Treating Crypto Fairly: The New UK Government Consults on a Comprehensive Regulatory Regime for Cryptoassets
The United Kingdom HM Treasury (“HMT”) on 1 February 2023 launched its first consultation on the future regulatory regime for cryptoassets (the “Cryptoassets Consultation”). At the same time, it also published a response to its July 2020 consultation on proposals to bring marketing of certain cryptoasset services within scope of the UK financial promotion rules as set out in the Financial Services and Markets Act 2000 (Financial Promotion) Order 2005 (the “FPO”), and a related statement on the outcome of this consultation (the “FPO Response”).
The Cryptoassets Consultation
- The Cryptoasset Consultation proposes to bring a wide range of cryptoassets into the scope of UK regulation, together with activities relating to these cryptoassets. This will be done by amending the UK’s existing Financial Services and Markets Act 2000 (“FSMA”) rather than creating a new standalone regulatory regime.
- The new regime would oblige firms who wish to carry out FCA-regulated activities in relation to cryptoassets to apply for authorisation from the FCA.
- The regime will have extra-territorial effect and impose a crypto-specific market abuse regime based on the FCA’s existing market abuse or “MAR”.
- The consultation is open for comment until 30 April 2023.
Scope: Proposed statutory definition of a “cryptoasset”
HMT proposes to define a “cryptoasset” in the UK Financial Services and Markets Bill (the “FS&M Bill”) as:
“any cryptographically secured digital representation of value or contractual rights that—
(a) can be transferred, stored or traded electronically, and
(b) that uses technology supporting the recording or storage of data (which may include distributed ledger technology).”
A cryptoasset falling into this definition will be a “specified investment” for the purposes of FSMA, meaning that any person carrying out an FCA-regulated activity in relation to such a cryptoasset will need prior FCA authorisation. HMT does not propose the regulation of cryptoassets as a product category, but only certain activities in relation to them.
Some further points:
- This definition differs from the cryptoasset definition in the EU’s Markets in Cryptoassets Regulation (“MICA”),1 “the digital representation of a value or a right which may be transferred and stored electronically, using distributed ledger technology or similar technology”, though the UK definition is very similar.
- The definition differs from the cryptoasset definition in Regulation 14A(3)(a) of the UK Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 (the “MLRs”), the current trigger for registration with the FCA under the UK’s existing anti-money laundering regime. The principal difference is that the FS&M Bill definition references a wider range of underlying technology. A cryptoasset under the MLRs is a “cryptographically secured digital representation of value or contractual rights that uses a form of distributed ledger technology and can be transferred, stored or traded electronically.”
- Cryptoassets will not also be “financial instruments” for UK purposes under HMT’s proposals, meaning that FCA rules applicable to financial instruments (for example, those deriving from the retained Markets in Financial Instruments Directive) will not apply.
Scope: Regulated cryptoasset activities
HMT proposes a range of new specified activities in relation to cryptoassets that will be added to the UK’s FSMA Regulated Activities Order 2001 (the “RAO”), specifically,
- admitting a cryptoasset to a cryptoasset trading venue
- making a public offer of a cryptoasset
- operating a cryptoasset trading venue
- dealing in cryptoassets as principal or agent
- arranging (bringing about) deals in cryptoassets
- making arrangements with a view to transactions in cryptoassets
- operating a cryptoasset lending platform
- safeguarding or safeguarding and administering (or arranging the same) a cryptoasset other than a fiat-backed stablecoin and/or means of access to the cryptoasset
Firms that are not FCA authorised will need to apply to the FCA for authorisation to carry out these activities.
Firms that are already FCA authorised will generally need to apply for a variation of their FCA permission to carry out these activities.
Some further points:
- Extra-territoriality: HMT proposes to capture cryptoasset activities provided in or to the UK. This would include activities provided by UK firms to persons based in the UK or overseas, as well as those provided by overseas firms to UK persons. It remains to be seen how the current “overseas persons exemption” in the RAO (permitting firms located outside the UK to carry out FCA regulated activities with UK clients without FCA authorisation) will be accommodated to this.
- There may be certain exceptions – for example, to accommodate “reverse solicitation” of cryptoasset activities that are provided from overseas. Under such an exception, if a UK customer accessed a particular cryptoasset service entirely at their own initiative and the overseas firm does not otherwise solicit such customers, the FSMA-authorisation requirement might not be triggered.
- Whether an overseas firm would be required to have a physical presence in the UK to obtain authorisation is under consideration, and this will be for the FCA to determine at the point the firm applies for authorisation. This is expected to be informed by the FCA’s existing framework for international firms and based on the nature and scale of the firm’s activities and the risks of retail, client asset and wholesale harm. Firms operating cryptoasset trading venues are likely to require subsidiarisation in the UK.
- Investment management and investment advice: Managing cryptoassets and giving investment advice in relation to cryptoassets are likely to come within the scope of the RAO in future phases of regulatory implementation. However, this is not proposed in the Cryptoassets Consultation.
