Blockchain &amp; Crypto-Assets 2026

gunnercooke llp has the largest blockchain and crypto-asset practice of any law firm in the United Kingdom, and is the first major UK law firm to officially accept payment in crypto-assets. gunnercooke has 12 offices internationally, with USA and Germany being particular hubs within the firm for crypto-asset and blockchain expertise. gunnercooke has over 350 legal professionals and 300 partners, and the ability to assist with all major offshore crypto-friendly jurisdictions through its broader network. The legal team is complemented by a consulting practice as well as a legal technology arm. gunnercooke has broad capability to advise on all aspects of blockchain, crypto and Web3, and is involved with various regulators in helping shape and develop their approach to the sector. The crypto team are award winning, including “Winner, FT Innovative Lawyers: Challenging Traditional Models”; and “Finalist” for Regulation and Compliance for the last two years at the CryptoAM Awards.

1. Overview of Blockchain and Crypto-Assets

1.1 Blockchain

1.1.1 Evolution of Uses of Blockchain

The blockchain has matured in the United Kingdom over in the last 12 months. As part of this, the market is generally splitting by use case. There is a fundamental split in this respect between the use of blockchain as a mere data storage facility, and the concept of crypto-assets. The former is relatively lightly regulated, the focus being on matters such as GDPR and outsourcing rules (to the extent that these apply, in the context of a material outsourcing in financial services). A particularly interesting aspect here is the evolving nature of intellectual property. In particular, it has traditionally been considered that data cannot be patented as data and it is often characterised as a mathematical or abstract concept or business method (which are both expressly excluded from patent protection) or through its presentation. Similarly, software is also subject to an exclusion under UK patent law, although there are some examples where software which makes a technical contribution has been successfully registered. However, as case law has evolved, this assumption is beginning to be more nuanced, and we are seeing certain aspects of different blockchains being patented. However, currently the protection relates to the technical method or system and not the data stored in the chain.

Crypto-assets, on the other hand, are generally becoming highly regulated, and how they are regulated is generally split out by function. By October 2027, we are generally expecting to see a comprehensive regulatory regime for crypto-assets come into effect, and this will impact the use of blockchain generally.

1.1.2 Regulatory Sandbox

The Financial Conduct Authority (FCA) was the first regulator globally to pioneer the use of sandboxes, which is a safe space in which new concepts could be trialled in collaboration with the regulator. Whilst the sandbox is not specifically geared towards blockchain-based projects, they are heavily represented. In particular in early 2026 year there has been a focus on stablecoins, as this has been an early area of focus for the FCA in terms its new crypto-asset regulations.

1.1.3 Regulation of Blockchain Technology

The attitude has been to make the UK a “crypto hub”, however in this respect it is important to stress that the focus is on outcomes, rather than activity. As such, the ambition is not to maximise the number of businesses in the UK, but rather to ensure that users of blockchain, and holders of crypto-assets, understand what they're holding, so that good firms flourish in the UK.

In terms of how blockchain is regulated, therefore, the general approach is to ensure that consumers receive at least the same level of protection as is the case with traditional industries – and so no distinction is drawn on matters such as data protection and outsourcing requirements if blockchain is used. Whilst this caused some initial friction for the industry, we have generally seen the industry develop tools to ensure compliance with requirements such as the right to be forgotten, and so generally these have not stopped the industry developing.

There is inherent tension between the immutability of blockchain and the right to erasure under the UK GDPR, which is exacerbated by decentralisation networks with no central operator. The right to erasure (referred to as the right to be forgotten) applies in various situations, such as where an individual has withdrawn consent (but this does not affect processing prior to consent being given), where the data has been unlawfully processed, or the data subject objects to processing and there are no overriding legitimate grounds to continue processing the data. While recent changes to UK data protection laws made by the Data (Use and Access) Act 2025 have introduced recognised legitimate interests, this does not resolve the fundamental tension. In practice, providers have developed a number of strategies to address the issue, including off-chain storage and anonymisation.

1.1.4 Smart Contracts

The law in the United Kingdom is sufficiently flexible to recognise the ability to form a contract using smart contracts, so long as the relevant requirements for a contract are met (such as offer, acceptance, consideration, intention to create legal relations, authority and capacity, and certainty). This means that a smart contract is not, by definition, a validly enforceable legal contract. For example, a smart contract to perform a service simply by virtue of a timing requirement being met (eg, to pay GBP10 every Monday at 9am) is not in itself a legal contract because there is no consideration in return for the payment being made.

In this respect, therefore, a smart contract can be considered as evidence, and evidence of the terms, of a legal contract.

