Next steps for UK stablecoin regulation

November 2023

In late October and early November, the government and financial regulators published a flurry of proposals for the regulation of fiat-backed stablecoins (FBS) — progressing measures brought forth under the Financial Services and Markets Act 2023 (FSMA 2023). These proposals give an initial indication of how firms looking to be involved in stablecoin activities in the UK will need to be authorised and what requirements they will be expected to meet. However, final details are still a long way off and will only be clarified once the FCA formally consults on rules that have been raised for discussion in this package. The overall aspiration is to design a regime that reduces and prevents serious harm, sets higher standards and promotes competition and positive change — thus making the UK 'the obvious choice' for starting and scaling a cryptoasset business.

The package of documents — all of which focus primarily on retail use-cases — includes:

1. HM Treasury's (HMT's) update on plans for the regulation of fiat-backed stablecoins  — laying out a high-level overview of proposed legislative changes 
2. A Dear CEO letter from the PRA on innovations in the use by deposit-takers of deposits, e-money and regulated stablecoins — seeking to provide clarity on how risks must be addressed in the parallel availability of three forms of 'money-like' instruments 
3. A BoE / FCA / PRA cross-authority roadmap on innovation in payments — explaining how UK authorities' current and proposed regimes for issuers of different forms of money-like instruments will interact 
4. FCA's Discussion Paper DP23/4 on regulating cryptoassets — phase 1: stablecoins — proposing FCA rules to enact HMT's legislative changes 
5. BoE's Discussion Paper on a regulatory regime for systemic payment systems using stablecoins and related service providers — outlining specific requirements for systemic entities.

HMT also published its response to the wider consultation on unbacked cryptoassets – see a summary here.

At a high level, HMT intends to bring forward secondary legislation as soon as possible (“by early 2024”) to bring stablecoin activities within the regulatory perimeter and allow the FCA to regulate them. More specifically, building on FSMA 2023, HMT plans to:

• Bring the use of FBS in UK payment chains into Payment Services Regulations 2017 (PSR 2017), and 
• Regulate the activities of issuance and custody of FBS (when issued in or from the UK) irrespective of their uses (e.g. as a means of payment, store of value, settlement asset) — by including them in FSMA 2000 Regulated Activities Order 2001 (RAO). In accordance with the RAO, all firms participating in these activities would need to be fully FCA authorised. 

The PRA letter has clarified how these new activities will interact with traditional financial services. Most significantly, deposit-taking entities (regulated under Article 5 of the RAO — 'Accepting Deposits') will only be permitted to provide innovative forms of deposits to retail consumers — i.e. 'tokenised deposits' — that meet full eligibility for FSCS protection. If these firms want to issue FBS, it must be done from a separate non-deposit taking and insolvency-remote entity with distinct branding. The PRA hopes this will prevent retail holders of FBS from mistakenly assuming they have the same protection as retail depositors. 

FSMA 2023 also gave the Bank of England (BoE) and Payment Systems Regulator (PSR) powers over systemic digital settlement asset (DSA) payment systems and service providers (including those using stablecoins issued in UK or overseas) — subject to HMT recognition and designation respectively. These proposals will be covered in a later article. 

HMT previously confirmed that it intends to address the regulation of FBS as Phase 1 of its approach and address the regulation of wider cryptoasset activities as Phase 2. 

In this package, the government defines FBS as “a cryptoasset that seeks or purports to maintain a stable value by reference to a fiat currency and by holding fiat currency, in whole or in part, as backing”. The definition specifically excludes crypto-backed stablecoins, commodity-linked tokens and e-money. These other stablecoins and wider unbacked cryptoassets will still be permitted for use in payment chains — however, they will remain unregulated. HMT and the FCA are considering disclosure rules to ensure consumers adequately understand this. 