Cryptoasset issuance and disclosures
HMT has proposed to establish an issuance and disclosures regime for cryptoassets, based on the approach taken in the forthcoming UK Public Offers and Admissions to Trading Regime, tailored to accommodate the specific attributes of cryptoassets.
Firms will be subject to disclosure requirements when:
(i) admitting a cryptoasset to a trading venue; and/or
(ii) making a public offer of cryptoassets (including initial coin offerings (“ICOs”).
For admission of cryptoassets to a UK cryptoasset trading venue, HMT is proposing to adapt the multi-lateral trading facility model from the new UK prospectus regime. The FCA would include principles for admission and disclosure requirements that cryptoasset trading venues would be responsible for administering. Cryptoasset trading venues would be responsible for writing more detailed content requirements for admission and disclosure documents as well as performing due diligence on the entity admitting the cryptoasset.
For public offers of cryptoassets – including ICOs where a fund raiser creates new tokens and sells them to investors – HMT thinks this may meet the definition of a “security offering” under the Public Offers and Admissions to Trading Regime. As such, the intended regime could be an adequate regulatory framework to capture this activity.
Operating a cryptoasset trading venue
In addition to making operating a cryptoasset trading venue a regulated activity, HMT is proposing that persons carrying out these activities should be subject to prudential and other requirements as follows:
- Prudential requirements: Trading venue operators should have sufficient financial resources to conduct business in a prudent manner – minimum capital, liquidity and other relevant prudential requirements.
- Consumer protection requirements: Venues should have fair, open and transparent access rules and fee schedules.
- Operational resilience requirements: Trading venue operators should have the people, processes, systems, controls and arrangements to ensure that their trading systems are resilient, including under conditions of market stress. Outsourcing arrangements should require appropriate due diligence, ongoing oversight and formal documentation.
- Data reporting requirements: Venues should have the capability to make accurate and complete information readily accessible for both the on- and off-chain transactions that they facilitate.
Cryptoasset intermediation
HMT considers that requirements applying to analogous FCA regulated activities – such as “arranging deals in investments” and “making arrangements with a view to transactions in investments” – should be adapted for cryptoasset market intermediation activities. Additional rules may be needed to address specific characteristics of cryptoasset market intermediation activities (such as conflicts of interest that arise from more vertically integrated cryptoasset business models, or specific controls or resilience requirements).
Cryptoasset intermediaries will be subject to prudential and other requirements as follows:
- Prudential requirements: Cryptoasset intermediaries should have sufficient financial resources to conduct business in a prudent manner – minimum capital, liquidity and other relevant prudential requirements.
- Consumer protection requirements: Cryptoasset intermediaries should act honestly and fairly, and in the best interests of their clients. Conflicts of interest should be appropriately identified and managed. All reasonable steps should be made to obtain the best possible result for the client when executing a client order.
- Operational resilience requirements: Cryptoasset intermediaries should have adequate people, processes, systems and controls to mitigate operational resilience risks. Any outsourcing arrangements should require appropriate due diligence, ongoing oversight and formal documentation.
- Data reporting requirements: Cryptoasset intermediaries should have the systems and controls to be able to detect market abuse and submit suspicious transaction order reports to the relevant trading venue.
Cryptoasset custody
HMT is proposing to apply and adapt existing rules for custodians under Article 40 of the RAO for cryptoasset custody activities, with appropriate modifications. This new FCA regulated activity would be broader than the Article 40 RAO activity as it would capture firms that only safeguard (but not administer) assets (e.g., firms that solely safeguard cryptographic private keys that provide access to cryptoassets).
Existing custody provisions in the FCA’s Client Assets Sourcebook will be used as a basis to design bespoke custody requirements for cryptoassets.
Core components of the custody provisions are expected to be:
- arrangements to safeguard investors’ rights to their cryptoassets (e.g., restrict commingling of investors’ assets and the firm’s own assets);
- organisational arrangements to minimise risk of loss or diminution of investors’ custody assets;
- books and records of investors’ custody assets holdings; and
- controls and governance over safeguarding arrangements of investors’ custody assets holdings.
Cryptoasset custodians will be subject to prudential rules and other requirements as follows:
- Prudential requirements: Cryptoasset custodians should have sufficient financial resources to conduct business in a prudent manner – minimum capital, liquidity and other relevant prudential requirements.
- Consumer protection requirements: The availability of the UK Financial Services Compensation Scheme protection for claims against failed authorised cryptoasset custodians is under consideration by the FCA.
- Operational resilience requirements: Cryptoasset custodians should have adequate people, processes, systems and controls to mitigate operational resilience risks related to custody, such as inaccurate record-keeping, loss or malfunction of means of access to cryptoassets, and / or mismanagement or misuse of cryptoassets. Outsourcing (including sub-custodian) arrangements should require appropriate due diligence, ongoing oversight and formal documentation.
Operating a cryptoasset lending platform
For the regulation of cryptoasset lending and borrowing activities, HMT is proposing to apply and adapt existing RAO activities, modified to accommodate cryptoasset features.