1.1.5 Industry and Trade Bodies

There are various associations representing the blockchain industry in the United Kingdom, including CryptoUk, the UK Cryptoasset Business Council, the Blockchain Association UK, Solana Superteam UK and the Digital Pound Foundation. These associations do not regulate the industry, however they do communicate and lobby on behalf of the industry with a view to facilitating the growth of the UK blockchain and crypto-asset ecosystem.

1.2 Crypto-Assets

1.2.1 Property Considerations

The draft Property (Digital Assets etc) Act has clarified the position that crypto-assets can be recognised as personal property under English and Welsh law, and as such can benefit from the remedies traditionally reserved for property. However, what is currently unclear is how property rights will be enforced in practice, as this has been left to case law to develop.

The Law Commission has, however, developed additional guidance regarding the fact that generally control should be seen as indicative (whilst not determinative) of ownership – in the same way that position is indicative of ownership with respect to tangible assets. In this respect, therefore, a transfer of control may indicate, however does not determine, a change of ownership.

With respect to the use of crypto-assets as collateral, therefore, this is clearly permitted . However, what is less clear is how security could be taken over collateral. In this respect, we are seeing the market take a cautious approach to taking security, and we would expect the position to become clearer over time.

1.2.2 Access to Banking

There is no legal restriction on who firms providing crypto-asset services can use for general banking and payment services, however in practice we have seen UK banks being wary on onboarding such clients. This has raised concerns of the industry being debanked in the UK, and resulted in UK firms often using foreign providers of banking and payments services. The position here is, however, gradually shifting as new banking providers are entering into the UK market, which have a greater tolerance for crypto-asset firms.

1.2.3 ESG/Sustainable Finance

The UK does not impose ESG/sustainable finance requirements on digital assets.

1.2.4 Tax

The UK regime is being updated incrementally for blockchain and digital assets, with particular areas of focus including stabling and DeFi lending. HMRC (the UK tax regulator) has also provided guidance on the taxation of matters such as airdrops, mining and NFTs.

The UK’s position on ensuring that tax is paid is hardening. In particular, from 1 January 2026, the UK has implemented the Crypto-Asset Reporting Framework (CARF), which requires crypto-asset platforms to provide a range of information to HMRC on UK citizens – facilitating the ability of HMRC will be able to check that UK citizens are paying the appropriate amount of tax. There are also moves to make it harder for DAOs to claim to be outside of UK tax where they are effectively operated from the UK.

1.2.5 Insolvency

There are no specific resolution or insolvency requirements/regimes for digital asset firms in the UK. However, as crypto-assets are recognised as property, crypto-assets held by a company will be treated as part of the estate of the insolvent entity.

1.2.6 Industry and Trade Bodies

See 1.1.5 Industry and Trade Bodies. The relevant associations do not tend to distinguish between blockchain and crypto-assets. However, in practice, much of the work is focussed on lobbying on crypto-asset regulation, given that is generally the most contentious topic in the industry.

2. Regulation

2.1 Regulators and International Alignment

The primary regulatory body for blockchain and crypto-asset businesses in the UK is the FCA, which is in the process of developing and implementing a comprehensive regulatory framework for the industry. The Prudential Regulatory Authority and the Bank of England are more concerned with matters of prudential and systemic risk for the UK financial services sector, and as such have tended to take less of an interest in the industry, given that it is still relatively nascent. One exception to this, however, has been in relation to stablecoins, where the Bank of England is developing its position in terms of regulating stablecoins that pose a potential systemic risk. The Bank of England has faced some criticism for its approach here, given that it has considered for example limiting the amount of stablecoins that persons may hold – a measure considered unworkable in practice. However, as no stablecoin has been deemed a systemic risk as yet, it is unclear how this might play out in practice.

In terms of international alignment, the United Kingdom has actively implemented laws and standards proposed by international bodies such as the Financial Action Task Force and the Bank for International Settlements, and in certain aspects has sought to go further than is required by these bodies, with a view to being perceived as a gold standard jurisdiction for the industry. It is notable that various regulators internationally have collaborated with the FCA in terms of helping to set a global approach to regulation of blockchain and crypto-assets – cementing the FCA’s position as helping to lead on global regulation of the sector.

2.2 Crypto-Asset Regulatory Frameworks

The FCA has provided a helpful guide which clearly sets out the different bases on which crypto-assets can be categorised, and was one of the first regulators globally to do this. The approach aligns with the general position under United Kingdom law, in that if a crypto-asset meets the definition of a specified investment then it is regulated, otherwise it is an unregulated token. The nature of the regulated specified investment depends on whether the crypto-asset meets the definition of electronic money (in which case it is classified as an e-money token) or a security token (in which case it is classified as a security token). Otherwise, crypto-assets are classified as “unregulated”.

