The UK Financial Conduct Authority Issues Final Guidance on Cryptoassets
On 31 July 2019 the UK Financial Conduct Authority (FCA) issued its final guidance on cryptoassets (the Guidance) following its consultation on draft guidance earlier in the year. Here we summarise and assess the key components of the Guidance.
The Guidance and the UK Regulatory Regime
The Guidance is relevant to a range of businesses including:
- issuers and creators of cryptoassets;
- firms marketing cyrptoasset products and services, and buying and selling cryptoassets;
- firms holding and storing cryptoassets;
- investment managers; and
- investment exchanges and trading facilities.
The Guidance is designed to enable market participants to understand whether certain cryptoassets are within the regulatory perimeter or fall outside regulation, and consequently to determine whether they need to be authorised by the FCA and what rules or regulations apply to their business. An activity relating to cryptoassets which does fall within the regulatory perimeter (as discussed below) will usually require the firm performing that activity from the UK by way of a business to be regulated by the FCA (and in some cases by the Prudential Regulatory Authority (PRA) under the UK Financial Services and Markets Act 2001 (FiSMA). Conducting regulated activities without authorisation is a criminal offence unless an exemption applies.
A separate FCA authorisation and registration regime applies to firms which issue e-money and undertake payment services,It should be noted, however, that issuing e-money a regulated activity for credit institutions (i.e. banks and building societies), credit unions and municipal banks, which means they will be authorised by the FCA to issue e-money under the FiSMA regime.
Cryptoassets can take many forms and be structured in different ways. The FCA recognises three broad categories of cryptoassets: e-money, security and unregulated tokens, and appreciates that they may move between categories during their lifecycle.
In the Guidance the FCA uses "tokens" to denote different forms of cryptoassets, and "cryptoasset" as a broad term that captures the different types of tokens, being a neutral term that does not denote a direct comparison with fiat currency.
Unregulated tokens are those tokens that do not provide rights or obligations akin to specified investments (like shares, debt securities and e-money). Any token that is not a security token, or an e-money token is an unregulated token.
Utility tokens provide consumers with access to a current or prospective service or product and often grant rights similar to pre-payment vouchers. In some instances, they might have similarities with, or be the same as, rewards-based crowdfunding. Much like exchange tokens, utility tokens can usually be traded on the secondary markets and be used for speculative investment purposes. This does not in itself mean these tokens constitute specified investments if they do not have the characteristics of relevant specified investments.
As utility tokens do not exhibit features that would make them the same as security tokens, they are not be captured in the FCA's regulatory regime.
Exchange tokens such as Bitcoin are used in a way similar to traditional fiat currency. However, while exchange tokens can be used as a means of exchange, they are not currently recognised as legal tender in the UK, and they are not considered to be a currency or money. Exchange tokens currently fall outside the UK regulatory perimeter. Therefore the transferring, buying and selling of exchange tokens, including the commercial operation of cryptoasset exchanges for exchange tokens, are activities not currently regulated by the FCA.
Firms should however note that the European Union (EU) Fifth Anti-Money Laundering Directive (5AMLD) will be transposed into UK law by 10 January 2020 to introduce anti-money requirements to certain cryptoasset activities, including:
- exchange services between one cryptoasset and another, or services allowing value transactions within one cryptoasset exchange or peer-to-peer exchange service provider;
- cryptoasset automated teller machines;
- transfer of cryptoassets;
- issuance of new cryptoassets, for example through initial coin offerings (ICOs); and
- the publication of open-source software (which includes, but is not limited to, non-custodian wallet software and other types of cryptoasset related software).
Security tokens are those tokens that provide rights and obligations akin to specified investments as set out in the Financial Services and Markets Act 2000 (Regulated Activities) Order 2001 (RAO) excluding e-money. These tokens may also be financial instruments under the EU Markets in Financial Instruments Directive (MiFID II). For example, security tokens have characteristics which mean they are the same as or akin to traditional instruments like shares, debentures or units in a collective investment scheme (i.e. most funds).
Where a person is engaged in activity by way of business in the UK that relates to a security token, or to a token that constitutes e-money, or is involved in payment services, they should consider whether those activities require FCA authorisation or registration. The RAO specifies the relevant activities and investments for this purpose. The most relevant specified investments for tokens are shares, debt instruments, warrants, certificates representing certain securities and units in collective investments schemes (i.e. most funds).
