--- title: "Bank Account for an EMI: 2026 Buyer's Playbook" slug: bank-account-for-emi publishedAt: 2026-04-28T10:00:00Z author: Finconduit Editorial Team tags: EMD2, PSD2, AMLR, DORA canonicalUrl: https://finconduit.com/resources/bank-account-for-emi --- # Bank Account for an EMI: 2026 Buyer's Playbook Authorisation does not solve banking. The realistic path from EMI licence grant to a funded three-bank treasury — operating, safeguarding, USD correspondent — including the document file, the seven-dimension diligence frame, and the 2026 rejection patterns to pre-empt. Holding an EMI authorisation does not solve banking. Most founders discover this within ninety days of the licence grant — the regulator has approved the business, supervisors have signed off the AML programme, and yet not a single bank will open the safeguarding account legally required to operate. The gap between authorisation and a funded, fully operational multi\-account treasury is typically twelve to eighteen months. It is also the single most under\-planned phase of any EMI build. The architecture you actually need is **three relationships at three different institutions**: an **operating bank** for the EMI's own corporate flows, a **safeguarding bank** for client funds \(legally segregated under **EMD2** Article 7 of the [Electronic Money Directive](https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:32009L0110)¹[^1]\), and at least one **USD correspondent** for cross\-border treasury and FX. Each of the three has its own diligence cycle, document expectations, and capital posture. Trying to consolidate at one institution is a structural error supervisors increasingly flag in inspection. This is the buyer's playbook: the **application sequence**, the full **document file**, the **seven dimensions banks score you on**, the **timeline** from licence grant to working treasury, and the rejection reasons we see most often in **2026**. ## Why an EMI needs three banks, not one The single\-bank model died around **2019**. Banks have segmented their fintech\-facing offerings, with **operating accounts** and **safeguarding accounts** now treated as distinct products with different risk weights, capital costs, and supervisory expectations. Combining them at one institution either gets refused at onboarding or — worse — gets clawed back when the bank's risk committee reweights the relationship eighteen months later. ### The operating bank The operating bank holds the EMI's **own corporate funds**: capital, retained earnings, payroll, vendor payments, tax. Functionally a corporate account with elevated diligence because of the **EMI** status. Capital threshold to apply: typically **€500k to €2M** of own funds parked at the relationship. Diligence is **shallower than safeguarding** because the bank's exposure is limited to the EMI's own balance sheet, not customer money. ### The safeguarding bank The safeguarding bank is the **most\-inspected and hardest\-to\-secure** of the three. **EMD2 Article 7** — and the [European Banking Authority](https://www.eba.europa.eu/)²[^2] guidelines that operationalise it — require customer funds held in a **separately\-named account**, ring\-fenced from the EMI's own assets, with **daily reconciliation** and supervisor\-mappable account naming. The bank holding this account inherits a piece of the EMI's regulatory perimeter — and that is what makes safeguarding banks **rare, expensive, and slow to onboard**. ### The USD correspondent USD correspondent banking is the third relationship — typically secured **6–12 months after** the safeguarding bank is live. Without USD correspondent access, an EMI cannot move dollars to or from US\-based counterparties without going through a third\-party FX house, which adds **30–80 basis points** to every transaction and creates settlement risk. Direct USD correspondent access is the marker of a **mature EMI treasury**. ## The application sequence — what to file when The order matters. Get it wrong and you waste twelve months reapplying. ### Sequence: safeguarding first, operating second, correspondent third File the **safeguarding bank application immediately** upon authorisation grant. The diligence cycle is **4–7 months**; you cannot accept customer funds without it; the business cannot generate revenue until safeguarding is live. The operating bank can wait — your existing pre\-licence corporate account holds the EMI's own funds for **6–12 months** without issue. **USD correspondent comes last** because it requires a track record at the safeguarding bank as a precondition. > **Tip:** Most founders are quoted '3–6 months' for banking and budget accordingly. The realistic full\-treasury timeline is 12–18 months. Plan the runway and bridge financing for that, not the optimistic version. *Table: The three EMI banking relationships compared.