UK Cryptoasset Regulation — Action Points for 2026–27

On 15 December 2025, HM Treasury published the final draft of the Financial Services and Markets Act 2000 (Cryptoassets) Regulations 2025 (the Cryptoasset Regulations), which will establish a comprehensive UK regulatory framework for cryptoassets under the UK’s existing Financial Services and Markets Act 2000 (FSMA) framework. In addition, on 16 December 2025, the UK Financial Conduct Authority (FCA) published three consultation papers setting out proposed rules and guidance on (a) certain regulated cryptoasset activities, (b) the admissions, disclosures, and market abuse regime, and (c) the prudential framework, for authorised cryptoasset firms.

The Cryptoasset Regulations significantly expand the UK regulatory perimeter to cover a broad range of cryptoasset activities. Together with the FCA consultations, they provide firms with much greater clarity on how FSMA concepts will be applied to cryptoassets, including in relation to authorisation, conduct, disclosures, market integrity, and financial resilience.

The FCA has also provided further detail on the expected timeline for firms seeking authorisation under the incoming regime. As part of a wider update published on 8 January 2026 to help firms prepare, the FCA confirmed that it plans to open the “cryptoasset gateway” or applications as early as September 2026. This timetable suggests that firms may need to prepare and submit applications significantly earlier than many market participants had anticipated.

1. Qualifying Cryptoassets and Regulated Activities

Statutory framework

The Cryptoasset Regulations define which cryptoassets and activities fall within the UK regulatory perimeter by amending the Financial Services and Markets Act 2000 (Regulated Activities) Order 2001 (the RAO), which specifies which activities require FCA authorisation.

Which cryptoassets and activities are caught?

The Cryptoasset Regulations define three categories of cryptoassets:

• qualifying cryptoassets — the core category brought into regulation;
• qualifying stablecoins — a subset of qualifying cryptoassets; and
• specified investment cryptoassets — cryptoassets that also meet the definition of traditional financial instruments under the RAO.

The Cryptoasset Regulations also designate a range of cryptoasset-related activities as regulated activities, meaning that any person carrying on those activities by way of business, in the UK, must be authorised by the FCA unless an exclusion applies. As with other regulated activities regulated by the RAO (e.g., dealing in securities), the carrying on of in-scope cryptoasset-related activities will constitute a criminal offence under FSMA.

The regulated activities include:

•  issuing qualifying stablecoins;
• safeguarding and administering qualifying cryptoassets;
• operating a qualifying cryptoasset trading platform;
• dealing in or arranging transactions in qualifying cryptoassets; and
• carrying on qualifying cryptoasset staking.

The Cryptoasset Regulations include a range of exclusions, some aligned with existing securities and derivatives exclusions (e.g., the “absence of holding out” exclusion for dealing as principal), and others specific to cryptoasset markets, such as where the distribution of a qualifying cryptoasset occurred because it was automatically created as a reward for the maintenance of the distributed ledger or the validation of transactions.

Territorial scope

In terms of territorial scope, the Cryptoasset Regulations are designed to capture material UK-facing activity even where a firm is based outside the UK. This means that non-UK firms that provide the new types of regulated cryptoasset activities to UK persons can be caught by the new regime. However, there will be exclusions, notably when overseas cryptoasset firms serve only UK institutional clients (assuming those institutional clients are not acting as an intermediary to a UK consumer).

Timing of new regime

The Cryptoasset Regulations specify that the new regime will come into force on 25 October 2027, giving the FCA time to complete the consultation process described below.

FCA consultation CP25/40 — cryptoasset activities

Consultation Paper CP25/40 sets out the FCA’s proposed rules and guidance for firms carrying on some of these newly regulated cryptoasset activities.

For cryptoasset trading platforms (CATPs), the FCA proposes a comprehensive framework covering authorisation, governance, market operation, and client protection. CATPs would be required to maintain robust systems and controls, manage conflicts of interest arising from multiple roles, support fair and orderly trading, and comply with proportionate transparency, record-keeping, and reporting obligations. Further rulemaking is anticipated in related areas such as settlement requirements.

For cryptoasset intermediaries — that is, firms that deal in or arrange transactions in qualifying cryptoassets — the proposed requirements broadly align with those applicable to traditional investment intermediaries, adapted for crypto-specific risks. These include rules on governance, conflicts, best execution, order handling, and client reporting. For retail clients, intermediary activity is closely linked to the admissions and disclosures regime, with trading expected to generally be limited to cryptoassets admitted to trading and supported by compliant disclosure documentation.

CP25/40 also confirms that cryptoasset lending, borrowing, and staking will be regulated activities requiring specific FCA permissions. Retail participation is permitted but subject to enhanced safeguards, including clear risk disclosures and express client consent. The FCA does not propose a bespoke regime for decentralised finance; instead, its core requirements will apply where there is an “identifiable controlling entity” carrying on one or more of the new regulated cryptoasset activities. The industry can expect further guidance and consultations on this concept in the near future.

2. Public Offers and Admissions to Trading for Cryptoassets

Statutory framework

The Cryptoasset Regulations establish a designated activities regime governing public offers of qualifying cryptoassets in the UK and the admission of qualifying cryptoassets to trading on CATPs. Public offers are generally prohibited unless a statutory exemption applies. The Cryptoasset Regulations provide the basis for FCA rules on disclosure content, responsibility, and liability, including civil liability for misleading statements or omissions, subject to exemptions and a forward-looking statements safe harbour.

FCA consultation CP25/41 — Admissions and Disclosures (A&D) regime

Consultation Paper CP25/41 sets out the FCA’s proposed rules and guidance on the A&D regime for cryptoassets.

