UK Crypto Regulations: Hidden Pitfalls for Unwary Firms

The UK's Financial Conduct Authority has unveiled proposed crypto regulations that could significantly broaden the definition of custody, potentially ensnaring platforms and software providers who do not consider themselves custodians. The FCA's Cryptoasset Perimeter Guidance, published recently, outlines several technical pitfalls for firms handling client crypto assets. A key aspect of the rules is the 24-hour threshold for custody, where any firm holding client assets for more than a day during trade settlement may be classified as a regulated custodian, necessitating a full safeguarding license. Furthermore, validators and node operators must exercise caution, as providing 'added value' features such as user dashboards or yield tools may require full approval for arranging staking, thereby losing their pure tech exemption. The regulator has also addressed the issue of 'shadow custody,' clarifying that if a crypto service provider can theoretically override a client's authority, it is considered a custodian, even if it guarantees it will never exert that power. For stablecoin issuers, the rules are equally clear: issuance is only legal if the issuer is established in the UK and manages the entire lifecycle, from initial offering to redemption and reserve maintenance. The FCA is seeking feedback on these proposals until June 3, 2026, and intends to publish finalized rules in policy statements this summer, followed by the final perimeter guidance in September. The new regulations will require all entities providing crypto services to transition from the current money-laundering registration system to a stricter approval regime under the UK's Financial Services and Markets Act. Firms have a five-month application window, from September 30, 2026, to February 28, 2027, to apply for the new regime, and only those who apply during this period will be allowed to continue operating while the regulator reviews their applications.