Crypto businesses clearly remain high on the Regulator’s agenda. Two developments are of note.
- Extension of deadline for AML registration. Since 10 January 2020 crypto businesses have been part of the regulated sector for money laundering purposes, and have been required to register with the FCA. Businesses which applied for registration before 16 December 2020 were placed under a Temporary Registrations Regime. On 3 June this year, the FCA announced that it would be extending that Regime from 9 July 2021 to 31 March next year. This decision was taken after many applicant businesses had failed to implement the required standards under the Money Laundering Regulations. As it stands there are only 9 firms which are registered, having met the requirements. Over 70 have are on the Temporary Register. By comparison there are 111 firms without any registration against which, as noted by Nikhil Rathi in a speech on 22 June, the FCA will take action where appropriate.
The failure by applicant crypto businesses to meet the standards required for AML registration is concerning. Authorised institutions who interact with crypto businesses will need to think carefully about how their own AML controls should be adapted, to account for the additional risk presented by such businesses who have not yet been registered.
- FCA intervenes to restrict an authorised firm. BML is a member of a Group company which runs a cryptocurrency exchange based outside of the UK. BML is an authorised firm. It had inherited its regulatory permissions by purchasing another authorised firm and lodging a change of control application. In a First Supervisory Notice dated 25 June, the FCA imposed a restriction on BML, under its statutory powers, prohibiting it from conducting any regulated activity without prior written consent. It also required BML to prominently display a notice on its website, including the statement that it was “not permitted to undertake any regulated activity in the UK”. The FCA’s intervention was triggered by concerns from Supervision that BNL may have been incorrectly advertising itself as being authorised to offer cryptoassets. The firm had not in fact registered as a crypto business for AML purposes, and, in any event, cryptocurrency is an unregulated product.
Although an authorised entity, BNL appears to have been conducting very little regulated activity in the UK and cryptocurrency is an unregulated product. The Regulator appears to have been concerned that BML’s stamp of regulatory authorisation and its affiliation with the exchange was causing its UK-based users to wrongly believe that the exchange (and the underlying products) was regulated in some way. The high-risk nature and volatility of cryptocurrency, coupled with the perennial risk of consumer confusion where unregulated products are connected with authorised firms (as in London Capital Finance), prompted the FCA to make enquiries of whether BNL intended to use its permissions. Not content with the responses it received, Supervision decided to impose a formal requirement, in the terms described above. The Regulator’s decision is an expression of its commitment, publicly emphasised in January this year, to ensure that firms’ regulatory permissions are up to date and not surplus to what the firm is actually using in conducting its business: “Incorrect or outdated permissions increase the risk of harm to consumers. Inaccurate information about firms’ permissions can mislead consumers about the level of protection offered or give credibility to unregulated activities”.1
1 Although not used in BML’s case, it is noteworthy that, as of the 1 July, the FCA has a new power (section 55JA FSMA) to amend or cancel a Part 4A permission where the firm is carrying out no regulated activity to which the permission relates.