HMT plans to create a regulated activity under the RAO for the issuance of FBS in or from the UK. Once regulated, these FBS would be permitted for use in UK payments

Following the creation of this activity, the FCA will finalise associated rules. However, it has already invited views on some initial considerations in its DP, including:

• Backing assets must be sufficient to back all issued FBS in circulation — with any change in FBS supply being matched by a corresponding adjustment in backing assets
• Backing assets must be sufficiently liquid — i.e. composed of government treasury debt instruments that mature in one-year or less, along with short-term cash deposits (diversified across banks). [As part of this, the FCA has asked for feedback on whether backing assets should be held in the same currency as the denomination of the FBS or whether there are benefits to allowing partial backing in another currency]
• Although (non-systemic) issuers can continue to retain interest revenue from backing assets, this income cannot be passed on to customers 
• Rules for the safeguarding of backing assets will leverage the CASS regime (including the requirement for a CASS oversight officer, various audits etc). In particular, all client assets must be segregated from the firm's own assets and held in trust (or with an independent custodian)
• Issuers must conduct internal and external reconciliations (as well as a valuation of backing assets) on at least a daily basis 
• Issuers must ensure redemption at par to all (including retail) holders of the FBS by end-of-next UK business day — even if backing assets fall in value. This indicates a significant change in market practice, whereby redemption is currently restricted to wholesale users (e.g. exchanges) with retail holders having to rely on secondary markets
• Issuers must publish key information (i.e. on their website) including details of how stability is maintained, the total number of tokens in circulation, composition & value of backing assets and redemption rights, (including timescales and fees) 

In the case of firm failure (for issuers — as well as for custodians and payments providers), HMT proposes that standard corporate insolvency procedures under the Insolvency Act 1986 would apply. However, they will consider whether bespoke insolvency arrangements should be developed in due course. 

HMT also hopes to accommodate FBS not issued in or from the UK ('overseas stablecoins') for use in UK payments — more information below.

HMT plans to create another regulated activity under the RAO for custody comprising “safeguarding, safeguarding and administering, or the arranging of safeguarding or safeguarding and administering of UK-issued FBS”. 

Importantly, the custody of FBS issued outside the UK will not be captured — nor will self-custody activities. HMT intends to expand this activity to cover a broader set of cryptoassets in Phase 2, in order to avoid separate, overlapping regimes. The custody of security tokens will no longer be regulated like other specified investments and will instead be included in this new activity (as part of Phase 1). 

Once again, following the creation of this activity, the FCA will finalise associated rules (based on the existing CASS framework — Article 40 of the RAO). However, it has already revealed some initial proposals in its DP, including:

• Custodians must segregate clients' FBS from their own and evidence this through meticulous ownership records and wallet labelling. The FCA is considering continuing to permit the use of omnibus wallets (providing that ownership rights are preserved at all times) as well as on-chain records
• Custodians must provide periodic client disclosures — with the FCA considering an additional Proof of Reserves component
• Potentially permitting the use of clients' FBS held under custody (e.g. for staking, collateral or lending purposes) — whereby the FCA would apply similar requirements to traditional finance custodians (e.g. express prior consent, specific rulebooks etc)
• A proportionate approach to liability — although this needs to be set in legislation, rather than by FCA rules 
• Real-time reconciliations of each client's FBS to identify and resolve discrepancies 
• Adequate due-diligence of any potential sub-custodians (or other third parties) 
• Potentially requiring vertically integrated business models (e.g. centralised exchanges) to establish a separate legal entity for all custody-like activities

The FCA DP also highlights some additional general expectations that could apply to both issuers and custodians of FBS. These are significant and include:

• Applying the FCA Principles for Business
• Applying the new Consumer Duty — which sets a 'higher standard of care' for firms operating in the retail market 
• Applying the Senior Management Arrangements, Systems and Controls (SYSC) Sourcebook — which stipulates robust governance arrangements and internal control mechanisms 
• Applying the full Operational Resilience framework — which includes a comprehensive mapping of people, processes and technology needed to deliver each important business service. As part of this, the FCA is considering further how firms should assess DLT-related operational risks 
• Applying the full Financial Crime section of the FCA Handbook (beyond MLR requirements) — which would include appointing a money laundering reporting officer (MLRO) to provide annual and ad-hoc reports 
• Applying the SM&CR Regime (pending any changes from the current review and / or other crypto-related adaptations) — which would include senior managers being held responsible for breaches, regulatory pre-approvals and fit-and-proper checks 
• Applying the Investment Conduct of Business Sourcebook (COBS) — which has been deemed more appropriate than the Banking Conduct of Business Sourcebook (BCOBS) 
• Applying the Dispute Resolution: Complaints' Sourcebook (DISP) and allowing FBS customers access to the Ombudsman Service (for which FBS firms would have to pay a levy). However, the FCA explicitly proposes not to extend FSCS to cover these new regulated activities 
• Applying a new prudential sourcebook (CRYPTOPRU) — which would draw on concepts from the Investment Firms Prudential Regime (IFPR). This would stipulate overall capital requirements (the highest of a permanent minimum requirement, a fixed overhead and an activity-based K-factor) as well as other requirements around group risk, concentration risk, liquidity (which may be enhanced for issuers) and public disclosures 