However, it is worth noting that the fact that a crypto-asset is considered “unregulated” does not, in fact, mean that such crypto-assets are not subject to regulation. Currently, the following activities in relation to all crypto-assets (regardless of regulatory classification) are regulated and require registration with the FCA under the Money Laundering Regulations 2017 (MLRs).

Acting as a crypto-asset exchange provider (including in the context of acting as an ATM, Peer-to-Peer Provider, or issuer of new crypto-assets). The scope of this activity is broad, as it includes exchanging or arranging, or making arrangements with a view to the exchange of crypto-assets for money or money for crypto-assets, or one crypto-asset for another, meaning that mere introductions are considered as acting as a crypto-asset exchange provider.
Acting as a custodian wallet provider, being a firm or sole practitioner who by way of business provides services to safeguard, or to safeguard and administer crypto-assets on behalf of its customers, or private cryptographic keys on behalf of its customers in order to hold, store and transfer crypto-assets, when providing such services.

Furthermore, businesses located outside of the UK, and which therefore fall outside the territorial scope of the MLRs, may still be subject to the General Prohibition. This applies to crypto-assets that are both fungible and transferrable, and (subject to certain relatively narrow exceptions) requires firms to get approval from a competent FCA authorised firm before such can be sold into the UK.

The above regime for unregulated crypto-assets is likely to be entirely changed by October 2027, and instead there will be a full authorisation regime. This will mean that there is a comprehensive regulatory regime for firms covering matter such as a conduct of business, market abuse and capital requirements, in addition to the existing AML obligations. Activities caught by the new regime will include issuing a qualifying stablecoin, safeguarding of qualifying crypto-assets and relevant specified investments, operating a qualifying crypto-asset trading platform, dealing in qualifying crypto-assets as principal or agent, arranging deals in qualifying crypto-assets and staking qualifying crypto-assets.

The definition of “qualifying crypto-asset” for the purpose of these rules is generally one that is fungible, transferrable, not solely a record of value or contractual rights (including rights in another crypto-asset), does not fall within certain exclusions for example in relation to certain crypto-assets limited to acquiring certain goods/services and is otherwise unregulated.

There are two particular points to note here. Firstly, the regime will require in-scope firms to set up local UK subsidiaries to address the UK market, and so the ability to instead get cross-border promotions approved will be ended. Secondly, NFTs will generally still be outside of regulation. The expected impact on the UK industry of the changes is expected to be widespread.

2.3 Regulated Firms and Legal Wrappers

If a fund is used to access a crypto-asset product, then generally investors are buying units in the relevant fund rather than direct exposure to the product. In this respect, the legal nature of the investment fundamentally changes to one of investing into a fund.

Funds that invest in crypto-assets are generally required to be AIFs, and as such are not available to the general retail. Whilst there is no legal distinction between AIFs investing into crypto-assets and other classes, in our experience there are often practical differences, due to the complexity of (for example) calculating the NAV of such funds. This means that crypto AIFs tend to use specific service providers that specialise in catering for the crypto-asset industry, and so for example in terms of choosing the host in which to locate the fund, managers are advised to use those hosts that have the specific capabilities to work with crypto funds.

2.4 Token Issuance

Generally, ICOs are not issued from the UK, because this activity triggers the requirement to register with the FCA as a crypto-asset exchange provider, and the cost of this outweighs the benefit for firms (particularly as new underdeveloped business models may struggle to satisfy the criteria for registration, which generally assume a fully functioning business).

At the moment, there are no specific disclosure requirements for whitepapers in the UK, rather there are general obligations in terms of transparency and fairness, which can broadly be seen in terms of the fact that documents should be clear, fair and not misleading. However, over the next year specific disclosure requirements will be set for crypto-assets wanting to list on UK exchanges, and so this will change soon.

2.5 Market Abuse

There is not currently a market abuse or insider dealing framework with respect to unregulated crypto-assets in the United Kingdom. With respect to security tokens, the market abuse rules apply on the same basis as they apply to the underlying security.

In the near future, however, new market abuse and insider dealing rules will be applied to qualifying crypto-assets. These new rules will prohibit insider dealing, the unlawful disclosure of inside information, market manipulation of qualifying crypto-assets admitted to trading on a crypto-asset asset trading platform, and they require the public disclosure of inside information on relevant qualifying crypto-assets admitted to trading on a crypto-asset asset trading platform.

2.6 Non-Compliance

Non-compliance with UK requirements is taken seriously by the FCA, which is actively pursuing firms that do not comply.

