Safeguarding of Funds — our operational summary and practice minima
All in One Finance Inc , as a Canadian-based licensed and operated Payment Service Provider that holds end-user funds in accordance with paragraph 20(1)(a) or (c) of the Retail Payment Activities Act P.C. 2023-1106 November 3, 2023. We ensure that the accounts, in which they (end-user funds) are held in the financial institutions, are fully regulated under a regime and regulation that imposes standards which are comparable to those that apply to Canadian financial institutions in respect of capital, liquidity, governance, supervision, and risk management.
Below is a compact, actionable summary of measures that were taken by us as a PSP service provider to ensure that funds are kept meeting clear objectives:
End users will have reliable access without delay; in an insolvency event, funds or insurance proceeds must be paid to end users as soon as feasible.
Here below, we describe each legal requirement, measures, and concrete tasks followed by our financial institution, owners, and records we are keeping in accordance with RPAA Act, Canada.
Further ‘ACT’
Safeguarding-of-funds framework is being established that meets Article 15 of the Act (see contents below).
1. Daily ledger which contains: name, contact info, amount held per end user at the end of each day; classify the ledger as an asset per the regs.
(Act Art.15(2)(b))
2. Operational controls have been implemented:
- Segregation of client funds,
- Dedicated safeguarding accounts,
- Daily reconciliations, access controls
- Backup and continuity.
(Act Art.15(2)(a), (c))
3. Insolvency readiness is in place: an insolvency administrator/trustee and insurer can access records, contact users quickly, detect and fix ledger shortfalls, and return funds per documented procedures.
(Art.15(2)(c))
4. Senior officer is appointed to oversee safeguarding practices, ensuring compliance with sections 13 to 17 of these Regulations and subsection 20(1) of the Act. .
(Act Art.15(4))
5. Formal approvals are being established: senior officer sign-off and board approval at least annually and after material changes.
(Act Art.15(5))
6. Review the framework at least yearly and on specified triggers (account changes, insurance changes, changes to safeguarding method). Keep review records.
(Art.15(6))
7. Independent review: at least once every 3 years by an independent reviewer (industry auditor)
8. Core Written documents have been placed:
- Insolvency playbook - access instructions for insolvency admin/insurer, communication templates to end users, responsibilities matrix.
- Reporting trail - evidence of Bank notification, board meeting minutes, senior officer sign-offs.
Incident workflow procedures that have been established
1. Detection the instance (daily reconciliation, automated alert or audit).
2. Escalation immediately to the senior officer and Risk.
3. Isolate cause (commingling, reconciliation error, insurer coverage gap, fraud).
5. Remediate — return funds where needed, draw on liquidity buffer, invoke insurer if applicable.
6. Report findings and measures to senior officer; update framework & controls.
7. Log & follow up until corrective measures are validated and closed. Maintain the incident record.
8. Work tool to identify any errors or deficiencies in the payment service provider’s ledger of end-user funds and address any shortfall in the funds to be returned to each end user
9. Reconciliations: daily (recommended operational control)
- Framework review: at least once a year (required)
- Approval by senior officer & board: at least once a year and after a material change.
Below declaration describes how we meet the requirements of safeguarding the end‑user funds defined in Retail Payment Activities Regulations: SOR/2023-229
Insurance / guarantee conditions (Art. 14(2)–(4))
The insurance/guarantee contracts state that proceeds are for the benefit of end users and do not form part of our estate.
Proceeds are payable for the benefit of end users as soon as feasible following an insolvency event as defined by the Regulations.
Coverage expressly survives our insolvency and any compromise, arrangement, restructuring or extinguishment of obligations to end users.
Notification period - at least 30 days prior to any cancellation or termination of the insurance/guarantee; retain the evidence of such notification.
Insolvency readiness (Art. 15(2)(c) & 14(3))
We maintain an insolvency book that enables an insolvency administrator, trustee, or insurer to access all relevant records related to end‑user funds.
We maintain current contact details and communication templates to contact end users as soon as feasible after a triggering event.
We operate reconciliation and review procedures that allow identification of errors or deficiencies in the ledger and processes to address any shortfalls for each end user.
We document and execute clear procedures for returning funds to end users, including the roles of our agents, mandataries, and third‑party service providers.
Risk identification and mitigation (Art. 15(3))
Maintaining a safeguarding risk register that identifies legal and operational risks that could hinder the safeguarding objectives and defines mitigations.
Registers considers the jurisdictions of our operations and end users, our account providers and insurers/guarantors, and the terms of any trust arrangements and insurance/guarantee policies.
Insolvency protection (Art. 16)
We monitor for any instance in which end‑user funds or insurance/guarantee proceeds would not have been payable to end users had an insolvency event occurred and identify such instances as soon as feasible.
We have an obligation, upon identification, to immediately investigate the root causes and implement corrective measures to prevent recurrence; actions and outcomes will be, if any, documented