Menu Close


Cryptoassets/Cryptocurrency/Cryptocurrency Regulation UK/FIAT: AML / CTF regime

The MLR2017s (UK Money Laundering Regulations 2017) apply to businesses in a range of sectors at risk of facilitating money laundering or terrorist financing, including approximately 19,500 firms including banks, building societies and credit unions supervised by the FCA. This includes Cryptocurrency Regulation UK.

From 10 January 2020, businesses carrying on certain cryptoasset activities are in scope of these regulations. It was announced in July 2019 that the FCA will be the AML/CTF supervisor for businesses carrying on cryptoasset activities in scope of the MLRs.


Get Your Anti-Money Laundering and Counter Terrorist Financing Manual & Procedures Template from


Cryptoasset activityAs described in the Treasury consultation
Cryptoasset exchange providerA business that provides the following services:

  • exchanging fiat currency (government-issued currency) for a cryptoasset or vice versa
  • exchanging one cryptoasset for another cryptoasset.
Cryptoasset Automated Teller Machine (ATM)Physical kiosks that allow users to exchange cryptoassets and fiat currencies
Custodian Wallet ProvidersA business that looks after the customer’s tokens in its IT system or server and may administer or transfer the token on behalf of the customer.
Peer to Peer ProvidersA business that provides an online marketplace which facilitates the exchange of fiat currencies and cryptoassets (both fiat-to-crypto and crypto-to-crypto) between prospective buyers and sellers
Issuers of new cryptoassets, eg Initial Coin Offering (ICO) or Initial Exchange Offering (IEO)A business that sells a cryptoasset, promoted or sold as a new type of cryptoasset or one that will become usable in the future, in exchange for fiat currency.
Publication of open-source software eg Non-Custodian Wallet providersA business that provides software such as an application, that may be downloaded and used by a customer on their device to store or administer a token, e.g.  a non-custodian wallet application that a customer can download onto a device to store the private key in relation to a token.

We understand, subject to confirmation from Treasury, that the publication of open-source software is unlikely to feature in the Government’s envisaged approach, recognising that AML/CTF regulation should be carried out on an activities-basis only.


All UK cryptoasset businesses carrying on activities in scope of the MLRs will need to register with the Financial Conduct Authority (FCA) from 10 January 2020. Cryptoasset businesses should ensure that they do not mislead customers as to what protections apply and the status of their FCA registration.
The FCA’s responsibility under this regime will be limited to AML/CTF registration supervision and enforcement only. Registration under the MLRs does not mean that customers will benefit from the protections of the Financial Ombudsman Service or the Financial Services Compensation Scheme (FSCS). As most cryptoassets are not specified investments under the Financial Services and Markets Act 2000 (FSMA), it is unlikely that customers will have access to Financial Ombudsman Service or FSCS.
Customers and firms may wish to consider the FCA guidance, where they have set out their position on the types of cryptoassets which will fall within the FCA’s regulatory remit and the implications this has on consumer protection.

  • Cryptoasset activity which falls in the unregulated space, as defined in the Guidance on Cryptoassets, will not have the same consumer protections
  • Cryptoasset activity involving security tokens, for example, are regulated tokens which will provide the same protections as specified investments set out in the Regulated Activities Order(link is external).

For any customers that consider Financial Ombudsman Service and FSCS protection important, we recommend that you check with the firm as to whether this protection applies to the cryptoasset transaction.
There are different dates to be aware of when registering your business with us:

  • New cryptoasset businesses that intend to carry on a cryptoasset activity after 10 January 2020, must be registered before they can carry on the activity.
  • Existing cryptoasset businesses which were already carrying out cryptoasset activity before 10 January 2020 may continue their business, in compliance with the MLRs, but must register by 10 January 2021 or stop all cryptoasset activity. We encourage businesses to apply well in advance of this deadline.

The FCA will consider applications for registration carefully to see whether they meet the conditions for registration that will be set out in the MLRs. Applications will be refused if the conditions are not met.

The FCA understand, subject to confirmation from Treasury, that the publication of open-source software is unlikely to feature in the Government’s envisaged approach, recognising that AML/CTF regulation should be carried out on an activities-basis only.
Step 1: 10 January 2020
FCA Gateway opens for businesses to submit applications for entry to the register. A business must comply with the MLRs in relation to cryptoasset activities. FCA have powers to supervise and enforce under the MLRs.
Step 2: 30 June 2020
Latest date for applications to be received for priority review to check that they are complete and ready to be determined.
Step 3: 10 October 2020
Latest date for complete applications ready to be determined by 10 January 2021.
Step 4: 10 January 2021
Any firm not registered must cease trading.

Supervision approach

All businesses will need to comply with the MLRs from 10 January 2020. The FCA will start supervising businesses from 10 January 2020, irrespective of whether they have registered or applied to be registered.
the FCA’s supervisory approach to cryptoasset businesses will be in line with our approach to other businesses under the MLRs.
Firms who pose the greatest money laundering and terrorist financing risk will receive an increased level of supervisory focus. If, following supervisory engagement, we have reason to believe serious misconduct has taken place, we may decide to commence an enforcement investigation.

What If You Get It Wrong?

Enforcement is one of several regulatory tools available to the FCA. Their enforcement staff work closely with our authorisation and supervision functions, as well as with other regulators and law enforcement agencies to detect misconduct, including money laundering and terrorist financing.
The FCA already have enforcement powers under the existing MLRs and the Enforcement Guide sets out their general approach to using these powers. They expect the amended MLRs will extend our existing powers to cryptoasset firms and that the FCA will apply the same approach to cryptoasset firms under the amended MLRs as they do under the existing MLRs.

  • Our Enforcement Guide sets out the approach to enforcement and how the FCA use our powers of investigation, gather information and conduct an investigation. It also sets the FCA’s approach to imposing financial penalties and other disciplinary sanctions,  explaining how they will use their powers under the money laundering regulations.
  • Approach to Enforcement explains how the FCA address harm and add public value through their statutory powers to investigate, take relevant civil, criminal and / or disciplinary action.
  • Enforcement Information Guide – this short guide includes a flowchart showing the process of a typical FCA enforcement case. It sets out the options to contest or resolve a case, the opportunities to make representations, and who the decision-makers are.

If You Need Help with your AML/CTF Policy or procedures, contact us on;

FCA Compliance Consultants London

Crypto Assets Aml, Crypto Assets Exchange, Crypto Assets Ico, Crypto Assets Ranking, Cryptoassets Bank Of England, Cryptoassets Cryptocurrency, Cryptoassets Regulation, Cryptoassets Regulation & Compliance 2019, Cryptoassets Regulation And Compliance, Cryptoassets Uk, Uk Cryptoassets

Recent Enquiry

[variable_1] from [variable_2] has just recently arranged a call about a [variable_3] a few minutes ago.

Copy code