Much of the focus in the UK has been on firms selling cross-border into the UK in breach of the restriction on financial promotions. Breach of these requirements is a criminal offence, punishable by a potentially unlimited fine, as well as a custodial sentence of up to two years. Whilst most firms have responded to the FCA’s actions by quickly taking steps to ensure compliance, we have seen the FCA take criminal proceedings against HTX (formerly known as Huobi), for unlawfully promoting crypto-asset services to UK consumers without proper authorisation.

Another issue to consider here is the fact that, given that breach of the UK rules is a criminal offence, service providers (such as banking partners) who handle money and assets deriving from the breach are handling the proceeds of a crime, which itself is a criminal offence. As such, service providers are unlikely to support a firm that is in breach of the UK rules.

As new rules come into force next year, an additional consideration could be that contracts entered into in breach of UK rules may be deemed unenforceable, meaning that UK persons may have the right to get their money back in full should something sold in breach of the UK rules lose value.

3. Licensing and Set-Up Requirements

3.1 Licensing Requirements

Under the current rules, the are two different regimes that trigger the need for a licence for firms operating in the UK.

The first is where a crypto-asset functions as a security or e-money, in which case there are FCA authorisation requirements under FSMA on the same basis as applies to securities and e-money generally.

The second applies to all types of crypto-asset, and requires registration under the MLRs where a firms is involved by way of business in one or more of the following services (i) exchanging, or arranging or making arrangements with a view to the exchange of, crypto-assets for money, money for crypto-assets or one crypto-asset for another, or (ii) services to safeguard, or to safeguard and administer, either crypto-assets or private cryptographic keys on behalf of its customers.

Currently, both the above regimes only apply to firms in the UK, and firms selling cross-border into the UK are instead subject to restrictions on making promotions into the UK that require (subject to certain exemptions) approval from an FCA authorised firm to sell into the UK.

Next year, however, this will change, as the MLRs registration regime will be wound down, and instead all relevant business in crypto-assets will fall within scope of FSMA. The breadth of regulated activities will expanded (on which see response to 2.2 Crypto-Asset Regulatory Frameworks). Furthermore, instead of obtaining approval, in-scope firms seeking to sell into the UK will be required to set up a local UK entity and obtain direct FCA authorisation.

As the new rules will likely come into force by October 2027, there will be no grandfathering provision for currently unregulated business – and as such firms are being encouraged to apply for FCA licensing early to be able to continue to undertake UK business.

3.2 Set-Up Requirements

Currently, for unregulated crypto-assets becoming FCA registered, the requirements are focused on obligations in relation to prevention of money laundering/terrorist financing, and well as ensuring that financial promotions comply with UK marketing rules and that front ends to sell crypto-assets are in compliance with UK rules (designed to increase customer friction and ensure that crypto-assets are only sold where appropriate). In terms of local personnel, currently the requirement is to have one MLRO, and there are no prudential requirements (however firms are expected to have clear planning to show how they will have continued solvency, as well as a credible wind-down plan).

As the new regime comes into force, this will change as crypto-asset firms will be required to operate at a level commensurate with FCA authorised firms, for example with respect to compliance with conduct-of-business requirements as well as capital adequacy.

3.3 Change of Control

Firms licensed by the FCA are required to obtain approval before a change of control. The exact threshold for obtaining this approval depends on whether the firm is performing FCA authorised or FCA registered activities, and the exact nature of those activities.

For crypto-asset firms dealing in unregulated tokens, currently the threshold is 25% of the shares of voting power in the firm.

The FCA has made it clear that acquiring a firm should be considered as a way of avoiding the level of due diligence that would be applied by the FCA when getting a direct authorisation. Potential new owners will therefore need to be able to clearly articulate their regulatory business plan for the business, and expect to be subject to the same checks as the exiting owners before being able to buy an FCA regulated firm.

3.4 Passporting

In the UK, there are currently various MoUs with other jurisdictions, which signal an intent by the UK FCA and other regulators globally to work together to facilitate the growth of firms operating on both jurisdictions.

Two jurisdictions worthy of particular consideration are Gibraltar, which has entered into a passporting regime with the UK, as well as Switzerland, which under the Berne Financial Services Agreement has an agreement for mutual recognition with the UK. These developments show the UK steadily repositioning itself post-Brexit and show the general pathways likely to be taken by UK firms for cost-effective international expansion.

4. Cross-Border Services

4.1 Marketing

There are restrictions that apply to selling in the UK (i) security tokens; and (ii) otherwise unregulated tokens that are fungible and transferrable. These, for example, require that any invitation or inducement to buy, sell or subscribe for or underwrite crypto-assets are approved by FCA authorised persons. Firms which are licenced by the FCA (including under the MLRs) are able to approve their own promotions.

