FCA Publishes Three Major Cryptoasset Consultation Papers

Introduction

On 16 December 2025, the Financial Conduct Authority (FCA) released three consultation papers: CP 25/40, CP 25/41, and CP 25/42, establishing a comprehensive regulatory framework for cryptoasset activities in the United Kingdom. These publications follow the Treasury's laying of the draft Financial Services and Markets Act 2000 (Cryptoassets) Regulations 2025 (Cryptoasset Regulations) for parliamentary approval on 15 December 2025 and represent a significant expansion of the FCA's regulatory remit beyond its current oversight of cryptoasset promotions and anti-money laundering standards. 

Together, these three consultation papers establish a comprehensive regulatory framework covering cryptoasset trading platforms, intermediaries, lending and borrowing, staking, admissions and disclosures, market abuse, and prudential requirements for cryptoasset firms. It should be noted that a transitional period is intended for these proposals and the entire cryptoasset regime being introduced, on which further guidance and information will be provided by the FCA in due course.

CP 25/40: Regulating Cryptoasset Activities

CP 25/40 builds on DP 25/1 (see here for our article which discussed some of the proposals in DP 25/1) and sets out proposed rules and guidance for new cryptoasset activities not covered in CP25/14 and CP25/15, including: 

• operating a cryptoasset trading platform (CATP);
• intermediaries;
• lending and borrowing (L&B);
• staking; and
• the approach for decentralised finance (DeFi).

CP 25/40 Key Proposals

Trading Platforms: Firms operating CATPs in the UK or which serve UK customers (other than institutional clients) will be required to be FCA authorised and have a UK presence through either (i) a UK subsidiary, or (ii) branch and subsidiary model. Such UK CATP operators will be responsible for setting the rules for types and uses of algorithms used on the CATP, and for implementing the new Admissions and Disclosures (A&D) regime and the Market Abuse Regime for Cryptoassets (MARC). Accordingly, CATPs will be responsible for maintaining information barriers and insider lists, and will also be obliged to alert other platforms of their suspicions of market abuse to enable recipients of shared information to identify the person placing suspicious orders. CATPs may also obtain principal dealer permission within the same entity, enabling matched principal or proprietary dealing activities subject to strict execution, matching and conflict‑mitigation requirements, and must adopt additional safeguards when issuing or admitting their own tokens. The FCA has also recalibrated transparency requirements to improve proportionality, introducing size thresholds for pre‑trade transparency and allowing specific waivers and deferrals for certain transactions.

QCDDs: UK retail access will generally be limited to cryptoassets admitted to a UK‑authorised CATP supported by an A&D‑compliant qualifying cryptoasset disclosure document (QCDD), which operators must clearly signpost to users before orders are placed. UK issued qualifying stablecoins will have a separate QCDD in line with the requirements set out in CP 25/14. CQDDs are to be prepared by stablecoin issuers and lodged with a central FCA depository. Where a QCDD has been lodged with the FCA, the relevant asset can be offered to retail customers conditional on admission to trading on a UK CATP. Products which do not have a QCDD that are offered to overseas / qualified investors must not be offered to UK retail investors.

Intermediaries: Cryptoasset intermediaries, those dealing, arranging, or executing orders in qualifying cryptoassets, must meet strict best‑execution standards, ensuring clients receive the best possible outcome based on factors such as price, costs, speed and likelihood of execution, with retail orders assessed on total consideration including venue, gas and settlement fees in line with COBS 11.2A requirements. Any orders for UK retail or elective professional clients must be executed solely on UK‑authorised venues, and a cryptoasset (other than UK‑issued qualifying stablecoins) must be admitted to trading on at least one UK‑authorised CATP with an A&D‑compliant QCDD available before it can be bought or sold. Intermediaries applying to be authorised in the UK and serving retail clients will be expected to have a UK legal entity. Firms must also maintain functional separation between proprietary trading and client order execution, and practices such as Payment for Order Flow are generally unlikely to meet best‑execution, conflict‑management or inducements requirements.

