safeguard end-user funds: hold them "in trust in a trust account that is not used for any other purpose"; hold them in a prescribed account or manner; or hold them in a dedicated account paired with "insurance or a guarantee in respect of the funds" at least equal to the amount held. The Retail Payment Activities Regulations (SOR/2023-229) supply the mechanics: account providers meeting comparable prudential standards, a non-affiliated regulated insurer or guarantor whose proceeds sit outside the PSP's estate, and a written safeguarding framework with ledgering and fund-return procedures. Deposit insurance alone does not discharge any of this - the Bank of Canada's FAQ says so expressly - and set-off against the funds is barred. In force since 8 September 2025, the obligation follows the registration wherever it goes: under s. 24, acquiring control of a registered PSP means a new pre-closing application re-describing the safeguarding stack. The wider regime is mapped in our Canada RPAA PSP registration guide; wording here is stated as of July 2026.

Three routes, one prohibition: what s. 20(1) actually says

The statute is short and the choice is real. Route one, s. 20(1)(a): funds held in trust in a trust account used for no other purpose. Route two, s. 20(1)(b): funds held in a prescribed account or manner, subject to prescribed measures - a limb whose content depends on what the Regulations prescribe, so check the current SOR/2023-229 text before building on it. Route three, s. 20(1)(c): funds in a dedicated account, plus insurance or a guarantee in respect of them at least equal to the amount held. In practice the working decision runs between the trust route and the insurance-or-guarantee route.

Two further points sit in the statute itself. Section 20(3) bars set-off: safeguarded funds cannot be netted against amounts an end user may owe the provider. And the obligation is not aspirational - it has applied to every registered PSP since 8 September 2025, when the RPAA's operational provisions came into force, and it feeds two standing reporting rails.

RPAA s. 20(1): the three safeguarding routes (as of July 2026)

Route Statutory basis Core mechanic What it takes in practice
Route Trust account Statutory basis RPAA s. 20(1)(a) Core mechanic Funds held "in trust in a trust account that is not used for any other purpose" What it takes in practice A genuine trust structure and an account provider meeting the Regulations' comparable-prudential-standards test (SOR/2023-229 s. 13)
Route Prescribed account or manner Statutory basis RPAA s. 20(1)(b) Core mechanic Funds held in a prescribed account or in a prescribed manner, with prescribed safeguarding measures What it takes in practice Content set by regulation - verify the current SOR/2023-229 text before relying on this limb
Route Dedicated account plus insurance or guarantee Statutory basis RPAA s. 20(1)(c) Core mechanic Funds held in a dedicated account, with "insurance or a guarantee in respect of the funds" at least equal to the amount held What it takes in practice A non-affiliated regulated insurer or guarantor and insolvency-remote proceeds payable to end users (SOR/2023-229 s. 14)

The Regulations' mechanics: ss. 13 to 15

The statute names the routes; SOR/2023-229 makes them hard to fake. Section 13 disciplines where the money sits: the provider holding safeguarded funds must meet the Regulations' comparable-prudential-standards test, so end-user money cannot simply be parked with an entity outside prudential supervision.

Section 14 disciplines the insurance-or-guarantee route. The insurer or guarantor must be a regulated entity not affiliated with the PSP, and the proceeds must be insolvency-remote: they "will not form part of the payment service provider's estate" and must be "payable for the benefit of end users as soon as feasible". An intra-group guarantee fails the non-affiliation condition by construction; a policy whose proceeds flow back through the PSP's own accounts fails the estate-remoteness one.

Section 15 is the operational core: a written safeguarding framework covering ledgering, identification of end users, procedures for returning funds, and mitigation of legal risks to the funds. It is the document that turns a compliant account into a compliant system - anyone reading it should be able to reconstruct which funds belong to which end user and how they get them back.

Why deposit insurance alone fails

A recurring assumption in scoping conversations is that an insured deposit account settles the matter. The Bank of Canada's FAQ on retail payments supervision (January 2026) is explicit that deposit insurance alone "is not sufficient". The logic follows from the statutory wording: deposit insurance protects depositors against the failure of the account provider, while the s. 20(1)(c) insurance or guarantee must respond to the failure of the PSP itself, with proceeds that bypass its estate and reach end users. Different risk, different beneficiaries, different trigger - and only the second discharges the obligation. A provider that wants a dedicated account with an insurance wrapper still has to procure a policy or guarantee purpose-built to the s. 14 conditions.

The reporting machinery around safeguarding

Safeguarding is not a one-time setup; two reporting rails watch it continuously. The annual report under s. 21, due by 31 March each year, must cover - among the items prescribed by SOR/2023-229 s. 19 - the safeguarding arrangements themselves plus value, volume and end-user-funds metrics. The first reports of the full supervisory era fell due on 31 March 2026, so registered PSPs have now attested to their stack once - and will every year.

The significant-change notice under s. 22 is the sharper rail. A change that "could reasonably be expected to have a material impact on operational risks or the manner in which end-user funds are safeguarded" must be notified to the Bank at least 5 business days before implementation (SOR/2023-229 s. 20(1)). Read that literally: switching account providers, replacing a guarantee with a trust structure, or re-papering the safeguarding framework is a notify-first event.

Two adjacent clocks complete the calendar. An incident that materially affects end users must be notified to them and to the Bank "without delay" under s. 18 - the Act sets no fixed hour window, whatever secondary summaries claim. And registration-information changes carry their own windows: notice within 30 days after most changes, some requiring 30 days in advance, data-location changes 60 days before effect (SOR/2023-229 ss. 35-36).