The FCA DP gives further insight into HMT's plan to amend PSRs 2017 to fully address payment chains for:

• Mixed ('hybrid') stablecoin payments — i.e. where the on-ramp to the payment chain is from a stablecoin, but it is converted to fiat within the chain, and the off-ramp is in fiat (or vice versa) 
• Pure stablecoin payments — i.e. where both the on-ramp and off-ramp in the chain are in stablecoin and the transfer of value occurs in stablecoin 

This would bring the use of regulated FBS into UK payment chains — where:

• At least one end of a transaction (either in shops or online) takes place in the UK
• A UK firm facilitates a transaction (regardless of whether the transaction takes place in the UK)

In the hybrid model, some elements of the transaction (e.g. transferring funds to a Payment Services Provider) are already covered by the PSRs. The unregulated elements (e.g. the control of FBS, the conversion of FBS to fiat) would be brought into scope of the PSRs as “ancillary stablecoin payment services”. 

In the pure model, no elements of the transaction would be processed using conventional payment systems. As such, the FCA proposes bringing this within the PSRs through (i) direct bilateral 'on-chain' processing or (ii) a method where the payment provider batches and / or nets off transactions through its payment interface (i.e. holding stablecoins to use in fewer larger transactions).

Payment providers (in both models) would be caught under existing PSR conduct rules. However, depending on the business model chosen, custody arrangements are likely to arise in hybrid payments and may also arise in pure payments. Where this is the case, the FCA proposes applying the full scope of its RAO custody activity. 

In any case, consumers using regulated FSB to make a payment would consequently have access to the wide range of PSR 2017 protections — including AML checks, the ability to lodge complaints, and relevant compensation and recourse.

HMT is also considering a separate pathway for FBS issued outside of the UK (“overseas stablecoins”) to be used for payments in the UK. In particular, a model is being explored whereby the overseas stablecoin could be assessed by a “payment arranger” against a set of FCA standards. This payment arranger would need to be authorised under the PSRs and have FCA approval. The FCA DP further suggests that the arranger carry out weekly monitoring of compliance against the standards, regularly appoint a third-party auditor and report transaction volumes to the regulators (to monitor potential systemic designation). 

These proposals make clear that any entity looking to become involved in the issuance or custody of UK-based FBS, will need to be authorised under Part 4A of FSMA for the relevant regulated activities (i.e. obtain full FCA authorisation). Firms which have existing FCA authorisation will need to apply for a Variation of Permission.

It's slightly less clear what the proposals mean for payment providers (i.e. those registered under PSR 2017). For example, whether their role within the payment chain brings them within scope of the new custody activity (and its consequent FSMA Part 4A authorisation requirement) will be clarified once final rules are published.

The proposals also have other significant implications for developing business models in the space, including:

• Deposit-taking entities looking to issue FBS needing to first set up an insolvency-remote entity with distinct branding
• FBS issuers having to provide redemption rights to all retail token holders — which is a substantial deviation from existing practice (where issuers only engage with institutional players)
• Vertically-integrated business models having to establish a separate legal entity for all custody-like activities 
• FBS firms having to build out full FCA-compliant risk management infrastructure — which could require extensive professional support based on the low number of successful MLR applications to-date
• FBS firms needing to comply with a wide range of FCA requirements, each of which could be burdensome in its own right (with corresponding accounting, tax and legal impacts) 

More clarity is expected once the FCA DP feedback deadline closes (in February 2024), and it moves to consulting on specific rules. This should be around the same time that HMT lays secondary legislation. 

KPMG in the UK can support firms with the wide range of challenges stemming from these developments. If you have any questions or would like to discuss further, please get in touch.