Regulation of UK Cryptoasset Firms – the Financial Conduct Authority’s Registration System by Andrew Maguire
Please click here to view a PDF version of the article.
The Regulatory Framework
In the UK, the Regulator of investment business is the Financial Conduct Authority (“FCA”).
The primary legislation underlying regulation of financial investment business is:
The Bank of England and the Financial Conduct Authority have recently issued warnings in respect of investments into cryptoassets; however, there is no blanket prohibition on their sale. The FCA have plainly set out the risks in January 2021 by stating in the starkest terms:
“The FCA is aware that some firms are offering investments in cryptoassets, or lending or investments linked to cryptoassets, that promise high returns. Investing in cryptoassets, or investments and lending linked to them, generally involves taking very high risks with investors’ money. If consumers invest in these types of product, they should be prepared to lose all their money.”
The FCA’s concerns are plainly articulated in its Research Note: “Cryptoasset Consumer Research 2021” published on 21 June 2021:
“Overall, public awareness and our estimate for ownership is up to around 2.3 million, up from around 1.9 million in 2020 – and 78% of adults have now heard of cryptocurrencies.
The level of understanding of cryptocurrencies is declining, suggesting that some crypto users may not fully understand what they are buying. Median holdings have risen (up from £260 to £300) in a strong period of price increases, but the profile of cryptocurrency owners has not changed substantially – the population remains skewed towards men who are over 35 and are from the AB social grade.
However, we find that attitudes have shifted, as cryptocurrencies appear to have become more normalised – fewer crypto users regard them as a gamble (38%, down from 47%) and more see them as an alternative or complement to mainstream investments, with half of crypto users saying they intend to invest more.”
The relevant law is to be found in sections 19, 22, 23 and 26 & 27 of FSMA and part II and III of the RAO, which creates the Regulatory Perimeter – it ring-fences regulated financial services activities, which are undertaken in the course of a business.
Breaches of the General Prohibition, which is found in s.19, which separates regulated and unregulated financial services activities, such as providing advice in relation to a specified investment, result in the commission of a crime with up to 2 years’ imprisonment or an unlimited fine (s.23) or the agreement made by an unauthorised person may be unenforceable (s.26) i.e. voidable by the innocent party.
Agreements made by authorised persons in the course of their authorised business may also be unenforceable if the agreement is entered into as a result of a third party’s unauthorised regulated activities: see s.27 FSMA.
Guidance as to the correct approach was recently provided by the CA in Financial Conduct Authority v Avacade Ltd (In Liquidation)  EWCA Civ 1206; See also: Adams v Options UK Personal Pensions LLP  EWCA Civ 474.
Activities that are referred to collectively as “investment activities”, include:
The FCA’s Policy Statement PS19/22 sets out where tokens are likely to be:
Who this applies to:
Prohibition on Cryptocurrency Derivatives
The FCA had previously issued a statement on Cryptocurrency Derivatives, which stated that firms offering cryptocurrency derivatives were required to be authorised:
Cryptocurrency derivatives are, however, capable of being financial instruments under the Markets in Financial Instruments Directive II (MIFID II), although we do not consider cryptocurrencies to be currencies or commodities for regulatory purposes under MiFID II. Firms conducting regulated activities in cryptocurrency derivatives must, therefore, comply with all applicable rules in the FCA’s Handbook and any relevant provisions in directly applicable European Union regulations.
It is likely that dealing in, arranging transactions in, advising on or providing other services that amount to regulated activities in relation to derivatives that reference either cryptocurrencies or tokens issued through an initial coin offering (ICO), will require authorisation by the FCA. This includes:
Thereafter, the FCA prohibited the sale of crypto derivatives to retail customers with effect from 6 January 2021: see FCA Policy Statement 20/10. Its conclusion is illuminating:
“We remain of the view that the price of cryptoassets is determined by sentiment and speculative behaviour. As a result, future valuations are highly subjective.”
FCA’s concerns as to the level of risk
In January 2021, the FCA issued a warning to retail investors of the risks associated with other cryptoasset-related investments, stating that those who choose to invest should be prepared to lose the full amount of their investment.
Furthermore, the FCA issued a consumer warning and a Supervisory Notice in June 2021 about Binance Markets Ltd, a cryptoasset exchange, reminding consumers that Binance is not permitted to undertake any regulated activities in the UK and warning consumers more generally about online and social media adverts promising high returns on investments in cryptoassets or cryptoasset-related products.
