Fintech 2021

Last Updated March 18, 2021


Law and Practice


Clifford Chance LLP has a market-leading, multi-disciplinary fintech practice with an unparalleled international reach, ranked Band 1 for Global Fintech Legal by Chambers. Clients approach the firm for advice on their most transformational fintech projects across key areas such as blockchain, smart contracts, digital assets, payments, AI, data, cyber and insurtech. The firm’s fintech clients range from tech-focused corporates branching out into financial services, banks and other financial institutions, regulators and governments, insurance companies, sovereign wealth funds, asset managers and private equity houses, right through to fintech and insurtech disruptors, start-ups and industry consortiums. The firm is deeply embedded within the UK and global fintech ecosystem and collaborates with leading industry-wide working groups, consortia and academic institutions, including R3, Global Digital Finance (GDF) and the Leverhulme Centre for the Future of Intelligence.

The UK remains a leading global hub for fintechs. Behind the US and China, it is third in the world for tech investment and raising more than France and Germany combined according to research from TechNation. The UK fintech sector adds around GBP7 billion to the UK economy (according to an HM Treasury news story published in July 2020). The fintech ecosystem is supported by a progressive approach to regulation, access to international investment and a skilled workforce.

The COVID-19 pandemic has shone a light on the resilience of the fintech market. According to a report by Beauhurst, only 1% of fintechs are critically affected and 2% are severely affected. This is low compared with the 17% of high growth companies across other industries which fall into these categories.

As the economy recovers from the pandemic, there are expected to be longer term growth opportunities for fintechs. COVID-19 has accelerated the growth of digital adoption. The rate of fintech adoption amongst the digitally active population in the UK is approximately 71%, according to the 2019 EY Global Fintech Adoption Index, which is significantly higher than the 14% reported in 2015. The pandemic has assisted the growth in shifting consumer behaviour, with increasing payment volumes moving online and an increased use of e-commerce.

The short-term priority for the fintech market will be to respond to the challenges of a post-Brexit and post COVID-19 environment. Concerning longer term challenges, many fintechs have struggled to achieve sustained profitability as they have focused on growth and building scale. For example, whilst challenger banks Starling Banking and Revolut have recently turned a profit, they have not managed to achieve consistent profitability. According to a KPMG report, the annual losses for fintechs in the UK since 2010 are estimated to be in the region of GBP1.5 billion. There is expected to be increased scrutiny of the financial performance of fintechs and their ability to generate profits and returns for investors.

The regulatory landscape will continue to evolve to address concepts such as crypto-assets and stablecoins, cloud technology and artificial intelligence (AI). HM Treasury has conducted an independent strategic review to establish priority areas for policymakers to support the ongoing growth of the UK fintech sector.

There were over 1,600 fintechs across the UK in 2019, including both mature brands and start-ups, covering a wide range of sectors and using a variety of business models.

Around half of all UK fintechs are payments companies, according to the Bank of England. Research from EY on the sectoral representation of UK fintechs shows that relatively mature sectors include financial software (13%), SME lending (10%) and payments (8%).

The EY research found that there is a strong prevalence of business-to-business related activity, with sectors such as regtech and digital identity, analytics and big data, insurtech, capital markets data and technology, and trade finance and supply chain solutions accounting for approximately 21% of total fintech activity in the UK.

The business models vary for firms across the different sectors.

There is no single regulatory regime for fintech. Instead, both the nature of the activities a firm performs and its business model determine whether it is regulated.

As discussed in 2.1 Predominant Business Models, the UK fintech market is notable for the breadth and depth of sectoral coverage. It encompasses a wide range of services such as crowdfunding, cross-border payments, foreign exchange services, digital wallets and e-money, robo advice and crypto-asset-related activities. Firms must assess the regulatory regime that applies to their business model on a case-by-case basis.

We have included a high-level overview of the general licensing regime and the framework applicable to payment institutions and e-money firms.

General Licensing Regime under FSMA

All firms should consider the general prohibition in Section 19 of the Financial Services and Markets Act 2000 (FSMA), which provides that it is prohibited to carry on a regulated activity by way of business in the UK without authorisation or an exemption.

A regulated activity is an activity of a specified kind that is carried on by way of business and relates to an investment of a specified kind. The list of regulated activities is set out in the Financial Services and Markets Act 2000 (Regulated Activities) Order 2001 (the RAO). This includes (to name a few) accepting deposits, issuing electronic money, advising on or arranging deals in investments, dealing in investments as agent or principal and operating an electronic system in relation to lending. If a specified activity is carried on by way of business and relates to a "specified investment", it will be caught as a regulated activity. The list of specified investments includes (but is not limited to) deposits, electronic money, shares and units in a collective investment scheme.

Payment Institutions and E-Money Firms

Additionally, firms should also consider whether they will be subject to regulation under the Payment Services Regulation 2017 (the PSR 2017) or Electronic Money Regulation 2011 (the EMR 2011).

Payment institutions and electronic money firms must safeguard customer funds to ensure that, in the event of an insolvency of the firm, customers' funds are returned in a timely and orderly manner. This is particularly important as funds held with payment institutions and e-money firms are not protected by the Financial Services Compensation Scheme.

The Financial Conduct Authority (FCA) is focused on ensuring that payments are safe and accessible (see further in 2.6 Jurisdiction of Regulators). Its main supervisory priority for the payments sector is ensuring that firms have robust safeguarding arrangements, prudential resilience and risk management arrangements, and systems and controls to prevent financial crime.

Specific Rules for Particular Fintech Business Models

There are specific requirements relevant to certain types of fintech business models. Many of these, including peer-to-peer lending and crypto-asset-related activities, are discussed further below.

Impact of Brexit on the UK Regulatory Regime

The UK left the EU on 31 January 2020 (Brexit), and the transition period (during which period EU law applied in the UK) ended on 31 December 2020. Following the end of the transition period, the European Union (Withdrawal) Act 2018 (the EUWA) provided for the onshoring of certain EU legislation as it applied at that date into UK domestic law.

Kalifa Review

On 26 February 2021, an HM Treasury-commissioned independent report on the UK fintech sector was published (the Kalifa Review). This contains a number of recommendations, including proposals for a new digital finance regulatory framework and changes to the UK's listing regime. We anticipate that the government will respond with its feedback to the Kalifa Review in the next few months.

The compensation models that fintech firms can utilise vary depending on the nature of a firm's business and the regulatory rules applicable to that firm.

There are restrictions on charging fees for certain types of payment methods. The Consumer Rights (Payment Surcharges) Regulations 2012 (SI 2012/3110) (the Surcharges Regulations) impose a ban in relation to payment surcharges, and limits on surcharges for certain payments.

Card Surcharge Ban

Payees must not charge a payer any fee in respect of payment by means of card-based payment instruments or other payment instruments (other than commercial cards or other payment instruments as set out in the Surcharges Regulations) to the extent that certain conditions are met.

Limit on Surcharging for Other Payments

There are also limits in relation to some business-to-business and consumer-to-business payments.

The regulation applicable to both legacy players and fintechs depends on the nature of a firm's business model and the activities that it conducts, which must be determined on a case-by-case basis.That being said, there are areas of regulation aimed at fintechs. For example, the PSR 2017 includes specific rules for small payment institutions.

The FCA is a global pioneer in developing initiatives to support firms using innovative technologies.

FCA Regulatory Sandbox

The FCA has offered a regulatory sandbox since 2016 to allow firms to test innovative products in a controlled environment whilst ensuring there are appropriate consumer protection safeguards in place. There have been six cohorts so far.

