Regulated UK crypto firms fear authorisation Groundhog Day

The UK Treasury’s high-level plan for the regulation of crypto assets has left firms that already have licenses fearing they will have to start from scratch unless the new regime includes some recognition of existing authorizations.

The Treasury published a consultative plan in February to provide a comprehensive future regulatory regime intended to make the UK an attractive hub for crypto assets by bringing them under the Financial Services and Markets Act. But that comprehensive regime currently doesn’t include any proposal dealing with crypto firms that are already regulated in the UK.

“There isn’t any form of grandfathering arrangement that allows registered crypto-asset firms to automatically roll those registrations into FSMA authorization,” says Albert Weatherill, a partner at Norton Rose Fulbright. “There also isn’t clarity at this stage as to whether those registered firms will face a cliff-edge deadline to become authorized or be able to benefit from a transitional arrangement to ease themselves into the new regime.”

Since January 10, 2020, firms seeking to undertake crypto-asset activity in the UK have been required to register with the Financial Conduct Authority (FCA) under the 2017 money laundering regulations (MLR), and to comply with its requirements. So far, 41 firms have registered under this regime, including the cryptocurrency subsidiaries of major players such as DRW, Standard Chartered and TP Icap.

It would make sense for the comprehensive authorisation regime to allow the currently registered firms to continue providing services

Anoosh Arevshatian, Zodia Custody

Under the Treasury consultative document, any firm wishing to conduct one or more of the new crypto specified regulated activities—which have yet to be detailed—will have to apply for permission. However, firms are unclear whether an existing MLR authorization will receive any kind of credit under the new regime, and when their current licenses will become ineligible.

In the meantime, sources warn that regulated crypto firms may face concerns about business continuity if there is no clarity on when the new regime will take effect and how firms at varying stages of registration will be treated.

“There cannot be a period where they can’t carry on doing their business, so there needs to be some grandfathering or transitional period to enable business as usual to carry on while those firms are waiting for their applications to be approved,” says Bradley Rice, financial regulatory partner at law firm Ashurst.

Norton Rose Fulbright’s Wetherill says firms need to know when the new regime will begin and when sunset clauses for old regimes will be set. They will seek assurances from the FCA that the process will be managed to avoid a backlog if a rush of applications overwhelms the regulator’s approval process.

“Given the thorough review of the firms currently registered with the FCA under the MLR, I believe it would make sense for the comprehensive authorization regime to allow the currently registered firms to continue providing services such that there is no interruption to client services whilst the authorization application is prepared,” says Anoosh Arevshatian, chief risk officer at MLR-authorised firm Zodia Custody, which is owned by Standard Chartered and Northern Trust.

Sources are also divided on which UK rulemaker may issue the transition guidance and when. The UK Treasury could include a transitional or grandfathering regime in the draft law expected to be proposed as secondary legislation later this year. However, if it does not, the FCA will likely include it in its regulatory consultation that will follow the legislation, thereby delaying the final guidance further.

“Firms trying to do this business in the UK face another delay until 2024 or 2025, during which time there is no certainty. We’re driving firms away from the UK in an area where the government and the Treasury have said we want to be leading,” says Rice.

Transition triage

Sources identify at least three categories of firms requiring clarification on their future permissions regime.

A few companies are already registered under both the MLR and the FSMA regimes, such as trading platform eToro (which offers crypto trading alongside conventional assets) and payment firm Revolut (which offers both cash and cryptocurrency payments). They need to know whether a variation of permission is required to transition them to the new regime or whether their existing permissions will be updated automatically.

Ideally, these firms would prefer new permissions to apply automatically, Ashurst’s Rice explains, because the standard variation of permission process can take six months.

The process involves submitting a business plan and various forms and documents which, he says, “in most cases should be unnecessary” for companies that are already regulated as investment firms under Part IV of the Financial Services and Markets Act 2000 and registered under the MLR as crypto service providers.

