Over the past few months, there have been significant updates to the UK's proposed approach to the regulation of crypto-assets. The government has now formally launched its plan to make the UK a 'crypto hub' — a move which was preceded by coordinated publications from financial regulators, signalling their increased focus on firms' management of crypto services and exposures.
In its March 2022 Financial Stability in Focus report, the Bank of England's (BoE's) Financial Policy Committee judged that direct risks to stability of the UK financial system from crypto and decentralised finance (DeFi) are currently limited. However, the report noted that, if the pace of growth continues, and as these assets become more interconnected with the wider financial system, they will begin to present a larger risk.
The report was published on the same day that the PRA wrote (PDF 364KB) to bank and investment firm CEOs setting out its expectations around exposures to cryptoassets and the BoE issued a summary of responses to its Discussion Paper on New Forms of Digital Money. In addition, the FCA issued a notice to all regulated firms reminding them of their existing obligations when interacting with or exposed to cryptoassets and related services.
Adapting risk frameworks
The PRA's letter considers how the prudential framework should be applied to ensure that firms engaging in crypto activity manage the associated risks in a way that supports safety and soundness.
Firms are expected to consider whether they are adequately capturing the characteristics of these largely new and untested markets in their risk frameworks. Methodologies and calibrations will likely need to be adjusted in the longer term, but the PRA considers that a combination of strong risk controls, operational risk assessments, robust new product approval processes, Pillar 1, Pillar 2, and ongoing monitoring arrangements of strong risk controls can provide an appropriate interim approach:
Strong risk controls
- Crypto risks should be considered fully by the board and highest levels of executive management
- An individual approved by the PRA to perform an appropriate Senior Management Function should be actively involved in signing-off the risk assessment framework for any planned exposure to cryptoassets
- Financial, prudential, operational, and reputational frameworks may need adjustment to reflect crypto activity risks e.g. via increased monitoring, updated modelling, lower risk tolerances, and / or increased use of stress tests
- Firms should consider the full prudential framework when assessing cryptoasset risks, including the Fundamental Rules, Pillar 1, the ICAAP and related Pillar 2 considerations
- The PRA recognises that the measures in the PRA Rulebook and CRR are not well calibrated to the risks of crypto assets — this is being considered. Firms should be alert to specific risks related to crypto activities e.g. market, counterparty credit or operational risk and consider them under the Pillar 1 framework
- In many cases, direct holding of cryptoassets will be classified as an intangible asset under applicable accounting frameworks. In most cases, under the CRR, this is likely to result in a full deduction of any direct holdings from CET1
- Under market risk rules, where there are no other appropriate treatments, an appropriate capital requirement would be 100% of the current value of the firm's position, particularly for unbacked crypto. In estimating exposures, diversification and hedging frameworks should be conservative. Firms may also wish to look to existing structures, such as the commodity framework, to inform appropriate risk management techniques.
- Firms should consider whether the standardised approach to counterparty credit risk (SA-CCR) captures the full risks associated with many cryptoassets
- Firms should set out their risk considerations relating to crypto-exposures in their ICAAP
- Depending on activities, they should separately assess their activities for at least market risk, credit risk, counterparty credit risk and operational risk
- They should also consider the extent to which they are exposed to risks not generally considered in their existing Pillar 2 assessment — these could include operational risks (such as fraud, cyber or outsourcing risk) which are heightened through exposure to certain crypto-related activities
The Basel Committee and other international bodies are yet to complete their work on the risks of cryptoassets, however the PRA wants firms with relevant exposures to understand current expectations in respect of the existing prudential framework. As international discussions progress, these expectations may evolve and potentially become more stringent. The long-term prudential treatment of crypto-assets is therefore likely to differ from that under the current framework.
The PRA will continue to monitor any expansion of firms' crypto-related activities and will consult where further changes to the regulatory framework are required. It has also launched a survey of firms covering existing crypto exposures and future plans for 2022. Firms are asked to submit their responses by 3 June 2022.
Obligations for firms
The FCA's notice reminds all regulated firms of their existing obligations when interacting with or exposed to cryptoassets and related services, including that:
- Firms must ensure consumers understand the extent of regulated versus unregulated business
- Firms carrying out cryptoasset activity in the UK must comply with the 2017 AML CFT regulations which include the requirement to be registered with the FCA. As part of this, firms should be reviewing whether crypto businesses they interact with are listed on the FCA's Unregistered Cryptoasset Businesses page
- Firms subject to the FCA's investment firm prudential regime (IFPR), have obligations (under MIFIDPRU 7) to assess and mitigate the potential for harm that could arise from all of their business (including crypto). Other firms should consider this guidance when assessing and managing risks and exposures from cryptoassets. Where a firm accounts for a cryptoasset as an intangible asset, it will likely need to deduct this asset from its regulatory capital
- When considering custody arrangements, all FCA-regulated firms must observe the relevant Principles for Business (PDF 216KB)
- Where cryptoassets are specified investments (i.e. security tokens), firms carrying out regulated activities involving custody of these assets are likely to need to comply with the requirements of the CASS regime
The FCA will continue to work closely with international (IOSCO, FSB, FATF) and domestic partners, through the revived Crypto-asset Taskforce, to continue progressing effective regulation and common standards.
New forms of digital money
The BoE's summary of responses to the Discussion Paper (DP) sets out its emerging thoughts on how new forms of digital money (including both systemic stablecoins and a UK Central Bank Digital Currency (CBDC)) might affect the financial system and the economy. This DP built on the BoE's previous DP on a CBDC, published in March 2020, and the FPC's expectations for systemic stablecoins set out in the December 2019 Financial Stability Report. (PDF 7.57MB)
While the BoE has not yet decided how to proceed on any of the topics covered in the DP, the feedback received has shown strong support for it to continue its work. That said, respondents were clear about three things:
- Access to cash should be preserved
- The BoE should continue to engage with stakeholders including the wider public
- Any regulation for systemic stablecoins should be clear, proportionate and risk-based
In April, the UK government announced its plan to make the UK a 'global cryptoasset technology hub' by:
- Bringing stablecoins within the regulatory perimeter, paving their way for use in the UK as a recognised form of payment (as proposed by HM Treasury in January 2021)
- Legislating for a 'financial market infrastructure sandbox' to enable firms to experiment and innovate in providing the infrastructure services that underpin markets, in particular by enabling Distributed Ledger Technology to be tested
- Holding a two day 'CryptoSprint' in May, led by the FCA and with industry participants, to seek views directly from industry on key issues relating to the development of a future cryptoasset regime such as disclosure requirements around issuance of cryptoassets and the custody regulatory framework
- Working with the Royal Mint on a Non-Fungible Token (NFT)
- Establishing a Cryptoasset Engagement Group to work more closely with industry
- Exploring ways of enhancing the competitiveness of the UK tax system to encourage further development of the cryptoasset market
As part of the same package of announcements, John Glen (Economic Secretary to the Treasury) also confirmed that the government will consult on wider regulation of the cryptoasset sector later in 2022.