The Financial Conduct Authority (FCA) is the UK’s leading regulatory body for financial institutions. Crypto firms must achieve FCA compliance if they want to operate in the UK. This guide dissects what FCA crypto registration looks like and the kinds of crypto AML compliance processes that are expected of firms.
What is Financial Conduct Authority (FCA) Compliance?
The Financial Conduct Authority is the principal regulatory body overseeing financial markets and firms in the UK. They are tasked with ensuring that these markets operate with integrity and transparency, protecting consumers from financial crimes such as money laundering and terrorist financing.
The FCA’s regulations cover a wide range of financial services, from traditional banking, investment firms, and fiat currency payment solutions to the fast-growing crypto market. It is responsible for setting compliance standards and fostering a safe and stable financial environment that deters money laundering, tax evasion, fraud, and many other criminal offenses.
Cryptoasset Regulations for FCA Compliance
The Financial Conduct Authority is the chief regulator of the cryptocurrency market in the UK, and remains the sole regulatory authority to provide guidance on how institutions should operate safely. Its key policies can be found below.
FCA Registration
All firms supplying financial products to the UK market must seek registration with the FCA; it is no different for firms operating in the crypto markets. Firms must be compliant with the rules of the FCA’s Money Laundering Regulations (MLRs) to obtain this license. If you are a Money Laundering Reporting Officer (MLRO), details of the regulations can be found on their website.
FCA crypto registration does not imply that the regulatory body endorses or recommends the institution. It acts simply as compliance formality and testifies that the service is a regulated institution and that the Ultimate Beneficial Owners (UBOs) have been reasonably vetted for malicious behaviors.
Enforcement Rules
Under the FCA’s Enforcement Guide, the regulator uses a Risk-Based Approach (RBA), meaning that crypto firms or Virtual Asset Service Providers (VASPs) posing higher threats (or risks) will receive specialized or enhanced regulatory scrutiny. This allows the regulator to impose penalties, fines, or sanctions if necessary. Through its supervision responsibilities, the FCA can request that the MLRO or a similarly authorized person draft a compliance report detailing certain matters covered by the MLRs.
Consumer Protection
As digital assets are currently not specified investments under the Financial Services and Markets Act (FSMA) of 2000, investors/consumers do not have access to the Financial Services Compensation Scheme (FSCS).
The FCA’s role is limited to regulating finance proliferation and money laundering, supervision, and enforcement. However, under these responsibilities, the regulatory body ensures that adequate consumer safeguards are in place, such as clear notices to users that they are not protected by such consumer rights. The FCA does provide guidance on which firms operating in the crypto industry fall under the remit of the Consumer Protection Act. However, this line remains relatively undefined in 2024.
Anti-Money Laundering Regulations for FCA Compliance
Digital asset services must comply with the FCA’s MLRs, which entails adopting robust AML and Counter-Terrorist Financing (CTF) technologies and procedures to detect and prevent financial system abuse.
Businesses are obliged to operate under an RBA and take appropriate caution with business activities to identify and assess AML/CTF risks. Enhanced Due Diligence (EDD) is mandatory for customers who pose a substantial risk, which could include factors such as political exposure and country of origin, amongst others. Learn more about differentiating between due diligence levels by reading what is Customer Due Diligence?
Additional risk management controls, such as mandatory reports, can be enforced upon cryptoasset firms regarding AML/CTF procedures. These might include annual financial crime reports that are sent directly to the FCA with the relevant information.
The Financial Promotions Regime for High-Risk Investments
The Financial Conduct Authority tightened its grasp on financial promotion rules to further protect consumers investing in high-risk assets like digital currencies. The body identified that most consumers who participated in crypto investing were not fully aware of the risks involved, which led to investments that did not align with their risk tolerances.
Consequentially, new rules have been implemented to ensure that financial promotions for digital currencies are transparent and not misleading. This is a vital FCA crypto regulation that firms must comply with.
Crypto firms must provide stronger risk warnings, improve client categorization upon signup, and ban investment inducements. These developments aim to ensure that consumers fully comprehend the level of risk involved with crypto asset investments and educate those who do not, mitigating unpalatable levels of investment risk.
Which Institutions Currently Have an FCA Crypto License?
FCA regulations are designed to sustain and increase market integrity while ensuring that consumers do not come to unwarranted harm. All crypto firms should review their activities and processes to ensure they are compliant or face penalization. Coinbase was fined £3.5 million for facilitating activities related to financial crime ‘repeatedly’.
As of August 2024, only 44 institutions are licensed by the Financial Conduct Authority to provide cryptoasset services in the UK. The latest crypto license was granted to Portofino Technologies UK Ltd in February 2024, marking a six-month break in the FCA’s granting of new crypto operation authorities.
Is FCA Compliance a British Financial Services-Wide Issue?
The FCA, however, cited poor sector-wide AML standards as the core reason behind the agency’s lack of license grants, suggesting that stronger AML processes and technologies are required. These inadequate controls could potentially be indicative of a financial-services-wide compliance issue; however, the FCA granted an e-money license to Zen-UK Ltd on August 9, 2024.
Therefore, the FCA must witness less effective AML controls from cryptocurrency applications to Traditional Finance (TradFi) license applications. What this tells us is that despite best efforts, crypto firms remain less compliant than other financial services.
About ComplyCube’s Crypto AML Compliance Technologies
ComplyCube’s Crypto KYC and AML solutions provide firms around the world with high-specification AML/CFT solutions. The Know Your Customer process is pivotal in crypto compliance as it detects and prevents bad actors with malicious intent from gaining access to your platform. It also prevents unlawful access to existing accounts via powerful identity re-authentication checks.
Their AML solutions consist of powerful Customer Due Diligence checks, including PEP screening, sanctions screening, and adverse media checks, among many others. These checks are conducted in real-time through ongoing monitoring and automated technology.
If your VASP, crypto services firm, or relevant company is challenged by crypto regulatory compliance, ComplyCube can help. Providing its services to major blockchain institutions around the world, the compliance company both enables compliance and empowers growth. For more information, reach out to one of its compliance specialists today.