Under the A&D regime, CATPs would be required to apply objective, risk-based admission criteria, conduct due diligence on cryptoassets seeking admission, and ensure that a Qualifying Cryptoasset Disclosure Document (QCDD) is prepared and published before trading begins. The FCA proposes detailed content and responsibility requirements for QCDDs, mechanisms for updating disclosures where material changes arise, and a centralised filing and publication process via CATP websites and an FCA-operated repository. Tailored disclosure requirements would apply to UK-issued qualifying stablecoins.

3. Market Abuse Regime for Cryptoassets

Statutory framework

The Cryptoasset Regulations introduce a cryptoasset market abuse regime applying to relevant qualifying cryptoassets admitted, or seeking admission, to trading on a qualifying cryptoasset trading platform. This regime adopts concepts aligned with the existing UK Market Abuse Regulation, including insider dealing, unlawful disclosure of inside information and market manipulation, supported by FCA rulemaking on systems, controls and enforcement.

FCA consultation CP25/41 — Market Abuse Regime for Cryptoassets (MARC)

CP25/41 also consults on the new MARC. Under MARC, the FCA proposes prohibitions on insider dealing, unlawful disclosure, and market manipulation, supported by guidance on how these concepts apply in a cryptoasset context. Issuers, offerors, and CATPs would be responsible for disclosing inside information that directly concerns them, with requirements on timing, delay, and dissemination. Firms would also be required to maintain proportionate market abuse systems and controls, with enhanced obligations for larger CATPs, including on-chain monitoring and cross-platform information sharing. The FCA also proposes to recognise certain legitimate cryptoasset market practices, such as coin burning and crypto-stabilisation.

4. Prudential Regime for Cryptoasset Firms

In Consultation Paper CP25/42, the FCA consults on a comprehensive prudential regime for authorised cryptoasset firms, extending earlier proposals for stablecoin issuance and custody to all newly regulated cryptoasset activities. The proposed framework mirrors the prudential structure for UK investment firms but is tailored to cryptoasset-specific risks.

Firms would be required to meet minimum capital requirements based on the highest of a fixed permanent minimum, a proportion of fixed overheads, or activity-based risk metrics (K-factors) calibrated to cryptoasset exposures. The FCA also proposes ongoing internal risk assessments akin to the internal capital and risk assessment exercise for Investment Firms Prudential Regime investment firms, covering business model sustainability, capital and liquidity planning, stress testing, recovery actions, and wind-down planning, alongside minimum liquid asset requirements. Tailored public disclosure obligations would apply in relation to firms’ risk management, capital, and group arrangements.

5. The Timeline for Applications

In its update published on 8 January 2026, the FCA provided further clarity on the expected authorisation timetable through its proposed cryptoasset application gateway, which has important practical implications for firms that will need to be licensed under the new regime. The FCA has indicated that it expects to open the gateway for applications in September 2026, well ahead of the regime’s expected commencement on 25 October 2027, although the closing date for the gateway has not yet been confirmed.

In practical terms, the timing of an application will materially affect a firm’s ability to continue providing cryptoasset services in the UK.

A. Application submitted during the gateway window
Firms that submit an application during the gateway period should have their applications assessed by the FCA ahead of commencement of the new regime. Crucially, even if the FCA has not determined the application by 25 October 2027, these firms would generally be permitted to continue carrying on cryptoasset activities pending the FCA’s decision, providing continuity of service after the regime comes into force.

B. Application submitted after the gateway window but before 25 October 2027
Firms that do not apply during the gateway period may still submit an application before the regime commences. However, if the FCA has not determined their application by 25 October 2027, those firms risk being unable to carry on new UK cryptoasset business until authorised and may be limited to a narrow contractual run-off regime in respect of their pre-existing arrangements.

C. Application submitted after 25 October 2027
Firms that have not applied by the time the regime comes into force, and which submit an application only after 25 October 2027, will not benefit from any transitional arrangements. In those circumstances, firms would generally be prohibited from carrying on regulated cryptoasset activities in the UK unless and until FCA authorisation is granted.

The FCA has also indicated that it will aim to determine applications submitted through the gateway ahead of commencement of the regime. This implies that firms will need to be substantively prepared at the point of submission, notwithstanding that aspects of the detailed rulebook and application materials remain subject to consultation. As a result, firms may need to begin authorisation planning and internal readiness work significantly earlier than many market participants had anticipated.

6. Next Steps for Firms

The FCA consultation papers have a deadline for responses of 12 February 2026; the FCA will issue a policy statement with final rules later in the year.

In light of the Cryptoasset Regulations, the FCA’s consultation papers, and the updated timetable for the cryptoasset application gateway, firms should now focus on the following.

• Scoping activities: Mapping existing and planned activities against the new regulated and designated activity categories.
• Authorisation and permissions: Assessing whether FCA authorisation or additional permissions will be required and whether exclusions or transitional arrangements may apply.
• Gateway readiness and timing: If authorisation is required under the new regime, planning for the expected opening of the cryptoasset application gateway in September 2026, including ensuring that the business is substantively prepared to submit a complete application during the gateway window to minimise the risk of disruption when the regime comes into force.
• Admissions, disclosures, and market conduct: Reviewing issuance, listing, trading, and surveillance arrangements against the proposed A&D and MARC frameworks.
• Prudential readiness: Evaluating capital, liquidity, governance, recovery, and wind-down implications under CP25/42.
• Regulatory engagement: Considering whether to respond to the consultations (closing 12 February 2026) and monitoring further FCA guidance expected during 2026–27.

Early planning will be critical to managing regulatory risk and ensuring readiness ahead of the regime’s expected commencement on 25 October 2027.