The importance of paying attention: The FCA's consultation on cryptoassets perimeter guidance has been followed almost immediately by further legislative changes to the perimeter

This is the main area in which firms that want to use stablecoins in payments will need to read all the documents together. Starting with New PERG, an area in which the CARs were improved at consultation phase was through the creation of an exclusion addressing the use of qualifying stablecoins as payment instruments.

Article 9Z10 of the RAO (inserted by regulation 40(5) of the CARs) contains a general exclusion from, for example, the new cryptoasset dealing or arranging activities, where the activity is carried on for the purpose of the sale of goods or supply of services, by a supplier to a customer.

While this was welcome (its omission from the first draft of the CARs would, as we said at the time, have required businesses that wished to pay or be paid using stablecoins to be authorised by the FCA), taken purely at face value, not all payment flows using stablecoins will be sufficiently connected with the sale of goods or supply of services so as to result in the exclusion being available.

We therefore hoped that the FCA would adopt a relatively liberal approach to interpreting this exclusion, and were accordingly disappointed that New PERG 19.11.4 and 19.11.5 only appear to address the more obvious situations falling within the exclusion, for example businesses accepting payment in qualifying stablecoins. By itself, that left open, in particular, the question of whether the FCA considers that the acquisition, disposal and retention of qualifying stablecoins as an incident of certain "acquiring" payment services models could fall within scope of the Article 9Z10 exclusion.

However, six days later, in words we do not often have the chance to use, HMT came to the rescue. The Draft Regulations introduce a new Article 9Z10A into the RAO, which excludes from the scope of the new cryptoasset dealing and arranging activities any activity comprising or related to:

• "the transfer of a relevant qualifying stablecoin to another person; [or – note that this is missing from the text, but we expect that to be corrected]
  
  
• the exchange of a relevant qualifying stablecoin for another asset, including money or another relevant qualifying stablecoin."

"Relevant qualifying stablecoin" means a qualifying stablecoin that is issued by a person with FCA permission for the Article 9M activity (issuing qualifying stablecoin) and which is issued within the terms and scope of that article. We will use the term UKQS to describe these (as does the Policy Note).  

What this means in practice is that, for example, remitting UKQS to another person, selling UKQS to another person in exchange for money or another UKQS, or receiving UKQS from one person and transferring it to another (subject to a caveat we address momentarily), will not require FCA authorisation for the activities in Articles 9T, 9W, or 9Y of the RAO. Firms safeguarding relevant qualifying stablecoins in the context of a payments chain would still need permission to carry on the Article 9N safeguarding activity (as will those who issue). The caveat is that lending and borrowing activities using UKQS cannot benefit from the exclusion. In the Policy Note, HMT accepts that this could "create frictions for the use of UKQS in collateral arrangements" (which is certainly correct), and invites input from the sector on how to mitigate this "as part of the final" version of the Draft Regulations – that is, HMT wants to improve the Draft Regulations to avoid this. We are currently working alongside colleagues from trade associations to engage with policymakers on tokenised collateral, as it is a critically important use case. In a speech in January 2026, Sasha Mills of the Bank of England stated that tokenised collateral was an area of focus for the Bank, and that it would be putting out policy on how tokenised collateral could work within the existing regulatory framework. It is imperative that this work is properly co-ordinated.  

Overall, this new exclusion is good news, but its restriction to UKQS is important, as it would not cover stablecoins issued by an institution that did not have permission to issue under Article 9M (e.g. USDT). On that basis it may also be said to encourage the emergence of UKQS as a class, which is very positive. However, the quid pro quo of course, as HMT makes clear in its Policy Note, is that payments activities involving UKQS are intended to be brought into scope of UK payment services regulations as part of ongoing reforms in this area.

The Policy Note signals that HMT's work on modernising payments law to account for tokenised payment instruments will get underway very soon, with a commitment to consult on that in "Q2 2026". (This work will be relevant to all payments firms, so we would encourage those firms to look over the Policy Note, as it is clear about the commitment to co-creation of the reformed framework.)