There are exemptions to the financial promotions restrictions, however for unregulated crypto-assets these are generally narrowly defined. There is no reverse solicitation exemption. Of the exemptions that can apply, the two most in use are those in relation to investment professionals and high net worth companies (technically there is also an exemption for sophisticated investors, however in practice it is not a viable route). There is no exemption for high net worth individuals (which may be able to use an exemption for example in relation to certain security tokens). To use an exemption there are requirements to make certain disclosures and obtain evidence that the exemption is being used properly.

Firms seeking to obtain approval to be able service the UK generally with respect to unregulated tokens that are fungible and transferrable, are subject to strict requirements, including cooling off periods, disclosure requirements, limitations on the amount of crypto-asset ownership, and appropriateness assessments. As the new rules come into force, they will also be required to obtain local FCA authorisation, and to comply with the UK’s requirements generally in relation to their business.

Crypto-assets, such as unregulated NFTs, that otherwise fall outside the financial promotion restrictions, will still be subject to the oversight of the Advertising Standards Authority, which has general jurisdiction over any advertising in the UK, and ensuring that it complies with the UK’s code on advertising. The Advertising Standards Authority has authority to impose fines on firms which fail to comply with the UK’s standards for advertising.

4.2 White Labelling

There is no clear basis on which firms can use white-label solutions to sell into the UK by leveraging the licence of an already-existing entity. For example, the appointed representative regime, which allows traditional securities firms to operate under the licence of an existing FCA authorised firm for certain activities, is not available for crypto-assets.

However, innovative solutions are coming into the market to try to resolve this issue, for example in terms of partnerships where a regulated firm carries out all the relevant regulated activities. These set-ups can raise tricky questions, for example in terms of who owns the client, and can become expensive to set up. The situation is evolving, however, as firms get clarity in terms of expectations from the FCA in terms of how such set-ups can operate.

5. Decentralised Finance

5.1 Ability to Use DeFi

There is no general prohibition of DeFi in the UK, and there is a general acceptance that the DeFi concept has advantages. However, the issues that DeFi faces in the UK are that:

“making arrangements with a view to” dealing in crypto-assets is generally regulated. This activity is widely interpreted, and as such DeFi firms in the UK will likely be required to obtain a licence – however, the intrinsic nature of DeFi is that there is no entity to obtain the licence, and so it becomes impossible to get; and
the financial promotions restriction requires approval by an FCA authorised firm. Again, this is going to be tricky to achieve, given that such firms will want to have performed due diligence on the firm they are approving, and there is no such firm to approve.

Instead, the direction of travel in the UK tends to be that DeFi enterprises will sell cross-border to FCA licensed firms (which may therefore receive the relevant communications, using an exemption), and the FCA licensed firms may then design products backed by DeFi which can be sold to the UK market. The licensed firm therefore acts as a centralised bridge into the UK market, and the regulatory direction is generally to support the use of such bridges as providing the required protection for UK consumers.

5.2 DeFi Structures

Whilst there is no prohibition on DeFi in the UK, for the reasons provided in 5.1 Ability to Use DeFi, practically speaking DeFi does not operate in the UK. We do however often see service companies to DeFi projects operate from the UK, as for example providing intellectual property and coding support to offshore DeFi projects is not regulated. This is usually accompanied by contracts and policies/procedures enabling a clear delineation of ownership and roles in using and developing the intellectual property.

5.3 Liability

From an FCA perspective, much of the focus is on how DeFi is marketed into the UK, as the person making the relevant communication is a centralised point against which the FCA can take enforcement action as required. The view is generally taken that if a DeFi project is outside the UK and there is no communication to UK persons of it, then there should be no harm to UK persons as a consequence.

The position taken by judges is evolving. Cases such as Tulip Trading indicate that in the case of “true” DeFi, it may be possible to argue that no person is responsible for the DeFi proposition, and so there is no person liable for it. However, this will be tricky to provide as, in fact, most DeFi projects tend, in reality, to be centralised– and it is unlikely that a judge will allow a project to claim immunity simply by announcing that it is DeFi.

6. Payments and Stablecoins

6.1 Payments

Payments in crypto-assets are permitted, although there is currently there is no particular regulation in this regard. Whilst this means that the simple sending of crypto-assets from one person to another is generally unregulated, there is complexity in terms of how crypto-assets used for payments are sold. This is because such activity is generally subject to the crypto-assets rules under the MLRs and financial promotion rules, which may not make practical sense given that they are to some extent derived from the approach taken in a securities context.

The UK is, however, currently designing and implementing a regulatory regime for UK stablecoins, which is discussed in 6.2 Stablecoins.

