Global Regulation Tomorrow

On 18 May 2026, the Prudential Regulatory Authority (PRA) published a Dear CEO letter reaffirming its position and clarifying expectations on innovations in the use of deposits, e-money and stablecoins.

Background

In 2023, the PRA wrote to banks setting out its expectations with respect to innovations in the use by deposit-takers of deposits, e-money and regulated stablecoins (the 2023 letter).

Summary

Th PRA sets out its view that, since then, the landscape for innovation in money and payments has continued to evolve and that, as a result, this letter supersedes the 2023 letter and should be read alongside the PRA’s May 2026 Dear CEO letter on the prudential treatment of banks’ cryptoassets exposures.

The PRA sets out a summary of its expectations on innovations in the use by deposit-takers of deposits, e-money and regulated stablecoins, in particular:  

• Deposit-takers should ensure that deposit-taking entities only provide innovations in money to retail customers in the form of deposits.
• Where a firm without a deposit-taking permission has issued e-money or regulated stablecoins to retail customers and seeks a deposit-taking permission for the issuing entity, the PRA expects them to transition their UK customers to deposits at the new deposit-taking entity as soon as practicable.
• The PRA expects deposit-takers’ innovations in deposits taken from retail customers, e.g. through tokenised deposits, including claims structured as transferable liabilities, to be done in a way that meets the PRA’s rules for depositor protection under the FSCS and associated operational requirements.
• For international deposit-takers with UK branches, or for those seeking to open them, given FSCS protection extends to deposits in branches of international banks, the messages in this letter should be read in conjunction with the PRA’s expectations for international deposit-takers that engage in retail activities.
• The PRA has broader expectations for deposit-takers in the context of either retail or wholesale innovations in the use of digital money or money-like instruments in relation to: (i) money laundering and terrorist financing risks, (ii) strong risk controls, and (iii) senior managers’ responsibilities.
• Deposit-takers should consider the challenges associated with innovations in digital money or money-like instruments at a senior level within their organisations.

The PRA also sets out broader expectations for deposit-takers for innovations in the use of digital money or money-like instruments, including:

• Money Laundering/Terrorist Financing risks: The PRA continues to consider money laundering and terrorist financing (ML/TF) concerns in its prudential assessments of deposit-takers. As a result, where a firm decides to engage in innovations in the use of any form of digital money or money-like instrument, it should meet deposit-takers’ obligations under the PRA’s General Organisational Requirements to have effective processes for identifying, managing, monitoring and reporting ML/TF risks. And in line with the PRA’s Fundamental Rule 1 that a deposit-taker must conduct its business with integrity, and the PRA also reminds firms of their wider obligations, including compliance with the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017, and with the FCA’s SYSC provisions.

• Strong risk controls: The PRA also sets out that, where a firm decides to engage in innovations in the use of any form of digital money or money like instrument, they should meet deposit-takers’ general responsibilities under the PRA’s Fundamental Rules 3, 5 and 7. It also highlights that scope and level of requirements of the framework can adjust up and down in a proportionate way, depending on the risks of different business models and activities. However, within the existing regulatory framework, deposit-takers may need to adjust methodologies and calibrations for identifying and addressing relevant risks in some areas if innovative digital money products are offered. The PRA provides some examples of aspects that may need consideration, namely:
  • Liquidity and funding risk: Where deposit-takers offer innovative forms of digital money or money-like instruments to retail customers, there is a risk that their product or customer characteristics will expose deposit-takers to a higher liquidity risk than that usually assumed for traditional retail liabilities. When considered alongside the greater uncertainty about the nature and scale of risks when products are new, deposit-takers should be prudent in relation to such innovations.
  • Operational risk and resilience, including third-party risk management: The PRA makes clear its view that some innovations in the use of digital money or money-like instruments by deposit takers could lead to reliance on new and potentially untested payment rails with operational uncertainties. As a result, in line with the PRA’s Fundamental Rule 5 to have effective risk strategies and risk management systems, and the PRA sets out that deposit-takers that want to introduce such innovations should, as a priority, develop robust ways of identifying, measuring and mitigating associated operational risks.
  • Wallet providers and deposit aggregators (third-party risk management): The PRA also makes clear that it considers that there is an emerging class of third-party wallet and deposit aggregation products, in part enabled by open banking. Therefore, as these services grow, deposit-takers should ensure they closely and prudently manage the risks arising from using services provided by external third parties through outsourcing and other arrangements as part of their wider operational-resilience framework.

• Senior managers’ responsibilities: Finally, the PRA considers that innovations in the use of digital money or money-like instruments by deposit-takers could pose novel challenges that should be considered at a senior level within those deposit-takers. As a result, it expects boards and senior managers to understand the safety and soundness implications of moving into such innovations before they do so. In particular, an individual performing an appropriate Senior Management Function should be actively involved in reviewing and signing off on the risk assessment framework for any providers of intermediary services who sit between savings account providers and retail customers.