* | Role | Function | Diligence Depth | Capital Expectation | Typical Timeline | | --- | --- | --- | --- | --- | | Operating bank | EMI's own corporate funds, payroll, vendors, tax | Standard corporate \+ EMI overlay | €500k–€2M parked at the relationship | 2–4 months | | Safeguarding bank | Customer e\-money funds, ring\-fenced under EMD2 Art. 7 | Deepest — supervisor\-grade | None directly; the safeguarded balance is itself the deposit | 4–7 months | | USD correspondent | Cross\-border USD treasury, FX, settlement | Sanctions / OFAC overlay on top of standard KYC | $1M–$5M minimum balance, varies by tier | 6–12 months | ## The document file: what banks actually want A bank application file for an EMI is **50–100 pages**. The contents are surprisingly standardised across credible institutions — the questions are predictable, document expectations are documented, the diligence flow is repeatable. The file we ship for clients in 2026 has **nine sections**. ### 1. Authorisation pack Full **Programme of Operations \(POO\)** as filed with the NCA, the licence grant letter, and any conditions imposed at authorisation. Banks want to see what the supervisor approved, and what they didn't. If your POO scope is narrower than what you're asking the bank to facilitate, that's a refusal in the first review. ### 2. Capital and ICAAP Audited opening balance sheet, prudential capital calculation methodologies \(**Method A or D under EMD2**\), **ICAAP** if you've been in operation, and a 36\-month capital projection. Banks want to confirm own funds are, and will remain, above the EMD2 floor of **€350,000 or 2% of average outstanding e\-money** — whichever is higher. ### 3. AML/CTF programme Full **AML/CTF policy**, risk\-appetite statement, customer risk model, **EDD** triggers, sanctions screening setup, transaction monitoring rules and tuning thresholds, **MLRO** appointment letter, training records. Substance bar is the [AMLR \(Regulation 2024/1624\)](https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:32024R1624)³[^3] overlay alongside existing **6AMLD** — generic templates fail. ### 4. Safeguarding policy and procedures The safeguarding bank in particular wants to see how you'll operate the account it is about to open: **account naming convention**, reconciliation cadence, attestation procedures, exception handling, customer\-fund segregation, and **contingency in the event of safeguarding\-bank failure** — yes, they want to see you have a backup plan even though they are the bank. ### 5. Governance and key persons Board composition with **regulator\-approved fit\-and\-proper** references, senior management bios, MLRO and Compliance Officer CVs, organisational chart, three\-lines\-of\-defence model. **UBO documentation back to natural persons** including source\-of\-wealth dossiers at the shareholder level. ### 6. BCP and DORA Business continuity plan, IT disaster recovery plan, **RTO and RPO** commitments per service, vendor concentration risk, cyber\-incident response plan. Mandatory [DORA](https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:32022R2554)⁴[^4] alignment for any institution operating into the EU after **17 January 2025**. ### 7. Operational and technical IT architecture diagram, third\-party processor list, API security model, **PSD2 SCA\-compliant** customer authentication flows under the [Payment Services Directive \(PSD2\)](https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:32015L2366)⁵[^5], **GDPR** programme, audit trail and record\-retention setup. ### 8. Volumes and customer profile Forecast monthly transaction volumes year 1, 2, 3, breakdown by customer type \(retail vs business\), geographies served, average ticket size, expected **concentration in higher\-risk corridors**. Banks weigh this heavily in their own ICAAP for the relationship. ### 9. Audited financials and shareholders Latest audited accounts, management accounts to most recent month, shareholder list with **UBO breakdown**, **source\-of\-wealth dossier** for any UBO above **25%**, group structure chart if part of a wider corporate group. ## How banks evaluate the file: seven dimensions Banks read the file in a predictable order, scoring against **seven dimensions**. Get all seven right and you compress diligence from twenty weeks to eight; get any one badly wrong and the file is rejected before the others are read. ### 1. Authorisation status and scope Is the licence current? What's the scope? Are there conditions? Has the supervisor issued any directions or notices? The bank's first call is to confirm the public authorisation register entry — for example the [Bank of Lithuania](https://www.lb.lt/en/electronic-money-institutions)⁶[^6] EMI register, the FCA Financial Services Register, or the equivalent NCA database — matches what you've filed. ### 2. Capital adequacy and quality Capital quantum versus the EMD2 floor, plus quality of capital: paid\-in equity is **gold\-standard**, retained earnings second, subordinated debt third \(and rarely accepted by safeguarding banks\). Below **1.5x the EMD2 floor** you are below the comfort line for most credible banks. ### 3. AML programme maturity Three things: \(a\) is the policy aligned with EBA guidelines and the latest AMLD package, \(b\) is the implementation evidenced \(training logs, SAR