Can we finally 'summit' all up? The FCA's cryptoasset regime (largely) emerges from the clouds

Can we finally 'summit' all up? The FCA's cryptoasset regime (largely) emerges from the clouds

Overview

30 June 2026 was the final day of the first half of the year, and also marked exactly three months until the opening of the FCA's authorisation gateway for firms wishing to carry on regulated cryptoasset activities.

It was especially notable as it brought to (something of) an end – at the very least, it is a Base Camp moment – of the UK's design of a regulatory framework for cryptoassets.

As any observer of this journey in the UK will know, the last few years have been notable for mountains of Discussion and Consultation Papers (four DPs and ten CPs), such that firms and their advisers can certainly be forgiven for consultation fatigue: by our reckoning, in the year that ended with the closure of the Perimeter Guidance consultation on 3 June 2026, August 2025 was the only calendar month during which there was no open FCA consultation. Moreover, that count excludes the FCA's consultation and policy statement on fund tokenisation, the consultations and policy statement by the Bank of England (Bank) on systemic stablecoins, and the authorities' joint Call for Input on the future of tokenisation.        

The FCA has now published a very hefty set of Policy Statements (PS26/9 – PS26/13), along with some additional papers, and the FCA's deceptively simple Crypto Roadmap, originally published in November 2024, is notionally complete (except where it is not).

Firms now have a rather short time in which to digest well over 1,000 pages of FCA text, including final rules and guidance, make strategic decisions as to their business models and required permissions, stand up authorisation and implementation projects, and submit their applications. By way of reminder, the authorisation gateway runs from 30 September 2026 to 28 February 2027. The huge benefit of applying by that date is that firms that are already operational (for example, those live already and registered with the FCA under anti-money laundering legislation) will be permitted to carry on their business if the application process is still in train. Firms that apply after the deadline, in contrast, will not be able to onboard new customers when the regime comes into force on 25 October 2027 unless the FCA has already approved the application.

There is obviously a vast amount of detail and our experience on significant regulatory change projects is that many issues can emerge relatively late in the process, surfaced only by attempting to apply particular rules to particular channels, systems, or products.

On that basis, this briefing has a tight focus on where the FCA has made improvements, the open questions that remain, and where firms should concentrate their efforts before and after any summer holidays.    

MAPPING THE EXPEDITION: HOW DO FIRMS GET STARTED?

The immediate challenge confronting the reader is where to start. The FCA has published five Policy Statements, two of which have additional associated publications:

  • PS26/9 – Admissions and Disclosures and the Market Abuse Regime for Cryptoassets (MARC) (the A&D PS)

  • PS26/10 – Stablecoin Issuance (the Stablecoin PS)

  • PS26/11 – Regulated Cryptoasset Activities (this means operating a qualifying cryptoasset trading platform (QCATP), dealing and arranging, including cryptoasset lending and borrowing, safeguarding (which we refer to as "crypto-custody"), staking, and DeFi) (the Crypto-native PS)

  • PS26/12 – Prudential Regime (accompanied by two Guidance Consultations: GC26/4 and GC26/5 on how to apply the regime) (the Prudential PS)

  • PS26/13 – Application of the FCA Handbook (this covers cross-sectoral requirements, including complaints, SYSC, the SMCR, ESG, the Consumer Duty,  operational resilience, and the approach to international firms. Finalised Guidance has been published on the latter three topics: FG26/5, FG26/6, and FG26/7) (the Cross-Sectoral PS). 

The major new component of the conduct of business rules in the FCA Handbook is a new Cryptoassets Sourcebook (CRYPTO). Making things slightly tricky for firms trying to launch change programmes, the new final rules for CRYPTO are split across the A&D PS, the Stablecoin PS and the Crypto-native PS (and are not numerically in order within that sequence).

In addition, in an early sign that this exercise will not be easy, when turning to CRYPTO 1 (found in the Stablecoin PS), firms will, for now, see this:

"The FCA will, in due course, produce a table to sit in CRYPTO 1.1.1G which will assist firms carrying out those regulated activities at article 9M to 9Z11 of the Regulated Activities Order to identify the rules and guidance that are relevant to their activities."