6.2 Stablecoins

6.2.1 Fiat Currency and Algorithmic Stablecoins

The concept of a stablecoin in the UK is defined tightly, so that it only applies to certain tokens backed by actual fiat currency held in deposit accounts and certain approved highly liquid types of investment. As such, an algorithmic stablecoin would not be considered a stablecoin for UK regulatory purposes, and would be treated akin to other qualifying crypto-assets such as bitcoin.

6.2.2 Stablecoin Regulation

Currently, there is no defined distinction between stablecoins and other unregulated crypto-assets in the UK.

However, UK-based fiat-backed stablecoins will in the near future fall within a bespoke UK regulatory regime. This is still being broadly determined, however, involves specific rules for backing assets, which derive from a securities-type framework, and those for making payments, which derive from a payment services-type framework. UK stablecoins will also have intrinsic advantages in the UK market over other crypto-assets, for example they will not be subject to the financial promotion restriction.

6.2.3 Backing Assets

Under the new stablecoin rules, there will be a strict regime governing the backing assets for UK fiat-backed stablecoins. Such assets will need to be held in a prescribed statutory trust structure, and there are strict limits on how the fiat money can be held, including requirements that funds must generally be held in deposit accounts with acceptable banks, with some provision for accepted highly liquid investments such as money market funds. Furthermore, there are strict liability provisions on stablecoin providers in terms of topping up the size of the backing assets in the event of a shortfall.

UK fiat-backed stablecoins are prohibited from passing interest generated from backing assets to token holders.

6.2.4 Special Considerations

Currently no stablecoins are considered a systemic risk in the UK. The Bank of England has, however, proposed a strict approach towards any stablecoin that would pose a systemic risk, as such stablecoins could be subject to regulation by both the Bank of England and the FCA. This includes for example a requirement to hold 40% of backing assets as central bank deposits, and additional capital requirements.

The most controversial proposal is a potential (temporary) restriction on holdings of systemic stablecoins, which for individuals would be a per-coin limit of GBP20,000 and (subject to exemptions for retail businesses and intermediaries servicing retail customers) for businesses a limit of GBP10 million. It is unclear how such a limit would be enforceable in practice, and worth noting that it may also only be used as a transitionary measure whilst the stablecoin moves to being properly regulated as a systemic stablecoin.

7. Tokenisation and Real-World Assets

7.1 Treatment

There is no bespoke regulation of RWAs in the UK, and as such RWAs need to be considered against the existing security and crypto-asset regulatory frameworks under FSMA and (currently) the MLRs.

Given that the application of the MLRs is generally unaffected by the classification of the crypto-asset, rather they are determined by the activities taken in relation to them, MRLs are not considered further here.

As regards FSMA, a key question is whether or not the RWA constitutes a unit in a collective investment scheme. In this respect, in very broad terms, there is a distinction between RWAs where the asset is effectively inert and those where the asset is managed.

The former, which would include – eg, gold stored in a vault, may be structured so as not to be a security. In this respect, the token may be considered equivalent to a warehouse receipt, which is not a type of security.

Where discretion is managed in relation to an asset, such as with respect to real estate, then the RWA is generally considered a unit in a collective investment scheme. This is because the act of management may influence the value of the asset, and since day-to-day control of the decision-making process is not with the token holders, as the participants in the asset, the overall set-up is considered a collective investment scheme. It is worth noting that the definition of collective investment scheme is broader than its EU equivalent – the collective investment undertaking – and as such RWAs may be considered securities in the UK but not the EU. The impact of this determination can be stark, and it can result in retail persons being prohibited from participating in the RWA. Furthermore, even if the RWA is not sold into the UK, if the management of the RWA is done in the UK, that can separately trigger the need for a fund management authorisation. Because of this impact, alternative solutions for such RWAs have been considered, for example via the innovative use of debt instruments. Whilst these may work legally, generally the impact of using of these structures is to increase the intrinsic risk of the set-up.

Lastly, it is worth noting that the delivery terms of a RWA need to be considered carefully, in terms of whether there is a derivative. This is generally not the case, as most RWAs are either deliverable on demand, or incapable of delivery (ie, holders of the token simply get the fiat value of the RWA on redemption). However, as the ingenuity of RWA structures develop, care needs to be taken not to inadvertently be selling a regulated option, future or contract for difference.

gunnercooke llp

1 Cornhill
London
EC3V 3ND
UK

+44 3330 143 401

James.Burnie@gunnercooke.com www.gunnercooke.com

Trends and Developments

Authors

A Brave New World

The United Kingdom regulatory regime for crypto-assets is currently undergoing a transformation. To date, the position has been one of fragmented ad hoc regulation of particular activities, starting with a focus on stopping money laundering, and more recently, through the application of restrictions on the promotion of crypto-assets, protecting UK consumers from miss-selling of crypto-assets. The result has been a somewhat complicated patchwork of requirements, which has in some respects been confusing as, for example, so-called “unregulated” crypto-assets have actually, over time become highly regulated.