In the 12 months up to 30 June 2020, the FCA launched 52 enquiries into unauthorised cryptoasset businesses (slightly down from the same period in the preceding year (59), but dramatically up from the sum total of 2 during the two-year period 1 July 2015 to 30 June 2017): details supplied by the FCA pursuant to a FOI Request, dated 4 November 2020.
Importantly, For cryptoasset-related investments, consumers are unlikely to have access to the Financial Ombudsman Service (“FOS”) or the Financial Services Compensation Scheme (“FSCS”), if something goes wrong.
As from 10 January 2021, Cryptoasset Exchange Providers (“CEP’s”) and Custodian Wallet Providers (“CWP’s”) operating within the United Kingdom have been required to register with, and be supervised for, (i) anti-money laundering (“AML”) and (ii) counter terrorist financing (“CTF”) purposes by the Financial Conduct Authority (“FCA”).
For cryptoasset firms, which do not carry on any advisory, investment, payment services, e-money or any other UK regulated business, this restricted regime is the sole means currently available to the FCA as the financial services regulators in this budding sector.
In order to allow firms to continue trading while their applications are being assessed, the FCA introduced a Temporary Registration Regime (“TRR”) for existing cryptoasset businesses. The TRR expires on 31 March 2022.
The FCA have declared that many temporarily registered crypto firms submitted deficient applications and it had asked some firms to withdraw their applications. The FCA has also publicly named and shamed crypto firms that have failed to register under the MLR.
What type of crypto business is registrable?
The FCA have repeatedly warned that carrying out a registrable crypto business in the UK without MLR registration can constitute a criminal offence. The Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 (“MLRs”), which were updated in 2019 to capture crypto exchanges and custodian wallet providers, apply to firms that:
The definition of ‘cryptoassets’ used in the MLRs is intentionally broad and will likely capture most kinds of tokens based on distributed ledger technology (“DLT”), such as, stablecoins, security tokens, utility tokens and other types of cryptoassets.
The UK MLR registration requirement is territorially limited. It only applies to a firm that is regarded, under English law, as ‘carrying on business in the UK’. This can be a notoriously difficult issue to determine conclusively: factors such as (i) whether day-to-day management takes place in the UK or whether the activity is carried on from an establishment in the UK, (ii) the determination of where a firm operates on a decentralised basis with staff or has a corporate presence across different countries, through branches, subsidiaries or staff working remotely; (iii) whether firms have outsourced various activities to other group companies or third parties, whether based in the UK or not?
Fit & proper assessments
In line with the standard FCA requirements for firms and individuals who are subject to the FCA licensing regime, crypto firms are also subject to fit and proper requirements under the MLRs. Various key individuals must also be assessed (by the FCA) as fit and proper for the role, including officers, managers and beneficial owners (i.e. those who own or control more than 25% of the shares or voting rights) in the business. These individuals will need to pass the “fit and proper person” test before the business can be fully registered or remain registered. Applications must disclose any issues as to why the business or person may not be fit and proper; the FCA treats non-disclosure very seriously.
Effect of breaches of the FCA rules and regulations
As well as criminal liability arising, the civil law remedy that is usually sought is that of unenforceability of the contract on the grounds of the regulatory breaches.
An agreement made by an unauthorised person carrying on a regulated activity in breach of the general prohibition is unenforceable against the other contracting party: see s.26 FSMA 2000. Agreements made by authorised persons in the course of their authorised business may also be unenforceable if the agreement is entered into as a result of a third party’s unauthorised regulated activities: see s.27 FSMA 2000.
An unenforceable agreement is voidable by the innocent party who has the right to recover any money or other property transferred by them under the agreement and to be compensated for any resulting loss suffered by them.
Where the innocent party elects not to perform the agreement or recovers money paid or other property transferred under the agreement, they must also repay money and return property received under the agreement.
A court has the power, pursuant to s.28(3) FSMA 2000, to uphold an otherwise unenforceable agreement or order money and property paid or transferred to be retained where it is just and equitable to do so: see Helden v Strathmore Ltd  EWCA Civ 542.
New Digital Dispute Resolution Rules for Cryptoasset Disputes
On 22 April 2021, the UK Jurisdiction Taskforce (“UKJT”) chaired by the Master of the Rolls, Sir Geoffrey Vos Q.C., published new Digital Dispute Resolution Rules (“DDR Rules”) designed to be incorporated into blockchain digital relationships and smart contracts.
“facilitate the rapid and cost-effective resolution of commercial disputes, particularly those involving novel digital technology such as cryptoassets, cryptocurrency, smart contracts, distributed ledger technology, and fintech applications.”