Three routes, one prohibition: what s. 20(1) actually says
The statute is short and the choice is real. Route one, s. 20(1)(a): funds held in trust in a trust account used for no other purpose. Route two, s. 20(1)(b): funds held in a prescribed account or manner, subject to prescribed measures - a limb whose content depends on what the Regulations prescribe, so check the current SOR/2023-229 text before building on it. Route three, s. 20(1)(c): funds in a dedicated account, plus insurance or a guarantee in respect of them at least equal to the amount held. In practice the working decision runs between the trust route and the insurance-or-guarantee route.
Two further points sit in the statute itself. Section 20(3) bars set-off: safeguarded funds cannot be netted against amounts an end user may owe the provider. And the obligation is not aspirational - it has applied to every registered PSP since 8 September 2025, when the RPAA's operational provisions came into force, and it feeds two standing reporting rails.
RPAA s. 20(1): the three safeguarding routes (as of July 2026)
| Route | Statutory basis | Core mechanic | What it takes in practice |
|---|---|---|---|
| Route Trust account | Statutory basis RPAA s. 20(1)(a) | Core mechanic Funds held "in trust in a trust account that is not used for any other purpose" | What it takes in practice A genuine trust structure and an account provider meeting the Regulations' comparable-prudential-standards test (SOR/2023-229 s. 13) |
| Route Prescribed account or manner | Statutory basis RPAA s. 20(1)(b) | Core mechanic Funds held in a prescribed account or in a prescribed manner, with prescribed safeguarding measures | What it takes in practice Content set by regulation - verify the current SOR/2023-229 text before relying on this limb |
| Route Dedicated account plus insurance or guarantee | Statutory basis RPAA s. 20(1)(c) | Core mechanic Funds held in a dedicated account, with "insurance or a guarantee in respect of the funds" at least equal to the amount held | What it takes in practice A non-affiliated regulated insurer or guarantor and insolvency-remote proceeds payable to end users (SOR/2023-229 s. 14) |
The Regulations' mechanics: ss. 13 to 15
The statute names the routes; SOR/2023-229 makes them hard to fake. Section 13 disciplines where the money sits: the provider holding safeguarded funds must meet the Regulations' comparable-prudential-standards test, so end-user money cannot simply be parked with an entity outside prudential supervision.
Section 14 disciplines the insurance-or-guarantee route. The insurer or guarantor must be a regulated entity not affiliated with the PSP, and the proceeds must be insolvency-remote: they "will not form part of the payment service provider's estate" and must be "payable for the benefit of end users as soon as feasible". An intra-group guarantee fails the non-affiliation condition by construction; a policy whose proceeds flow back through the PSP's own accounts fails the estate-remoteness one.
Section 15 is the operational core: a written safeguarding framework covering ledgering, identification of end users, procedures for returning funds, and mitigation of legal risks to the funds. It is the document that turns a compliant account into a compliant system - anyone reading it should be able to reconstruct which funds belong to which end user and how they get them back.
Why deposit insurance alone fails
A recurring assumption in scoping conversations is that an insured deposit account settles the matter. The Bank of Canada's FAQ on retail payments supervision (January 2026) is explicit that deposit insurance alone "is not sufficient". The logic follows from the statutory wording: deposit insurance protects depositors against the failure of the account provider, while the s. 20(1)(c) insurance or guarantee must respond to the failure of the PSP itself, with proceeds that bypass its estate and reach end users. Different risk, different beneficiaries, different trigger - and only the second discharges the obligation. A provider that wants a dedicated account with an insurance wrapper still has to procure a policy or guarantee purpose-built to the s. 14 conditions.
The reporting machinery around safeguarding
Safeguarding is not a one-time setup; two reporting rails watch it continuously. The annual report under s. 21, due by 31 March each year, must cover - among the items prescribed by SOR/2023-229 s. 19 - the safeguarding arrangements themselves plus value, volume and end-user-funds metrics. The first reports of the full supervisory era fell due on 31 March 2026, so registered PSPs have now attested to their stack once - and will every year.
The significant-change notice under s. 22 is the sharper rail. A change that "could reasonably be expected to have a material impact on operational risks or the manner in which end-user funds are safeguarded" must be notified to the Bank at least 5 business days before implementation (SOR/2023-229 s. 20(1)). Read that literally: switching account providers, replacing a guarantee with a trust structure, or re-papering the safeguarding framework is a notify-first event.
Two adjacent clocks complete the calendar. An incident that materially affects end users must be notified to them and to the Bank "without delay" under s. 18 - the Act sets no fixed hour window, whatever secondary summaries claim. And registration-information changes carry their own windows: notice within 30 days after most changes, some requiring 30 days in advance, data-location changes 60 days before effect (SOR/2023-229 ss. 35-36).
