In the dynamic and fast moving cryptoasset market, it is critical to understand on which side of the regulatory fence a cryptoasset falls. There is a steady stream of new participants joining the market, and their activities are evolving at pace. If a cryptoasset falls on the "unregulated" side of the fence, a consumer has no recourse on the basis of regulatory breach, the product will not be covered by the Financial Services Compensation Scheme and consumers will have no recourse to the Financial Ombudsman Service.
The publication of the FCA's final Guidance on Cryptoassets has made deciphering the UK's regulatory boundary easier. This Guidance, published in July 2019, provides some clarity and information as to what types of cryptoassets fall inside and outside the FCA's regulatory perimeter. Firms creating, issuing, marketing, buying, selling, holding or storing, managing, or advising on cryptoasset products or services need to study this Guidance in detail.
The FCA's final Guidance (PS19/22) follows a consultation process that set out to clarify where activities in the cryptoasset market and underlying distributed ledger technology (DLT) fall within the scope of the FCA's regulatory remit and, consequently, require FCA authorisation.
The draft guidance provided an indicative list of the permissions that market participants may need to hold, as well as other rules and regulations they may need to consider – for example, under the Payments Services Regulations and E-Money Regulations and relevant permissions, or the Regulated Activities Order (RAO). The final Guidance does not differ hugely from the draft Guidance, but does provide some useful additional clarification.
What's been clarified?
The changes made to the Guidance provide greater clarity on what is and isn't regulated.
Cryptoasset market participants include:
- issuers of tokens;
- financial intermediaries (advisers and brokers);
- miners and transaction processors;
- exchange and trading platforms;
- payment and merchant service providers;
- "wallet providers" and custody service providers; and
- investors (individuals and institutions).
The taxonomy of cryptoassets was reframed in order to help market participants better understand whether tokens are regulated, and where they will fall outside the FCA's remit. It comprises:
- Security tokens: those with rights and obligations akin to "specified investments" in the RAO, including equity and debt tokens.
- E-money tokens: which meets the definition of e-money.
- Unregulated tokens: those not meeting the definition of e-money or providing the same rights as specified investments in the RAO; this includes exchange tokens and utility tokens which do not fall into the other categories.
Distinctions between categories of cryptoassets have been made clearer, particularly around tokens. For example, the category of unregulated tokens is clearer, as e-money tokens have been separated from utility tokens and security tokens. The Guidance provides further illustrative examples, such as tokens referred to as 'bank' or 'settlement' tokens, and those which might move between categories.
The Guidance clarifies what the FCA's expectations are for firms carrying on cryptoasset activities in the UK. Where a firm acts in line with the guidance, the FCA will treat it as having complied with the relevant rule or requirement. However, this Guidance is just that – guidance only. It expresses the FCA's views on the application of the regulatory perimeter to cryptoassets, but the actual determination of the regulatory perimeter is a matter for the legislators and courts. Guidance does not bind the court, but it is persuasive. Nevertheless, this Guidance is a huge step forward in providing some clarity on whether certain cryptoassets are likely to fall within the FCA's perimeter or are otherwise regulated.
It is hoped that this will increase certainty, but the FCA is at the same time encouraging firms to seek expert advice if they are unsure whether their products, services or activities fall within the regulatory perimeter or are otherwise regulated.
Dealing with unregulated cryptoassets still brings regulatory risks for an FCA authorised firm. It is important that these firms are aware of the serious regulatory consequences that flow from their dealings with such cryptoassets.
The Senior Managers and Certification Regime (SMCR) is a set of rules which currently applies to all UK deposit takers and dual regulated (PRA/FCA) investment firms and insurers, but which will shortly be extended to all FCA solo-regulated firms (under FSMA). The conduct rules under SMCR apply to individuals at authorised firms covered by that regime. Cryptoasset market participants need to realise that these individual conduct rules apply to unregulated activities as well as regulated. The activities of an individual at an FCA authorised firm in relation to unregulated cryptoassets could be covered by the SMCR conduct rules. If these were breached, it would then be possible for the FCA to take action against those individuals for such conduct breach.
The FCA's Principles for Business (PRIN) can also apply to unregulated activities. PRIN consists of 11 high-level principles which apply to all FCA regulated firms and include requirements aimed at maintaining high standards such as, for example, conducting business with integrity, exercising due skill and care, treating customers fairly, and observing proper standards of market conduct. A firm that is FCA authorised whose activities in relation to cryptoassets fall on the 'unregulated' side of the fence under the Guidance will still need to consider carefully the application of PRIN and be confident that they are not putting their firm at risk of breaching these fundamental obligations.
Market participants carrying on business in the UK are expected to consider the Guidance. It provides the basis on which the FCA will engage with a cryptoasset firm in order to determine whether or not they are carrying on regulated activities. It will also be used in further FCA work involving cryptoassets. There is also a possibility of HM Treasury deciding that further regulation is needed in relation to unregulated cryptoassets.
Osborne Clarke comment
Cryptoassets is an area where there is a risk of fragmentation due to its cross border nature and the FCA has been urged to consider its role as a thought leader internationally to ensure the development of a harmonised regulatory framework. With this Guidance, the FCA has started the process of classifying cryptoassets.
So what should a market participant do now?
Be ready from the outset to deal with proactive engagement by the FCA. It plans to use this Guidance to see whether or not cryptoasset firms "are carrying on regulated activities". Market participants should use this Guidance as a test of their activities and ensure they are clear on:
- what their product is;
- what category it falls into;
- whether it is regulated or not, and why; and
- any other activities that they carry out "in relation to" cryptoassets.
Remember, this Guidance is only to be used as a "first step" in a complex and evolving area. Market participants need to judge a cryptoasset on a case-by-case basis, which means there is a likelihood that a number of questions and complex issues will arise during that first step analysis. As the FCA suggests, where there is any uncertainty getting sound legal advice is the next step.