FCA Digital Sandbox Pilot

Building on a DataSprint event in 2020, the FCA launched the Digital Sandbox pilot in October 2020 to test technology to respond to the challenges presented by COVID-19. In particular, it focuses on three main areas:

  • preventing fraud and scams;
  • supporting the financial resilience of vulnerable customers; and
  • improving access to finance for SMEs.

FCA TechSprints

The FCA has been hosting TechSprints since 2016, which are events that bring together industry participants to develop technology-based ideas to address specific industry challenges.

The Global Financial Innovation Network (GFIN)

The GFIN was launched in 2019 by an international group of financial regulators and related organisations, including the FCA. This built on the FCA’s early 2018 proposal to create a global sandbox, and the FCA now leads and chairs the GFIN.

The GFIN seeks to develop a cross-border testing framework (or "global sandbox") to allow firms to trial and scale new technologies or business models in multiple jurisdictions. Applications for the first cohort closed on 31 December 2020.

The key regulators for the UK fintech market are the FCA, the Bank of England, the Prudential Regulatory Authority (PRA) and the Payment Systems Regulator. A brief description of each of their roles and objectives are summarised below:

  • FCA – the FCA's strategic objective is to ensure that markets for financial services function well and it is responsible for, amongst other things: regulating standards of conduct in retail and wholesale financial markets; supervising trading and infrastructures that support those markets; and supervising payment institutions and e-money firms;
  • Bank of England – the Bank of England's objective is to protect and enhance the stability of the UK's financial system and it is responsible for monetary policy and financial stability;
  • PRA – responsible for the prudential regulation and supervision of banks, building societies, credit unions, insurers and major investment firms; and
  • Payment Systems Regulator – the independent regulator for UK payment systems; it is responsible for the regulation of payment systems designated by HM Treasury and the participants in such systems.

Co-operation between Regulators

The Bank of England, FCA, PRA and Payment Systems Regulator have entered into a Memorandum of Understanding setting out how they will co-operate with one another in relation to payment systems in the UK. This includes requirements to consult with each other in certain circumstances, or on matters of common regulatory interest.

Other Regulatory and Public Bodies

There are several other regulatory and public bodies that are relevant to the UK fintech market, including the Financial Ombudsman Service, the Competition and Markets Authority (the CMA) and the Information Commissioner’s Office (the ICO).

Outsourcing Requirements

Regulated firms may outsource certain functions to third-party service providers; however, they retain full responsibility and accountability for their regulatory duties. Firms are not permitted to delegate any part of this responsibility to a third party.

Different outsourcing requirements apply to different types of firms, and these requirements often depend on the type of function being outsourced (eg, outsourcings deemed material, critical or important are subject to more stringent rules).

In general terms, a non-exhaustive list of some of the outsourcing requirements includes:

  • regulatory notification obligations where the proposed outsourcing is critical or important;
  • performing due diligence on the outsourcing service provider (before the outsourcing, and during the term of the outsourcing arrangement);
  • identifying and managing operational risks;
  • retaining the expertise to supervise the outsourced functions effectively;
  • ensuring there is a written policy; and
  • regularly evaluating the contingency arrangements to ensure business continuity in the event of a significant loss of services from the outsourcing service provider.

The FCA expects firms to apply a risk-based and proportionate approach when meeting their outsourcing requirements, considering the nature, scale and complexity of a firm’s operations.

Operational and Cyber Resilience

The FCA, PRA and Bank of England are proposing to strengthen operational and cyber resilience in the UK financial services sector. The FCA is expected to publish a Policy Statement with final rules in relation to operational resilience in 2021. Those rules are expected to come into force in 2022.

The proposal includes requiring firms to map important business services (including the technology that supports these services) and robustly test contingency arrangements. Firms will need to consider their dependency on services supplied by third parties and the resilience of these third-party services. The Policy Statement is expected to include information on the links between the FCA's operational resilience policy and the EBA Guidelines on ICT and security risk management.

The requirements are expected to apply to a wide range of firms, including payment institutions, e-money firms, UK banks, building societies and PRA-designated investment firms.

Certain platform providers may be carrying on regulated activities triggering authorisation under FSMA, depending on their activities and business model. Where FSMA authorisation is triggered, they will need to comply with relevant conduct of business requirements relating to the operation of the platform. The regulated activities that may be triggered in relation to operating a trading platform are discussed in 7.1 Permissible Trading Platforms.

Crypto-asset exchange providers must register with the FCA and comply with the requirements of the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017, including customer due diligence requirements. See 7.3 Impact of the Emergence of Cryptocurrency Exchanges.

The government has announced plans to introduce a regulatory regime aimed at the largest digital firms designated with 'Strategic Market Status'. In addition, there are proposals for an Online Safety Bill which intends to improve online safety for UK users by requiring in-scope firms to prevent the proliferation of illegal and harmful content. These are discussed below.

Digital Firms with Strategic Market Status

In November 2020, the government announced its intention to establish a new regime for digital markets. The CMA subsequently issued advice on the implementation of this regime in December 2020. The government intends to consult on the legislative proposals in early 2021.

The government intends to establish a Digital Markets Unit (DMU) from April 2021 to oversee digital platforms designated with Strategic Market Status.

The proposed test for designating a firm with Strategic Market Status is whether it has substantial, entrenched market power in at least one digital activity, providing the firm with a strategic position. There are a variety of factors that may be taken into consideration, including: the firm's size or scale, whether the firm is an important access point to customers (a gateway) for a diverse range of other businesses, and whether the firm can use the activity to determine the rules of the game.

The proposed key pillars applicable to firms with Strategic Market Status are:

  • a new, legally binding code of conduct, tailored to each firm, designed and overseen by the DMU;
  • pro-competitive interventions; this could include imposing interoperability requirements;
  • enhanced merger rules to enable the CMA to apply closer scrutiny to transactions involving firms with Strategic Market Status.

The proposed regime is an ex ante regime, focused on preventing harm. It is proposed that the DMU be able to impose penalties of up to 10% of worldwide turnover. The FCA will also be given enforcement and implementation powers in regulated sectors.

Online Safety Bill

In December 2020, the government set out plans for an Online Safety Bill. This will establish a new legal duty of care for in-scope companies and aims to improve the safety of their users online. The proposal includes a requirement for in-scope companies to:

  • prevent the proliferation of illegal content and activity online;
  • ensure that children who use their services are not exposed to harmful content; and
  • maintain appropriate systems and processes to improve user safety.

The Online Safety Bill is intended to apply to companies (including companies outside the UK) whose services either host user-generated content which can be accessed by users in the UK and/or facilitate public or private online interaction between service users, one or more of whom are in the UK.

In-scope companies are expected to include social media platforms, messaging apps, video-sharing platforms, online forums, dating services, peer-to-peer services, online marketplaces, search engines and certain video games.

Only companies with direct control over the content of and activity on a service will be subject to the duty of care. Business-to-business services will remain outside the scope, and there are a number of exemptions, including for services which play a functional role in enabling online activity (eg, internet service providers), services used internally by businesses, and certain low-risk businesses with limited functionality.

Ofcom will be the regulator and its enforcement powers include the ability to impose fines of up to GBP18million or 10% of a company's annual turnover (whichever is higher) and blocking non-compliant services from being accessed in the UK.       

Regulators (including the FCA, CMA and ICO) have taken enforcement action for breaches of different types of regulatory requirements. For example, the FCA issued 11 fines in 2020 totalling GBP192,570,018 for a range of issues.

Firms should assess the impact of non-financial services regulation, including data privacy rules and guidance in relation to big data and AI ethics.