With the passing the Financial Services and Markets Act 2000 (Crypto-Assets) Regulations 2026, the decision has been made to do away with the existing patchwork approach. Rather, the legislation heralds a full and comprehensive regulatory regime, intended to be equivalent to that used for traditional regulatory industry. The timeline for implementation of the new regime is aggressive, as it is intended to take full effect on 25 October 2027. Consequently, the Financial Conduct Authority (FCA) has had to move quickly to develop and publish its approach towards regulating the industry ahead of the deadline, and to try to give firms time to adjust to the requirements of the new regime.

At the outset, it is worth noting that blockchain technology is not itself regulated. This is in accordance with the general mantra of “same risk, same outcome” to activities. The blockchain is not an activity – rather it is simply a means of holding information. And, as holding information is not in itself a regulated thing (apart from the general application of legislation such as UK GDPR in relation to personal data, UK MiFIR in relation to transactions data, etc), there is no regulated activity linked to the technology in itself.

Rather, certain activities performed in connection with crypto-assets are regulated, in particular where it is considered that they involve an activity akin to a traditionally regulated activity. Relevant activities for these purposes will include issuing a qualifying stablecoin; safeguarding of qualifying crypto-assets and relevant specified investments; operating a qualifying crypto-asset trading platform; dealing in qualifying crypto-assets as principal or agent; arranging deals in qualifying crypto-assets; and staking qualifying crypto-assets.

It is worth noting that the regulated activities in each case relate to crypto-assets that are “qualifying”. The definition of this means that, for example, NFTs and soul bound tokens are out of scope – meaning that activities in relation to these tokens may well fall outside the scope of regulation.

Trying to dodge the bullet

The comprehensive nature of the new UK regime means that firms will face a substantial cost in order to comply with it. Historically, the response of Web3 to such a development would be to set up outside the jurisdiction and then sell cross-border into the general UK retail market. Whilst in recent years this would be permitted subject to obtaining approval from a competent FCA authorised firm, under the new regime such marketing will no longer be legal. Instead, firms will be forced to either set up a local UK subsidiary and obtain a direct FCA authorisation to service the UK market, or will be forced to sell into the UK based on very narrow exemptions – such as those that allow selling to investment professionals, high net worth companies and sophisticated investors. The narrow nature of these exemptions means that they are not generally useful for crypto-asset firms. Firms should note in any event that to try to rely on them still requires a build, in terms of ensuring that appropriate documentation is provided and obtained to demonstrate compliance.

Biting the bullet

Those firms, therefore, that seriously intend to service the UK market, will need to set up a local subsidiary that will need to obtain FCA registration.

Under the UK rules, the FCA shall assess firms in terms of: operational resilience, principles for business, conduct of business, senior management/individuals, prudential management, client assets, governance, outsourcing arrangements, financial crime and market abuse. This builds on the areas which the FCA have previously assessed for firms seeking to become registered with the FCA under the Money Laundering, Terrorist Financing and Transfer of Funds Regulations 2017 (MLR 2017), specifically firms’ anti-money laundering framework, business model firm financials, policies and procedure, systems and controls, and generally the fitness and proprietary of key individuals at the firm. Firms that were previously registered with the FCA under the MLR 2017 will need to become authorised with the FCA under the new regime.

Generally, the approach has been taken to align the new activities with those taken with equivalent existing activities (“same risk, same outcome”), however this has not always been an easy translation. For example, in the context of insider dealing (a kind of market abuse), the implicit assumption in traditional finance is that there is a centralised company with respect to which it is possible to obtain non-public information that is the basis for insider trading. A crypto-asset may be manipulated despite the lack of a centralised corporate entity, and as such the FCA has taken a pragmatic approach, consider for example that a person seeking to list a crypto-asset may consequently hold insider information despite not being the issuer of the token.

It is also worth noting that, in practice, it is in some respects debateable whether the UK has in fact, adhered entirely to the “same risk, same outcome” approach. A particular issue here is the appointed representative regime. This regime is generally used by start-ups in the TradFi securities industry to get up and running in a cost-efficient manner, by effectively borrowing the licence of an already regulated entity, subject to agreement to fall within the supervision of that regulated entity. Whilst the appointed representative regime has faced some criticism, for example in terms of whether start-ups have been appropriately supervised, the failure to extend the regime to unregulated crypto-asset companies effectively puts them at a disadvantage. This is because crypto-asset firms will need to incur the full direct cost of becoming FCA authorised, and in addition, those running such firms will not have the advantage of being able to get used to the obligations of running a regulated firm before going for direct authorisation.

