CryptoUK Response to FCA Consultation Paper CP26/4 – Application of FCA Handbook for Regulated Cryptoasset Activities (Part 2)
On 23 January 2026, the Financial Conduct Authority (FCA) published CP26/4: Application of the FCA Handbook for Regulated Cryptoasset Activities – Part 2.
This consultation sets out how key sections of the FCA Handbook would apply to firms undertaking regulated cryptoasset activities under the UK’s forthcoming regulatory framework. The proposals cover a broad range of regulatory requirements, including Consumer Duty, Redress and Dispute Resolution (DISP), Conduct of Business Standards (COBS), training and competence requirements, the Senior Managers and Certification Regime (SM&CR), and regulatory reporting obligations (SUP 16). The consultation also includes proposals relating to cryptoasset safeguarding, retail collateral treatment in cryptoasset borrowing, credit used for crypto purchases, and location policy guidance.
CP26/4 builds on earlier consultations that form part of the wider UK cryptoasset regulatory framework, including proposals on stablecoin issuance and custody, prudential requirements for cryptoasset firms, the regulation of cryptoasset activities, and admissions, disclosures and market abuse requirements for cryptoassets. The FCA has indicated that it plans to open its authorisation gateway for firms applying for cryptoasset permissions in September 2026, ahead of the new regulatory regime coming into force on 25 October 2027.
Summary of our response
We would like to thank all members who participated in the drafting of this response, as well as the team at CMS for their continued support in our regulatory engagement. Our submission highlights several key recommendations and requests for clarification from the regulator that could impact our members and the broader approach to the UK cryptoasset regulatory framework:
International firms
While we appreciate the FCA’s effort to provide clarity in relation to the territorial scope of the regime in respect of international firms, we would be grateful for clearer guidance in relation to the rules that would apply to overseas firms, particularly branch-authorised QCATPs, serving both UK and non-UK users. We believe that the application of UK rules should be limited to UK consumers, and should not inadvertently apply to overseas firms’ non-UK customers simply because the service they receive relies on the authorised firm’s shared infrastructure and liquidity pool. Moreover, applying UK rules extraterritorially would diverge from established UK cross-border principles and could result in duplicative or conflicting conduct obligations for services that are already regulated under the client’s home jurisdiction.
Consumer Duty
While we appreciate the FCA’s guidance in seeking to clarify the application of the Duty’s cross cutting obligations and outcomes in relation to cryptoasset firms, we note that many of the “good practice” suggestions may not be appropriate expectations for firms that operate execution only or non-advised business models (such as CATPs), compared to firms providing advisory or portfolio management services. Further guidance may therefore be necessary to ensure that firms understand the FCA’s expectations in relation to particular activities, including those involving a greater or lesser degree of discretion or personalised customer engagement.
Reconsideration of the RMMI classification
The FCA has stated it does not have “evidence to support switching off the financial promotions rules” where qualifying cryptoassets could be ‘downgraded’ from RMMI status. We respectfully disagree. Our response to question 16 makes the case for revisiting the RMMI designation under the new regime. In particular, we believe that the FCA’s supervision of cryptoassets in relation to the new regime’s prudential standards, safeguarding, disclosures, operational resilience and governance requirements, will more effectively achieve the outcomes sought under the original RMMI regime. Additionally, we believe that consumer risk will be more effectively mitigated through regulation of the intermediary, rather than through marketing restrictions based on the intrinsic characteristics of the asset alone.
Safeguarding requirements under CASS 17
Whilst we are broadly in agreement with these proposals, there are a number of specific issues which we would appreciate further clarity on to ensure the rules operate coherently across custody models:
- CASS 17.3.3R requires that a trust is created in relation to safeguarded cryptoassets, including where the custodian only has control over the assets by virtue of holding the “means of access” (private keys). This means that a person will technically be safeguarding where they have control over the means of access but do not otherwise hold the actual cryptoassets. If the cryptoassets are held with another custodian, it is unclear how the person that is “safeguarding” simply by virtue of holding the private keys could be expected to create a trust over the actual cryptoassets.
- CASS 17.3.6(1)(b) provides an exception to the trust requirement where necessary for certain services, however it is unclear what evidence would be expected from firms when relying on the exception. Given the diversity of transaction flows in cryptoasset markets, clarity on evidentiary expectations would support consistent application.
- While we broadly agree with the proposals in relation to record keeping and reconciliations, topping up shortfalls and removing excesses, we would appreciate specific guidance that better reflects the operational realities of cryptoasset firms, such as multi-wallet structures, cross-chain movements, and timing differences arising from settlement cycles or network congestion.
Click here to download our full response
