Introduction

​

If you wish to provide crypto services in the UK, then you must register with the FCA for the crypto license (AML/CTF crypto Registration) in the UK, formally known as the FCA AML/CTF Cryptoasset Registration regime. If you are a crypto business in the UK, you are required to register with the FCA for the crypto license, formally known as the FCA AML/CTF Cryptoasset Registration regime.

​

We are helping crypto businesses that wish to provide crypto services in the UK, with the FCA's crypto license, formally known as the AML/CTF Cryptoasset Registration. The registration has been a challenging process for crypto businesses. Buckingham Capital Consulting is working with crypto firms in helping them understand their AML risks and addressing them, ensuring the FCA's registration process is as smooth as possible.

The FCA is the new anti-money laundering and counter-terrorist financial (AML/CTF) supervisor of cryptoasset businesses based in the UK under the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017.

We are helping cryptoasset businesses to register with the FCA. The registration has been a challenging process for cryptoasset businesses. Buckingham Capital Consulting is working with cryptoasset firms in helping them understand their AML risks and addressing them, ensuring the FCA's registration process is as smooth as possible.

​

​

​

What are cryptoasset activities?

Cryptocurrency exchange providers

A cryptocurrency exchange provider is a firm creating or issuing cryptoassets when providing the following services:

​

(a) exchanging, or arranging or making arrangements with a view to the exchange of, cryptoassets for money or money for cryptoassets,

(b) exchanging, or arranging or making arrangements with a view to the exchange of, one cryptoasset for another, or

(c) operating a machine that utilises automated processes to exchange cryptoassets for money or money for cryptoassets (Regulation 14A(1) Money Laundering Regulations).

​

The following activities will require assessment on a case-by-case basis:

​

a. mining,

b. escrow services into cryptoasset activities,

c. issuance of cryptoassets or their acceptance in return for goods or services.

​

​

​

Custodian wallet providers

A custodian wallet provider is a firm providing services to safeguard or administer:

​

(a) cryptoassets on behalf of its customers, or

(b) private cryptographic keys on behalf of its customers in order to hold, store and transfer cryptoassets when providing such services (Regulation 14A(2) Money Laundering Regulations).

​

Custodian wallet providers may also offer other services. Firms merely holding and storing cryptographic keys, but not involved in their transfer are not likely to be in the scope of the definition. This includes hardware wallet manufacturers and cloud storing service providers. These are regarded as ‘non-custodian wallet providers’.

​

​

​

The FCA's approach to regulating cryptoasset businesses

​

The FCA has adopted a risk-based approach with regards to supervising cryptoasset businesses. This means that businesses posing the greatest money laundering and terrorist financing risk will be subjected to a more detailed registration assessment and ongoing supervision. The same applies to the FCA's approach towards taking enforcement action against your firm where misconduct or breach have taken plan.

​

The FCA will assess your business and expect you to demonstrate that you have adequate and relevant policies and procedural documents in place, as well as internal controls, to effectively manage the risk of money laundering and terrorist financing. Your business will be expected to understand its risks and mitigation measures to reduce the risk of money laundering and terrorist financing.

​

You are required to adopt a risk-based approach. Your approach should reflect the size and nature of your business. For example, if your firm is providing a number of payment services, e-money, and cryptoasset-related services, then the requirement will be higher compared to providing a single regulated service.

​

You should appoint a nominated officer, preferably a member of your board or management, to be responsible for the compliance, particularly, money laundering regulations. The nominated individual will be responsible for reporting suspicious activity to the National Crime Agency (NCA), where appropriate.

​

​

​

Do the money laundering regulations apply to your cryptoasset business?

​

The application of the money laundering regulations will be considered by the FCA on a case-by-case basis and is likely to differ for different business models. Generally, the regulations are applicable if you have a physical presence in the UK through which the cryptoasset business is conducted, although other factors may also be considered. However, merely having UK customers does not in itself mean that such a firm would fall within the jurisdictional scope of the ML Regulations. However, a cryptoasset exchange provider that has an ATM located in the UK will be within the scope of the ML Regulations irrespective of which jurisdiction the operator is established in or where its offices are based.

​

​

​

Examples of high-risk money laundering factors concerning cryptoassets

​

The following are some factors that increase the risk of money laundering and/or terrorist financing:

​

a. Privacy - the ability for the user to transact without being fully identified.

b. Cross-border nature - if your firm operates across multiple countries, this may reduce your ability to have complete oversight and hinder your ability to identify all money laundering risks and their mitigation measures.

c. Decentralised nature - here, as there is no central server, transactions and individuals may not be subject to risk assessment and mitigation measures, as required by the regulations.

d. Digital nature - given the digital nature of cryptoassets, the lack of face-to-face contact presents a risk.

e. The ability of the user to make or accept payments in money from/to unknown third parties, or to operate multiple accounts.

f. The customer is involved in cryptoasset mining operations

g. The customer is a money remittance provider and is unable to produce the required KYC information.

h. The customer uses VPN, TOR or anonymous services.

i. The customer sends cryptoassets to newly-created addresses.

j. The customer regularly avoids the KYC thresholds by making smaller transactions.

k. The cryptoassets are held or used for transactions with privacy-enhancing features or products that obfuscate effective anti-money laundering and/or counter-terrorist financing controls, such as stealth addresses, atomic swaps, privacy coins, ring signatures, and IP anonymisers.

l. The cryptoasset originates from or is linked with, the darknet, unregulated exchange, fraud or other high-risk websites, such as gambling.

​

​

​

Examples of low-risk money laundering factors concerning cryptoassets

​

The following are some factors that reduce the risk of money laundering and/or terrorist financing:

​

a. Low-risk nature e.g. small value savings or storage.

b. Low-risk nature and scope of the payment channel e.g. open-versus closed-loop systems or systems intended for micro-payments.

c. Imposed parameters e.g. restrictions in place for transaction amounts or account balance.

d. The source of the payment is the customer's own account or is to a jurisdiction regarded as being low risk.