The buyer's lens: what an acquirer re-papers on day one

Now run the same requirements through an acquisition. Under RPAA s. 24(1), if anyone plans to acquire control of a registered PSP - one third of the votes or more, per SOR/2023-229 s. 21 - the registered PSP must submit a new registration application that takes the planned acquisition into account, and be registered on that basis before the acquisition happens. Once control passes, the prior registration can be revoked under s. 52(f). Buying does not skip the queue: the acquisition-adjusted application faces the same completeness review and Minister of Finance national-security screening, whose only statutory clocks are 60 days to decide whether to review, extendable by 60, and 180 days for a full review, also extendable. No end-to-end service standard is published.

Safeguarding is where that application gets concrete. The s. 29(1) application content includes end-user funds information and the safeguarding arrangements, so the buyer is effectively re-filing the target's safeguarding stack under the new ownership structure. Three items deserve day-one attention. The insurance or guarantee: s. 14's non-affiliation condition should be re-tested against the post-closing group, because a guarantor independent of the seller may not be independent of the buyer - a diligence question to resolve, not a settled reading. The written framework: the s. 15 ledgering, end-user identification and fund-return procedures must describe the business as the buyer will actually run it. And the notice calendar: any post-closing change to how funds are safeguarded is a s. 22 significant change carrying the 5-business-day advance notice.

This is the rail on which SKY7's live Canadian lot sits: a FINTRAC-registered MSB whose Bank of Canada RPAA application has been submitted - an application in review, not a registered PSP. The honest version of that asset is a head start on the paperwork plus a FINTRAC registration that the Bank's refusal grounds under s. 48 take into account, not a licence that changes hands at closing. For the wider mechanics, see our Canadian MSB acquisition pillar. For scale: the Bank's registry listed 1,463 registered PSPs and 486 applications in review on 11 July 2026, with 40 refusals and 14 revocations published with reasons - counts that drift, so verify them on the registry before relying on them.

Five things to verify in a target's safeguarding file

  • The route, in writing

    Which s. 20(1) limb the target relies on - and, for a trust structure, evidence that the account serves no other purpose.

  • The account provider

    Confirmation that the provider holding the funds meets the comparable-prudential-standards test of SOR/2023-229 s. 13.

  • The policy or guarantee

    A non-affiliated regulated issuer, cover at least equal to the funds held, insolvency-remote proceeds (s. 14) - re-tested against the buyer's group.

  • The ledger and the return procedures

    A written framework tying funds to identified end users and saying exactly how they get their money back (s. 15).

  • The notice calendar

    The 31 March annual report, the 5-business-day significant-change notice and the 30/60-day registration-information windows, mapped onto the deal timetable.

3
safeguarding routes in RPAA s. 20(1)
8 Sep 2025
the day safeguarding and reporting obligations came into force
5 business days
minimum advance notice for a change to how end-user funds are safeguarded
31 March
annual report deadline each year for every registered PSP

FAQ

Frequently asked questions

01 Is deposit insurance on the account enough to satisfy RPAA safeguarding?

No. The Bank of Canada's FAQ (January 2026) states that deposit insurance alone is not sufficient. The s. 20(1)(c) cover must be in respect of the end-user funds themselves, come from a regulated entity not affiliated with the PSP, and produce proceeds outside the PSP's estate, payable for the benefit of end users as soon as feasible (SOR/2023-229 s. 14).

02 Can a PSP set off safeguarded funds against amounts an end user owes it?

No. RPAA s. 20(3) bars set-off against safeguarded end-user funds, and the ledgering requirement points the same way: each end user's entitlement must stay identifiable and recoverable, not absorbed into the provider's own balances.

03 How quickly must an incident affecting safeguarded funds be reported?

"Without delay" - the standard RPAA s. 18 sets for notifying the Bank and materially affected end users, with submission details prescribed by SOR/2023-229 ss. 11-12. Neither the Act nor the Regulations publish a fixed hour window; treat any specific figure in secondary summaries with caution.

04 What happens to safeguarding when a registered PSP is sold?

Acquiring control - one third or more of the votes per SOR/2023-229 s. 21 - triggers RPAA s. 24: a new registration application reflecting the acquisition, registered before closing, with the prior registration revocable under s. 52(f) once control passes. That application re-describes the safeguarding arrangements, and any post-closing safeguarding change carries at least 5 business days' advance notice.

Tell us what you need

Buying or building a safeguarding stack that survives review?

Tell us whether you are structuring a new PSP application or acquiring a registered provider, and we will map the s. 20(1) route to your model, stress-test the safeguarding file against SOR/2023-229 ss. 13 to 15, and shortlist available Canadian entities. Pricing on request.

Editorial note

Editorial disclaimer

Reviewed by Daniel Marsh. Last reviewed: 11 July 2026. This article is general information only, not legal, regulatory, tax, investment or financial advice. Statutory wording is quoted or closely paraphrased from the Retail Payment Activities Act and SOR/2023-229 as consolidated on the Justice Laws website, Bank of Canada positions from its published guidelines and FAQ, all as of July 2026; registry counts are a snapshot of 11 July 2026. Verify the current text on laws-lois.justice.gc.ca and bankofcanada.ca before relying on any dated claim.