Crypto Firms
Attention Crypto Firms: The 10th January 2020 has been and gone – and with it, the requirement to become registered with the FCA under 5MLD
What is happening and when?
On January 10th 2020, the Financial Conduct Authority (FCA) officially became the anti-money laundering and counter terrorist financing (AML/CTF) supervisor of UK cryptocurrency businesses At that point the FCA opened its application page on FCA connect and Crypto firms who are in scope could begin to register with them.
Why this is happening – A brief history
In April 2018 the European Parliament adopted the Fifth Money Laundering Directive ( 5MLD ). This new directive contains a series of updates to 4MLD, which had been implemented in the UK the previous year under MLR 2017. One of the biggest changes is that companies offering cryptocurrencies and cryptocurrency exchanges have been brought into scope of the FCA regulations. This means that such entities will have to implement the same standard of AML/CTF control as banks and other financial services institutions that typically deal with FIAT currencies
Who does this affect?
Crypto-related projects are one of the fastest growing industries and the services associated with them are immensely varied. Firms providing the services listed in the table below* should ensure that they are register as soon as possible:
|
Crypto-asset activity |
Description of services provided |
|
Crypto-asset exchange provider |
A business that provides the following services:
|
|
Crypto-asset Automated Teller Machine (ATM) |
Physical kiosks that allow users to exchange crypto-assets and fiat currencies |
|
Custodian Wallet Providers |
A business that looks after the customer’s tokens in its IT system or server and may administer or transfer the token on behalf of the customer. |
|
Peer to Peer Providers |
A business that provides an online marketplace which facilitates the exchange of fiat currencies and crypto-assets (both fiat-to-crypto and crypto-to-crypto) between prospective buyers and sellers |
|
Issuers of new crypto-asset, e.g. Initial Coin Offering (ICO) or Initial Exchange Offering (IEO) |
A business that sells a crypto-asset, promoted or sold as a new type of crypto-asset or one that will become usable in the future, in exchange for fiat currency. |
|
Publication of open-source software e.g. Non-Custodian Wallet providers |
A business that provides software such as an application, that may be downloaded and used by a customer on their device to store or administer a token, e.g. a non-custodian wallet application that a customer can download onto a device to store the private key in relation to a token. |
What is the application process?
The registration process has been broken down into 4 steps and is summarised in the table below*:
| Step | Process |
| Step 1: 10 January 2020 | FCA Gateway open for businesses to submit applications for entry to the register. A business must comply with 5MLD in relation to crypto-asset activities. FCA have powers to supervise and enforce under the Money Laundering Regulations ( MLRs ) |
| Step 2: 30 June 2020 | Latest date for applications to be received for priority review to check that they are complete and ready to be determined. |
| Step 3: 10 October 2020 | Latest date for complete applications ready to be determined by 10 January 2021. |
| Step 4: 10 January 2021 | Any firm not registered must cease trading. |
What are the FCA looking for?
In order to understand this, it is important to know precisely what the FCA are regulating crypto firms for. The FCA are regulating firms for adherence to 5MLD only. They are not looking at other aspects of regulation such as complaints handling and client money rules. This means that, when registering with the FCA, crypto firms will need to have a good understanding of both AML/CTF regulations and the FCA’s interpretation of those regulations. There are sources of information out there that can help such as the JMLSG Guidance and the FCA’s own Financial Crime Guidance.
The main requirements are summarised in the table below:
| Stage | Requirement |
| Stage 1: Identify your risks | In order to have strong AML/CTF controls in place, firms must first identify the specific risks that they face so that they may know how to combat them. All firms are different; offering their own products, with their own internal set-up, to different types of clients. This means that the risks faced by firms will also be different. A firm must seek to understand those risks by conducting a business wide AML/CTF risk assessment. |
| Stage 2: Build a framework | Once the business-wide risk assessment has been completed, a firm must then build the framework necessary to implement the required controls. This means identifying the senior management who will be responsible for implementing and managing the various controls as well as mapping out and documenting the various controls that will be implemented |
| Stage 3: Implement the controls | At this stage the firm will be ready to implement the Customer Due Diligence controls, Suspicious Activity Reporting procedures and all other Internal Controls. |
For firms who are new to this, it can be quite a complicated process and getting it right first time may prove challenging. Often interpreting new legislation leaves even established firms with more questions than answers.
AuthoriPay is at the forefront of efforts to help cryptocurrency firms, providing a tailored solution to identify and address your specific risks and ensure the right controls are implemented, allowing you to conduct your business with confidence and peace of mind.
To discuss your requirements in detail or if you have any questions don’t hesitate to contact us.
*Source, FCA Website: https://www.fca.org.uk/firms/financial-crime/cryptoassets-aml-ctf-regime
Get in touch
AuthoriPay Ltd, Milton Hall, Ely Road, Cambridge, CB24 6WZ.