The buyer's lens: what an acquirer re-papers on day one
Now run the same requirements through an acquisition. Under RPAA s. 24(1), if anyone plans to acquire control of a registered PSP - one third of the votes or more, per SOR/2023-229 s. 21 - the registered PSP must submit a new registration application that takes the planned acquisition into account, and be registered on that basis before the acquisition happens. Once control passes, the prior registration can be revoked under s. 52(f). Buying does not skip the queue: the acquisition-adjusted application faces the same completeness review and Minister of Finance national-security screening, whose only statutory clocks are 60 days to decide whether to review, extendable by 60, and 180 days for a full review, also extendable. No end-to-end service standard is published.
Safeguarding is where that application gets concrete. The s. 29(1) application content includes end-user funds information and the safeguarding arrangements, so the buyer is effectively re-filing the target's safeguarding stack under the new ownership structure. Three items deserve day-one attention. The insurance or guarantee: s. 14's non-affiliation condition should be re-tested against the post-closing group, because a guarantor independent of the seller may not be independent of the buyer - a diligence question to resolve, not a settled reading. The written framework: the s. 15 ledgering, end-user identification and fund-return procedures must describe the business as the buyer will actually run it. And the notice calendar: any post-closing change to how funds are safeguarded is a s. 22 significant change carrying the 5-business-day advance notice.
This is the rail on which SKY7's live Canadian lot sits: a FINTRAC-registered MSB whose Bank of Canada RPAA application has been submitted - an application in review, not a registered PSP. The honest version of that asset is a head start on the paperwork plus a FINTRAC registration that the Bank's refusal grounds under s. 48 take into account, not a licence that changes hands at closing. For the wider mechanics, see our Canadian MSB acquisition pillar. For scale: the Bank's registry listed 1,463 registered PSPs and 486 applications in review on 11 July 2026, with 40 refusals and 14 revocations published with reasons - counts that drift, so verify them on the registry before relying on them.
Five things to verify in a target's safeguarding file
-
The route, in writing
Which s. 20(1) limb the target relies on - and, for a trust structure, evidence that the account serves no other purpose.
-
The account provider
Confirmation that the provider holding the funds meets the comparable-prudential-standards test of SOR/2023-229 s. 13.
-
The policy or guarantee
A non-affiliated regulated issuer, cover at least equal to the funds held, insolvency-remote proceeds (s. 14) - re-tested against the buyer's group.
-
The ledger and the return procedures
A written framework tying funds to identified end users and saying exactly how they get their money back (s. 15).
-
The notice calendar
The 31 March annual report, the 5-business-day significant-change notice and the 30/60-day registration-information windows, mapped onto the deal timetable.
- 3
- safeguarding routes in RPAA s. 20(1)
- 8 Sep 2025
- the day safeguarding and reporting obligations came into force
- 5 business days
- minimum advance notice for a change to how end-user funds are safeguarded
- 31 March
- annual report deadline each year for every registered PSP
FAQ
Frequently asked questions
01 Is deposit insurance on the account enough to satisfy RPAA safeguarding?
No. The Bank of Canada's FAQ (January 2026) states that deposit insurance alone is not sufficient. The s. 20(1)(c) cover must be in respect of the end-user funds themselves, come from a regulated entity not affiliated with the PSP, and produce proceeds outside the PSP's estate, payable for the benefit of end users as soon as feasible (SOR/2023-229 s. 14).
02 Can a PSP set off safeguarded funds against amounts an end user owes it?
No. RPAA s. 20(3) bars set-off against safeguarded end-user funds, and the ledgering requirement points the same way: each end user's entitlement must stay identifiable and recoverable, not absorbed into the provider's own balances.
03 How quickly must an incident affecting safeguarded funds be reported?
"Without delay" - the standard RPAA s. 18 sets for notifying the Bank and materially affected end users, with submission details prescribed by SOR/2023-229 ss. 11-12. Neither the Act nor the Regulations publish a fixed hour window; treat any specific figure in secondary summaries with caution.
04 What happens to safeguarding when a registered PSP is sold?
Acquiring control - one third or more of the votes per SOR/2023-229 s. 21 - triggers RPAA s. 24: a new registration application reflecting the acquisition, registered before closing, with the prior registration revocable under s. 52(f) once control passes. That application re-describes the safeguarding arrangements, and any post-closing safeguarding change carries at least 5 business days' advance notice.
Keep reading
Related reading
Canada RPAA and Bank of Canada PSP registration
The full regime pillar - scope, fees, the national-security clock and the s. 24 acquisition rail in one guide.
Are you a PSP under the RPAA?
The five payment functions, the incidental test and every exclusion - the scope question that comes before safeguarding.
Canada MSB and RPAA: when Bank of Canada registration matters
How the FINTRAC and Bank of Canada regimes stack for money services businesses - the MSB-specific companion piece.