Lending and Borrowing: Firms offering cryptoasset lending and borrowing services in the UK may be carrying on new regulated activities of dealing in qualifying cryptoassets as principal, dealing in qualifying cryptoassets as agent, and, or, arranging deals in qualifying cryptoassets, and thus will be required to be authorised. Cryptoasset lending and borrowing involve transferring qualifying cryptoassets with an obligation to return the same or equivalent assets, typically with yield or interest. The FCA proposes allowing retail access subject to specific mitigants. Firms will be required to give retail clients clear, comprehensive information on the service (covering assets, terms, risks, access, collateral, fees and any transfer of ownership) and obtain express consent to key terms for each agreement, while proprietary tokens are prohibited from use in L&B services. Borrowing must be fully collateralised with collateral provided upfront and valued above the cryptoassets lent, supported by prudent LTV, margin call and liquidation parameters designed to avoid short‑term triggers, and retail clients cannot lose more than the collateral they dedicate. Where retail clients provide express consent, collateral can be topped up to a maximum of 50% of the retail client’s initial collateral at the beginning of the contractual arrangement. Additionally, firms providing L&B services will be required to maintain accurate and comprehensive records with strict record keeping requirements.

Staking: The FCA highlights risks arising from low consumer understanding and reliance on third‑party validators for Staking. Regulated staking firms will be required to give retail clients clear, comprehensive information on the staking service (including the assets involved, liquid staking tokens where relevant, access to assets and rewards, transfer and return mechanics, engaged third parties, operational risks, fees and when information was last updated) and must obtain express consent to key terms each time assets are staked. They must also maintain extensive five‑year records covering daily staked amounts, safeguarding status, rewards earned and allocated, fees charged, client consents, activation and termination events, and any losses due to operational disruption. As for intermediaries and CATPS, authorised staking firms will be required to have a UK legal entity, and detailed location policy guidance is expected in Q1 2026.

DeFi: The FCA has confirmed that its core requirements will apply equally to DeFi arrangements wherever there is an identifiable controlling entity, and it does not intend to create a bespoke regime for DeFi firms. Instead, it will issue further guidance via a separate consultation on indicators of control or (de)centralisation, how DeFi models interact with CeFi, and how FSMA‑authorised firms should approach engagements with highly automated or decentralised firms.

CP 25/41: Admissions & Disclosures and Market Abuse

CP 25/41 which follows on from DP 24/4, sets out proposed rules and guidance for implementing and operating the Admissions & Disclosures (A&D) and Market Abuse Regime for Cryptoassets (MARC) regimes which are intended to be introduced under the Designated Activities Regime, pursuant to Part 5A of FSMA 2000.

It should be noted that in addition to the proposals in CP 25/41, the Cryptoasset Regulations also: 

• ban offers of qualifying cryptoassets other than those listed in Schedule 1 (including qualifying cryptoassets admitted to trading on CASPs or qualifying stablecoins);
• creates material information requirements for QCDDs to define the baseline disclosure standard; and
• creates a statutory compensation regime for untrue or misleading statements or omissions in QCDDs.

CP 25/41 Key Proposals

Admissions & Disclosures (A&D) 

CATPs’ role as the gatekeepers responsible for protecting consumers has been reinforced in these proposals. As such, CATPs must establish risk-based and objective admission criteria for assessing whether a proposed admission to trading for qualifying cryptoassets is likely to be detrimental to the interests of retail investors. Such criteria should take into account the non-exhaustive factors in CRYPTO 3.2, be reviewed and updated periodically, and is to be published on the CATP’s website. In addition, CATPs will be required to carry out due diligence on qualifying cryptoassets to be admitted to trading and they must reject an application for admission if they consider the qualifying cryptoasset is likely to be detrimental to retail investors. CATPs will also be required to publish a report of any information they were not able to verify. 

