An overview of current and future UK regulatory requirements for financial services companies looking to integrate digital asset services.
Financial services companies looking to integrate digital asset services face a complex regulatory landscape. While cryptocurrencies and other digital assets have seen rapid growth in recent years, regulators are grappling with how to balance innovation and consumer protection with the need to prevent money laundering, terrorist financing, and other financial crimes.
The current regulatory requirements for digital assets
One of the key regulatory considerations for financial services companies in the UK is the FCA registration regime under the Money Laundering, Terrorist Financing and Transfer of Funds Regulations (MLRs). Under this regime, certain activities related to digital assets require FCA registration. These activities include the exchange of fiat currency for cryptoassets, providing custodian wallets for storing cryptoassets on behalf of customers, exchanging one cryptoasset for another, facilitating peer-to-peer exchange of cryptoassets, operating cryptoasset ATMs and participation in Initial Coin Offerings (ICO).
To obtain FCA registration, companies must go through a rigorous application process to demonstrate compliance with a range of regulatory requirements.
This includes processes covering:
- Customer KYC/onboarding and offboarding due diligence & risk assessment
- Know your transaction (transaction monitoring)
- Anti-money laundering (AML) and counter-terrorist financing (CTF) processes
- Policies and processes for sanctions and politically exposed persons; anti-bribery and corruption; financial fraud; whistleblowing; financial crime prevention
In addition, companies must seek additional FCA approval if a single shareholder acquires more than 25% of an FCA cryptoasset registered business. They must also notify the FCA if a 25+% shareholding reduces to under 25%.
Another regulatory consideration for digital asset startups is the need to obtain authorisation as an electronic money institution (EMI) under the Electronic Money Regulations (EMRs) if they provide e-money services in their own capacity, such as a digital GBP wallet. Representative requirements as an EMI include:
- safeguarding requirements
- FCA consumer duty regime compliance
- FCA operational resilience regime compliance
- funds transfer regulation compliance, and
- additional fiat financial crime prevention processes, such as authorised push payment fraud response tools.
2023 regulatory requirements for digital assets
Looking ahead, there are several regulatory developments on the horizon that financial services companies with involvement in digital assets need to be aware of. In 2023, financial promotions rules will be extended to cryptoassets, with a four-month implementation window from legislation being passed. In the same year, the implementation of the travel rule for virtual asset service providers (VASPs) will come into effect in September 2023, requiring the sharing of originator and beneficiary information for the movement of digital asset funds.
2024 onwards
In 2024 and onwards, we can expect to see the beginning of implementation of the currently proposed future financial services regulatory regime for cryptoassets, the first phase of which will bring regulation of fiat-backed payment stablecoins, with issuance, custody, and payment facilitation all requiring additional authorisation.
Phase 2 will see a wide range of additional cryptoasset activities recognised as authorised activity under the broader framework of the Financial Services and Markets Act (FSMA). This will take over from the MLR registration regime and includes rules governing the issuance and disclosure of cryptoassets, operating a cryptoasset trading venue, making a public offer of a cryptoasset, cryptoasset intermediation activity, custodying cryptoassets, market abuse monitoring, and cryptoasset lending.
We can also anticipate the introduction of the requirement for ISO20022 compliance for fiat transfers and remittance services (EMI).
Future considerations for regulatory requirements for digital assets
Other future considerations for financial services companies in the digital assets space, relating to topics for which information is being gathered but there are no specific proposals currently in place, include decentralised finance (DeFi) activities, sustainability disclosure rules, cryptoasset investment advice and portfolio management, cryptoasset mining/staking, and blockchain-based clearing and settlement operations.
In conclusion, financial services companies looking to integrate digital asset services face a challenging and rapidly evolving regulatory landscape. Compliance with the FCA registration regime under the MLRs is essential, as is keeping abreast of future regulatory developments. By taking a proactive approach to regulatory compliance and seeking expert guidance where necessary, companies can navigate this landscape successfully and capitalise on the opportunities presented by the digital asset revolution.
If you are looking for a trusted and sustainable partner to integrate digital assets in your business, reach out to our team of Zumo experts.