FCA returns with more detail on how its rules will apply to UK-regulated crypto activities

The Financial Conduct Authority has set out how its rules will apply to firms carrying out cryptoasset activities in the UK. Its latest consultation (CP26/4) is one of the more wide-ranging in the FCA’s crypto roadmap. How the FCA chooses to apply its existing rulebook will play a large part in determining what day-to-day cryptoasset regulation looks like in the UK, from client disclosures and regulatory reporting through to complaints-handling and senior manager oversight. The consultation closes on 12 March 2026.

Crypto firms to apply Consumer Duty

The Consumer Duty is a central pillar of FCA policy. It requires firms to act to deliver good outcomes for retail customers.

The FCA confirms its intention to apply the Duty to cryptoasset firms. Newly licensed crypto firms dealing with UK consumers will need to ensure they meet the extensive rules and guidance that underpin the Duty. Firms that are already licensed would need to expand their current processes to cover any crypto activities.

The FCA is consulting on guidance to clarify how the Duty will apply in the context of crypto services.

No crypto compensation scheme

The Financial Services Compensation Scheme (FSCS) provides compensation for customers when firms are unable to meet their liabilities.

The FCA does not plan to extend FSCS protection to cryptoassets. If their firm goes out of business, customers will not be able to claim compensation for investment losses arising from regulated crypto activities.

There are potential inconsistencies in this approach. For example, a claim about a share held in custody would be covered by the FSCS but a claim about safeguarding a token that represents the share on a blockchain would not be covered.

Crypto customers to get FOS access

The FCA applies complaints-handling requirements on firms via its DISP rules. The FCA plans to extend the application of DISP to cryptoasset activities. Crypto firms will need to familiarise themselves with how DISP works and how it will apply to their services.

As part of this change, the FCA will extend the compulsory jurisdiction of the Financial Ombudsman Service (FOS) to the new regulated cryptoasset activities. This means customers will be able to escalate their complaints to the FOS. Crypto firms would also need to contribute to the FOS general levy and pay case fees.

Tighter conduct of business rules

The FCA sets conduct of business standards (COBS). Crypto firms will need to comply with relevant COBS obligations alongside crypto-specific rules, notwithstanding overlaps. COBS will not only apply to UK-licensed firms but also overseas firms providing crypto services to UK consumers.

The extension of COBS will require crypto firms to put in place an extensive compliance framework or update their existing controls. For example, firms will need to put in place processes to assess the knowledge and experience of retail customers to test whether their products are appropriate.

Exceptions may apply. For example, the FCA is considering carve-out of some COBS rules for transactions concluded on a UK cryptoasset trading platform (CATP). It also asks whether COBS should apply in relation to overseas users of overseas CATPs holding a UK licence.

Lifting marketing restrictions on UK stablecoins

The FCA currently treats qualifying cryptoassets as restricted mass market investments (RMMI) which limits how they can be promoted in the UK. The FCA wants to remove this marketing restriction for UK-issued qualifying stablecoins. The financial promotions regime will continue to apply to qualifying stablecoins issued by overseas issuers and all other qualifying cryptoassets.

The FCA has drafted specific rules for crypto advertisements where there is a qualifying cryptoasset disclosure document (QCDD). For example, these advertisements would need to be consistent with the QCDD and advise consumers to read the QCDD.

Specific safeguarding disclosures

Firms that hold cryptoassets for customers will be required to provide plain-language disclosures. For example, firms must explain whether they rely on permitted exceptions not to hold the client’s cryptoassets on trust, how they secure means of access to cryptoassets, and how they rely on third parties.

Phasing in regulatory reporting

The FCA expects crypto firms to start providing several regulatory returns under existing rules from the start of the new regime. This includes draft rules for firms to notify the FCA about operational incidents and material third party arrangements.

The FCA is also developing new regulatory returns for regulated cryptoasset activities. The FCA plans to take an iterative approach to collecting this data. Initially it will expect a core set of returns covering, for example, customer numbers, transaction values and complaints data. It may add more reporting requirements in due course, alongside making ad hoc data requests.

Cryptoasset safeguarding reporting will largely mirror the existing client money and assets return (CMAR).

Cryptoasset safeguarding rules to allow floats

The FCA has updated its draft CASS 17 rules so that it now applies to both qualifying cryptoasset custodians and specified investment cryptoasset (SIC) custodians. SIC custodians currently applying CASS 6 rules will need to transition to CASS 17.

The FCA is maintaining its position that client cryptoassets must be held on trust. It now suggests, however, allowing co-mingling of client and firm cryptoassets to deliver certain services such as staking. It has also set out permitted routes to remove client cryptoassets from trust.

The FCA will also allow CATPs to hold up to 1% of client cryptoassets outside the trust so they can operate a “float” model. This is designed to enable the settlement of transactions off-chain. The FCA invites feedback on whether 1% is the optimal limit.

The consultation confirms that the FCA’s client money rules in CASS 7 will generally apply to cryptoasset firms holding clients’ money.

Criteria for enhanced SMCR firms

The Senior Managers and Certification Regime (SMCR) imposes more requirements on larger firms. CP26/4 puts forward criteria for distinguishing “enhanced” SMCR crypto firms from those that will be subject to the core regime.

Broadly speaking, the more onerous enhanced regime will apply to:

• stablecoin issuance firms with a backing asset pool of more than £65bn, and

• cryptoasset custodians with more than £100bn of client assets in custody.

Location policy guidance

The FCA’s baseline expectation is that overseas firms needing FCA authorisation for regulated cryptoasset activities should operate from a UK legal entity. It will allow limited exceptions, for example for cryptoasset trading platforms that operate via a UK branch, subject to the home state regulator having comparable protections and requirements.

Employee training

The FCA proposes applying existing training and competence rules to firms conducting dealing- and safeguarding-related activities for retail clients. These rules will not apply when firms only carry out wholesale activities.

Audit for all?

A previous consultation proposed requiring cryptoasset custodians and stablecoin issuers to appoint auditors. CP26/4 now asks whether this should be extended to other cryptoasset firms.

No ban on using credit to buy crypto

The FCA previously considered prohibiting firms from accepting credit cards for cryptoasset purchases. The FCA now says that it will not impose such a ban.

Retail collateral treatment in cryptoasset borrowing

The FCA says that firms offering cryptoasset borrowing services must not take ownership of collateral provided by a retail client and use it themselves, except where the client has provided express prior consent to this to discharge their debt to the firm.

Next steps

• The consultation closes 12 March 2026. Other open crypto-related consultations, including CP25/40, CP25/41 and CP25/42, close on 12 February.

• CP26/4 is billed as “part 2” to CP25/25 which we covered in this blogpost: FCA tailors how its rulebook will apply to cryptoasset activities. It also cross-refers to several consultations in the FCA’s crypto roadmap and must be read alongside other related papers, such as CP25/36 on client categorisation which closes on 2 February.

• The FCA plans to finalise its crypto rules via policy statements later in 2026. In the meantime there are more consultations still to come, including on fee structures for crypto firms and crypto-related changes to the CASS 7 client money rules.

• The FCA has said it will open its gateway for crypto licence applications in September 2026. The regime will start to apply on 25 October 2027.