As the crypto market continues to innovate and grow, governments and regulators around the world are struggling to keep pace. The constantly shifting policy and regulatory landscape is also challenging for crypto businesses to navigate—particularly for firms seeking to operate in the UK where cryptoasset rules remain in flux. On a recent Thistle Initiatives webinar, in conjunction with law firm Fox Williams, Thistle’s Head of Financial Crime Jessica Cath was joined by Fox Williams’ Financial Services Regulatory Partner Mardi MacGregor and Independent Compliance Consultant Lynn McConnell to discuss the latest regulatory developments impacting the UK crypto industry and how businesses can stay ahead of the curve.
The trio not only gives valuable insights on the crypto market, it is also a rare all-female crypto panel—a pertinent reminder on International Women’s Day of the female talent and expertise that is helping shape the crypto landscape and the broader UK fintech ecosystem.
Here are five key takeaways from the webinar.
Crypto businesses in the UK face an uncertain operating environment amid policy and regulatory changes. Government rhetoric has been very crypto-positive, while the Financial Conduct Authority (FCA) seems crypto-sceptic, says Mardi. “The two seem to be quite disjointed,” she says. “Until we see the detailed legislation come through from the government, the FCA is left to take a crypto-sceptic approach.” Part of that is down to the FCA having a strong mandate to protect consumers, with anti-money laundering (AML) policies at the centre of it, says Lynn. This gets to the very nub of the tension—the need to balance consumer protections with the commercial objective of encouraging innovation and making the UK an attractive jurisdiction for crypto operators. “It is tricky to get that balance right,” adds Jessica.
The regulatory backdrop in the UK is currently a patchwork of different regimes that may or may not apply depending on a firm’s crypto-related activities. Those span AML registration rules, new financial promotions restrictions and upcoming changes to the regulated activities regime that will bring certain cryptoassets under the FCA’s supervision says Mardi. For example, the financial promotions restrictions prevent unauthorised promotion of qualifying cryptoassets to UK consumers regardless if the company is based in the UK or abroad. To promote crypto legally, firms either need to be registered with the FCA under the money laundering regulations (and eligibility for this registration is not universal), authorised by the FCA (a challenge in the crypto context given there is not yet a crypto authorisation regime), the promotion needs to be approved by a third-party that is authorised, or an exemption must apply (but these exemptions are detailed and specific and not generally available when promoting products to consumers), Mardi adds.
Crypto firms can’t just proactively register with the FCA for AML purposes, they must be carrying on a specific type of business i.e. they must be either a crypto asset exchange provider or a custodian wallet provider, says Mardi. The definition of a crypto asset exchange provider, however, is wide ranging and will include firms that make arrangements with a view to the exchange of cryptoassets for money or money for cryptoassets – so exchanges and trading platforms where sellers and buyers can interact, as well as certain firms that arrange commercial partnerships. “Because the definition is so broad, there’s a lot of edge cases, so we always suggest companies get a formal legal opinion because it can be very complicated trying to figure out where you sit,” adds Jessica.
Even if a firm is eligible, registering with the FCA is a rigorous and challenging undertaking, particularly for startups. “It’s a very complex, pretty intense process that you have to go through before you get approved,” says Jessica. That includes developing a strong regulatory business plan and documenting all policies, procedures and risk assessments, which is followed by extensive questioning from the FCA, who want to gauge the level of competency and commitment to AML compliance across the business. To do this, companies need to risk assess all existing products, as well as anything that is likely to be launched over the next six to nine months, so the presentation of the firm’s activities is complete, says Lynn. Those activities must be benchmarked against all money laundering regulations and also need to include risks such as proliferation financing, sanctions compliance and operational risk, she adds.
Securing FCA approval is not easy—only a small handful of businesses are typically approved every year—so getting the registration process right is critical. This means having a realistic and credible plan that shows the regulator there is a robust governance structure in place that will scale in tandem with the company’s growth, says Jessica. Firms also need to ensure they have suitable expertise for the interview process—hiring a junior MLRO (money laundering reporting officer) to save costs, for instance, is unlikely to help, says Jessica. The good news is that once approved, the FCA will support firms with extra supervision and coaching to help with regulatory reporting, says Lynn. But for firms to get to that point, they need to devote appropriate time and resources to get approved. “The FCA will still be deploying a very high bar when it comes to the registration process,” adds Jessica.
How can we help you?
To learn more about how Thistle Initiatives can help with your FCA registration process, get in touch with our Financial Crime team by sending an email to info@thistleinitiatives.co.uk or download our UK Crypto Top Tips.
Log in to access complimentary passes or discounts and access exclusive content as part of your membership. An auto-login link will be sent directly to your email.
We use an auto-login link to ensure optimum security for your members hub. Simply enter your professional work e-mail address into the input area and you’ll receive a link to directly access your account.
Instead of using passwords, we e-mail you a link to log in to the site. This allows us to automatically verify you and apply member benefits based on your e-mail domain name.
Please click the button below which relates to the issue you’re having.
Sometimes our e-mails end up in spam. Make sure to check your spam folder for e-mails from The Payments Association
Most modern e-mail clients now separate e-mails into different tabs. For example, Outlook has an “Other” tab, and Gmail has tabs for different types of e-mails, such as promotional.
For security reasons the link will expire after 60 minutes. Try submitting the login form again and wait a few seconds for the e-mail to arrive.
The link will only work one time – once it’s been clicked, the link won’t log you in again. Instead, you’ll need to go back to the login screen and generate a new link.
Make sure you’re clicking the link on the most recent e-mail that’s been sent to you. We recommend deleting the e-mail once you’ve clicked the link.
Some security systems will automatically click on links in e-mails to check for phishing, malware, viruses and other malicious threats. If these have been clicked, it won’t work when you try to click on the link.
For security reasons, e-mail address changes can only be complete by your Member Engagement Manager. Please contact the team directly for further help.