Data Privacy

The UK data protection regime is set out in the Data Protection Act 2018 along with the General Data Protection Regulation ((EU) 2016/679), as it forms part of the domestic law of the UK by virtue of the EUWA. Firms will need to assess the requirements on the processing and storage of personal data on a case-by-case basis. For example, business models using blockchain or distributed ledger technology will need to ensure compliance with the data privacy requirements, which can raise practical issues given the decentralised and immutable nature of blockchain technology.

Technology Development – Big Data and AI Ethics

Firms developing innovative technology and software need to assess the legal and regulatory framework in relation to big data and AI ethics.

One of the ICO's top three strategic priorities includes addressing data protection risks arising from technology and, specifically, the implications of AI and machine learning. The ICO has published guidance on AI and data protection, which included advice on how to interpret data protection law as it applies to AI. Additionally, the ICO has published guidance on how organisations can best explain their use of AI to individuals. This addresses transparency and "explainability" in relation to AI, which is the ability to give full and clear explanations of the decisions made by or with the assistance of AI.

The UK House of Lords published a report in December 2020 which recommended that steps are taken to operationalise ethics and establish national standards to provide an ingrained approach to ethical AI, including a framework for ethical development of AI which addresses issues of prejudice and bias.

See also 2.8 Gatekeeper Liability.

Industry groups and trade associations play a key role in representing stakeholders, engaging in dialogue with regulators and publishing guidance. For example, UK Finance represents over 250 firms and publishes industry guidance.

Firms may also need to comply with the rules and standards imposed by operators of payment systems. In particular, Pay.UK operates the UK's retail payment systems and is responsible for delivering a New Payments Architecture, as discussed in 5.1 Payment Processors' Use of Payment Rails.

Firms are required to appoint an auditor, unless they are exempt from the requirement to have their accounts audited (eg, certain small companies). Further, firms may appoint external consultants to review compliance with their procedures. For example, payment institutions may appoint an external firm or consultant to carry out the requisite safeguarding audit.

In broad terms, it is permissible for a regulated entity to provide unregulated products and services.

The FCA noted that where an FCA-authorised firm carries on unregulated activity (eg, in relation to an unregulated crypto-asset), while that activity may not require a permission in itself, it is possible in certain circumstances that some FCA rules — like the Principles for Business and the individual conduct rules under the Senior Managers and Certification Regime — may still apply to that unregulated activity.

The FCA reminded authorised firms in a Dear CEO letter dated January 2019 that they must not indicate or imply that they are regulated or otherwise supervised by the FCA in respect of unregulated activities that they carry on. Any financial promotions that also refer to unregulated products or services should make clear those aspects which are not regulated.

In our experience, some firms establish a separate entity to provide unregulated products and services.

Also see 12.2 Local Regulators' Approach to Blockchain in relation to future possible changes in the regulatory perimeter with respect to crypto-assets, including HM Treasury consultations on extending the UK financial promotions requirements under FSMA to unregulated crypto-assets and on the UK regulatory approach to crypto-assets and stablecoins.

Robo-advice is an umbrella term that refers to a broad spectrum of automated digital or online advice tools. Many firms use hybrid business models which combine automated advice with some potential for interaction with a human adviser. The FCA "think it is likely that hybrid models will continue to dominate the sector" (in a report dated December 2020).

There is no single, specific regime for robo-advisers. The regulatory requirements applicable to each firm depend on the nature of the activities it performs. The provision of investment advice is a regulated activity in the UK. There are also a number of other regulated activities which may be performed in connection with robo-advisory services such as arranging transactions in investments and making arrangements with a view to transactions in investments.

The FCA confirmed that it expects automated investment services to meet the same regulatory standards as traditional discretionary or advisory services, particularly in relation to suitability requirements.

The FCA established its Advice Unit in 2016, which provides regulatory feedback to firms developing automated advice models.

According to the FCA, all major retail banks are expected to have an automated advice proposition in the next few years. Such legacy players will be able to leverage their existing client base.

The best execution rules are capable of applying to robo-advisers, depending on the nature of the activities conducted by the firm.

Best execution means firms must obtain the best possible result for their clients when executing client orders or passing them to other firms for execution. The requirements vary depending on the nature of the activities conducted by the firm. Firms that execute orders on behalf of clients are subject to more onerous requirements than firms that transmit or place orders with other entities for execution. The best execution requirements are primarily set out in the FCA's Conduct of Business Sourcebook (COBS).

The UK best execution rules are derived from the EU regime (in particular, under MiFID2 and MiFIR). Firms are expected to adhere to guidance issued by ESMA and CESR prior to Brexit, interpreting it in light of the UK's withdrawal from the EU and associated UK legislative changes.

There are significant differences in the regulation of lending to consumers and commercial lending. Commercial lending activities do not typically trigger a regulatory licence or authorisation requirement. In contrast, there are a number of regulated consumer credit activities in the UK, including the activity of entering into a regulated credit agreement.

For details on peer-to-peer lending, please see 7.1 Permissible Trading Platforms.

The requirements in relation to the underwriting process depend on the type of credit activity which is being carried out. COBS requires firms to undertake a creditworthiness assessment of a customer. The FCA has also communicated its expectations in relation to vulnerable consumers. Firms will also need to comply with the applicable rules relating to anti-money laundering and KYC requirements.

The source of funds permissible for each business depends primarily on the nature of the lender. For example, banks are permitted to use deposits to fund loans subject to certain conditions, whereas some entities may obtain funds through peer-to-peer lending.

Consumer credit loans are not typically syndicated.

HM Treasury has the power to designate a payment system as a regulated payment system, which brings the system’s participants (operators, infrastructure providers, and payment service providers that provide payment services using the system) within the scope of the Payment Service Regulator’s powers. There are currently eight payment systems which have been designated by HM Treasury, as follows:

  • BACS
  • Faster Payments
  • Link
  • Cheque and Clearing
  • Northern Ireland clearing
  • Visa
  • Mastercard

New Payments Architecture

Retail payments in the UK have historically been processed using separate infrastructures, resulting in a mix of rules and standards around processing, settlement cut-off times and messaging formats. There is a proposal to bring certain payment systems together to simplify the requirements for payment service providers.

Pay.UK (the operator of BACS and Faster Payments) is responsible for facilitating the delivery of the New Payments Architecture (the NPA), which is a new way of organising interbank payments. The NPA is intended to replace the existing central infrastructure for BACS and Faster Payments. The core clearing and settlement layer is expected to take over the processing of GBP7.4 trillion of BACS and Faster Payments.

The Payment Services Regulator has commented that there are "unacceptably high risks" that the NPA programme may not provide value for money and could stifle competition. The Payment Services Regulator published a consultation in February 2021 setting out options to reduce the risks relating to the delivery of the NPA, and proposals to mitigate risks to competition and innovation relating to when the NPA is operational.

Other Payment Systems

Payment processors are permitted to create their own payment rails.

HM Treasury confirmed that there are other payment systems that are currently too small to warrant consideration for designation as a regulated payment system or are not operational in the UK. The examples provided in 2015 were American Express, Diners Club, PayPal, Paym, Zapp, M-Pesa and Google Wallet, although HM Treasury noted that if these were launched in the UK and/or became important enough, they could potentially then be included in the scope of regulation.

Payments Landscape Review

HM Treasury launched a review of the UK payments landscape with a call for evidence in June 2020, which may lead to further changes to the regulation of payments systems networks in the UK being proposed.

Brexit has resulted in changes to the regulation of cross-border payments in the UK, including in respect of the UK Cross Border Payments Regulation, UK Funds Transfer Regulation and Single Euro Payments Area (SEPA) transactions.

