FCA to supervise cryptoasset businesses under the AML/CFT regime from 10 January 2020

The current legislation that governs the UK anti-money laundering and counter-terrorist financing (“AML/CFT”) regime is the Money laundering, Terrorist Financing and Transfer of Funds (information on the Payer) Regulations 2017 (“MLRs”). Despite Brexit, the UK will implement the EU Fifth Money Laundering Directive (“5MLD”) by amending the MLRs.

The amended MLRs will come into force on 10 January 2020 and bring, for the first time, cryptoassets and cryptoasset service providers into scope of the AML/CTF regime.

HM Treasury undertook a public consultation process between April and June 2019 on matters relating to the transposition of 5MLD and implementation of the updated standards of the Financial Action Task Force (“FATF”) into UK national law (“Consultation”). HM Treasury is yet to publish its response to the Consultation. The businesses identified for consultation include:

  • Cryptoasset exchange service providers – service for exchanging fiat currencies and cryptoassets
  • Peer-to-peer exchange service providers – online marketplace for exchanging fiat currencies and cryptoassets
  • Cryptoasset automated teller machine (ATM) – physical kiosks for exchanging cryptoassets and fiat currencies
  • Custodian wallet providers – custody, administration and transfer of customers’ tokens
  • New cryptoasset issuers – e.g. initial coin offering (ICO) or initial exchange offering (IEO)
  • Open-source software publishers – cryptoasset-related software providers including non-custodian wallet providers

In addition, HM Treasury and Home Office have established in September 2019 that the Financial Conduct Authority (“FCA”) will be the AML/CFT regime supervisor for business carrying on cryptoasset activities that are in scope of the amended MLRs.

Compliance with MLRs and Registration with FCA

The FCA has confirmed that businesses carrying on the above cryptoasset activities identified for the Consultation should assume that they are in scope of the amended MLRs and must comply with them from 10 January 2020.

The amended MLRs will require businesses that carry on the relevant cryptoasset activities to be registered with the FCA. From 10 January 2020, new cryptoasset businesses must not carry on a cryptoasset activity before they are registered. Existing cryptoasset businesses have until 10 October 2020 to apply for registration with the FCA but they must stop all relevant cryptoasset activities if they fail to be registered  by 10 January 2021.

The FCA will likely take three months to assess each completed registration application submitted. The assessment may take longer if the application is incomplete and further information is required or the registration fee is not paid on submission of the application.

The registration fee is currently set at £2,000 for businesses with UK cryptoasset income up to £250,000 and £10,000 for businesses with UK cryptoasset income greater £250,000. “Income” is defined as the gross inflow from economic benefits (i.e. cash, receivables and other assets) recognised in the registered UK entity’s account during the reporting year in relation to the relevant cryptoasset activities.

Since cryptoassets are not specified investments under the Financial Services and Markets Act 2000, registration with the FCA does not entitle customers protections of the Financial Ombudsman Service or the Financial Services Compensation Scheme; but only for the purposes of supervision and enforcement by the FCA under the amended MLRs.

FCA supervisory approach and assessment

The FCA will adopt a risk-based supervisory approach to cryptoasset businesses that is in line with its approach to other businesses under the MLRs. Under this approach, firms with the greatest money laundering and terrorist financing risk will receive an increased level of supervisory focus. The FCA may decide to commence on enforcement investigation where it believes serious misconduct has taken place.

The FCA will carry out regular assessments of the policies, controls and procedures of registered cryptoasset businesses to ensure that these are relevant to and appropriate for managing the business’ money laundering and terrorist financing risk.


The FCA expects the amended MLRs will extend its existing enforcement powers to cryptoasset businesses and that it will take the same enforcement approach under the existing MLRs, which involves the enforcement unit to work closely with other FCA units, other regulators and law enforcement agencies to detect and prosecute for misconduct concerning money laundering and terrorist financing.

Ashfords can advise you on MLRs, FCA registration or enforcement processes. Please contact us if you would like to discuss whether your current cryptoasset activities may fall within the perimeter of the amended MLRs. 

For any more information please contact Chris Dyson.

For more information on the related topics within this article please visit these pages: Technology Law, Fintech, Corporate, Financial Services and Business Risk and Regulation.

Send us a message