cancel

A UK regulatory regime for cryptoassets

Same risk, same regulatory outcome

 

A UK regulatory regime for cryptoassets

The UK Government is consulting on a proposed regulatory framework for cryptoassets with the aim of encouraging growth and innovation in the sector while maintaining financial stability and clear regulatory standards. This consultation follows the proposals in the Financial Services and Markets Bill (FSMB) to bring “digital settlement assets” used for payments (i.e. stablecoins) within existing e-money regulations.

In summary, a number of new specific cryptoasset regulated activities will be created based upon similar traditional financial regulated activities. This is likely to mean that crypto native firms (those firms whose business is primarily in cryptoassets) will need to become fully authorised and supervised by the FCA. Existing traditional finance or `tradfi' firms will be able to expand their permissions to undertake cryptoasset activities

General approach

The Government's view is that cryptoassets and the activities underpinning their use should follow the standards expected of other similar financial services activities, and so will use the framework of the Financial Services and Market Act (FSMA) to regulate crypto assets.

Therefore, cryptoassets will become a new specified investment and HM Treasury (HMT) is proposing to create a number of new specific cryptoasset regulated or designated activities where these activities seek to mirror, or closely resemble, regulated activities performed in traditional financial services. If a firm wants to carry out these activities, then it must be authorised under FSMA and have permission to do that activity.

Given the ability of UK consumers to access cryptoassets services anywhere in the world, HMT is proposing to regulate cryptoasset activities provided in or to UK clients. Therefore, offshore firms providing activities to UK clients will need to become authorised in the UK. However, HMT is considering exceptions to this approach — e.g. allowing `reverse solicitation' — i.e. if a UK customer accessed a particular cryptoasset service entirely at their own initiative. It is not clear how this would be enforced to prevent regulatory arbitrage, and `reverse solicitation' is already a challenging concept within traditional financial services. HMT is also considering equivalence or deference arrangements with other jurisdictions that have equivalent standards.

General requirements

The consultation sets out the framework for a number of different activities which HMT considers the highest risk and specific regulatory requirements for these activities. However, across all the activities there are some common requirements for firms:

  •  Authorisation under FSMA — applications to the FCA should include details of operations, services and business plans, description of organisational and governance arrangements, description of controls and risk management process, cybersecurity, outsourcing arrangements and financial resources.
  •  Location requirement — details to be determined by the FCA.
  • Prudential requirements — sufficient financial resources to conduct business in a prudent manner. Capital and liquidity requirements to be set by the FCA addressing both the potential for harm from on-going operations and the ability to wind-down in an orderly manner.
  • Governance — robust governance arrangements.
  • Operational resilience requirements — firms must be resilient, and perform due diligence and ongoing oversight over outsourcing arrangements.
  • Resolution and insolvency — insolvency powers under FSMA should apply, allowing FCA to participate in insolvency proceedings. HMT will consider whether a bespoke resolution regime should be developed over time.

Specific activity requirements

Issuance and admission to a trading venue

HMT will base the regulatory framework regarding the admission of a cryptoasset to a UK cryptoasset trading venue on the multilateral trading facility (MTF) model and public offer platform disclosure regimes. (These are currently being amended in reforms to the UK prospectus regime). Specific requirements would include:

  •  Venue to write detailed requirements for disclosure documents required for admission, in accordance with principles established in the FCA's rulebook. Venues would also need to perform due diligence on the issuer.
  • Issuers, or the trading venue in the case where there is no issuer (e.g. Bitcoin), to prepare admission document. FCA will consider whether there should be ongoing disclosure requirements once the cryptoasset has been admitted (similar to reporting requirements of listed companies).
  • Admissions disclosure documents may be quite different to a traditional prospectus given differences between cryptoassets and traditional securities but could include the following information to help an investor make an informed assessment:
    • The features, prospects and risks of the cryptoassets.
    • The rights and obligations attached to the cryptoassets (if any).
    • An outline of the underlying technology (including protocol and consensus mechanism).
    •  If applicable, the person seeking admission to trading on a cryptoasset trading venue.
  • Liability for any losses the investor may suffer as result of an inaccurate disclosure/admission document would be applied to the preparer of the document (i.e. the issuer or trading venue). Therefore, there may be some need for prudential requirements to absorb liability losses — either through adequate financial resources or professional indemnity arrangements.