Cryptoasset lending platform operators will be subject to prudential and other requirements as follow:
- Prudential requirements: Operators should have sufficient financial resources to conduct business in a prudent manner – e.g., minimum capital, liquidity and other relevant prudential requirements.
- Consumer protection requirements: Operators should have robust governance arrangements and risk management processes in place. Conduct of business requirements (e.g., client disclosures, risk warnings, clear contractual terms including ownership of legal and beneficial title) should apply.
- Operational resilience requirements: Systems and controls requirements, such as operational resilience, should apply to cryptoasset lending and borrowing platforms. Operators should have adequate people, processes, systems and controls to mitigate operational resilience risks. Outsourcing and third-party arrangements should require appropriate due diligence, ongoing oversight, and formal documentation.
Cryptoassets and market abuse
HMT says that, to foster confidence in the cryptoasset market and maintain market integrity, there should be a cryptoasset market abuse regime, prohibiting activities such as insider dealing, market manipulation and unlawful disclosure of inside information. Whilst there are will be similarities between market abuse in traditional financial markets (to which MAR applies) and the cryptoasset market,2 there are also differences. For example:
- Unlike traditional securities markets, the “issuer”, as the typical main holder and creator of inside information, is not readily identifiable, or may be an individual rather than a corporate entity, which may make it difficult to impose obligations on them to control inside information.
- There is more direct retail participation in the cryptoasset market, making it harder to assign monitoring, detection and prevention obligations.
- The globalised and decentralised nature of cryptoasset markets means that trading venues are accessible to all market participants, and there is little geographical nexus between the venue, the issuer of the cryptoassets and those trading them. This makes it difficult for a single jurisdiction to address the risks of market abuse.
On the other hand, the nuances of the cryptoasset markets offer regulators potential advantages. The transparency of the blockchain may enable identification of market abuse more easily, and there may be scope for regulatory technology (“RegTech”) solutions to assist with detecting and preventing market abuse.
HMT is proposing a bespoke cryptoasset market abuse regime based on elements of the existing MAR. It would apply to all persons committing market abuse on a cryptoasset that is requested to be admitted to trading on a UK trading venue, regardless of where the person is based or the trading takes place. HMT’s expectations include:
- Trading venues would be primarily responsible for detecting and preventing market abuse, with the FCA taking on a supervisory role to ensure that appropriate systems and controls are in place. A venue’s obligations are likely to include “Know Your Customer” requirements, investigating suspected abuse, public blacklists for offenders, order book surveillance, suspicious transaction and order reports (STORs), information sharing between trading venues, use of blockchain analytics and ongoing market-facing disclosure obligations.
- Firms undertaking cryptoasset activities would be required to disclose inside information and maintain insider lists (under MAR, only issuers are under such an obligation).
- Persons professionally arranging or executing transactions should establish systems and controls to detect and prevent market abuse, subject to FCA supervision, including preventing the misuse of information relating to client orders and obligations to submit STORs to the relevant trading venue.
Although there will be some way to go before there is parity with the protections offered by MAR, HMT’s approach is to be welcomed, at least as an initial step. In the absence of a regulatory regime, to date much of the policing of crypto frauds has been led by the English courts, permitting service of proceedings by NFT, and making remedies available to investors such as worldwide freezing orders and proprietary injunctions to restrain the dissipation of assets (see for example our previous OnPoints here and here).
HMT is showing signs of matching the courts’ innovative approach by adapting existing laws to new technologies. However, HMT also recognises that regulation should not stifle the opportunities offered by emerging technologies, and it remains to be seen how far the regulators are willing to go.
The FPO Response
The FPO Response sets out HMT’s proposals to bring “qualifying cryptoassets” within scope of the financial promotion restrictions of FSMA and the rules set out in the FPO.
A “qualifying cryptoasset” here means “any cryptographically secured digital representation of value contractual rights which is fungible and transferable.” As such, NFTs generally fall out of scope.
Generally, the FPO prohibits in-scope promotions unless these are made or approved by a firm authorised under FSMA. However, HMT has recognised that many cryptoasset firms are not themselves authorised under FSMA, nor are many FSMA-authorised persons willing and able to approve cryptoasset promotions. To accommodate this, HMT proposes to introduce a time-limited exemption to the FPO, enabling cryptoasset businesses that are registered with the FCA under the MLRs (but not authorised under FSMA) to promote their own services. This exemption will be in place until the UK regulatory regime set out in the Cryptoassets Consultation comes into force.
Footnotes
[1] For further information on MiCA, please see our OnPoint here
[2] For example, there is evidence of “pump and dump” schemes in cryptoasset markets, where the price of an asset is artificially inflated using false and misleading information in order to sell assets at a higher price, following which the price collapses. There is also evidence of “front running” ahead of coin listings, whereby market participants trade at favourable prices immediately before a listing, in circumstances where the timing information of that listing was not publicly available.