We would not recommend waiting for that table, although it will be a very useful checklist when it arrives. For now, firms will need to work it out themselves. That said, the Prudential PS and the Cross-Sectoral PS (and associated guidance) will definitely be relevant to all firms wishing to become authorised for cryptoasset activities, and most firms will at least be affected by the MARC in the A&D PS. The decision as to whether to analyse either or both of the Stablecoin PS and the Crypto-native PS will turn on whether firms are solely stablecoin issuers, or doing other activities as well.

SUNLIT UPLANDS: WHERE HAS THE FCA CHANGED ITS MIND?

On any view, the FCA has executed a huge task, under public scrutiny and significant time pressure.

Regular readers of our articles charting this process will know that we have not hesitated to point out where we had concerns about the FCA's proposals. That makes this an excellent point to take stock of the totality of the regime (in many earlier stages, part of the difficulty was in examining proposals in isolation), and the welcome news is that, subject to sections 3 and 4, the FCA has clearly taken onboard a lot of the feedback and, like the Bank in its adjacent regime for systemic stablecoins, made a number of "recalibrations".

Some of these recalibrations are more material than others, but taken as whole they present a much more attractive regime. As mentioned above, "snagging issues" may emerge, and individual firms may value some of the other incremental changes, but the ten policy changes that are most striking to us are:

  1. Capital reduction for stablecoin issuers. Stablecoin issuers will generally see a reduction in the amount of capital they are required to hold. This is because they were required to calculate their capital requirements using an "operational risk K-factor", which was based on 2% of the value of its stablecoins in issue. Many issuers continue to argue that there is no need for a risk factor based on volumes as the risks do not increase in a linear way. The FCA has politely yet firmly disagreed, but (in a move similar to the Bank's adaptations to its backing assets composition requirements), it has halved the requirement to 1%.
  2. Simplified approach to market risk. Staying with prudential requirements, the FCA has simplified its very complex proposal on the treatment of market risk for cryptoasset holdings. Provided that the cryptoassets in question meet certain criteria, there will now be a single volatility adjustment of 40% applied to both a firm's net cryptoasset trading book exposures, and any cryptoasset collateral which a firm receives in connection with trading book transactions that take longer to settle than the standard market settlement period. If the criteria are not met, ultimately the full value of the cryptoassets must be deducted from the firm's regulatory capital instead. (Holdings of UK stablecoins meeting the FCA's backing assets requirements are not subject to these rules.)
    Aspirant stablecoin issuers have received several pieces of good news.
  3. 5% excess in backing assets permitted. The FCA will permit a 5% excess in the backing asset pool (that is, if there are £100,000 worth of stablecoins issued, the backing asset pool is permitted to have a value of between £100,000 and £105,000 without being in breach of the new rules in CASS). This increases issuers' flexibility and avoids somewhat meaningless notifications to the FCA of there being more backing assets in the pool then strictly required.
  4. Daily forecast of redemption scrapped. The requirement to produce daily estimated forecasts of future redemption demands has been removed, avoiding an onerous ongoing compliance mandate that arguably offered little additional benefit. Interestingly, the FCA expressly noted that it received similar feedback from firms in its Stablecoin Sandbox cohort.
  5. Redemption clock to start post-AML checks. Following the Bank's reconsideration of the redemption process, the FCA has chosen to adopt an approach that for practical purposes will be similar, with the redemption timeline – redemption by the end of the business day following the completion of the request – being slightly modified such that (as with the Bank) the clock starts on receipt of the stablecoin from the holder. As this will (probably) take place after AML/KYC checks have been completed, this makes clearer that these checks (subject to compliance, where relevant, with the Consumer Duty) do not need to be rushed through to be compliant with the timeline.
  6. Some intragroup custody of backing assets permitted. The FCA has decided to permit some limited intragroup custody of backing assets (20% of the pool), plus a total exemption from that limit where the issuer can demonstrate that it meets certain criteria (which can be summed up as meaning that it would be a disproportionate burden). This limit does not exist in the Bank's systemic regime.
  7. Marketing restrictions eased. As a number of firms have advocated for some time, the Cross-Sectoral PS removed UK-issued qualifying stablecoins from the restricted mass market investment regime, given that they are meant to be payment instruments, not speculative investments. This will make it easier to market UK-issued qualifying stablecoins.
    The Crypto-native PS offers rather fewer significant moves, other than two.
  8. Pre-trade transparency for principal dealers dropped. The FCA accepted that the proposed pre-trade transparency rules should not apply to intermediaries dealing as principal.
  9. Clarification on best execution. In addition, the FCA clarified its expectations on best execution. Given the clear differences between the amount and variety of trading information available on traditional versus cryptoasset markets, intermediaries will need to check prices from at least three UK (reliable) UK authorised execution venues where possible (in line with the original proposal), but there is no requirement to execute on those venues, and the overarching obligation is to have a set of policies and processes that deliver best execution, rather than a adopting what was described as a "mechanical" transaction-by-transaction approach.
  10. Opportunity for more flexibility for international banks. The FCA's Finalised Guidance on its approach to international firms brought some good news for international banks. Although the drafting of the guidance is sufficiently subtle that the FCA felt the need to quote it in full in the Cross-Sectoral PS to make sure that it was not missed, it does mean that international banks, operating through branches subject to dual regulation by the FCA and PRA, may be able to satisfy UK regulators that they can offer cryptoasset activities through that branch as well, although that is not necessarily a given.    