Cross-Border Payments Regulation

Up until 31 December 2020, Regulation (EC) No 924/2009, as amended by Regulation (EU) 2019/518 as regards certain charges on cross-border payments in the Union and currency conversion charges (EU CBPR), applied in the UK. The EU CBPR includes an equality of charges principle which requires that intra-EU euro cross-border payments must be the same for corresponding national payments either in euro or in a non-euro currency of an EU member state. The EU CBPR legislation no longer applies in the UK as a result of Brexit.

The UK has onshored some aspects of the EU regime under the EU CBPR as it forms part of domestic law of the UK by virtue of the EUWA (the UK CBPR). The UK CBPR onshores transparency requirements on currency conversion charges, however the equality of charges principle is not part of the UK CBPR regime.

The FCA clarified its expectation in relation to the currency conversion transparency requirements during the COVID-19 pandemic. An FCA web page refers to an EU Commission statement dated 9 April 2020 reminding payment service providers of an application date of 19 April 2020 for currency conversion transparency requirements. The FCA expects firms to comply with the requirements where they can, and if not, to implement these obligations as soon as possible. The FCA has stated that it will take a "reasonable approach towards enforcement of the implementation of the new rules in the light of the need to preserve the stability and continuity of online payment services".

Certain provisions in the EU CBPR regime relating to post-transaction disclosure for card-based transactions apply from 19 April 2021. These have not been onshored into the UK regime, as these provisions did not become part of EU retained law at the end of the transition period.

UK Funds Transfer Regulation

For firms that provide cross-border payment services, as a result of Brexit, it is now necessary to provide the name of the payer and payee, and the address of the payer, when making payments between the UK and the EU.

The UK regime is set out in Regulation (EU) 2015/847 of the European Parliament and of the Council of 20 May 2015 on information accompanying transfers, as it forms part of domestic law of the UK by virtue of the EUWA (the UK Funds Transfer Regulation).

The FCA has exercised temporary transitional powers to temporarily waive or modify certain obligations which have changed as a result of Brexit. In particular, the FCA's standstill direction applies in relation to amendments to the UK Funds Transfer Regulation made as a result of Brexit. This means that firms can choose to comply with the pre-Brexit or post-Brexit version of the requirements until 31 March 2022. Consequently, firms can choose to process payments initiated by EEA payment service providers, even if an EEA payment service provider has not provided the full name and address details until 31 March 2022, subject to any scheme rules that might apply.


The UK has maintained participation in SEPA as a third country. SEPA enables quick and efficient cross-border payments across the EU and a number of third countries.

The European Payments Council published a Brexit reminder in November 2020, reminding firms of the additional requirements that apply to cross-border SEPA payments involving a UK-based SEPA payment scheme participant from 1 January 2021 (as a result of the UK being treated as a third country).

Whilst there is no regulated activity which specifically covers fund administration services, a fund administrator could potentially fall within the scope of the UK regulatory regime, depending on the nature of the activities that it conducts. In particular, a fund administrator should assess whether it is conducting the regulated activity of advising on investments, arranging deals in investments, and establishing, and operating or winding up either a collective investment scheme or an unregulated collective investment scheme. It may also need to consider whether it is acting as a manager of a UK undertaking for collective investment schemes (UCITS) or UK alternative investment funds (AIFs) or a depositary, as there are detailed rules that apply to these entities.

The contractual terms that a fund administrator enters into may need to reflect regulatory requirements in relation to outsourcing, the processing of personal data, and potentially other regulatory requirements which will depend on the specifics of the business model and nature of activities being performed.

Exchanges and Trading Platforms

Stock exchanges (including UK-recognised investment exchanges), securities markets, and operators of such markets are heavily regulated. There are three main types of trading venues (regulated markets, multilateral trading facilities (MTFs) and organised trading facilities (OTFs) and different rules apply to companies with shares trading on each of these markets.

To the extent that an exchange or trading platform engages with crypto-assets or tokens that come into scope of the UK's regulatory perimeter (see 7.2 Regulation of Different Asset Classes), the entity may be carrying out a regulated activity. For example, this may include operating an MTF or OFT, dealing in investments as principal or as agent, arranging deals in investments, sending dematerialised instructions, making arrangements with a view to investments, and safeguarding and administering investments.

For a discussion on the regulatory regime applicable to crypto exchanges, please see 7.3 Impact of the Emergence of Cryptocurrency Exchanges.

Peer-to-Peer and Crowdfunding

The activity of operating a crowdfunding platform may be regulated, depending on the nature of the activity conducted. The FCA regulates the following crowdfunding activities:

  • loan-based crowd funding (known as peer-to-peer lending): where consumers lend money in return for interest payments and a repayment of capital over time; and
  • investment-based crowdfunding: where consumers invest directly or indirectly in businesses by buying investments such as shares or debentures.

Payment services provided in connection with the following activities are also regulated:

  • donation-based crowdfunding: where consumers give money to enterprises or organisations they want to support; and
  • prepayment or rewards-based crowdfunding: where consumers give money in return for a reward, service or product (such as concert tickets, an innovative product, or a computer game).

HM Treasury has clarified the UK's approach to Regulation (EU) 2020/1503 on European crowdfunding service providers for business (the EU Crowdfunding Regulation). The EU Crowdfunding Regulation did not come into force during the Brexit transition period (which expired on 31 December 2020) and therefore the government was asked to consider whether similar changes in UK law would enhance the competitiveness of the UK's crowdfunding and peer-to-peer lending sectors. The Cabinet Office published a letter dated 3 November 2020 to HM Treasury, where it was stated that the UK government has been actively reviewing the merits of the EU Crowdfunding Regulation but has found no evidence to suggest its implementation would result in material benefit to the UK crowdfunding sector.

Please see 2.2 Regulatory Regime for a discussion on the licensing regime. In broad terms, an activity is a regulated activity if it is an activity of a specified kind that is carried on by way of business in the UK and relates to a specified investment under the RAO. In general, the MiFID2 financial instrument categories map into RAO-specified investment categories.

Firms which carry on certain crypto-asset-related activities in the UK, referred to as crypto-asset exchange providers and custodian wallet providers, are subject to the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017.

Crypto-asset exchange providers and custodian wallet providers are required to register with the FCA. They are subject to ongoing obligations, such as requirements to take steps to identify and manage the risks of money laundering and terrorist financing. These include establishing appropriate policies, controls and procedures, and carrying out the requisite customer due diligence.

Crypto-asset exchanges may be subject to other regulatory requirements depending on the regulatory characterisation of the types of virtual currencies that are traded on the exchange, and the activities that the firm conducts. For example, if the crypto-asset qualifies as a transferable security or other financial instrument, the operator of the cryptocurrency exchange may need to be authorised as the operator of an MTF or OTF. A crypto exchange business should also consider whether it is issuing electronic money or providing a payment service.

There are no specific listing standards for unregulated platforms (or for listing unregulated crypto-assets).

However, crypto-assets that have substantive characteristics that are akin to traditional securities (eg, shares or bonds) will be regulated as securities. 

For example, if a crypto-asset or token is a transferable security and the tokens are either offered to the public in the UK or admitted to trading on a regulated market, the issuer will need to publish a prospectus unless an exemption applies.

There are detailed rules governing the eligibility requirements and ongoing obligations for a premium and standard listing of shares on a UK-regulated market, including prospectus requirements. A fintech firm interested in listing would need to consider these requirements.

FCA rules also set out requirements for operators of MTFs and OTFs which must have rules setting out eligibility criteria, amongst other things.

