UK Crypto Regulations: Hidden Pitfalls for Unwary Firms

The UK's Financial Conduct Authority has unveiled proposed crypto regulations that could broaden the definition of custody, potentially ensnaring platforms and software providers that do not consider themselves custodians. The FCA's Cryptoasset Perimeter Guidance, published recently, outlines several technical pitfalls for firms handling clients' crypto assets. A key aspect of the rules is the 24-hour threshold for custody, where any firm or crypto platform holding client assets for more than a day during trade settlement may be classified as a regulated custodian, requiring a full safeguarding license. Validators and node operators must also exercise caution, as providing 'added value' features such as user dashboards or yield tools may necessitate seeking full approval for arranging staking. The FCA has emphasized that its new perimeter will enhance consumer protections and support fair, transparent markets as the sector evolves. Notably, the regulator has addressed the 'shadow custody' issue, clarifying that if a crypto service provider can theoretically override a client's authority, it is considered a custodian, even if it guarantees not to exert that power. Stablecoin issuers are also subject to strict requirements, with issuance only permitted if the issuer is established in the UK and manages the entire lifecycle, from initial offering to redemption and reserve maintenance. The FCA is seeking feedback on these proposals until June 3, 2026, and intends to publish finalized rules and perimeter guidance later this year. The new regulations will require all entities providing crypto services to transition from the current money-laundering registration system to a more stringent approval regime under the UK's Financial Services and Markets Act. Firms must apply for approval within a five-month window, from September 30, 2026, to February 28, 2027, to avoid potential fines, suspensions, and permanent closures.