An interesting aspect of this will be the role of the start-up unit in the FCA, which is tasked with seeking to help start-ups get up-and-running, as part of a general obligation on the FCA to encourage competition in the UK as a means of benefiting consumers. The effect of this is that the FCA is consciously seeking to help small firms set up in the UK, and how the FCA seeks to do this whilst also seeking to ensure that its rules are properly enforced to protect markets and consumers will be interesting to see.

Another factor at play here will be the ingenuity of firms to be able to create “appointed representative-like” solutions to enable firms to access the UK. For example, it is clear that firms may not sell directly into the UK without a licence, however a firm may sell to an FCA authorised firm which in turn sells into the UK. The extent to which firms may blur the line here is yet to be determined, however given that in any event the distribution channel for the product will have to in any event pass through an FCA authorised firm and therefore need to be in accordance with UK regulatory requirements, there is cause for optimism.

The international scene

The FCA is not alone in seeking to develop its approach to the crypto-asset industry, and it is instructive to look at what is happening at the global level, and how the UK regime interacts. Generally, other regulators have also sought to take an alignment approach to regulating crypto-assets, and whilst superficially this may result in an element of natural alignment, that should not be taken for granted. For example, the UK’s approach to regulating the backing assets held with respect to a stablecoin is derived from investments, and in particular there is a focus on ensuring that backing assets are held in only the most liquid and secure of investment types, such as bank deposits, and consequently there is a ban on holding electronic money as a backing asset. This is in direct contrast to the EU approach, which instead sees stablecoins as an evolution of electronic money, hence requiring firms to obtain an electronic money issuer licence in order to be able to operate.

There is a broader issue at play here, in terms of the UK’s position in global markets. Whilst by leaving the EU, the UK lost certain passporting rights, other avenues are expanding. This is demonstrated by the range of memoranda of understanding entered into between the FCA and other regulators globally, which set up a general basis for co-operating. Particularly interesting here is the Berne Financial Services Agreement, which bilaterally allows UK and Swiss firms to access each other’s market on the basis of deference – meaning that rather than requiring line by line of equivalence (which is slow and resource heavy to achieve), a general recognition of the general adequacy of each regulatory system is deemed sufficient to give market access. This approach, whilst nascent, provides a potential blueprint for the future development of the UK as a financial services (and potentially crypto-asset) hub.

It will be interesting to see how the UK develops in this respect, as in light of global development we are seeing an influx of investment into the UK, which could help support the development of the UK Web3 ecosystem, whilst a more comprehensive regime involves a greater cost to comply with, as investment size increases the relative cost of compliance diminishes. An additional factor which may assist in this respect is that having a comprehensive regime early on means that it is less likely to substantially change over time – meaning that once the requirements are met, it is less likely that a regulatory shift will cause a compliant domestic market of firms to become inadvertently non-compliant. The regulatory certainty that this brings may well mean that firms are happy to pay the premium to obtain certainty compared to other jurisdictions which, whilst superficially cheaper to operate in, may in real terms be more expensive over time as their regimes become steadily more stringent, requiring firms to re-evaluate their position continuously.

Bullet time

Firms seeking to determine whether to obtain FCA authorisation to be able to continue to service the UK market are under some time pressure. Firms can apply for authorisation from 30 September 2026, and will need to ensure that their application is in by 28 February 2027. Firms that fail to submit an application in time will not be guaranteed continued access to the UK whilst their application is being determined, meaning that they have to stop UK operation pending their application being approved. Such approval may take time as the FCA deals with the backlog of applications that were submitted in time.

Another reason for firms to seek to prioritise becoming FCA authorised is that the FCA is clearly taking on board feedback with respect to the regulations being put in place for the industry. As the new rules have been created at speed, it is important for firms to seek to actively engage with the FCA with respect to any issues, so that the FCA can properly consider its approach to novelties not envisaged at the outset of drafting the new rules. Firms that do not engage with the FCA risk being assessed when the rules are more entrenched, meaning that there is less appetite to take on board industry feedback. Whilst the existence of, for example, the sandbox, as well as the stated intent of the FCA to continue to engage with industry as markets develop, does mean that firms will still be able to seek to influence UK regulation, there may be less appetite to make changes once a general approach to regulation has become entrenched. Firms that seek to deploy atypical business models may therefore be subject to greater friction, meaning that there is additional pressure to simply conform their business models to general market practice, rather than seek to spend the resources required to shift the market to acknowledge the validity of their business model.

gunnercooke llp

1 Cornhill
London
EC3V 3ND
UK

+44 3330 143 401

James.Burnie@gunnercooke.com www.gunnercooke.com

Law and Practice

Authors

Trends and Developments

Authors