Trading venues

HMT intends to model the cryptoasset trading venue regime on the existing framework covering the operation of trading venues. Beyond the common requirements described above, further requirements include:

  • Consumer protection — fair, open and transparent access rules and fee schedules, conflicts of interest management including a possible requirement for separate entities if conflicts are unmanageable, procedures for handling customer complaints.
  • Data reporting — for market abuse monitoring — capability to make accurate and complete information readily accessible for both on- and off-chain transactions. FCA will specify further requirements. This could potentially be done through arrangements with specialist blockchain surveillance providers as an alternative to using or developing in-house capabilities.

Overseas cryptoasset trading venues would likely require subsidiarisation in the UK — but HMT would like equivalence type arrangements with countries with similar regulatory frameworks.

Cryptoasset intermediation (trading)

HMT will base the framework regulating the trading of cryptoassets on existing rules for investment firms (e.g. the MiFID framework). Beyond the common requirements, specific requirements include:

  • Consumer protection — acting honestly & fairly and in best interests of clients, conflicts of interest management, best execution, appropriateness assessments and transparency around trading arrangements (e.g. fees, price methodology).
  •  Data reporting — firms should have systems and controls to be able to detect market abuse and submit suspicious transaction and order reports (STORs).

Custody

Work is underway by the Law Commission on whether the law needs to be adapted to accommodate digital assets. HMT will consider the Commission's future recommendations when developing the framework. However, HMT is currently proposing to apply and adapt existing frameworks for traditional finance custodians (i.e. those for safeguarding and administrating investments). Interestingly, HMT proposes to also capture firms that only safeguard (but don't administer) assets (e.g. firms that solely safeguard cryptographic private keys which provide access to cryptoassets). Beyond the common requirements, specific requirements include:

  •  Custody/safeguarding/client assets rules (CASS) — existing CASS rules as a basis to design bespoke custody requirements for cryptoassets covering:
    • Adequate arrangements to safeguard investors' rights to their cryptoassets (e.g. restrict commingling of investors' assets and the firm's own assets).
    • Adequate organisational arrangements to minimise risk of loss or diminution of investors' custody assets.
    • Accurate books and records of investors' custody assets holdings.
    • Adequate controls and governance over safeguarding arrangements of investors' custody assets holdings.
  • Consumer protection — conduct of business requirements such as client disclosures and clear contractual terms. Availability of FSCS protection is being considered and to be determined by the FCA.

On liability, HMT is exploring taking a proportionate approach which may not impose full, uncapped liability on the custodian in the event of a malfunction or hack that was not within the custodian's control.

HMT expects that same custody requirements will apply to all types of cryptoassets. Therefore, for cryptoassets that already meet the definition of a specified investment (security tokens), the existing regulatory framework that currently applies will be replaced by the new custody regime. The FCA expects to run a separate consultation on this.

Cryptoasset lending platforms

HMT recognises that lending and borrowing make up a large proportion of activity in the cryptoasset market but also have recently led to significant consumer losses. There are a wide range of business models and unique challenges — so HMT is not yet trying to obtain the same regulatory outcomes as traditional lending such as FSCS protection, affordability assessments & forbearance periods. Beyond the common requirements, specific requirements include:

  • Consumer protection — client disclosures, risk warnings, clear contractual terms including ownership of legal and beneficial title. Clear terms and disclosures should exist in terms of collateral requirements and margin calls, including the circumstances under which these are enacted.
  •  Prudential requirements — beyond general sufficient financial resource requirements that all firms undertaking cryptoasset activity will be expected to comply with, lending and borrowing firms will also be required to monitor and manage liquidity and funding risks across different time horizons and stress scenarios.