Working out whether a particular token, for example, is a specified investment will depend on a number of factors, including:
- the contractual rights and obligations the token holder has by virtue of holding or owning that cryptoasset;
- any contractual entitlement to profit-share (like dividends), revenues or other payment or benefit of any kind;
- any contractual entitlement to ownership in, or control of, the token issuer or other relevant person (like voting rights);
- the language used in relevant documentation, like token whitepapers, that suggests the tokens are intended to function as an investment, although it should be noted that the substance of the token (and not the label used) will determine whether an instrument is a specified investment;
- whether the token is transferable and tradeable on cryptoasset exchanges or any other type of exchange or market; and
- whether there is a direct flow of payment from the issuer or other relevant party to token holders, which may be an indicator that the token is a security.
Firms should also be aware that financial promotions relating to specified assets are regulated unless certain exemptions apply.
E-money tokens are those that meet the definition of e-money under the UK Electronic Money Regulations 2011 (the EMRs). Firms issuing e-money must ensure they are appropriately FCA authorised or registered.
E-money issuance is regulated under the EMRs and is a regulated activity under the RAO when carried on by credit institutions, credit unions and municipal banks. E-money is electronically stored monetary value as represented by a claim on the electronic money issuer which is:
- issued on receipt of funds for the purpose of making payment transactions;
- accepted by a person other than the electronic money issuer; and
- not excluded by the EMRs.
E-money must enable users to make payment transactions with third parties, so must be accepted by more parties than just the issuer. E-money includes fiat balances in various types of online wallets or prepaid cards.
Electronic storage of monetary value includes the possibility of using distributed ledger technology (DLT) and cryptographically secured tokens to represent fiat funds, e.g. GBP or EUR. Cryptoassets that establish a new sort of unit of account rather than representing fiat funds are unlikely to amount to e-money unless the value of the unit is pegged to a fiat currency, but even then it will still depend on the facts of each case.
Attempts might be made to stabilise the volatility of cryptoassets, where the resulting token is commonly referred to as a "stablecoin". Stablecoins are a type of token, and depending on what they are backed with, how they are arranged and how they are structured, will fall in different categories of the FCA's taxonomy. For instance, a stablecoin could be considered a unit in a collective investment scheme, a debt security, e-money or another type of specified investment. It might also fall outside of the FCA's remit. Ultimately, this can only be determined on a case-by-case basis.
Need for a prospectus
If a token is a transferable security and will either be offered to the public in the UK or admitted to trading on a regulated market, an issuer will need to publish a prospectus for the tokens unless an exemption applies. For example, there is an exemption for offers made entirely in the UK for less than €8 million in any 12-month period. In the case of cross-border offers, there are currently different exemption thresholds in different EU Member States, and the position of such public offers will need to be carefully considered.
An issuer undertaking a non-exempt public offer of securities will need to have the prospectus reviewed and approved by the FCA. If a prospectus is required, the specific disclosure requirements will depend on the type of security (e.g. equity shares, corporate bonds). The obligations, such as those relating to the provision of historical financial information, are no different for a token issuer to an issuer of traditional securities.
Using cryptoassets to facilitate payment services
Tokens can be used to facilitate regulated payment services such as international money remittance. The UK Payment Services Regulations 2017 (PSRs) specify regulated payment services which include services relating to the operation of payment accounts (e.g. cash deposits and withdrawals from current accounts), execution of payment transactions, card issuing, merchant acquiring, and money remittance.
The PSRs also include a list of activities that do not constitute a payment service in the UK, like payment transactions executed wholly in cash and directly between the payer and the payee without any intermediary intervention.
The regulated payment service is the payment service provided to specific clients (for example clients at each side of a money remittance services) and not the dealings among payment service providers to deliver the end payment arising from that service. Where a payment service is being provided, the payment service provider (PSP) remains responsible for that service until the payee or payee's PSP receives the funds, even if it uses cryptoassets as a vehicle for the provision of that service.
Services relating to cryptoassets themselves, such as the operation of a cryptoasset account or transmission of cryptoassets are not within the scope of the PSRs (unless the cryptoasset in question meets the definition of e-money) because they only regulate activities with regards to funds which are defined as "banknotes and coins, scriptural money and electronic money". However, a payment service that relates to funds will be in scope, even if cryptoassets are used to facilitate the service.
The Guidance includes useful Q&A section supplementing the Guidance.
The FCA Guidance provides useful clarity on cryptoasset regulation as the cryptoasset market develops and regulators focus on this fast-growing business.
© Arnold & Porter Kaye Scholer LLP 2019 All Rights Reserved. This Advisory is intended to be a general summary of the law and does not constitute legal advice. You should consult with counsel to determine applicable legal requirements in a specific fact situation.