Cryptoassets and FinCrime: Building for the Future

Whether you call them cryptocurrencies, cryptoassets or virtual assets, these tokens and their underlying technology, Distributed Ledger Technology (DLT), remain at the forefront of regulators thoughts, often operating in an unregulated or semi-regulated world which sits somewhere between a land of opportunity and the wild wild west.

Cryptoassets Taskforce – Who, What, Why…

Who makes up the Cryptoassets Taskforce?

This constant attention has led to the creation of the Cryptoassets Taskforce in the UK; consisting of HM Treasury, the FCA and the Bank of England.

What is the intention of the Cryptoassets Taskforce?

This body is intended to consider the current impact and future potential regulatory relationship across cryptoassets, distributed ledger technology (DLT) and the use of Initial Coin Offerings (ICOs).

At present, the UK is a minor player within the global cryptoasset sphere, with 15 cryptoasset spot exchanges holding a significant footprint in the UK and 56 ICO projects based in the UK. However, a lack of UK-based services does not necessarily indicate a lack of UK involvement by consumers and firms, with many UK individuals and companies accessing cryptoassets through the global nature of cryptoassets themselves. 

Why do we need a Cryptoassets Taskforce?

This recent report emerges at a time at which there is vast pressure on the UK government to increase their involvement in this marketplace to manage potential risks for consumers and firms alike and to ensure the UK does not fall behind in this lucrative market.

Cryptoassets Grouped as Exchange, Security and Utility Tokens

As part of understanding the current regime, the taskforce looked to identifying three broad range of ‘tokens’ which cryptoassets fall under;

• Exchange tokens – coins used primarily as means of exchange such as Bitcoin, Litecoin and equivalents;
• Security tokens – coins that provide rights such as ownership of external asset, repayment of a specific sum of money or entitlement to a share in future profits, such as tZERO or RobinHood Equit Token; and
• Utility tokens – coins which can be redeemed for access to a specific system or service via a decentralised network, e.g. Filecoin or Siacoin, where the coin is used in exchange for a service provided by a third party such as file storage.

Risk of using Cryptoassets for money laundering

When looking at the above, the Taskforce identified some key risks related to the adoption of cryptoassets, picking up on similar themes as identified by the FATF in previous reports on the sector. Primarily, the inherent risks posed by the global, pseudo-anonymous and potentially decentralised nature of a number of cryptoassets and the increase in the easy availability of cryptoassets in general, could potentially lead to an increase in the use of said assets for money laundering purposes as adoption grows.

There is concern of the use of true decentralisation and the ability of regulators and law enforcement to determine accountability, where no one party can be identified as accountable.

How the current crypto environment is regulated

The next step of the report was to highlight the circumstances where cryptoassets and the provision of cryptoassets fall within current regulation, including how the FCA may seek to extrapolate their regulation where the firm offers a regulated provision in addition to cryptocurrencies.

Potential scenarios for regulation under the current regime identified include;

1. Where cryptoassets are used to facilitate regulated payment service e.g. where an instruction for a GBP-USD payment is facilitated through the use of cryptoassets;
2. Utility tokens may be considered e-money when structured as a centrally issued means of exchange between third parties for specific purposes e.g. use of coins such as Filecoin which are solely used in relation to payment for exchange of a service;
3. Extending the use of the FCA Principles for Business (on adequacy of a firm’s systems and controls) and Senior Managers Certification Regime (SMCR) to the unregulated cryptoasset element activity of the activities carried out, to ensure that the firm puts in place sufficient controls for all aspects of its business and not just the regulated activities. The FCA has previously acted against regulated firms carrying out unregulated activities for breaches in systems and controls;
4. Where a token is used as a capital raising tool to support a project, but only where it is a security token (conferring ownership or dividend status) falling under the FSMA 2000 Regulated Activities Order requirements. As such, some current ICOs will fall under current regulation dependent on the type and use of the token;
5. Indirect investment through financial instruments linked to cryptoassets e.g. cryptoassets derivatives are regulated under MiFID II; and
6. Security tokens – coins that provide rights such as ownership, repayment of a specific sum of money, or entitlement to a share in future profits. They may also be transferable securities or financial instruments under the EU’s Markets in Financial Instruments Directive II (MiFID II).

How the future regulatory environment is shaping up for cryptoassets

This leaves the Taskforce to consider how they aim to shape the cryptoasset environment in the UK through regulation, consisting of four key measures;

1. The Taskforce has requested that the FCA becomes the UK supervisor for cryptoasset firms in relation to their Financial Crime requirements;
2. The introduction of the Fifth EU Anti Money Laundering Directive (5MLD) will bring fiat to cryptoasset exchanges and cryptoasset custodian wallet providers under AML regulation;
3. Consideration to bring further cryptoasset services, including cryptoasset to cryptoasset exchanges, cryptoasset ATMs and non-custodian wallet providers, under regulation in line with updated FATF definitions on cryptoassets and a call for consultation on the technical feasibility of this; and
4. Additional consultation on potential regulatory requirements where firms outside of the UK provide services to UK customers.

However, as noted above, the inclusion of additional cryptoasset-linked services may cause practical issues as regards to the feasibility of regulating such areas, particularly where the firm has a minimal UK footprint but a large UK client base or where the cryptoasset-linked service sits outside traditional operations; for example, the creation of cryptoasset wallets.

The regulatory journey for crypto has only started….

The report has started the journey towards building an appropriate regulatory environment for the cryptoasset sphere, defining the current situation and including a broad categorisation of how the regulators see cryptoassets, as well as the areas they may seek to regulate in the future.

If you need advice on understanding how this report could impact your business or help in building financial crime controls across the regulated or cryptoasset sectors, please contact me or one of my colleagues to discuss how we can help.