The Financial Conduct Authority (FCA) is reminding all regulated firms of their existing obligations when they are interacting with or exposed to cryptoassets and related services.
While cryptoassets and their underlying technologies can offer benefits to financial services firms e.g., reduce costs and increase efficiencies, they also present risks to market integrity and consumers, particularly when used as a speculative investment. This is additional to significant risks in relation to financial crime and money laundering.
Below the FCA has set out some areas of risk that firms need to consider. This is not a complete list and firms should consider any further controls and requirements which apply to them. They should read this statement together with latest guidance on how firms should manage financial crime risks associated with cryptoassets in the ongoing Russia/Ukraine conflict.
The FCA also recommend that firms read the Letter from Sam Woods on existing or planned exposure to cryptoassets published by the Prudential Regulation Authority (PRA), as well as publications from the Bank of England and the Financial Policy Committee (FPC), which focus on cryptoassets and new forms of digital money.
Being clear with customers
As stated in the FCA Perimeter Report 2021, much of the cryptoasset sector continues to sit outside of the FCA’s current regulatory remit. When firms assess the risks cryptoassets pose, they should use a similar approach to that for the regulated activities they conduct. There is a risk of consumer confusion where regulated firms provide services involving cryptoassets. We expect firms to ensure that consumers understand the extent of business that is regulated and to clearly distinguish those elements which are unregulated business. At all times, firms remain responsible for identifying and managing potential risks related to cryptoassets.
Financial Crime and registration of cryptoasset business
Since January 2020, firms carrying on cryptoasset activity in the UK have had to comply with the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 (the ‘MLR’s). This includes the requirement to be registered with the FCA to continue to carry on business. Providing cryptoasset business in the UK by way of business, as set out in Regulation 9 of the MLRs, without registration (or temporary permission under the Temporary Registration Regime (TRR)) is a criminal offence.
Having appropriate systems and controls in place
The FCA expect all authorised and registered firms to have appropriate systems and controls to counter the risk of being misused for financial crime. As part of this, all firms should be reviewing whether cryptoasset businesses they interact with are listed on the FCA’s Unregistered Cryptoasset Businesses page. The FCA expect firms doing business with cryptoasset firms to check against this list and to make sure that they have sufficient due diligence and money laundering controls in place to manage the risks posed by their customers.
Assessing the risks
FCA 2018 Dear CEO letter gave firms guidance on how to achieve best practice where clients and customers may be using cryptoassets, or providing services to customers offering cryptoassets. That guidance remains relevant – with some key elements outlined in this notice.
Where firms’ clients and customers are using cryptoassets or offering related services, firms are given the flexibility to adapt their actions to the perceived risks. Firms should assess the risks posed by a customer whose wealth or funds derive from the sale of cryptoassets, or other cryptoasset related activities, using the same criteria that would be applied to other sources of wealth or funds. One way cryptoassets differ from other sources of wealth is that the evidence trail behind transactions may be weaker. This does not justify applying a different evidential test on the source of wealth and we expect firms to exercise particular care in these cases.
While there are currently no specific prudential treatments that explicitly mention cryptoassets, FCA remind regulated firms that there are still regulatory obligations in this area. Firms subject to our new investment firm prudential regime (IFPR), have obligations (under MIFIDPRU 7) to assess and mitigate the potential for harm to clients, to the markets in which the firm operates and to itself, that could arise from all of their business. This applies whether or not that business consists of Markets in Financial Instruments Directive (MiFID) investment business, other regulated activity or is unregulated. It also applies irrespective of operating on an agency basis, principal basis, or in some other capacity. This therefore includes cryptoassets business, however firms conduct that business.
Other firms subject to FG20/1: Assessing adequate financial resources should consider that guidance when assessing and managing risks and exposures from cryptoassets. Where a firm accounts for a cryptoasset as an intangible asset, it will likely need to deduct this asset from its regulatory capital.
If the FCA find that there is a need for updated prudential requirements for cryptoassets, they will consider what further steps they may need to take to ensure firms have adequate financial resources to address the potential for harm from conducting business involving cryptoassets.
All FCA regulated firms must observe the Principles for Business, which all firms must comply with to be authorised by them. Principle 10 requires a firm to arrange adequate protection for clients’ assets. As part of these protections, the FCA’s Client Assets Sourcebook (CASS) provides detailed rules for firms to follow when holding regulated assets in custody, as part of their investment business. Where cryptoassets are specified investments (ie, security tokens), firms carrying out regulated activities involving custody of these assets are likely to be subject to the CASS regime. If firms have any questions about how the CASS rules may apply, they should speak to their relevant FCA supervisory contact.
The FCA continue to develop their understanding of how cryptoasset technology affects custody arrangements. They will continue to monitor the use of cryptoassets in custody arrangements and act where appropriate, supporting responsible innovation, while protecting consumers and ensuring market integrity.
Domestic and international engagement
As effective regulation of a digital world requires international cooperation and common standards, the FCA will continue working closely with international partners, both bilaterally and through multilateral fora, including the International Organization of Securities Commissions (IOSCO), the Financial Stability Board (FSB) and the Financial Action Task Force (FATF). Domestically they will work closely with Government and other parties through the Cryptoassets Taskforce (CATF) on a UK approach that balances innovation and competition, alongside orderly markets and consumer protection. The FCA will also be engaging with industry participants to seek insights as they further develop views.
- ASA Enforcement Notice continues clampdown on misleading and irresponsible crypto ads
- Financial products and services
- Make sure you ‘Crypto’ the line with your ads
At LS Consultancy, our consultants are industry experts that interpret the rules, regulations and spirit of the industry guidelines by assisting you “the client” in implementing a compliance programme that you can be confident is mitigating the risk of financial crime and providing crypto support. What we can do:
- We analyse the relevant jurisdictions legislation, regulation and industry guidance to ensure that your controls adopt the highest standard possible
- Analyse and/ or Enhance your Business Wide Risk Assessment to ensure we consider money laundering and relevant predicate crimes
- Assessment of your Customer Onboarding and/ or Periodic KYC reviews rely on independent documentation and supported by credible information from your customer – as this is key to your compliance programme.
- Robust Transaction Monitoring and Screening whilst utilising your up-to-date KYC documentation/ information are fundamental.
- Greater emphasis on training – why not go through live examples with your RM’s, Operational Teams and Compliance – discuss the areas of concern and come up with compliant solutions.
- Ensuring your Compliance Monitoring Programme is conducted on a regular basis
- Engagement with senior management through relevant committees
For further information please contact us where our industry experts will be happy to answer your questions.
Why Not Download our FREE Brochures! Click here.
Call Us Today on 020 8087 2377 or send us an email.
We welcome individual bloggers / Professional Writers / Freelancers to submit high quality contents. Find out more…
You can see our Google reviews here.