The FCA's Handbook contains rules in relation to client order handling requirements and client limit orders.

See 7.1 Permissible Trading Platforms for further details on the regulatory framework for peer-to-peer platforms.

See 3.3 Issues Relating to Best Execution of Customer Trades for further details on the best execution requirements.

An FCA report dated April 2019 discusses the expectations in relation to payment for order flows. This occurs when an investment firm (eg, a broker) that executes orders for its clients receives a fee or commission from both the client that originates the order and the counterparty the trade is then executed with (typically a market-maker or other liquidity provider). These payments can create a conflict of interest between the firm and its clients.

Regulated firms that wish to engage in payment for order flows will need to consider the FCA's rules in respect of the inducements regime, managing conflicts of interest and meeting the best execution requirements.

The UK market abuse regime is primarily set out in Regulation (EU) No 596/2014 of the European Parliament and of the Council of 16 April 2014 on market abuse as it forms part of domestic law of the UK by virtue of the EUWA (UK MAR). This contains prohibitions on insider dealing, unlawful disclosure of inside information and market manipulation.

Broadly speaking, the scope of the market abuse regime under UK MAR covers financial instruments (including security tokens) that are traded or admitted to trading on a trading venue or for which an application for admission has been made, as well as financial instruments whose price or value depends on or has an effect on the types of financial instruments referred to above. Certain provisions of UK MAR also apply to spot commodity contracts, financial instruments that affect the value of spot commodity contracts and behaviour in relation to benchmarks. However, FX transactions and unregulated crypto-assets (such as cryptocurrencies) are not generally captured by the regime.

Algorithmic trading, including high-frequency algorithmic trading, is regulated in the UK. Algorithmic trading requirements encompass trading systems, algorithmic trading strategies and trading algorithms.

The definition of algorithmic trading is limited to trading in "financial instruments" –defined by reference to specified investments in the RAO, which broadly maps the MiFID2 financial instruments categories. Therefore, algorithmic trading in asset classes which do not constitute "financial instruments" will not constitute "algorithmic trading" for regulatory purposes.

There are specific requirements for firms who engage in algorithmic trading to pursue a market-making strategy. In particular, such firms must:

  • carry out market-making continuously during a specified proportion of the trading venue’s trading hours so that it provides liquidity on a regular and predictable basis to that trading venue, except in exceptional circumstances;
  • enter into a binding written agreement with the trading venue; and
  • have in place effective systems and controls to ensure that it meets the obligations under the agreement.

There are no specific rules which distinguish between funds and dealers engaging in algorithmic trading.

Whilst providers of algorithmic trading systems are not typically subject to the same regulations as the firms employing their software, there are regulatory requirements that apply when developing and creating algorithmic trading programmes. Firms that engage in algorithmic trading must have effective systems and controls to ensure their trading systems. They must:

  • be resilient and have sufficient capacity;
  • be subject to appropriate trading thresholds and limits;
  • prevent the sending of erroneous orders, or the systems otherwise functioning in a way that may create or contribute to a disorderly market; and
  • not be used for any purpose that is contrary to UK MAR or the rules of a trading venue to which they are connected.

Market conduct considerations need to be a vital part of the algorithm development process. The FCA has noted that it is good practice for firms to consider, as part of their approval process, the potential impact of algorithmic trading strategies. The considerations would not be limited to whether a strategy strictly meets the definition of market abuse; rather, they would consider whether the strategy would have a negative impact on the integrity of the market and/or if it would likely further contribute to scenarios where there is wider market disruption.

The extent to which a financial research platform would be regulated in the UK depends on the exact nature of its activities and the content of the research it provides.

Licensing Requirements

If the research material were to be of a general and purely factual nature, it is unlikely that this would trigger any licensing requirements in the UK. However, if research materials were to provide recommendations in relation to individual securities, for example, it may constitute regulated investment advice. This would mean that the platform provider would need to be authorised by the FCA to provide investment advice.

Financial Promotion Restrictions

If the financial research platform produces content that would induce clients to enter into investment activity, this would constitute a financial promotion. There is a restriction prohibiting any person from issuing financial promotions unless that person is authorised, the content of the promotion is approved by an authorised person or, if the issuer of the financial promotion is not authorised, that person must rely on certain exemptions.

As discussed in 7.9 Market Integrity Principles, UK MAR prohibits insider dealing, unlawful disclosure of inside information and market manipulation. The dissemination of rumours and other unverified information –including through online channels –may, in some cases, constitute market manipulation.

Additionally, to the extent that a platform is providing investment advice, it must ensure that investment recommendations and supporting information are objectively presented, and disclose any conflicts of interest.

If the financial research platform is engaged in financial promotions, the content of any financial promotions must be clear, fair and not misleading.

UK MAR prohibits insider dealing, unlawful disclosure of inside information and market manipulation; see 7.9 Market Integrity Principles.

The FCA's Handbook provides descriptions of behaviour that amounts to market abuse. This includes taking advantage of occasional or regular access to the traditional or electronic media by voicing an opinion about in-scope investment while having previously taken positions on that investment, and profiting from the impact of the opinions voiced on the price of that instrument without having disclosed that conflict of interest to the public. It also includes pump and dump and trash and can schemes (which entail taking a position on an in-scope investment and disseminating misleading information about that investment with a view to changing its price).

Insurtechs have transformed and disrupted the underwriting processes used in the insurance industry. These firms typically use big data, often in conjunction with AI technology, to inform underwriting decisions, including pricing strategies and risk assessments.

Insurtechs must consider their regulatory obligations in relation to data privacy and data security and the use of big data and AI ethics (see 2.10 Implications of Additional, Non-financial Services Regulations).

In principle, all types of insurers are regulated in the same way. Subject to a few exceptions, they are all subject to the UK regime, which implemented the Solvency II Directive, and to prudential regulation by the PRA.

There is no specific regulatory regime for regtech providers.

Regtech providers typically provide technical services and so may be less likely to trigger a regulatory licensing requirement. However, such firms should assess whether they are conducting a regulated activity in light of their specific business model and the activities that they perform.

A regtech provider may need to reflect in its contractual terms any requirements relating to outsourcing, the processing of personal data, and potentially other regulatory requirements which will depend on the specifics of the business model and nature of activities being performed.

The financial services industry has been exploring the use of distributed ledger or blockchain technology in a number of areas, including cross-border payments and remittance, trade finance, and identity verification.

Financial institutions have traditionally taken a cautious approach to adopting blockchain technologies. Thisis likely due to reputational, data privacy and security considerations. However, there are increasing signs of growth assisted by regulators providing legal clarity in relation to blockchain-related activities. It is expected that legacy players will increase their use of private, permissioned blockchain networks, particularly where pilot projects have demonstrated the feasibility and benefits of use.

We have included a non-exhaustive list of the key developments in the regulatory framework applicable to blockchain technology.

  • The UK has brought custodian wallet providers and crypto-asset exchange providers into the scope of AML regulation. This is discussed in further detail in 7.3 Impact of the Emergence of Cryptocurrency Exchanges.
  • In 2018, a Cryptoassets Taskforce was announced which consists of the FCA, the Bank of England and HM Treasury. It published a joint report in October 2018 setting out the UK's policy and regulatory approach to crypto-assets and distributed ledger technology.
  • In July 2019, the FCA published a Policy Statement which provided guidance on when crypto-related activities will fall within the scope of its regulatory perimeter. The FCA set out a taxonomy for crypto-assets comprising: (i) security tokens, (ii) e-money tokens and (iii) unregulated tokens (including utility tokens and exchange tokens). This is discussed in 12.3 Classification of Blockchain Assets.
  • On 18 November 2019, the UK Jurisdiction Taskforce published a Legal Statement on Crypto-assets and Smart Contracts to address legal questions as regards the status of crypto-assets and smart contracts. In December 2019, these statements were referenced in a High Court judgment.
  • In December 2019, the UK tax authority (HMRC) published guidance in relation to the tax treatment of crypto-assets.
  • On 6 January 2021, a ban on the sale, marketing and distribution to all retail consumers of derivatives and exchange-traded notes that reference unregulated transferable crypto-assets by firms acting in, or from, the UK came into effect.