The consultation also asks whether regulatory treatment should differentiate between lending (where title of the asset is transferred) vs staking or supplying liquidity (where title of the asset is not transferred).

HMT is also considering whether there should be a similar disclosure regime to those applied to securities financing transactions (e.g. counterparty and transactions details, collateral composition, rehypothecation, substitution of collateral at the end of the day and haircuts applied) so regulatory authorities are able to monitor the build-up of risk present in collateralised lending transactions.

Market abuse

The consultation highlights the many challenges in detecting market abuse in crypto markets in comparison to traditional markets — its borderless nature, inside information can be held or created by entities other than the issuer e.g. miners, validators, and a higher proportion of retail clients. However, the underlying technology, such as the transparency of blockchain, could offer advantages. HMT recognises that until international standards and coordination are in place it will be difficult to ensure the same level of market integrity and consumer protection as is offered in traditional securities markets. Consumers and market participants will need to be made aware of these limitations.

The regime will be based on MAR, covering similar offences — insider dealing, market manipulation and unlawful disclosure of inside information and would apply to all persons committing market abuse on a cryptoasset that is trading on a UK trading venue (regardless of where the activity takes place i.e. could be overseas).

HMT proposes that the primary mechanism against breaches would be trading venues disrupting the occurrences of market abuse activity — placing the onus upon trading venues to establish “who” offenders are and information sharing arrangements with other venues that admit the same cryptoassets. Therefore, the trading venue would be expected to have systems and controls to prevent, detect and disrupt market abuse (e.g. KYC requirements, order book surveillance, use of blockchain analytics). Trading venues would need to investigate and sanction individuals, for example through the use of public blacklists.

Professional intermediaries would also need systems and controls to prevent market abuse including submitting STORs to trading venues. HMT is also proposing that all regulated firms undertaking cryptoasset activities would be required to disclose inside information and maintain insider lists. However, HMT recognises that this could be difficult.

Call for evidence

HMT recognises that there are some areas of the cryptoassets markets that are still rapidly evolving, it requires further information and views from participants before proposing frameworks for these areas:

Decentralised Finance (Defi)1 — HMT considers that the same regulatory outcomes should apply to cryptoasset activities regardless of the underlying technology, infrastructure, or governance mechanisms. However, with DeFi, the way the same regulatory outcomes are achieved may well differ and take longer to clarify as traditional authorisation and supervisory methods via identified individuals or firms will be difficult to apply.

Noting the highly borderless nature of DeFi organisations, HMT would also prefer international approaches and standards to crystalise before developing the UK framework. However, HMT does note that centralised business models which brand and market themselves as DeFi in order to circumvent regulatory obligations should be subject to the same treatment as centralised organisations and asks what indicators could be used to measure `decentralisation'.

Establishing clarity of the legal structure of decentralised autonomous organisations (DAOs) will be important in helping to determine how regulation could be applied to these structures.

However, in the shorter term, there may be interim measures such as industry agreed standards that would be followed by firms facilitating consumer access to DeFi (e.g. police the `on and off' ramps to consumers).

Cryptoasset investment advice and portfolio management — HMT is considering whether these activities could be analogous to the current activities of `advising on investments' and `managing investments'. However, that would then require regulated advisors to be experienced, competent and qualified, and for them to assess that an investment is suitable before making a recommendation. HMT questions whether this can be assessed given that the price and value of an unbacked cryptoasset is driven by speculative investment decisions, rather than market fundamentals which can be objectively assessed. 

Post-trade activities in cryptoasset transactions — HMT is considering whether similar regulatory requirements for the clearing and settlement of traditional financial instruments (e.g. EMIR) need to apply to crypto assets. Its future proposals will be informed by the activities in the FMI sandbox.