One particular nugget that stands out is the reference to a proposal that safeguarding cryptoassets as part of a payment service (i.e. wallet provision, which critically is not carved out by the Draft Regulations) should be relocated into the payments regime rather than the regime established by the CARs. This suggests that we could see a repeat of the 2009 debates on the scope of a "payment account" under the payment services regime, as all wallets ultimately need the functionality to send and receive cryptoassets. The Policy Note is also clear about HMT's intention to explore the impact of the new RAO exclusion for dealing and arranging activities involving stablecoins being limited to UKQS, and in particular the residual challenges this could pose for cross-border payments.

Without wanting to end a positive story on a downbeat note, we cannot help pointing out that, in CP25/14, on stablecoin issuance and cryptoasset custody, the FCA stated that it "will consult on guidance further clarifying the differences between e-money and qualifying stablecoins in PERG once legislation is made." This does not appear to have been done (at least in CP26/13).          

Readers of our earlier articles, particularly Instrumental Health and Token Efforts on the CARs, will know that we have had concerns about whether the legislation itself actually delivers HMT's policy intention in certain areas; and specifically whether certain overseas firms providing services to "institutional clients" can do so without being authorised.

Our critique of the CARs focussed on the decision by HMT not to amend the overseas persons exclusion to extend it to cryptoassets activities, where the government did not want such activities to fall inside the UK regulatory perimeter. The FCA clearly had to deal with the CARs as they are, but has helpfully given its view about activities that would not require authorisation by virtue of not being carried on in the UK (see New PERG 19.3).

On the one hand, we are not completely convinced as to how useful firms will in practice find guidance such as New PERG 19.3.1(1) (and may wish to ask the FCA for more in such areas):

"A person who is dealing (as principal or agent) in qualifying cryptoassets, arranging deals in qualifying cryptoassets or operating a qualifying CATP in the UK will be carrying out these activities in the UK."   

On the other, the FCA has provided commentary on the new provisions in section 418 of FSMA that deem activities to take place in the UK, and its view on activities that will not require FCA authorisation as they will not be deemed to take place in the UK under the FCA's reading of these provisions.

For example, the FCA says that what might be termed the "trading" activities (operating a qualifying CATP, dealing as principal or agent, and arranging deals) will not require authorisation when carried out by an overseas firm, in two distinct circumstances:

• First, the relevant trade does not involve a UK consumer (that is, an individual acting for purposes other than for any trade, business or profession – note that this is not the same as the FCA's client categorisation taxonomy).
  
  
• Secondly, if the relevant trade does involve a consumer, authorisation will not be needed where there is an intermediary sitting between the consumer and the overseas firm, and that intermediary is authorised in the UK to deal in qualifying cryptoassets as principal or to operate a qualifying CATP.

We have two observations on this. First, we maintain our view that this could have been achieved more effectively by HMT through the overseas persons exclusion, and that would have given firms greater legal and regulatory certainty. Dealing with the world as it is, however, our second observation is that this will require overseas firms wishing to take advantage of this route to the UK market to carry out very careful analysis of their distribution chains. It will not be enough simply to assume that there is no consumer at the other end (especially given that consumers trade more directly on exchanges in the cryptoasset world than in traditional finance).

We, in conjunction with the Investment Association, have previously noted that there remains material uncertainty as to the proper scope and practical application of the "solely a record of value or contractual rights" qualification in the definition of "qualifying cryptoasset" (as incorporated by reference into the definition of "specified investment cryptoasset") in the RAO.

We have previously suggested that where a crypto-token functions solely as part of a register of shares, units in a fund or other registered securities, under the ultimate control of an issuer, registrar or central securities depository performing certain register maintenance functions (e.g. with a unilateral power to refuse registration of a transfer in certain cases and to rectify or amend the register), then the relevant crypto-token is unlikely itself to be capable of being the object of separate personal property rights. In such cases, it remains solely entry on the register (and not control of the token itself) that determines who has title to the value or contractual rights constituted by the share, unit or other registered security. A transfer of control of the relevant token, which is effected off-chain or off-register, does not transfer such value or contractual rights to the new controller.  

