David Heffron, an expert in financial services regulation at Pinsent Masons, said the package of measures set out by the FCA on Tuesday represents a “new dawn” in UK regulation of cryptoassets and is “a clear sign of the FCA's drive to position the UK market as receptive to ground-breaking innovation while ensuring regulatory guardrails are in place to maintain user confidence”.
“The FCA’s final rules for the cryptoasset regulatory regime represent a significant regulatory step-change for the sector,” Heffron said. “In-scope firms cannot afford to wait: they need to identify the rules that apply to them, map them to their activities, and plan for implementation and execution well ahead of go-live.”
The FCA has already previously trailed at length that it will operate an authorisation regime for cryptoasset firms. Under the new regime, businesses seeking to carry on activities which the cryptoasset regulations bring into the FCA’s regulatory perimeter, such as to issue, or to facilitate the buying, trading or storage of, cryptoassets in the UK, will need authorisation from the FCA to do so. The FCA’s authorisation gateway opens on 30 September and will run until 28 February 2027.
To be successful, firms’ applications will need to demonstrate readiness and willingness to comply with the comprehensive suite of new conduct and prudential requirements that the FCA has now published, and which will apply to firms that obtain authorisation to carry out regulated cryptoasset activities across five policy statements (PS).
“Firms which will be within this new regime, particularly new entrants and those not previously accustomed to operating within the FCA’s regulatory remit, need to move up a gear now,” said Heffron. “Successful applications for authorisations and permissions will depend on demonstrating integration of the rules through embedding effective governance, controls and operational frameworks into their business before the end of the authorisations gateway period in February 2027, and ahead of the rules taking effect in 2027.”
Comprehensive suite of new rules
On the prudential side, PS26/12 introduces a series of capital, liquidity and risk management requirements (244-page / 2MB PDF), under two new prudential sourcebooks (COREPRU and CRYPTOPRU). In addition, in response to industry feedback, the FCA has now opened two further consultations on guidance relating to relevant overall risk assessments required under these prudential sourcebooks.
On the conduct side, regulated cryptoasset firms will be subject to a mixture of new and existing rules across the FCA Handbook.
The FCA is amending and supplementing significant sections of the FCA Handbook to enable it to apply existing requirements, with adjustments, to regulated cryptoasset firms. These changes, introduced through PS26/13 (252-page /2.2MB PDF), notably include the application of cross-sector requirements including the consumer duty, safeguarding and custody, governance, systems and controls, senior managers and certification regime, operational resilience, and conduct of business requirements, amongst others.
These requirements are also accompanied by further non-handbook guidance on how specific regulatory requirements will apply to regulated cryptoasset activities and certain firms. These relate to the application of the consumer duty to cryptoasset firms (21-page / 226KB PDF), cryptoasset operational resilience (18-page / 235KB PDF), and the FCA’s approach to international cryptoasset firms (11-page / 170KB PDF).
The FCA has also created an entirely new CRYPTO sourcebook within the Handbook, containing bespoke cryptoasset rules. These include rules relating to:
Before being able to offer cryptoassets for sale on UK qualifying cryptoasset trading platforms (CATPs), firms will need to comply with new disclosure requirements aimed at ensuring prospective buyers or investors have access to “material information prior to admission so they can make informed decisions about whether to purchase the qualifying cryptoasset”.
Operators of the CATPs will need to undertake due diligence on cryptoassets being offered before they admit them to their platforms and prevent admission unless satisfied the disclosure documents meet the necessary requirements. The operators also have a key ‘gatekeeper’ role in preventing and detecting market abuse and in mitigating conflict of interest risks. Investors will have a right to seek compensation where they suffer loss because an untrue or misleading statement was included in the disclosure documents.
This suite of new cryptoasset policy statements and guidance issued on Tuesday follows extensive industry engagement and consultation on the various aspects of the new regime by the FCA over the past three years. A further policy statement containing the FCA’s perimeter guidance, to help firms understand its view of activities that fall within the ‘cryptoasset perimeter’ – the precise scope of the FCA’s regime – is expected to follow in September.
Impact
The FCA has acknowledged that its new rules could “increase barriers to entry to firms initially”, but that the new framework will deliver “improved regulatory clarity” that will serve to “encourage market entry” over time. It said this would help deliver “competition and innovation that benefits consumers” and has estimated that the regime will deliver a net benefit of £120 million over the next decade “primarily driven by the value consumers associated with increased regulatory protections and reduced risk of harm”.
David Geale, executive director of payments and digital finance at the FCA, has notably looked to position the publication of the new suite of rules as “a significant moment for crypto regulation in the UK”. He said the FCA has “created a framework that doesn’t force firms to choose between regulatory certainty and room to innovate”. Instead, he said, the regime offers both and delivers “a stable, competitive home to build and grow”. For consumers, he said, “it means firms will be held to similar standards to other financial providers, though we can’t regulate away risk”.
Sébastien Ferrière, financial services regulation expert at Pinsent Masons, said: “The transition from consultation to implementation is now firmly underway, with the contours and substance of a comprehensive, FSMA-aligned regime clearly in place. While the direction of travel remains broadly consistent with the consultation papers, there are notable calibrations. Certain capital and disclosure requirements within the prudential regime have been softened, including for stablecoin issuers. The FCA is taking a more pragmatic approach to intra-group custody arrangements. Principal dealers are removed from pre-trade transparency requirements. The overall framework, however, remains robust and far-reaching, with the FCA doubling down on a disclosure-led approach to protect consumers under the A&D regime, similar to traditional capital markets”
“From an international perspective, the UK continues to chart a distinct path. While there are clear parallels with the EU’s MiCA regime and elements of the US approach, the UK model is more tailored and activity-based, combined with a broad territorial reach. For internationally active firms, this raises important considerations around UK perimeter – with final guidance pending – as well as local presence, authorisation strategy and cross-border servicing of UK clients,” Ferrière added.