UK FCA offers key takaways on crypto for regulated firms

The Financial Conduct Authority, UK’s financial watchdog, has reminded all regulated firms of their existing obligations when they are interacting with or exposed to cryptoassets and related services.

The risks to market integrity and consumers, particularly when used as a speculative investment, as well as the significant risks in relation to financial crime and money laundering, have led the FCA to publish the statement.

In addition to the statement, the FCA recommends firm to read its latest guidance on how firms should manage financial crime risks associated with cryptoassets in the ongoing Russia/Ukraine conflict.

The Letter from Sam Woods on existing or planned exposure to cryptoassets and recent publication from the Bank of England and the Financial Policy Committee (FPC), which focus on cryptoassets and new forms of digital money, are also recommended readings.

Find us on Telegram

Key takeaways on crypto for FCA-regulated firms

The government agency first stated much of the cryptoasset sector continues to sit outside of the FCA’s current regulatory remit.

“When firms assess the risks cryptoassets pose, they should use a similar approach to that for the regulated activities they conduct. There is a risk of consumer confusion where regulated firms provide services involving cryptoassets. We expect firms to ensure that consumers understand the extent of business that is regulated and to clearly distinguish those elements which are unregulated business. At all times, firms remain responsible for identifying and managing potential risks related to cryptoassets”.

The FCA added that providing cryptoasset business in the UK by way of business, as set out in Regulation 9 of the MLRs, without registration (or temporary permission under the Temporary Registration Regime (TRR)) is a criminal offence.

All authorised and registered firms must have appropriate systems and controls to counter the risk of being misused for financial crime. The regulator called firms doing business with cryptoasset firms to check the FCA’s Unregistered Cryptoasset Businesses page to make sure that they have sufficient due diligence and money laundering controls in place to manage the risks posed by their customers.

Firms should assess the risks posed by a customer whose wealth or funds derive from the sale of cryptoassets, or other cryptoasset related activities, using the same criteria that would be applied to other sources of wealth or funds. One way cryptoassets differ from other sources of wealth is that the evidence trail behind transactions may be weaker.

Firms subject to the FCA’s new investment firm prudential regime (IFPR), have obligations (under MIFIDPRU 7) to assess and mitigate the potential for harm to clients, to the markets in which the firm operates and to itself, that could arise from all of their business.

“This applies whether or not that business consists of Markets in Financial Instruments Directive (MiFID) investment business, other regulated activity or is unregulated. It also applies irrespective of operating on an agency basis, principal basis, or in some other capacity. This therefore includes cryptoassets business, however firms conduct that business.”

As to custody, the FCA’s Client Assets Sourcebook (CASS) provides detailed rules for firms to follow when holding regulated assets in custody, as part of their investment business.

“Where cryptoassets are specified investments (ie, security tokens), firms carrying out regulated activities involving custody of these assets are likely to be subject to the CASS regime. If firms have any questions about how the CASS rules may apply, they should speak to their relevant FCA supervisory contact.”

The FCA is working closely with the International Organization of Securities Commissions (IOSCO), the Financial Stability Board (FSB), and the Financial Action Task Force (FATF). Domestically, it is collaborating with the Cryptoassets Taskforce (CATF).