Additionally, some of the key proposals on changes to the UK regulatory regime in respect of crypto-assets are summarised below.

  • On 29 October 2020, an HM Treasury consultation closed. This proposed to bring a broader subset of crypto-assets within the FCA financial promotions regime. At present, security tokens and e-money tokens fall within the scope of the financial promotions regime, and the government is proposing to extend this to "unregulated crypto-assets".
  • In December 2020, the Bank of England published a report noting that it is exploring design choices for a systemic stablecoin regime. The Bank of England is due to publish a discussion paper on systemic stable token payment systems and the issues that may arise in connection with the introduction of a Central Bank Digital Currency.
  • On 7 January 2021, HM Treasury published a consultation on the UK regulatory approach to crypto-assets and stablecoins. The government is considering expanding the scope of regulated tokens to include stablecoins, ie, tokens which stabilise their value by referencing one or more assets, such as fiat currency or a commodity, and could for that reason more reliably be used as a means of exchange or store of value.

Whilst there is no specific legislation for blockchain assets, recent developments have made it clear that many uses of blockchain technology and related crypto-asset types could fall within the UK's regulatory perimeter. The versatility of blockchain and distributed ledger technologies means they can be used to perform various regulated activities. Therefore, the regulatory treatment of blockchain assets depends on the nature and characterisation of the blockchain asset and the context in which it is used.

The FCA has provided guidance in relation to crypto-assets. Currently, some (but not all) crypto-assets are regulated in the UK. The FCA has indicated that a case-by-case analysis is needed to determine the correct regulatory treatment of a particular crypto-asset or token, depending on “the token’s intrinsic structure, the rights attached to the tokens and how they are used in practice”. Therefore, the structure and substantive characteristics of the blockchain asset determine whether it is regulated in the UK.

The FCA has identified three broad categories of crypto-assets (comprising two types of crypto-assets which are regulated, and a residual category of unregulated crypto-assets), as follows.

  • Security tokens are crypto-assets with characteristics akin to certain specified instruments under the RAO (such as shares, debt instruments and units in a collective investment scheme), other than electronic money. Broadly, these are likely to be tokenised, digital forms of traditional securities.
  • E-money tokens are crypto-assets that meet the definition of electronic money under the EMR 2011. In general terms, this captures digital payment instruments that store value, can be redeemed at par value at any time, and offer holders a direct claim on the issuer.

Both security tokens and e-money tokens fall within the scope of the UK's regulatory perimeter as specified investments under the RAO.

  • Unregulated tokens are crypto-assets that are neither security tokens nor e-money tokens. This includes crypto-assets that the FCA refers to as exchange tokens (ie, cryptocurrencies such as Bitcoin) as well as utility tokens (eg, tokens used to buy a service or access a distributed ledger platform) and other types of unregulated crypto-assets.

The guidance clarifies that tokens can take a hybrid form and fall into different categories at different points in time.

There is no single regulatory regime for issuers of blockchain assets. An issuer may come within the scope of the UK's regulatory perimeter, depending on the nature of its activities.

In particular, issuers of blockchain assets should consider whether they are crypto-asset exchange providers as discussed in 7.3 Impact of the Emergence of Cryptocurrency Exchanges.

Issuers should be aware of potential future changes to the regulatory regime, including the HM Treasury's January 2021 consultation on the UK regulatory approach to crypto-assets and stablecoins, which considers expanding the scope of regulated tokens to include stablecoins. In December 2020, the Bank of England published a report on systemic stable token payment systems which noted that issuers or system operators that attain systemic status may become subject to regulation and enhanced requirements. See 12.2 Local Regulators’ Approach to Blockchain for further details.

The FCA has confirmed that "a firm wanting to create infrastructure for the buying, selling and transferring of security tokens (commonly known as exchanges or trading platforms) must ensure it has the appropriate permissions for the activities it wants to carry on". The regulated activities that may be triggered in relation to operating a trading platform are discussed in 7.1 Permissible Trading Platforms.

Additionally, blockchain asset trading platforms should consider whether they fall within the categories of crypto-asset exchange providers or custodian wallet providers as described in 7.3 Impact of the Emergence of Cryptocurrency Exchanges.

Funds that invest in blockchain assets are subject to the usual regulatory rules applicable to investment funds and collective investment schemes.

The FCA has confirmed that firms can gain exposure to unregulated tokens (such as exchange tokens) through financial instruments such as fund units and derivatives referencing those tokens. These financial instruments are likely to fall within the UK regulatory perimeter (even though they reference unregulated crypto-assets) as specified investments (eg, options, futures or contracts for difference under the RAO).

There is a ban on the sale to retail consumers of derivatives and exchange-traded notes that reference unregulated transferable crypto-assets, as discussed in 12.2 Local Regulators’ Approach to Blockchain

The UK regulatory regime is technology agnostic. The regulatory treatment of virtual currencies does not depend on whether they rely on blockchain technology.

See 12.3 Classification of Blockchain Assets for details on the regulatory classification of crypto-assets.

Decentralised finance (DeFi) is an umbrella term covering the use of blockchain technology which commonly takes the form of decentralised apps that use smart contracts to automate transactions to provide traditional financial services (such as loans and insurance) without human involvement.

An HM Treasury consultation published in January 2021 confirmed that, at present, certain DeFi activities could fall within the UK's regulatory perimeter, and the "government does not currently propose to bring specific DeFi activities into the scope of regulation", but this will be kept under review.

The PSR 2017 has facilitated the roll out of Open Banking by introducing regulation for third-party payment service providers (TPPs).

At present, nine of the UK's largest banks and building societies are required to make customer data available through Open Banking, but other smaller banks and building societies have also chosen to take part in Open Banking.

There may be an expansion of Open Banking to a wider range of accounts and financial products (such as savings, mortgages, consumer credit, investments and insurance) as part of the FCA's proposed Open Finance initiative. Open Finance has been identified as a strategic priority for the FCA.

The UK has also been considering similar broader initiatives as part of its Smart Data review; the Government proposed Next steps for Smart Data in September 2020.

The PSR 2017 includes rules on the access and use of data by TPPs as well as strong customer authentication (SCA) and secure communication standards, which address some of the concerns in relation to data sharing in the context of Open Banking.

Although regulatory rules introducing SCA requirements generally began to apply from 14 September 2019, the FCA granted certain sectors of the industry additional time to prepare and implement these requirements in order to minimise potential disruption to merchants and customers. The final implementation phase for e-commerce was also delayed by six months due to COVID-19, with the final application date pushed back to 14 September 2021. 

In the context of proposals for Open Finance, the FCA has noted that greater access to data gives rise to the potential for personalised pricing to almost an individual basis, which could lead to forms of discrimination. The FCA has emphasised the importance of ensuring that data is held securely and used in an ethical manner. To that end, it has proposed seven principles for data protection, customer consent tools and complaints handling.

