Regulating unbacked cryptoassets in the UK

November 2023

The regulation of unbacked cryptoassets in the UK is one step nearer following the publication of HM Treasury's (HMT's) response to its consultation on the regulatory regime for cryptoassets. Many of the proposals will be implemented as broadly consulted upon, with a similar regulatory framework put into place for cryptoassets as traditional financial assets. However, the response has called for an acceleration of work on regulating staking due to consumer protection concerns.

Regulation of unbacked cryptoassets will be Phase 2 of the overall regulatory framework, with a number of concurrent publications (from HMT, Bank of England and the FCA) setting the path for Phase 1— the regulation of stablecoins. For more, read our article here.

Cryptoassets will be added to the list of `specified investments' in Part III of the Regulated Activities Order (RAO), facilitating the inclusion of new regulated activities replicating those found within traditional finance. This will require firms undertaking these activities in or to the UK to be authorised by the FCA for those activities under Part 4A of FSMA i.e. full FCA authorisation. HMT does not support expanding the Overseas Persons Exclusion (OPE) to cover cryptoassets — so overseas firms wanting to offer services to UK may need to set up a UK branch. The specific requirements will be determined by the FCA.

This new regime is much broader in scope than the current MLR registration regime. As such, authorisation will not automatically be granted to MLR-registered firms — instead, the FCA will provide more detail on the assessment and consider the regulatory histories of all applicant firms. Firms already authorised under Part 4A will need to apply for a variation of permission (VOP) to undertake the newly regulated cryptoasset activities.

HMT plans to keep the definition of cryptoassets broad in order to ensure it retains the power to regulate both existing and future varieties. That said, secondary legislation and future FCA rules will set more precise definitions for the particular subset of cryptoassets that the legislation and rules are looking to control.

Cryptoassets which act as security tokens (and are therefore already regulated specified investments) will not be captured by the new proposed regime. On Non Fungible Tokens (NFTs) — HMT clarifies that activities relating to truly unique or non-fungible tokens (that are more akin to digital collectibles or artwork) should not be subject to financial services regulation.

The major cryptoasset scandals of the past few years have led to increasing calls for banning vertically integrated business models in the sector — i.e. where the same entity simultaneously issues, trades and custodies cryptoassets. However, HMT proposes that it should be possible to mitigate the risks of a single entity with appropriate governance and controls (as happens in the traditional financial sector). Moreover, managing conflicts of interest is one of the FCA's Principles for Business to which all authorised persons are required to adhere. 

Cryptoasset issuance and disclosure

Disclosure documents will be needed for all cryptoassets made available on UK cryptoasset trading venues. These venues will define the detailed content requirements for admission disclosures. However, HMT is potentially supportive of a centralised body (e.g. industry association) coordinating this effort with FCA oversight. Trading venues could opt for less prescriptive disclosure requirements if they only admit institutional investors. Sufficient transitional time will be built into the regulation to allow time to get disclosure documents in place.

All firms required to publish disclosure documents should be liable for their accuracy. However, HMT agrees that exchanges — which choose to take responsibility for the disclosures of cryptoassets without a clearly identifiable issuer (e.g. Bitcoin) — should not be held fully liable for all types of consumer losses that might arise. This is provided that the exchange has taken reasonable care to identify and describe the risks.

Additionally, certain types of protected forward-looking statements (e.g. future use cases of the cryptoasset) should be held to recklessness / dishonesty standards while historical, factual statements (e.g. relating to code audits which have been conducted in the past and vulnerabilities which have been identified through these) would be subject to negligence standards.

Operating a cryptoasset trading venue

The framework for firms operating a cryptoasset trading venue will be based on the existing RAO activities of regulated trading venues. Therefore, firms would be subject to prudential rules and various other requirements including consumer protection, operational resilience, and data reporting to the FCA.

Cryptoasset intermediation activities

Again, the framework for cryptoasset intermediation activities will be similar to existing regulated activities — such as `dealing in investments as agent'. FCA rules are likely to consider specific aspects of cryptoasset markets and implications for concepts which may not map across well from the traditional financial services sector (e.g. best execution).

A disclosure / admission document will be required to be lodged on the National Storage Mechanism (NSM) — which is a depository of regulated announcements by listed companies — by a trading venue, prior to any intermediary being able to deal or arrange deals in a given token. This is similar to the requirement for traditional finance.

Cryptoasset custody

The existing frameworks for traditional finance custodians will be used as a basis for defining a new regulated activity for cryptoasset custody. This will cover the (i) safeguarding, (ii) safeguarding and administration, or (iii) the arranging of safeguarding or safeguarding and administration, of a cryptoasset (the latter is likely to capture arrangements such as where firms outsource physical custody to secure asset storage companies). This new regulated activity will cover the custody of security tokens to address fundamental differences in the way that cryptoasset custody operates versus traditional custody arrangements. Detailed consultations will take account of the novel and unique scenarios, risks and technology solutions related to cryptoassets that were raised in the feedback.