filings, transaction\-monitoring tuning records\), and \(c\) is the **MLRO independently capable** of running it. Junior MLROs are an instant flag. ### 4. Source of funds at the shareholder level Banks want to trace the equity in the EMI back to **clean source of wealth at the natural\-person level**. This is the **most\-failed dimension** in 2026 — opaque holding structures, professional shareholders, or circular funding patterns are red\-lined immediately under enhanced due diligence on any beneficial owner above **25%**. ### 5. Substance and governance Is this a real operating business with management, infrastructure, and decision\-making in the licensing jurisdiction? Or a paper structure with management offshore? Substance has **hardened materially since 2023**; banks now treat thin substance as evidence of reverse\-solicitation or shopping behaviour. ### 6. Operating volumes and customer profile What does the actual book look like or will it look like? The bank's risk team is sizing exposure. **Outsized retail volume in higher\-risk geographies** pushes the file to specialist desks; predominantly B2B flows in EU/UK lower friction. ### 7. Exit terms and BCP What happens if the relationship terminates? How quickly can you migrate? Is there a **backup safeguarding bank** identified? Banks now ask this at onboarding — they want comfort that a forced exit will not trigger a customer\-funds crisis. *Table: The seven evaluation dimensions and the most common failure modes.* | Dimension | What banks look for | Common failure mode | | --- | --- | --- | | Authorisation | Current licence, clean conditions, scope matches use\-case | POO scope narrower than what bank is being asked to facilitate | | Capital | ≥1.5x EMD2 floor, paid\-in equity preferred | Subordinated debt presented as core capital | | AML maturity | Bespoke policy, SAR/training evidence, senior MLRO | Generic templated policy, junior MLRO, no SAR history | | Source of funds | Natural\-person SoW for every UBO above 25% | Multi\-layer holding companies; professional shareholders | | Substance | Real management and operations in licensing jurisdiction | Director addresses offshore; nominee arrangements | | Volumes | Honest year 2–3 forecast aligned to POO | Forecast that triggers small\-EMI threshold without disclosure | | Exit/BCP | Backup safeguarding bank identified, migration plan documented | No alternative bank named; no migration runbook | ## Timeline from authorisation grant to multi\-bank treasury The realistic end\-to\-end timeline is **12–18 months** from licence grant to a fully\-funded three\-bank treasury. Most founders are quoted '3–6 months' and budget accordingly; the consequence is a **6–12 month revenue gap** and emergency bridge financing. ### Months 0–2: Pre\-application Document file assembly. Pre\-meetings with **3–5 candidate safeguarding banks**. NDA exchanges, indicative term\-sheet conversations. Most of this can be started before the authorisation grant if you have visibility on grant timing. ### Months 2–5: Safeguarding bank diligence Formal application with **two or three banks in parallel**. Diligence questions, follow\-ups, additional document requests, credit committee, account opening. Expect **14–20 weeks** at the most prepared institutions, **24–30 weeks** at the more conservative. ### Months 5–8: Operating bank Started in parallel with safeguarding from month 4–5 typically. Operating bank diligence is **8–12 weeks** once the safeguarding bank is committed, because the safeguarding bank's existence is itself a strong reference. ### Months 8–12: USD correspondent Begun once **90 days of clean operation** at the safeguarding bank are evidenced. Diligence is **16–24 weeks** because the OFAC and US\-domestic\-AML overlay is its own workstream. Some EMIs solve via a specialist crypto\-native counterparty rather than direct correspondent — at the cost of **30–80 bps per USD movement**. ### Months 12\+: Review and second pair Most EMIs add a **second safeguarding bank in months 12–18** to remove single\-point\-of\-failure exposure. The diligence is faster the second time because the first relationship is itself collateral. > **Warning:** If your runway assumes revenue starts at month 3 post\-licence\-grant, you have a gap. Plan bridge financing or a phased customer onboarding for months 3–7 — and surface this to investors before the round closes, not after. ## Common rejection reasons in 2026 — and how to pre\-empt them Five rejection patterns we see most often, and how to remediate them in advance. ### 1. Opaque shareholder structure The single most common reason for rejection at safeguarding banks. Holding structures with multiple corporate layers, undisclosed UBOs, or professional\-shareholder arrangements get an **immediate decline**. Pre\-empt by mapping UBO to natural\-person source of wealth **before** you file. ### 2. Generic AML policy Templated AML policies that do not reflect the actual customer base, risk appetite, or transaction\-monitoring setup of the EMI fail at first review. Pre\-empt by having an **independent AML review three months before banking**. ### 3. Volume\-forecast misalignment Forecast monthly volumes that exceed the **small\-EMI threshold \(€5M outstanding e\-money\)** trigger a different bank desk and a different diligence depth. Pre\-empt by being honest about year 2–3 forecasts at first contact. ### 4. BCP without an alternative bank 'What's your contingency if we exit?' — and the file has no answer. Pre\-empt by mapping a **backup safeguarding bank into the BCP from day one**, even if you have not applied yet. ### 5. PEPs in the shareholder register Politically exposed persons in the shareholder structure trigger enhanced diligence beyond what most safeguarding banks will entertain. Pre\-empt with **source\-of\-wealth dossiers on every PEP shareholder** filed at first contact. ## Frequently Asked Questions ### How long does it take to open a bank account for an EMI? The safeguarding bank — the gating relationship — takes **4–7 months** from first contact to live account at well\-prepared applicants. The full three\-bank treasury \(operating \+ safeguarding \+ USD correspondent\) is **12–18 months**. Founders quoting '3–6 months' are typically referring to the operating account only. ### Do I need a separate safeguarding bank, or can I use one institution? Practically, **separate**. A handful of institutions offer combined operating\-and\-safeguarding products, but they treat the relationship as a single piece of risk and price it accordingly — and supervisors increasingly query the concentration. Best practice is two distinct relationships at two distinct institutions for resilience. ### Can a sponsor bank or BaaS arrangement replace direct safeguarding? For some operating models, yes — particularly if you are operating as an agent or distributor of e\-money rather than holding the licence yourself. **If you hold an EMI authorisation, the safeguarding obligation is yours and cannot be delegated**. The BaaS provider can offer the safeguarding\-bank relationship as part of the package, but the bank does the diligence on you regardless. ### What does 'fit and proper' testing look like at the safeguarding bank? The bank's own fit\-and\-proper questionnaire — separate from and on top of the regulator's — covering CV, criminal\-record check, regulatory\-history declaration, conflicts\-of\-interest disclosure, and source\-of\-wealth declaration. The bank is checking whether the regulator's approval was based on a complete file; **if anything material was withheld at authorisation, expect it to surface here**. ### What's the typical capital expectation for an operating bank? €500k–€2M of own funds parked at the relationship as a minimum balance, depending on the bank's tier and your forecast volumes. This is **on top of any safeguarded balance** held at the separate safeguarding bank. Some operating banks charge per\-transaction fees on top; some charge a flat monthly account fee in lieu. > **Call to action:** Book a free regulatory bankability assessment. We respond within 24 hours. ## Related Guides - [EMI Safeguarding Architecture: How to Build It Right](/resources/emi-safeguarding-architecture) — the safeguarding\-bank\-side architecture, segregation, daily reconciliation, attestation. - [How to Get a Bank Account for a VASP or CASP](/resources/bank-account-vasp-casp) — full diligence framework for crypto\-asset firms. - [EMI vs PSP vs VASP vs CASP](/resources/emi-psp-vasp-licence-comparison) — choosing the right authorisation before the banking conversation begins. - [Banking Access for Regulated Fintechs](/services/banking) — the finconduit service: introductions, file engineering, diligence pre\-clearance. The EMIs that compress this timeline treat banking as a **parallel workstream to authorisation**, not a sequential one. Start the safeguarding\-bank conversations 90 days before licence grant, file the full document set on day one, and expect diligence to be slower than you have been told. The institutions that move quickly are the ones that have done this twice before. ## Footnotes [^1]: Directive 2009/110/EC of the European Parliament and of the Council on the taking up, pursuit and prudential supervision of the business of electronic money institutions \(EMD2\), OJ L 267, 10.10.2009. [^2]: European Banking Authority — Guidelines on the safeguarding of funds under the Electronic Money Directive and PSD2. [^3]: Regulation \(EU\) 2024/1624 of the European Parliament and of the Council on the prevention of the use of the financial system for money laundering or terrorist financing \(AMLR\), OJ L, 19.6.2024. [^4]: Regulation \(EU\) 2022/2554 of the European Parliament and of the Council on digital operational resilience for the financial sector \(DORA\), OJ L 333, 27.12.2022. [^5]: Directive \(EU\) 2015/2366 of the European Parliament and of the Council on payment services in the internal market \(PSD2\), OJ L 337, 23.12.2015. [^6]: Bank of Lithuania — Electronic Money Institutions licensing framework and public register. --- Source: https://finconduit.com/resources/bank-account-for-emi