Clifford Chance LLP

10 Upper Bank Street
Canary Wharf
E14 5JJ

+44 207 006 1000
Author Business Card

Trends and Developments


Freshfields Bruckhaus Deringer is a global law firm with a long-standing track record of successfully supporting the world's leading national and multinational corporations, financial institutions and governments on ground-breaking and business-critical mandates. Its global fintech team is set up to execute cross-border M&A transactions, navigate the complex web of crypto-regulation, mitigate cybersecurity threats, handle data analytics, steer privacy governance and explore distributed ledger technology with clients. With hubs in Hong Kong, Frankfurt, Singapore, London and Silicon Valley – and approximately 100 lawyers – the firm is well connected both within the ecosystem and to global regulators.


Let’s start our look ahead with a brief look back. To put it mildly, 2020 was a funny old year. For the UK fintech sector, it was a year of opportunities and dangers. Fintechs that serviced narrow market segments and were particularly impacted by COVID-19, such as the travel sector, struggled and looked to diversify either organically or through M&A. At the same time, those same lockdowns that forced us to stay at home meant that every demographic had to learn how to live their lives and manage their finances digitally. This widened the fintech sector’s market by supercharging the use of online and digital services while the use of cash continued to decline. It also provided an opportunity for the fintech community to demonstrate that, far from being the "problem children" of the financial services market, they are increasingly becoming responsible participants in an evolving financial system with an important contribution to make to the government’s socio-economic aspirations.

Life in lockdown

Life in lockdown also served to focus the minds of policymakers on the fintech sector's importance  to the UK economy, and the associated risks to consumers and financial stability that such reliance could pose. In the summer of 2020, the UK launched its Fintech Strategic Review which looked at all aspects of the fintech sector, from addressing challenges in obtaining growth funding to the UK’s attractiveness as an international hub. The final report was published in February 2021, setting out recommendations covering a broad range of areas, from the regulatory framework to tech visas to changes to the UK’s listing regime. In November 2020, the UK Chancellor reaffirmed the government’s focus on fintech when he set out its ambition for the future of UK financial services and signalled a proposal, articulated in January 2021  in the form of a consultation paper, to bring certain stablecoins within the regulatory perimeter.

BEIS Consultation

The importance of providers of AI and cryptographic authentication technologies, which underpin a large part of the fintech ecosystem, is also being considered by the UK Department for Business, Energy & Industrial Strategy (BEIS). At the time of writing, BEIS is consulting on whether providers of those technologies should fall within the scope of the mandatory notification rules under the National Security and Investment Bill.

Fintech in 2021

It is fair to say that the fintech landscape at the beginning of 2021 looks very different to that of just a year ago, and that this growth undoubtedly impacts 2021 as a whole. As the sector continues to deal with the fallout of COVID-19, we think we will continue to see high levels of M&A activity. It is also possible that the looming spectre of regulation in certain areas may continue the move towards consolidation. Data, as ever, will remain a key theme with ongoing scrutiny on the use of data by emerging fintechs, often in lieu of payment for conventional services.

In this article, we focus on four key developments in the UK fintech sector for 2021:

  • the approach to the regulation of crypto-assets;
  • the potential change in approach to regulating payments firms;
  • central bank digital currency; and
  • the power of fintechs and social media in financial markets.

Approach to Regulation of Cryptoassets

Having been first suggested in the UK’s Cryptoasset Taskforce Report in July 2018, and having been slightly delayed, HM Treasury finally published a consultation paper on a potential extension of the regulatory perimeter relating to cryptoassets. The timing of when we might expect to see final rules is unclear, but the paper indicates that we may see consultations from relevant regulators on detailed requirements for firms later in 2021.

The proposed approach set out in the consultation paper is broadly that the Treasury and Parliament would set out a framework of objectives and considerations, with detailed requirements being designed and implemented by the relevant financial services regulators via rules or codes of practice. Should this approach be adopted, the regulators will consult on detailed firm requirements. This is not only in line with the proposals on the UK’s future regulatory framework (under consultation at the time of writing), but also seems to be a pragmatic approach given the speed of developments in the crypto-asset world and the expertise and experience of the financial regulators.

Although the consultation paper covers a variety of topics, the two key areas we focus on here are the approach to stable tokens and the approach to exchange tokens.

Stable Tokens

The Treasury is proposing to introduce a regulatory regime for stable tokens used as a means of payment, which would cover firms issuing stable tokens and firms providing related services.

The paper uses the term “stable tokens” in relation to tokens which stabilise their value by referencing one or more assets, such as fiat currency or a commodity. Thus, at least in the view of the Treasury, these have more potential to be used reliably as a means of exchange or store of value. Stable tokens include other forms of tokenised payment and settlement assets, as well as central bank digital currencies (more of which below).

The UK government aims to ensure that tokens which could be reliably used for retail or wholesale transactions are subject to minimum requirements and protections, as part of a UK authorisation regime. The Treasury has indicated that where stable tokens share similar characteristics to e-money (eg, being linked to a single fiat currency), they should be subject to similar regulation – the principle of “same risk, same regulatory outcome”.

The Treasury listed a variety of activities which might bring firms into the scope of regulation including issuance of tokens, exchange into and from fiat currency, custody and transmission of funds. Although the paper does not detail the precise requirements, the Treasury is proposing a seemingly full regulatory regime akin to that which applies to e-money institutions. This would include the need for authorisation, prudential requirements, conduct rules, maintenance and management of the reserve of assets, safeguarding requirements and orderly failure and insolvency requirements.

Unregulated Tokens

The paper does not set out any prudential or conduct requirements for firms engaging in activities relating to exchange tokens, of which the most prominent example is Bitcoin. The Treasury is seeking further evidence on a variety of matters, including in relation to crypto-assets used for investment purposes, but, at this time, is not proposing to regulate this area.

“Exchange tokens” are tokens used as a means of exchange – broadly, to enable the buying and selling of goods and services. , These tokens are typically highly volatile, whereas stable tokens aim to hold their value against a reference asset. As a result, exchange tokens are less likely to be used for everyday payments and are more likely to be speculative investments.

The UK government is considering an approach in which business connected to exchange tokens could initially remain outside the perimeter for conduct and prudential purposes. However, such business would be subject to more stringent regulation in relation to consumer communications (dependent on the outcome of the Treasury’s consultation on this topic) and anti-money laundering (AML) regulation. The Treasury has also noted that exchange tokens may be subject to regulation in the future.

The Wider Context

The Treasury has taken a rather different approach to the EU Commission’s MiCA proposal: the scope of MiCA is considerably broader, covering all crypto-assets (including exchange tokens) and there is a significant amount of detail set out in the proposal itself. The Treasury paper looks very light in comparison.

The Treasury indicated that part of its rationale for taking its proposed approach to exchange tokens is that public understanding of the risks involved in investing in this space is improving and that the market remains comparatively small in relation to the broader financial services market. The implication is that the public can be sufficiently protected with the imposition of financial promotion requirements and additional AML obligations on those involved in crypto-asset business.

However, this does not sit well with recent developments or with the statement in the consultation paper that “[t]he size of the UK crypto-assets market is still relatively small, but rapidly growing”. Following Bitcoin’s recent rise in value (exceeding USD40,000 in early January 2021), the FCA published a timely warning that investors could lose all their money by investing in crypto-assets. The FCA also announced in October 2020 that its temporary ban on the sale to retail customers of derivatives over crypto-assets would be made permanent. The reasons for the ban are, for the most part, equally applicable to crypto-assets — not just crypto-asset derivatives.