In addition, stablecoin issuers that think they may become systemic can take some comfort from the joint paper published by the FCA and Bank, as this confirms that the "cliff edge" between the regimes will be turned into something more of a water slide. The authorities expect that a firm designated as systemic will need at least 12 months to gain access to payment systems and accounts with the Bank, followed by up to an additional 24 months (depending on circumstances) to transition fully into dual-regulation. That paper includes a helpful table of the issues subject to regulation by the FCA; both authorities; and the Bank.             

STUMBLING BLOCKS AND CREVASSES: WHAT PROBLEMS REMAIN AFTER THE POLICY STATEMENTS?

A number of concerns remain unaddressed by the package of Policy Statements. Key examples include:

  • The FCA's final policy position, expressed in the Crypto-native PS in the context of crypto-custody, that, except in certain limited cases, a crypto-custodian safeguarding cryptoassets will be required to hold the cryptoassets on trust (which inherently requires the crypto-custodian taking legal title), even if there are constructs where the investor protection was arguably greater where the client retained legal and beneficial title. There is an implicit acceptance that there is a controversy here, as the FCA has said that it will "monitor" the policy position.
  • The Crypto-native PS also suggests (in line with CP26/13) that the delegation of certain functions to a third party by a crypto-custodian may (separately and additionally) constitute the regulated activity of "arranging" crypto-custody within Article 9N(1)(b) of the Regulated Activities Order.   

THE PLATEAU: WHAT IS LEFT?

Given the amount of work that has gone into this process, by both the FCA and firms (to say nothing of trade bodies and advisers), it might be said to be somewhat baffling that the FCA keeps noticing additional areas on which to consult.

We were already waiting for further consultations or final rules on:

  • DeFi, what it means, and how to define it
  • The use of DLT by regulated firms
  • Failure of regulated cryptoasset firms
  • The Code of Practice for systemic stablecoins, and in fact, as the Bank's policy statement recognises, its rules also need legislation to enable the bank to impose a statutory trust over the backing assets for systemic stablecoins denominated in sterling.  

