Since the 10th of January 2020 the Financial Conduct Authority (FCA) has been the anti-money laundering and counter-terrorist financing (AML/CTF) supervisor of UK cryptoasset businesses falling under the Money Laundering and Terrorist Financing Regulation scope (MLRs).

The Money Laundering Regulation applies to businesses in sectors at risk of being used to commit money laundering (turning ‘dirty’ money into ‘clean’ money) or terrorist financing (the financing of terrorists or terrorist organisations). For a long time it has been feared that cryptoassets were useful to criminals in achieving these aims. The inclusion of cryptoassets under the money laundering Regulation is aimed at ensuring that businesses carrying on in-scope cryptoasset business are regulated and money laundering and terrorist financing are disrupted and ultimately stopped.

What is a cryptoasset?

Cryptoassets are defined by the FCA as secured electronic representations of value or contractual rights that use a type of distributed ledger technology (DLT) and is able of being transferred, stored or traded electronically. A cryptoasset can take various forms, from a cryptocurrency to a security token or e-money tokens. The FCA further explains that certain cryptoassets are regulated while others are unregulated, this is important as anyone looking to conduct regulated activities will be required to be registered and authorised by the FCA.

The inclusion of cryptoasset activities to the scope of MLRs will mean that some firms that already fall under the Financial Services and Markets Act 2000 (FSMA) will fall within the scope and will have to register with the FCA for cryptoasset business activities.

What is the scope of the new Regulations?

Any cryptoasset business that carries on regulated cryptoasset activities that fall within the scope of the MLRs will need to comply with the new requirements. The cryptoasset activites below will fall under the MLRs scope :

1. Cryptoasset exchange provider (including cryptoasset Automated Teller Machine (ATM), Peer to Peer Providers, Issuing new cryptoassets, e.g Initial Coin Offering (ICO) or Initial Exchange Offerings).

2. Custodian Wallet Providers (safeguarding and administering).

Consequently, not all cryptoasset business will be regulated.

Traditional Financial Regulation – FSMA and MiFID

As mentioned, if someone wants to conduct regulated activity in the UK they will have to be registered and authorised by the FCA in order to carry on this regulated business. Dealing in ‘specified investments’ and ‘communicating in the course of business an invitation or inducement to engage in investment activity’ are activities that are considered to be regulated, which is important for cryptoasset businesses as some crypto assets are categorised as ‘specified investments’. For example, cryptoasset activity involving security tokens are considered to be ‘specified investments’ and are therefore under the FCA’s regime. Any tokens that are not security tokens or e-money tokens are unregulated, such as cryptocurrencies (e.g. Bitcoin and Litecoin, sometimes referred to as exchange tokens, which do not provide the types of rights or access provided by security or utility tokens, are used as a means of exchange or for investment) and will not be afforded the same protection as those of regulated cryptoassets. An interesting point to note is that while some cryptoassets do not fall within the scope of the FCA, investment products (such as derivatives contracts), that reference these cryptoassets, will fall within the FCA’s scope.

The FCA expects that authorised businesses to comply with FMSA rules and guidance (which is generally wider than MLRs) in addition to the MLRs. This means that businesses that fall within the scope of the existing regulatory requirements are already expected to address the risks of money laundering and terrorist financing. Which, among other requirements, could mean thorough and continued due diligence on customers and potential customers

Crypto-only AML Registration

As a result of including cryptoassets under the MLRs, any new cryptoasset business that is seeking to conduct relevant business in the UK will now have to register with the FCA for anti-money laundering purposes, even if the business would not fall within the regulatory world of FSMA. This registration has to occur before any business can be carried out. If a business was conducting cryptoasset business before the 10th of January 2020 it may continue to conduct that business as long as it is in compliance with the MLRs, however they will need to register with the FCA by 10th January 2021. If they are not registered by 10th January 2021 it must cease all cryptoasset business. If an existing business wants to benefit from priority review by the FCA, the latest date to apply is the 30 June 2020. The registration process with the FCA can take a number of months, as the regulator can take 3 months to review processes and policies. Businesses wishing to register should plan ahead accordingly, giving themselves ample time for registration.

The FCA will be limited to AML/CTF registration supervision and enforcement only. The FCA approach to supervision will be risked based, and there will therefore be a greater focus on firms who pose a greater risk of money laundering and terrorist financing.

Money laundering and terrorist financing are issues that have had a large international focus around the world and continue to be a focus point for governments around the globe. The UK decision to monitor and regulate some of the cryptoassset activities is a good step in regulating the area of cryptoassets, which is an area that needs regulation and monitoring. In 2018 the “UK Cryptoasset Taskforce” published a report on its recommendations regarding cryptoassets in the UK financial industry. In the Taskforce report it highlighted a number of potential risks in the cryptoasset market which among others included: Risk of financial crime, unsuitable products, risk to market integrity and potential issues for market stability. The applicability of the MLRs to cryptoassets came into effect just over a month ago, it is yet to be seen how this has affected the cryptoasset industry and how effective the supervision will be and whether it will effectively manage the risks highlighted in the 2018 Taskforce report.

How can we help?

RiskSave can provide advice on the application of the AML registration requirements to businesses who think they may be affected by the changes, and assist with the registration process itself.