UK Crypto Regulations: Hidden Pitfalls for Unwary Firms

The UK's Financial Conduct Authority has introduced proposed crypto regulations that may significantly broaden the definition of custody, potentially impacting platforms and software providers that do not consider themselves custodians. The recently published Cryptoasset Perimeter Guidance outlines several key considerations for firms handling client crypto assets, including a 24-hour threshold for custody. Any firm holding client assets for more than a day during trade settlement may be classified as a regulated custodian, requiring a full safeguarding license. Additionally, validators and node operators must exercise caution, as providing 'added value' features such as user dashboards or yield tools may trigger the need for full approval for arranging staking. The FCA has also addressed the issue of 'shadow custody,' making it clear that if a crypto service provider can theoretically override a client's authority, it will be considered a custodian, regardless of whether it intends to exert that power. The regulator has set a consultation deadline of June 3, 2026, and plans to publish finalized rules in the summer, followed by final perimeter guidance in September. The new regulations will require all entities providing crypto services to transition from the current money-laundering registration system to a more stringent approval regime under the UK's Financial Services and Markets Act. Firms that fail to apply for approval during the designated five-month window may face fines, suspensions, or permanent closure.