The package of Policy Statements, as well as the FCA/Bank joint paper on dual-regulation of systemic stablecoins, have added several more:

  • Guidance consultations on the overall risk assessment requirements in COREPRU and CRYPTOPRU (which are designed to expand on the requirements in the Prudential PS for firms to carry out internal prudential assessments)
  • Work on financial crime
  • Regulation of cryptoasset derivatives
  • FCA consultation on the rules that it will disapply once a stablecoin issuer becomes systemic

Before then, however, we should remind firms that the regime is potentially missing a very important foundation. While Parliament has enacted the main enabling legislation, there is (as readers will know from previous articles) a set of proposed amendments to that, many of which are very important. That is, as a legislative matter, still in train (and in fact, as at the time of publication we had not seen a final version following the informal consultation that ended in May).

That also means that the FCA's draft Perimeter Guidance (PERG) is not finalised – and to be fair to the FCA, it is difficult to see how it can finalise its interpretation of the legislation without that legislation itself being finalised. After all, we have already seen one version of PERG rendered out of date in days. That said, alongside the issues on crypto-custody raised in section 4 above, there are issues with the current draft of PERG worth highlighting, notably:

  • territorial scope;
  • the potential application of the "arranging" activity to DeFi application interfaces; and
  • the FCA's interpretation of the scope and application of the "solely a record of value or contractual rights" qualification in the definition of "qualifying cryptoasset" (and incorporated by reference in the definition of "specified investment cryptoasset"). 

THE FINAL CLIMB: WHAT IS THE IMPACT ON FIRMS?

The Travers Smith team have lived and breathed this process, as have many of our clients, friends and contacts, but it is helpful to remind ourselves that this package marks, in essence, the comprehensive integration of cryptoasset firms and their businesses into the existing UK regulatory framework. That is a real achievement for all concerned, especially – as covered above – because the overall regime has clearly been improved by the consultation process.

What this means is that cryptoasset firms will (depending on their exact business) be subject to rules on:

  • Conduct of business, including detailed rules on backing assets and crypto-custody
  • Organisational structures and governance
  • Capital and liquidity requirements and internal prudential risk assessments
  • Operational resilience
  • Senior management
  • Market abuse and other financial crime
  • Complaints
  • Regulatory reporting (this remains an evolving area)

Moreover, of course, firms will need to get authorised. That becomes the immediate priority, because the FCA will not give firms authorisation unless it is satisfied that the firm can comply with the above from day 1 (which means 25 October 2027 for firms already operating).

As we have seen from the firms exiting the EU market as a result of MiCA being fully in force from 1 July 2026, there should be no complacency about this. Indeed, the overwhelming majority of firms that applied for registration with the FCA under the AML legislation did not succeed.

Lessons must be learned from both of those experiences. Preparing to apply for FCA authorisation now needs to be the very highest – in some ways, the only – priority of a cryptoasset firm that falls within the new UK cryptoasset regulatory perimeter and wants to continue operating after October 2027. Even before that, firms unsure of whether they need authorisation must accelerate their scoping analysis or they risk missing the application window.

The FCA also faces a(nother) mammoth task – being ready to start processing applications on 30 September 2026, and getting them through the gateway at pace. It strikes us as highly likely that there will be a rush in February 2027, and the FCA will not want firms "sneaking in" poor quality applications just inside the deadline and then taking advantage of the grandfathering, if it can avoid it.

A final thought: these publications move the UK materially closer to its stated ambition of being a global hub for cryptoassets. The FCA, working with the industry, has produced something of a regulatory magnum opus on a macro level. We are now looking at the mirror image – it is up to firms, ultimately working with the FCA, to produce their own regulatory masterpieces on the micro level, if that ambition is to be achieved.       

PANORAMIC VIEWS: OUR CRYPTOASSET REGULATION ARTICLES IN ONE PLACE

GET IN TOUCH

Read Natalie Lewis Profile
Natalie Lewis
Read Matt Humphreys Profile
Matt Humphreys
Read Harry Millerchip Profile
Harry Millerchip
Read Mark Evans Profile
Mark Evans
Read Martin Hammond Profile
Martin Hammond
Read James Turner Profile
James Turner
Back To Top Back To Top chevron up