New UK Payment Regulations 2025: What Consumers & Businesses Need to Know

In a significant regulatory overhaul, the UK has started to implement a series of new payment regulations, aiming to protect customers and enhance the safety of digital payments.

Throughout its evolution, the rise of fintech innovations and the increasing complexity of financial crime, existing frameworks struggle to keep pace. Traditional payment methods, such as debit cards, have expanded to digital wallets, such as Apple Pay and Google Pay, mobile apps, and the rapidly growing Buy Now, Pay Later systems. This led to critical gaps in fraud prevention, transparency, and operational resilience, which new and improved regulations are designed to address.

Led by the Financial Conduct Authority (FCA) and the Payment Systems Regulator (PSR), the UK payment reform is a decisive step toward fairer financial outcomes, higher trust across the payments ecosystem, and stronger consumer protection.

In this article, we'll explore the key changes taking place under the new regulations. Additionally, we'll explore their broader impacts.

The new regulations mark a pivotal upgrade to the UK's payments system. They introduce tighter requirements aimed at protecting financial data and safeguarding customers against fraudulent transactions.

Traditional banks, payment apps, and modern payment solution providers (PSPs) will need to integrate advanced reporting protocols and fraud detection tools to meet the heightened regulatory expectations and avoid financial losses.

Strengthened Safeguarding Rules (FCA) for Customer Funds

The FCA has updated its Safeguarding Guidance to ensure operational compliance and the adequate protection of customer funds at all times.

Payment institutions, e-money institutions, and credit unions that issue e-money (collectively referred to as payments firms) are liable to maintain control and protect funds they receive in connection with making a payment or in exchange for e-money issued.

The FCA requires enhanced reporting, monitoring, and recording in order to reduce the risk of shortfalls in case a payments firm enters an insolvency process. Firms are required to maintain robust internal and external reports, as well as arrange safeguarding audits to ensure operational compliance. Firms must also ensure that customer funds are directly deposited into a separate safeguarding account by the end of the next business day, demonstrating their responsibilities toward consumer financial protection.

The FCA also emphasises the importance for financial institutions and PSPs to meet their obligations under the Consumer Duty. This includes a requirement for payment firms and all parties to deliver good outcomes for their retail customers and act in the customers' best interests.

Delayed Payments for APP Fraud Prevention

The Payment Services (Amendment) Regulations 2024 allow a payment service provider to delay a transaction to a payee's account in cases of suspected authorised push payment (APP) fraud. APP fraud occurs when a consumer is tricked into authorising a payment to an account that belongs to a fraudster. These scams have increased significantly in recent years.

According to the new regulations, PSPs can pause payments for up to four business days if there are reasonable grounds to suspect the payment is fraudulent. These delay powers took effect alongside reimbursement in October 2024.

The delay gives PSPs the necessary time to investigate suspicious payments, assess the risk of fraud, and protect users. The grounds for the delay must be established no later than the end of the business day following receipt of the payment order.

PSPs must inform the payer that the payment has been delayed for investigation purposes. They must clearly explain the reason for the delay, outline any action required from the payer to take to support the investigation, and keep the payer updated on progress.

The payer's and payee's PSPs are encouraged to exchange information to enable effective investigations and prevent losses.

Mandatory Reimbursement for APP Fraud Victims

If the investigation confirms that APP fraud has occurred, the sending PSP is expected to refund the customer promptly and later settle 50:50 costs with the receiving PSP under PSR rules. These protections apply to both Faster Payments and CHAPS. Under the new regulations, victims of APP fraud are entitled to mandatory reimbursement. The cost of reimbursement is shared equally between the payer's (sending) PSP and the payee's (receiving) PSP.

Reimbursement should occur within 5 business days of the fraud being reported. However, the sending PSP can extend this time frame to gather additional information or verify the legitimacy of the claim, as long as they complete their assessment within 35 business days.

The cost of reimbursement is currently capped at £85,000. However, reimbursement is not required where the customer has acted fraudulently or where the customer has acted with gross negligence (that is, outside the consumer standard of caution).

Extended Notice for Account Closures ('Debanking')

In June 2025, the Payment Services and Payment Accounts (Contract Termination) (Amendment) Regulations 2025 were published together with an explanatory memorandum. The regulations govern the termination of framework contracts for payment services concluded for an indefinite period of time.