The FCA discussion paper for stablecoins provides further indications around the requirements, including segregation of client assets, recording of ownership and regulatory reporting.

The activity of providing self-hosted wallet technology to a consumer is not, in itself, expected  to fall under this new regulated activity for custody. However, regulators will continue to keep this under review.

Market Abuse

The cryptoassets market abuse regime will be based on elements of the existing Market Abuse Regulation (MAR) regime for financial instruments. MAR includes various prohibitions covering insider dealing, market manipulation and unlawful disclosure of inside information. The market abuse offences would apply to all persons committing market abuse on a cryptoasset that is admitted (or requested to be admitted) to trading on a UK cryptoasset trading venue regardless of where the person is based or where the trading takes place. HMT recognises the challenges in implementing this — and, as such, is in further discussions with the FCA.

As with traditional finance, cryptoasset trading venues will be expected to detect and disrupt market abuse behaviours. Cryptoasset intermediaries will also have obligations, particularly around the handling of inside information. Although the FCA plays a centralised surveillance role in traditional securities markets, HMT does not envisage the FCA playing this role in cryptoasset markets.

To detect market abuse, venues would need to share information with each other. HMT is supportive (in principle) of a centralised body (e.g. an industry association) coordinating this effort — possibly using innovative RegTech solutions — with FCA oversight.

The FCA will publish guidance to give clarity on what constitutes market abusive behaviour in the cryptoassets market, given its (sometimes unique) features.

Operating a cryptoasset lending platform

Given the concerns around retail consumer risks in centralised cryptoasset lending platforms, HMT proposes a newly defined regulatory activity for `operating a cryptoasset lending platform'. HMT agrees that wholesale bilateral cryptoasset lending arrangements would not be subject to the same types of regulatory requirements. However, in future phases of regulation, there may be some requirements similar to those found in the UK Securities Financing Transactions Regulation (SFTR) to help monitor and manage systemic risk.

Staking

In reaction to stakeholder feedback, HMT is accelerating exploratory work to help identify how to mitigate the risks (while still taking advantage of potential benefits) of a carefully defined, permitted form of staking in the UK.

HMT proposes a detailed definition of staking in the document and clarifies that any activities, services, or products which do not directly facilitate a validation process on a Proof of Stake blockchain should not currently be considered staking. It proposes four current staking business models:

1. Solo staking 
2. Delegated staking
3. Decentralised pooled staking
4. Centralised pooled staking

An area that HMT would like the regulatory framework to address is the risks that can arise for consumers where intermediaries take custody of and / or pool cryptoassets and issue liquid tokens (falling under business models 3 & 4 above). However, these activities could also be captured by other existing regulatory regimes — including financial promotions, custody, lending, and intermediation.

Feedback on the consultation highlighted that existing UK rules for collective investment schemes (CIS) may capture on-chain staking services provided by intermediaries — however, may do so ineffectually. HMT therefore intends to carve out certain staking business models from the CIS rules provided that these risks are appropriately captured in other existing regulation — or, alternatively, introduce a regulatory regime for `operating a staking platform' outside of the CIS framework. 

HMT will keep under review the regulation of cryptoasset investment advice. It will tackle the sustainability of cryptoassets through disclosures initially, and advance this agenda through international forums (e.g. IOSCO) to help facilitate comparisons between different assets. HMT has no plans to regulate mining at this stage.

On DeFi, HMT states that it would be premature and ineffective to currently regulate DeFi activities. However, it does see the potential for fully decentralised DeFi service models to play a role in financial services. This would require careful consideration of future risks and extensive international collaboration— and, as such, HMT will continue to support international initiatives in the space. 

This paper gives some indication to firms that are undertaking, or planning to undertake, cryptoasset activities of the regulatory framework they will need to comply with. Detailed proposals for Phase 2, including such areas as the applicability of Consumer Duty, are unlikely to emerge from the FCA for at least another few months. However, it is clear that firms will need to be fully authorised under FSMA so firms can start to prepare for the authorisation process.

The FCA discussion paper on stablecoins gives more detailed insight into the probable requirements for custody and issuance activities — which, though included in Phase 1, will likely be extended to cover wider cryptoassets as part of Phase 2.

KPMG in the UK can help firms understand what financial services permissions and licences are needed when setting up a new business or expanding a business. KPMG in the UK can also support firms through the process of gaining FCA authorisation.