Print Article

FCA becomes AML and CTF supervisor of UK cryptoasset activities

From 10 January 2020, the FCA are the anti-money laundering and counter-terrorist financing (AML/CTF) supervisor of UK cryptoasset businesses under the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017, as amended (MLRs). The FCA will proactively supervise firms’ compliance with the new regulations, and will take swift action where firms fall short of desired standards and cause risks to market integrity.
Compliance with MLRs ALSO consider guidance from:
1.       Joint Money Laundering Steering Group (JMLSG)
2.       FCA Financial Crime guide for firms
3.       FCA Guidance (FG17/6) on the treatment for Politically Exposed Persons (PEPs)
 Any UK business conducting specific cryptoasset activities falls within scope of the regulations and will need to comply with their requirements. For further information please see The FCA dedicated cryptoasset webpage.
Amongst other things, The FCA require cryptoasset businesses to:
1.       identify and assess the risks of money laundering and terrorist financing which their business is subject to;
2.       have policies, systems and controls to mitigate the risk of the business being used for the purposes of money laundering or terrorist financing;
3.       where appropriate to the size and nature of its business, appoint an individual who is a member of the board or senior management to be responsible for compliance with the MLRs;
4.       undertake customer due diligence when entering into a business relationship or occasional transactions;
5.       apply more intrusive due diligence, known as enhanced due diligence, when dealing with customers who may present a higher money laundering / terrorist finance risk. This includes customers who meet the definition of a politically exposed person;
6.       undertake ongoing monitoring of all customers to ensure that transactions are consistent with the business’s knowledge of the customer and the customer’s business and risk profile.
UK businesses undertaking cryptoasset must register with The FCA:
1.       New businesses carrying out cryptoasset activity in scope of the MLRs must be registered with the FCA before conducting businesses – registration forms are available on Connect. You can find out more about the registration process on The FCA website.
2.       Existing businesses already conducting cryptoasset activity before 10 January 2020 may continue their business but will need to ensure their compliance with the MLRs with immediate effect.
3.       All existing businesses undertaking cryptoasset activities must be registered by January 2021. To ensure this deadline is met, these businesses must submit a completed application for registration via Connect by June 2020.
4.       Existing Financial Services and Markets Act firms, e-money institutions or payment services businesses undertaking cryptoasset activity will also be required to apply for registration.
Registration key facts
1.       All UK cryptoasset businesses carrying on activities in scope of the MLRs will need to register with The FCA from 10 January 2020.
2.       The FCA responsibility under this regime will be limited to AML/CTF registration supervision and enforcement only.
3.       Registration under the MLRs does not mean that customers will benefit from the protections of the Financial Ombudsman Service or the Financial Services Compensation Scheme (FSCS). As most cryptoassets are not specified investments under the Financial Services and Markets Act 2000 (FSMA), it is unlikely that customers will have access to the Financial Ombudsman Service or FSCS.
4.       Customers and firms may wish to consider The FCA guidance, where The FCA have set out The FCA position on the types of cryptoassets which will fall within The FCA regulatory remit and the implications this has on consumer protection.
a.       Cryptoasset activity involving security tokens, for example, are regulated tokens which will provide the same protections as specified investments set out in the Regulated Activities Order
b.       Cryptoasset activity which falls in the unregulated space, as defined in the guidance on Cryptoassets, will not have the same consumer protections.
5.       For any customer that considers Financial Ombudsman Service and FSCS protection important, The FCA recommend that you check with the business as to whether this protection applies to the cryptoasset transaction.   
6.       A business must register with The FCA as set out by the MLRs. It is not a license or a recommendation or endorsement of the business. A business may not carry on cryptoasset activities in the UK within the scope of the MLRs unless they are registered in line with specified timelines and requirements.
7.       Registered businesses should be careful to avoid using language in this context that might give the impression that registration was a form of endorsement or recommendation. Cryptoasset businesses should ensure that they do not mislead customers as to what protections apply and the status of their FCA registration.
8.       All applications for registration will be considered carefully to make sure they meet the conditions for registration set out in the MLRs. Applications will be refused if the conditions are not met.
Timeline and payment key facts
1.       Businesses must comply with the MLRs from 10 January 2020, irrespective of whether they are registered or not with the FCA.
2.       New cryptoasset businesses that intend to carry on a cryptoasset activity after 10 January 2020 must be registered before any activity can be carried out.
3.       Existing cryptoasset businesses which were already carrying on cryptoasset activity immediately before 10 January 2020 may continue with that business, in compliance with the MLRs, but must be registered by 10 January 2021, or stop all cryptoasset activity. The FCA encourage businesses to consider the table below setting out the timeline for registration.
When making a business application, please consider the points below:
1.       The FCA may refuse to register the applicant where any information or document required in the registration form is missing. The FCA may also ask for additional information supplementary to that set out in the registration form if it is reasonably considered necessary to enable The FCA to determine the application.
2.       Once The FCA have received all the required information, there is a 3 month period to make a registration assessment.
3.       To avoid delays or the application being rejected, The FCA should be notified of material changes and inaccuracies to the application as soon as possible. This is a legal obligation under the MLRs.
4.       The FCA will not consider your registration application  until the registration fee is paid. There is more information in the fees section on this page.
5.       Businesses will need to apply for registration early in case The FCA require further information, and to ensure the registration deadline is met.
6.       Please read the registration process for more information on applications and what The FCA expect from cryptoasset applications.
Further information

To read more please click here


The Team

Meet the team of industry experts behind Comsure

Find out more

Latest News

Keep up to date with the very latest news from Comsure

Find out more


View our latest imagery from our news and work

Find out more


Think we can help you and your business? Chat to us today

Get In Touch

News Disclaimer

As well as owning and publishing Comsure's copyrighted works, Comsure wishes to use the copyright-protected works of others. To do so, Comsure is applying for exemptions in the UK copyright law. There are certain very specific situations where Comsure is permitted to do so without seeking permission from the owner. These exemptions are in the copyright sections of the Copyright, Designs and Patents Act 1988 (as amended)[]. Many situations allow for Comsure to apply for exemptions. These include 1] Non-commercial research and private study, 2] Criticism, review and reporting of current events, 3] the copying of works in any medium as long as the use is to illustrate a point. 4] no posting is for commercial purposes [payment]. (for a full list of exemptions, please read here]. Concerning the exceptions, Comsure will acknowledge the work of the source author by providing a link to the source material. Comsure claims no ownership of non-Comsure content. The non-Comsure articles posted on the Comsure website are deemed important, relevant, and newsworthy to a Comsure audience (e.g. regulated financial services and professional firms [DNFSBs]). Comsure does not wish to take any credit for the publication, and the publication can be read in full in its original form if you click the articles link that always accompanies the news item. Also, Comsure does not seek any payment for highlighting these important articles. If you want any article removed, Comsure will automatically do so on a reasonable request if you email