QCDDs are point-in-time disclosures and consistent with the treatment of prospectuses under the Public Offers and Admissions to Trading Regulations 2024, there is no ongoing obligation to update the document unless a significant new factor, or a material mistake or inaccuracy arises between publishing the document and being admitted to trading. Where this occurs a supplementary disclosure document (SDD) will be required. Post-admission, information is to be disclosed in line with the requirements under MARC to prevent insider dealing. The FCA does not propose to introduce PDMR-style disclosure obligations at this stage as it agrees with DP24/4 respondents that this will be disproportionate.

The FCA also proposes introducing a requirement for a short 'summary of key information' to be included in each QCDD, which should be no longer than 2 pages and written in plain English. QCDDs will be kept on the National Storage Mechanism (NSM) to provide free and consistent access in line with practice for other securities. For UK issued qualifying stablecoins, the disclosure requirements under CP 25/14 will also be required to be met and thus will have both website disclosures and a QCDD.

Issuers will primarily be liable for any misleading statements made in disclosures, pursuant to regulations 12 and 14 of the Cryptoasset Regulations.

Market Abuse Regime for Cryptoassets (MARC)

The MARC regime will include requirements to: 

• prohibit insider dealing in relevant qualifying cryptoassets;
• prohibit the unlawful disclosure of inside information;
• require the public disclosure of inside information on relevant qualifying cryptoassets admitted to trading on a CATP; and
• prohibit market manipulation. 

The proposed MARC rules require disclosure of insider information, recognition of legitimate market practices, measures to prevent and detect market abuse, information sharing between platforms to deter cross‑platform abuse, and the creation and maintenance of insider lists. Issuers, offerors and CATPs must publicly disclose inside information directly concerning them, and, reflecting DP24/4 feedback and proportionality, the FCA intends to require only large CATPs (those with at least £10 million in average annual revenue over the previous three years) to monitor on‑chain activity, with smaller CATPs and intermediaries exempt from this obligation. Examples of inside information can be found in CRYPTO 4.3.

CP 25/42: Prudential Requirements

CP 25/42 sets out the FCA’s proposed prudential framework for all cryptoasset firms requiring authorisation, extending earlier proposals in CP 25/15 to cover CATP operators, staking providers, arrangers, and dealers acting as agent or principal. 

The regime introduces Permanent Minimum Requirements (PMRs) ranging from £75,000 for arranging or dealing as agent, to £150,000 for CATPs and staking, and £750,000 for principal dealers. Firms must also meet activity‑based and exposure‑based K‑factor requirements covering operational risks (K‑CCO, K‑CTF, K‑CCS), market risk from net positions (K‑NCP), counterparty default risk (K‑CCD), and concentration risk (K‑CON), with obligations scaling to the size and nature of a firm’s business.

Alongside these quantitative standards, firms must maintain an “overall risk assessment,” embedding robust systems and controls to identify, monitor and mitigate risks that could cause material harm. This includes capital and liquidity forecasting for both ongoing operations and wind‑down scenarios, recovery action planning, wind‑down planning, and ensuring senior management oversight. Firms must hold sufficient own funds and liquid assets where risks cannot be adequately mitigated through systems and controls alone.

To support market discipline, the FCA proposes a tailored public disclosure regime requiring firms to publish information annually on risk management, own funds, capital requirements and, where relevant, group arrangements. Disclosures must include governing‑body‑approved statements on key risks, detailed breakdowns of K‑factor requirements, and clarity on intra‑group exposures and additional resources held to mitigate group‑related harms.

Consultation Closing Date

Firms can respond to these proposals and the queries raised by the FCA by submitting written feedback via the FCA's online response form or by email.

All three consultation papers close for responses on 12 February 2026.

Please note, this article is provided for general information purposes only and should not be relied upon as legal advice for any specific transaction or situation.

If you would like to discuss the FCA proposals or your organisation’s next steps, please speak to your usual Burges Salmon contact, Martin Cook (Partner, Fintech & Technology) or Eleanor Furlong (Associate, Corporate and M&A).