Navigating the regulatory landscape for cryptocurrency businesses in the United Kingdom can be complex. This guide explains the essentials of the FCA crypto registration process, commonly referred to as a crypto license, under the UK's Anti-Money Laundering and Counter-Terrorist Financing (AML/CTF) regime.
Understanding the FCA Crypto Registration
The FCA crypto registration is a mandatory requirement for firms conducting specific cryptoasset activities within the UK. Contrary to common perception, it is not a traditional license but a registration under the Money Laundering Regulations 2017 (MLRs 2017). Without this registration, offering certain crypto services from the UK is prohibited.
The regime aims to combat financial crimes by ensuring crypto businesses implement robust monitoring and reporting systems. Since January 10, 2020, cryptoasset firms have been classified as "relevant persons," requiring them to assist government agencies in identifying suspicious activities.
Key Legislation and Scope
The UK's framework incorporates the Fifth Anti-Money Laundering Directive (5MLD) and extends beyond it by including additional crypto activities and adopting a broader definition of cryptoassets. The legislation covers:
- Crypto-to-crypto exchanges
- Issuance of cryptoassets
- Operation of crypto ATMs
The term "cryptoasset" refers to a cryptographically secured digital representation of value or contractual rights that uses Distributed Ledger Technology (DLT) and can be transferred electronically.
Who Needs FCA Crypto Registration?
UK-Based Businesses
Registration is required if your company:
- Has its registered or head office in the UK
- Manages cryptoasset business operations from a UK establishment
- Operates a crypto ATM in the UK
Even if your company is incorporated overseas, operating a crypto ATM in London subjects you to UK regulations.
Non-UK Businesses
Firms based outside the UK generally do not need registration unless they have a physical presence or operate ATMs within the country. Existing crypto licenses from other EU member states do not grant passporting rights for UK operations.
Already Regulated Firms
Entities authorized under the Financial Services and Markets Act 2000 (e.g., banks, e-money institutions, payment institutions) must still obtain FCA crypto registration if they engage in cryptoasset activities.
Regulated Cryptoasset Activities
Cryptoasset Exchange Providers
This category includes businesses that:
- Exchange cryptoassets for fiat currency (crypto-to-fiat and fiat-to-crypto)
- Arrange exchanges between different cryptoassets (crypto-to-crypto)
- Operate automated crypto ATMs
Special Cases
- Crypto-derivatives exchanges: Covered under the regime but subject to additional restrictions, including a ban on sales to retail clients
- Issuers vs. non-issuers: Both require registration if exchanging their own or others' tokens
- Airdrops and merchant payments: Typically excluded if no exchange for other cryptoassets or fiat occurs
- Decentralized exchanges (DEXs): May be excluded if developers derive no income from transactions and don't facilitate exchanges
- Peer-to-peer platforms: Generally included if operated by a centralized entity that completes or authorizes transactions
Custodian Wallet Providers
These services safeguard or administer client cryptoassets or private keys. The definition excludes:
- Non-custodial wallet providers
- Open-source wallet software publishers
- Services handling only rights or interests in cryptoassets
Excluded Activities
The following typically don't require registration:
- Developers selling crypto software without providing exchange services
- Providers of ancillary products to crypto networks
- Occasional or limited basis activities (e.g., helping friends buy crypto infrequently)
Application Process and Requirements
Registration Fees
- £2,000 for businesses with UK cryptoasset income up to £250,000
- £10,000 for businesses with income exceeding £250,000
Additionally, registered firms must pay annual periodic fees based on their income.
Required Documentation
- Information on Beneficial Owners and Managers: Detailed personal and corporate data, including CVs and fit-and-proper assessments
- Business Plan: Focused on regulatory compliance, risk management, and consumer protection rather than investment returns
- Risk Management Policies: Covering IT, liquidity, financial crime, market risks, and business continuity
- AML/CTF Policy: Tailored to the business, incorporating latest JMLSG and FATF guidelines
Assessment Timeline
The FCA aims to decide within three months for complete applications. However, most applications require additional information, extending the process.
Compliance and Ongoing Obligations
Differences from EMI/PI Regulations
While crypto businesses have fewer direct obligations under MLRs than electronic money or payment institutions, they must demonstrate equivalent capabilities in combating financial crime. Key specific requirements include:
- Clear disclosures that services aren't protected by the Financial Ombudsman Service or Financial Services Compensation Scheme
- Specific reporting obligations to the FCA
- Potential business shutdown orders for non-compliance
Risk-Based Approach
Compliance measures should reflect business complexity. For example:
- Crypto ATM providers must apply Customer Due Diligence (CDD) for all transactions
- Other crypto businesses apply CDD for occasional transactions exceeding €15,000
Future Regulatory Developments
The UK government has committed to implementing FATF standards, including the "Travel Rule" for Virtual Asset Service Providers (VASPs), once globally recognized compliance methods emerge.
Common Reasons for Application Rejection
The FCA may refuse registration if:
- Management lacks appropriate skills or fails fit-and-proper tests
- The business model isn't financially viable
- Submitted documentation is inadequate or incomplete
- Risk management frameworks are insufficient for business complexity
- The firm demonstrates inability to comply with MLRs obligations
Appeal Process
Unsuccessful applicants can appeal to the Upper Tribunal under the Tribunals, Courts and Enforcement Act 2007. Legal consultation is recommended before appealing.
👉 Explore professional guidance for your application
Frequently Asked Questions
What exactly is the FCA crypto registration?
It's a mandatory registration for UK-based crypto businesses under Anti-Money Laundering regulations. While often called a license, it specifically focuses on AML/CTF compliance rather than broader financial authorization.
Do I need registration if I only operate a crypto ATM?
Yes, operating any crypto ATM in the UK requires FCA registration, regardless of your company's location or size.
How does registration differ for already-regulated financial firms?
Banks, e-money institutions, and payment institutions still need separate crypto registration if they engage in cryptoasset activities, in addition to their existing financial authorizations.
Are decentralized exchanges (DEXs) required to register?
The requirement depends on whether the developers facilitate exchanges and derive income from transactions. Most non-custodial DEXs without centralized control are excluded, but legal advice is recommended.
What happens if I operate without registration?
Providing regulated crypto services without FCA registration is illegal and may result in significant penalties, including fines and operational shutdowns.
Can I use my EU crypto license in the UK?
No, there's no passporting arrangement for crypto activities between the UK and EU. UK-based operations require separate FCA registration regardless of other licenses held.
The FCA crypto registration process demands careful preparation and comprehensive documentation. By understanding the requirements and preparing thoroughly, businesses can navigate this regulatory landscape successfully.