Given these concerns and the amount of time since the Cryptoasset Task Force report that the Treasury has had to consider a potential crypto-asset regime, it is perhaps surprising that the Treasury did not take the opportunity to set out a more extensive regime. It could be a political choice to diverge from the EU proposals with the Treasury deliberately attempting to make the UK look more fintech-friendly. However, given the FCA’s view on crypto-asset derivatives, it seems likely that regulation of Bitcoin businesses will remain a topic of discussion.

Whether or not you consider the Treasury’s proposal will go far enough, 2021 seems set to be the year that certain crypto-asset businesses are brought within the regulatory perimeter. Will the UK’s "lighter touch" approach succeed in maintaining the delicate balance between consumer protection and promoting innovation? How that approach is viewed in comparison to the EU’s more comprehensive proposal may well determine the future success of the UK as a centre for crypto-asset activities.

Change in Approach to Regulation of Payments Companies

COVID-19 has accelerated the use of payments technology and ensured its continued importance. With social distancing, lockdowns and concerns over transmitting the virus physically, the proportion of payments made by card and other technology-based methods — both on and offline — has increased in the UK compared with cash usage. COVID-19 has increased usage of contactless payments in shops and the contactless card payment limit was increased from GBP30 to GBP45, with banks pushing for that to be increased further. There is an impact not only on those businesses providing services to consumers, but also on firms providing acquiring services to merchants; allowing them to accept non-cash payments. Given the increasing familiarity with alternative forms of payment, it is highly unlikely that cash usage in the UK will ever go back to pre-pandemic levels.

These trends have not escaped the attention of UK lawmakers and the regulatory landscape may look quite different for payments firms at the end of 2021. The UK Treasury is analysing the input from its Call for Evidence on the Payments Landscape, now expected in 2021, which sought input on what the Government and regulators can do to address persistent issues in the payments sector. The outcome of the Call for Evidence may well result in further regulatory change.

Of more direct impact for payment firms is the FCA's intention to consult in early 2021 on an update to its approach document on payment services and e-money. Firms should get ready for change: the FCA is unlikely to liberalise the existing regime, given the increasing importance of payments technology and the rapid developments in the sector. We have already seen the FCA consult on, and finalise, temporary additional guidance on safeguarding customers’ funds in light of the coronavirus pandemic and the FCA noted that it expects to incorporate this guidance as part of its approach document.

In addition, the final report of the Payment Systems Regulator’s market review into the supply of card-acquiring services (ie, services that allow merchants to accept card payments) is expected in 2021. The market review is intended to assess whether the supply of card-acquiring services is working well for UK merchants and, ultimately, consumers). An interim report was published in September 2020, with the final report being subject to further consultation. In particular, the interim report noted that while the provision of card-acquiring services to the largest merchants works well, the same conclusion does not apply to merchants with annual card turnover of less than GBP50 million. As a result, the PSR has suggested a number of remedies which may come into effect in 2021, such as requiring contracts for acquiring services to have an end date and facilitating comparison of prices and options available to merchants.

Central Bank Digital Currency

Over the last few years, there has been increasing discussion on the merits of central bank digital currencies (CBDC) and central banks will continue to explore their potential use cases in 2021.

The CBDC has been the cause célèbre of central banks in the blockchain era, given the compelling idea that the technological advantages of cryptocurrencies can be deployed to operate as central bank money – either for reserve or retail banking purposes. Proposals vary but, at its simplest, it involves representing every pound, dollar or yuan in digital form. Advantages may include speed of settlement and financial crime prevention and may also impact other areas such as tax collection and access to financial products. Central banks also see CBDC as a defensive manoeuvre to protect against the growing threat of mainstream cryptocurrency adoption.

2020 was a year of discussion and consultation on CBDCs. The Bank of England’s discussion paper on CBDCs was published in March 2020. It identified certain objectives and design principles for a UK CBDC and discussed the impacts of a CBDC on monetary and financial stability. Similarly, the Bank for International Settlements (BIS) – the organisation made up of 63 central banks including the Bank of England - published a report identifying the foundational principles and core features of CBDCs.

In both papers, however, concrete next steps were in short supply. The Bank of England’s report stated that the Bank “had not yet made a decision on whether to introduce CBDC, and intends to engage widely with stakeholders on the benefits, risk and practicalities of doing so” while the BIS report called for continued collaboration between central banks.

All of the above leaves 2021 looking unlikely to be the year that sees the introduction of a CBDC in the UK. But it may prove to be the year in which ground rules are laid. With technological aspects being as complex as the policy considerations, the most likely development will be follow-ups to 2020’s consultations, perhaps with a narrowed range of issues for consideration and more focused proposed use-cases.

Memes vs. Markets

The first weeks of 2021 saw fintech produce a theme for 2021 that few would have seen coming. Users on Reddit’s r/wallstreetbets forum rallied around struggling US-video game retailer Gamestop, causing its shares to rise from USD18 at the turn of the year to peaks of over USD480 by the end of January. Institutional investors holding short positions in Gamestop were squeezed and realised significant losses.

Bubbles and share price mania are nothing new. What makes the Gamestop saga a potential driver of change in 2021 is the manner in which it was predominantly enabled by a new generation of app-based share trading platforms. These apps which, in addition to little or no brokerage fees, allow users to take fractional positions in shares, have lowered the barriers to stock ownership.

While this “democratisation” of equity markets might be described as a fintech success story, it also appears to have opened up a new front in a culture war between retail and institutional investors, once again demonstrating fintechs' ability to disrupt market norms; creating new issues for regulators and market participants to deal with.

In the wake of Gamestop, other unfancied shares and commodities have seen surges — and retreats — on the basis of social media discussion. The trend looks likely to continue, posing various regulatory, financial and policy questions for the rest of 2021: to what extent do the actions of individual retail investors acting in concert as a result of online chat amount to market manipulation? Do equity markets, fintechs and regulators have a wider responsibility to protect retail investors from themselves? Do institutional investors need to adjust their positions to defend against greater irrationality in the market? In which other areas has fintech caused currently imperceptible but significant shifts in market dynamics?

Freshfields Bruckhaus Deringer LLP

100 Bishopsgate

+44 (0) 20 7936 4000

+44 (0) 20 7832 7001
Author Business Card

Law and Practice


Clifford Chance LLP has a market-leading, multi-disciplinary fintech practice with an unparalleled international reach, ranked Band 1 for Global Fintech Legal by Chambers. Clients approach the firm for advice on their most transformational fintech projects across key areas such as blockchain, smart contracts, digital assets, payments, AI, data, cyber and insurtech. The firm’s fintech clients range from tech-focused corporates branching out into financial services, banks and other financial institutions, regulators and governments, insurance companies, sovereign wealth funds, asset managers and private equity houses, right through to fintech and insurtech disruptors, start-ups and industry consortiums. The firm is deeply embedded within the UK and global fintech ecosystem and collaborates with leading industry-wide working groups, consortia and academic institutions, including R3, Global Digital Finance (GDF) and the Leverhulme Centre for the Future of Intelligence.

Trends and Development


Freshfields Bruckhaus Deringer is a global law firm with a long-standing track record of successfully supporting the world's leading national and multinational corporations, financial institutions and governments on ground-breaking and business-critical mandates. Its global fintech team is set up to execute cross-border M&A transactions, navigate the complex web of crypto-regulation, mitigate cybersecurity threats, handle data analytics, steer privacy governance and explore distributed ledger technology with clients. With hubs in Hong Kong, Frankfurt, Singapore, London and Silicon Valley – and approximately 100 lawyers – the firm is well connected both within the ecosystem and to global regulators.

Compare law and practice by selecting locations and topic(s)


Select Topic(s)

loading ...

Please select at least one chapter and one topic to use the compare functionality.