What You Need to Know Before Starting a Crypto Business in the UK

The United Kingdom has emerged as a pivotal jurisdiction for digital finance, offering a rigorous yet evolving regulatory framework to oversee cryptoasset activities. Whether you plan to operate a crypto exchange, provide custodian services, or promote cryptoasset offerings in the UK, understanding and navigating these legal requirements is critical. This article provides an in‑depth overview of the UK’s legal framework for crypto activities, detailing the registration requirements under the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 (MLRs), the role of the Financial Conduct Authority (FCA), and key considerations for firms engaging in cryptoasset services.

The Regulatory Backbone: UK’s Cryptoasset Legal Framework

At its core, the UK’s approach to regulating cryptoactivities is designed to safeguard the integrity of the financial system while ensuring that innovative digital services continue to flourish. The regulatory structure is built on two fundamental pillars:

1. Anti‑Money Laundering/Counter‑Terrorism Financing (AML/CTF) Regulations: The amended MLRs (2017) impose stringent obligations on firms carrying out specific cryptoasset activities. These rules require cryptoasset businesses to register with the FCA, ensuring that their operations are subject to ongoing supervision, robust internal controls, and rigorous customer due diligence measures. Under the MLRs, cryptoassets are treated as falling within the remit of “financial services” for anti‑money laundering purposes, meaning that providers must implement comprehensive AML/CTF programs.
   
2. Financial Promotions and Consumer Protection: While many cryptoassets are not classified as specified investments under the Financial Services and Markets Act 2000 (FSMA), firms are still required to comply with the UK’s financial promotions regime. This means that any communications regarding cryptoasset products must clearly disclose the absence of protection from the Financial Ombudsman Service or the Financial Services Compensation Scheme, thus ensuring that consumers are not misled regarding the level of protection afforded to them.
   

Who Must Register? Understanding the Scope

Registration with the FCA is a legal requirement for any firm providing cryptoasset services by way of business within the UK. According to the FCA’s guidance and as illustrated in the cryptoasset registration flowchart the decision to register hinges on several key questions:

1. Is the activity carried on by way of business in the UK?: Factors such as having a registered or head office in the UK, the frequency and regularity of the activity, and whether the business derives direct or indirect commercial benefit from cryptoasset services are critical. For instance, a crypto exchange operating an ATM network or facilitating day‑to‑day management of cryptoasset transactions from a UK office will typically be deemed to carry on business in the UK and, therefore, require registration.
2. What types of cryptoasset activities are being conducted?: The scope under Regulation 14A of the MLRs covers a range of activities, including:
   

• Exchanging cryptoassets for fiat currency (or vice versa) or between different cryptoassets,
• Operating automated machines, such as ATMs, for such exchanges,
• Providing custodial services, including holding private cryptographic keys on behalf of customers,
• Arranging transactions or brokering deals related to cryptoassets.
  

If your business activity meets these criteria, registration with the FCA becomes mandatory before you commence operations in the UK.

Registration Process and Compliance Essentials

Once it is determined that your cryptoasset activities fall within the scope of the MLRs, the next step is to navigate the registration process. Here’s a concise overview:

1. Application Submission via Connect System: Firms must submit their registration application through the FCA’s Connect system. Prior to submission, it is imperative to review the FCA’s detailed guide outlining the information required, including corporate structure, business model, and detailed descriptions of the cryptoasset activities.
2. Fit and Proper Assessment: A crucial aspect of the registration process is the fit and proper assessment. All key individuals such as directors, managers, officers, and beneficial owners are subject to scrutiny. Applicants must provide comprehensive details regarding their background, including any criminal convictions or regulatory sanctions. Non‑disclosure or provision of false information can result in rejection of the application or even criminal prosecution.
3. Pre-Application Meetings: To facilitate a smoother registration process, firms are encouraged to request pre-application meetings with the FCA. These meetings provide an opportunity to clarify regulatory expectations, discuss the nuances of your business model, and receive guidance on how best to prepare your submission. Note, however, that these meetings do not guarantee a successful outcome.
4. Registration Fees and Ongoing Costs: Registration fees are determined by the FCA’s pricing categories cryptoasset registration typically falls under Category 6. Additionally, once registered, firms must pay periodic or annual fees. The FCA defines income as the gross inflow from economic benefits associated with the provision of cryptoasset services, and fees are calculated accordingly.
   

Ongoing Obligations and Regulatory Supervision

Registration is only the beginning. Once your firm is registered, you must adhere to a host of ongoing obligations designed to maintain the integrity of the cryptoasset market:

1. AML/CTF Compliance: As a registered cryptoasset firm, you are required to implement and maintain robust AML/CTF systems. This includes customer due diligence (CDD) measures, transaction monitoring, and the reporting of suspicious activities. The FCA, in conjunction with the National Crime Agency, may conduct periodic reviews to ensure compliance.
2. Regular Reporting: Firms must submit regular reports detailing their financial crime risk assessments, internal controls, and compliance measures. These reports are a vital component of the FCA’s supervisory framework and ensure that firms remain vigilant in managing money laundering and terrorist financing risks.

3. Change in Control Notifications: Should there be any significant changes in the firm’s control structure such as a change in beneficial ownership this must be promptly reported to the FCA. Acquiring control without prior FCA approval is a criminal offence under the MLRs.

4. Adherence to the Financial Promotions Regime: If your firm engages in marketing or financial promotions related to cryptoassets, ensure that all promotional materials contain clear disclosures regarding the limited consumer protections available. From 8 October 2023, firms must register with the FCA to communicate their own cryptoasset financial promotions unless an exemption applies.
   

Enforcement, Supervision, and Consumer Protections

The FCA’s enforcement approach is risk‑based and involves a coordinated effort to maintain market discipline. Key elements include:

1. Enforcement Powers: The FCA has robust enforcement powers under the MLRs. In cases of serious misconduct, such as breaches of AML/CTF requirements or providing misleading information, the FCA can initiate investigations, impose fines, and take disciplinary action.

2. Supervisory Monitoring: Regular supervisory visits and audits ensure that registered cryptoasset firms adhere to their compliance obligations. Firms are expected to maintain detailed records and internal controls, which are subject to review by the FCA and, in some cases, external skilled persons appointed by the regulator.
3. Consumer Protection Disclosures: Although most cryptoassets are not specified investments under FSMA, the FCA emphasizes the importance of clear consumer disclosures. Firms must explicitly inform customers if their products and services are not covered by the Financial Ombudsman Service or the Financial Services Compensation Scheme, thereby ensuring that consumers are fully aware of the risks involved.
   

Final Thoughts

The legal framework governing cryptoasset activities in the United Kingdom is designed to balance innovation with stringent safeguards against financial crime. By ensuring that cryptoasset firms are properly registered, maintain rigorous AML/CTF compliance, and provide transparent consumer disclosures, the FCA aims to protect the integrity of the financial system while fostering a dynamic digital asset market.

For anyone considering entering or promoting cryptoasset activities in the UK, it is essential to understand these regulatory requirements and structure your operations accordingly. Meticulous preparation, adherence to detailed compliance protocols, and proactive engagement with the FCA are the cornerstones of a successful and sustainable crypto business in this jurisdiction.

How Cryptoverse Can Help

At Cryptoverse Legal Consultancy, we specialize in guiding cryptoasset firms through the intricate registration and compliance process in the UK. Our legal experts offer tailored advice to ensure that your business meets all regulatory requirements under the MLRs, from initial registration through to ongoing supervisory obligations. Whether you’re launching a new crypto service or seeking to expand your promotional activities in the UK, it is here to empower your success in a complex and dynamic regulatory landscape.