If that is correct, the token would properly be characterised as a "mere record/register" token as conceptualised by the Law Commission in its Final Report on Digital Assets.

Against this legislative reform backdrop, it would therefore make considerable sense from a policy perspective if such a crypto-token, as a "mere record/register" token, were not treated as a "specified investment cryptoasset" for the purposes of the new regulatory regime. In that scenario, safeguarding safeguarding activities in relation to such a crypto-token would not fall within scope of the new regulated activity set out in Article 9N of the RAO – although, any safeguarding and administering activities (or relevant arranging activities) undertaken by a firm by way of business in the UK in relation to the "traditional" share or other registered security, which is evidenced by such a crypto-token, would (subject to any relevant exclusion or exemption) fall within scope of the regulated activity set out in Article 40 of the RAO.

The drafting of New PERG 19.4.4 could, on its face, potentially be read as supporting this sort of analysis; especially by referring to the exclusion of cryptoassets that do not function in practice as an asset in their own right and where control is not the mechanism for transfer of title to the asset.

However, there is a disappointing lack of clarity in the guidance on the proper regulatory treatment of cryptoassets that are are operationally associated with (but not technically "stapled" to) to registered securities, where the relevant token is used solely as a means by which an issuer, registrar or CSD records title to securities on a DLT-based register of securities (over which it maintains ultimate control) and where it is the register, and not the token, that is the "root of title" to the value or contractual rights constituted by the security. Given that the draft New PERG provisions have not expressly committed to a clear position on this, there nonetheless remains a risk that the FCA might adopt a contrary view on what the "solely a record" exclusion means in practice. In light of the fundamental importance of this point to determining the overall perimeter of the new regime, it is likely that the industry will want to push for this point to be clarified in the finalised guidance as a priority and/or to seek a change to the Draft Regulations that would amend the CRAs themselves to qualify the definitions of "qualifying cryptoasset" and, by cross-reference, "specified investment cryptoasset".      

.      

New PERG 19.6 features an extensive discussion of the new Article 9N activity, namely the safeguarding of qualifying cryptoassets and relevant specified investment cryptoassets.

As noted above, we consider it essential for the FCA to provide clarity in its finalised guidance on the application (or otherwise) of the new safeguarding activity in relation to cryptoassets that operate as "mere record/register tokens" as part of a register under the ultimate control of an issuer, registrar or CSD performing register maintenance functions. Beyond this specific perimeter issue, it is nevertheless helpful to see that the FCA agrees with our reading of the legislation that:

• unlike traditional custody, the key concept is not ownership, but control of the cryptoasset;
  
  
• "negative control" – that is, the ability to prevent a transfer is not sufficient to constitute the "control" needed to fall within scope of the new activity;
  
  
• "self-custody" arrangements are outside scope, but the provider's actual technical ability to effect a transfer will override what it says it will or will not do (for example, in its contract with the client); and
  
  
• bare nominees sitting in a firm's group may be able to use the group activity exclusion in Article 9O.  

New PERG 19.9 is also important. It reiterates the point (still not widely understood) that the lending and borrowing of qualifying cryptoassets are not regulated activities in their own right, but business models that would constitute examples of the dealing activities. Moreover, it adds that firms offering those services may also be carrying out the safeguarding activity, due to the limited nature of the exclusions for non-consumer title transfer collateral arrangements and buy-back arrangements.

Adding the Draft Regulations into the mix, we welcome the proposed addition of a new paragraph (4) to Article 9R of the RAO, which excludes nominee companies operated by CSDs from carrying on the safeguarding activity. This closes a potential gap under the CARs resulting from the Article 9O exclusion only being available where responsibility for the safeguarding is undertaken by an authorised cryptoasset custodian (the definition of which does not cover an exempt person such as a recognised CSD).  

As mentioned, firms have a very short window to comment on the Draft Regulations, and only marginally longer on New PERG, and then potentially a very short period in which to digest the finalised version and take key strategic decisions about authorisation or otherwise.

Whichever element of the cryptoassets ecosystem your business may sit in, time is now running short, especially as we brace ourselves for hundreds of pages of finalised Handbook rules in the near future.