“I don’t really see what extra the FCA needs to see and ask them—there could be an automatic or very quick process to triage the firms,” says Rice, although he notes that the FCA may want to weigh whether providing expedited treatment would give these firms a competitive advantage.

The second category consists of the 41 firms that have successfully registered under the MLR regime. They want to know if they will be able to apply credits proving their anti-money laundering capabilities when applying for registration under the FSMA.

Zodia’s Arevshatian says the firms with MLR authorizations “will be lobbying to avoid a process by which duplicative information is required” by the FCA to demonstrate that “our money laundering controls are working”.

She adds that the FCA should check whether business activities have changed following initial MLR registration and whether there have been any changes to the firm’s anti-money laundering and financial crimes policies and controls.

“If yes, fair enough to request full resubmission of walkthroughs and evidence. If no, [then] the application focuses on how the firm controls other risk types, including cyber security and operational resilience. Any new or unregistered firms should go through the new application process in its entirety,” says Arevshatian.

A third category of firms comprises those that are in the process of applying for the MLR registration, of which there are “a good number”, says Rice. They now have no certainty as to the fate of their application.

“Do they now need to prepare another one for the new FSMA regime that they have no details on at the moment? Would the information be carried over? Do they have to withdraw [their existing application] and submit a new one or will it be combined?” asks Rice.

The process is further complicated by the government’s decision on February 1 to subject crypto firms authorized under the MLR to the financial promotions regime.

Former authorizations regulator Harvey Knight, now a partner at law firm Withers, says promoting crypto products before gaining full FSMA authorization might now be equivalent to “throwing a loaded dice”, creating a risk skewed to the downside.

Knight says firms will ask themselves: “Do I want to do that and put something out which the regulator takes exception to, and that means I don’t get FSMA crypto-authorized?”

Uphill struggle

Existing MLR crypto firms are aggrieved partly because the original authorization process proved to be something of a trial by fire.

Suchitra Nair, a partner at Deloitte, says the FSMA process for native crypto firms could be “a significant challenge… given how hard it was for some to get MLR registration in the first place”.

Sources complain the FCA already seemed to be using assessment criteria that constituted a backdoor FSMA regime rather than just focusing on anti-money laundering controls.

Knight believes the FCA’s use of staff seconded from its enforcement division to crypto authorizations has created “a very high barrier” to becoming authorized and regulated, particularly for firms that don’t have an existing relationship with the FCA under the FSMA.

[The FCA] are making it more difficult than a traditional FSMA authorisation… they clearly showed their hand by making it an absolute ordeal for any crypto asset firm to go through

Harvey Knight, Withers

“They are making it more difficult than a traditional FSMA authorization… they clearly showed their hand by making it an absolute ordeal for any crypto asset firm to go through,” says Knight.

According to the FCA’s own data from January 2023, only 15% of applicants had their application approved, with the rest either failing or withdrawing from the process.

“We’ve had clients come to us and say they were not given a chance to respond to the FCA’s questions and improve their applications or address some of the FCA’s queries, so I think there is still a political standoff between the FCA and the Treasury on this issue,” says Ashurst’s Rice, alluding to the Treasury’s stated desire to attract crypto firms to the UK.

An FCA spokesperson rejects claims of unfairness: “We require firms in all sectors we supervise to have adequate governance and controls in place to identify, disrupt and report financial crime. These standards also apply to crypto.”

The spokesperson adds: “We work with prospective crypto firms to help them understand our expectations and if they can meet the conditions for registration, we will register them. We will reject applications that we are unable to assess because there are material omissions.”

Withers client Moneybrain, a crypto wallet and payment company, had its MLR registration refused by the FCA in May 2022, and subsequently withdrew a chancery court appeal against the FCA’s decision. 

“Given my experience of having done the registration applications, a round two with the regulator for those few that did get through round one would not exactly fill my heart with glee,” says Knight.

Correction, March 1, 2023: This article was amended on 1 March 2023 to clarify that Moneybrain withdrew its legal appeal before any judgment was made.