The new requirements require PSPs to give a 90-day notice and a specific written reason, and signpost the Financial Ombudsman Service, instead of the previous two-month period, before unilaterally terminating a contract. Termination notices must be in writing and contain certain information, including a detailed explanation of the reasons for termination. Payment services customers can complain to the Financial Ombudsman Service regarding the termination of the framework contract.

This regulatory update, focusing on key areas of customer protection, aims to give customers sufficient time to respond to termination notices or switch providers without disruption.

By way of exception, no termination notice is required if the PSP is unable to apply customer due diligence measures required under anti-money laundering legislation. This exception applies, for example, when a PSP is unable to verify a customer's identity or the legitimacy of their transactions. 

The new notice rules come into force on 28 April 2026 and apply to indefinite-term framework contracts entered into on or after that date.

The latest UK payment regulations are set to reshape the entire payments ecosystem in the country. With stricter safeguards, clearer reporting requirements, and mandatory reimbursement for APP fraud, the reforms aim to create a financial system where secure payments and transparent practices are the norm, opening new opportunities for innovation.

Payment platforms will need to adapt quickly and balance regulatory compliance with new technologies and the fast-paced innovations in digital payments.

Improved Consumer Protection & Trust

The UK payment reforms place consumer interests and their financial information at the centre of the regulatory framework. By requiring reimbursements for APP fraud victims and strengthening fund safeguarding requirements, regulators aim to restore and build trust in digital financial services -particularly among vulnerable consumers.

This represents a significant opportunity for PSPs to strengthen their market position and enhance customer trust. Implementing robust safeguarding measures signals a commitment to security and reliability, which will ultimately inspire consumer confidence. Providers who embrace these reforms proactively can differentiate themselves in an increasingly competitive payments market.

Modernising Payment Infrastructure

The new regulations are also a catalyst for broader innovation in payment platforms. They are expected to incentivise financial institutions to develop better systems for identifying fraud, improving their financial products, and utilising behavioural targeting. For example, the delay of payments for fraud prevention reasons requires real-time analytics and AI-driven risk assessment tools.

Beyond fraud prevention, modernised infrastructure can improve overall payment efficiency and resilience. By embedding regulatory requirements into core systems, PSPs can streamline processes, reduce operational errors, and maintain compliance without sacrificing transaction speed.

Higher Compliance Costs for Payment Providers

While the new payment service regulations offer a range of opportunities, they also present cost-related challenges. Compliance will require substantial investment in upgraded fraud monitoring systems, enhanced fund safeguarding processes, and advanced reporting mechanisms to meet the required standards. For smaller PSPs and emerging fintechs, the cost of these reforms may present notable challenges, particularly in balancing compliance needs with growth objectives.

The new UK payment regulations mark a turning point in how the industry approaches fraud, transparency, and consumer protection.

As regulatory scrutiny intensifies, all players in the ecosystem - from traditional banks to big tech companies, fast-growing fintechs and smaller firms - must refine their systems, policies, and practices.

In addition to the current regulatory changes, the FCA is also looking to impose more stringent requirements for Buy-Now, Pay-Later (BNPL) services.

BNPL shoppers are set to benefit from stronger protections, as BNPL providers will be required to obtain authorisation from the FCA. Providers will need to follow comprehensive regulatory standards and carry out upfront affordability checks to ensure consumers do not fall into debt traps. Regulation regarding BNPL is expected to begin from 15 July 2026.

We recognise that navigating new payment regulations can be a challenging task. Our end-to-end payment solutions are designed to align seamlessly with the UK's latest regulatory requirements, helping companies of all sizes navigate compliance with confidence.

From secure acquiring services to real-time fraud detection and advanced tokenisation, DECTA provides a comprehensive framework to manage payments efficiently while mitigating risk.

Our payment platform offers multiple features tailored to meet upcoming regulatory obligations, including delayed payment capabilities, enhanced customer verification processes, and customisable account closure notices. These built-in tools ensure that businesses can respond proactively to compliance requirements without compromising on operational speed or customer experience.

Worried about safeguarding compliance? See how DECTA supports PSPs with fraud monitoring.