Crypto mining and validation — HMT considers that there may not be justification or mechanism (given lack of activity in the UK and borderless nature) to regulate the activity of mining itself — however there may be some areas that warrant some regulation — e.g. layer 1 staking2

Sustainability — concerns continue around the energy consumption of mining some cryptoassets. Across the financial services sector, various sustainability-related reporting requirements are increasingly being applied to firms. But applying similar rules could be difficult as consumers interact in different ways with cryptoassets to traditional finance and there is no currently agreed upon set of indicators or metrics for measuring the impact of cryptoassets. HMT is seeking views on what information is available and would be useful for investors/consumers to assess the environmental impact of their investment decisions.

Consumer protection

It seems HMT is trying to achieve a delicate balance in the cryptoasset market between supporting innovation while protecting consumers. The second policy objective of the framework is to `enable consumers to make well-informed decisions, with a clear understanding of the risks involved' — markedly not to `protect consumers'. Under the proposed HMT framework, all firms undertaking the specified cryptoasset activities would need to become FCA authorised and so comply with FCA principles, which from July 2023 would include the new Consumer Duty principle. Under this new principle authorised firms must act to deliver good outcomes for retail customers.

HMT recognises in the consultation that it is not possible to offer the same level of regulatory outcomes with regard to market abuse and in borrowing and lending of cryptoassets. It is, therefore, striking that there is no mention of how the proposed framework will interact with the expectations of the FCA's Consumer Duty principle, especially given the high level of retail participation in the cryptoasset markets. This may be a key point of discussion during the consultation period.

Also on the topic of FSCS protections, HMT states that it is not the Government's intention for FSCS protections to apply to investor losses arising from cryptoasset exposures. However, it is the responsibility of the PRA and FCA as the UK's independent financial regulators to set the limits of FSCS protection in respect of regulated activities.

Next steps

The consultation closes on 30 April and HMT will also undertake a programme of stakeholder engagement to garner views.

HMT has introduced an (intentionally broad) definition of cryptoassets, via the FSMB, that will bring them within the scope of the FSMA regulatory perimeter and will avoid the need for any further primary legislation to enact its proposed framework.

However, the detailed rules will need to be written and consulted upon by the FCA so the full extent and impact of the framework will take a while to be realised.

What does this mean firms?

Crypto native firms that want to continue to sell their products and services to UK clients need to be prepared to become subject to financial services regulation and the supervision that comes with it. Expectations are that authorised firms have good governance, systems and controls around financial resources, operational resilience and conduct — and firms will need to evidence this in the authorisation process.

Notably, the expectations are wider than under the Money Laundering Regulations that some crypto native firms have already obtained FCA registration. However, in order to smooth this transition, the consultation states that the FCA will adopt a timely and proportionate authorisation process for complete and accurate applications.

For traditional finance firms, the hope is that this framework will allow more confidence in the integrity and long-term future of the cryptoasset market. Many traditional finance firms are interested in the use of distributed ledger technology (DLT) in traditional finance markets (i.e. tokenisation) and there may be overlaps in this framework and how the existing framework is adapted for tokenisation (as called out in the custody section of the proposal).

Related content

Regulatory Insights

Providing pragmatic and insightful intelligence on regulatory developments.

Digital Finance

The digitalisation of the financial sector continues.

Our people 

Bronwyn Allan

Manager, Regulatory Insight Center

KPMG-UK

Kate Dawson

Wholesale Conduct & Capital Markets, EMA FS Regulatory Insight Centre

KPMG in the UK



1IOSCO defines DeFi as “the provision of financial products, services, arrangements and activities that use DLT to disintermediate and decentralise legacy ecosystems by eliminating the need for some traditional financial intermediaries and centralized institutions”. As such, DeFi allows for user-directed, non-custodial economic transactions via smart contracts.
2Layer 1 staking is when a participant `locks up' cryptoassets for a set period of time to help support the operation of the blockchain. Blockchains that have consensus mechanisms based on proof-of-stake, require validators or `stakers' to provide capital (generally in the form of the blockchain's native token) to the public network. These `stakers' are incentivised to do so as they receive fees and newly minted tokens as a reward for producing new blocks and securing the network, proportional to the amount they have staked. This process also disincentivises bad actors from acting against the interest of the system as their own capital is at risk.