Key takeaways from FCA Consultation Paper 25/40 on regulating cryptoasset activities

The Consultation Paper sets out the FCA’s proposed rules and guidance for some of the new cryptoasset regulated activities that are being introduced by the UK government under the Cryptoasset Regulation published on 15 December 2025 (see here for further information on the Statutory Instrument laid before Parliament).

The main areas covered in the FCA Consultation Paper are summarised below. If you have any specific questions or concerns in relation to this Consultation Paper or any other aspect of the UK's cryptoasset regulatory regime, please reach out to the Hogan Lovells team.

Cryptoasset Trading Platforms

Cryptoasset Trading Platforms (“CATPs”) are platforms that facilitate the exchange of a qualifying cryptoasset for money or other qualifying cryptoassets. The FCA’s intention is to ensure that consumers are protected, whilst allowing access to global liquidity but also allowing for effective supervision.

Key focus is on:

• Authorisation
  
  Firms that operate a CATP serving UK clients will need to be authorised by the FCA, unless there is a specific exemption. As part of this process, the FCA will take into consideration the legal structure and the location of the entity in question.
  
  The FCA will require firms seeking UK authorisation to have a UK presence; this usually means having a UK subsidiary that is the authorised entity, but the FCA also proposes that, in certain situations, a UK CATP operator can combine a UK legal entity presence with UK authorisation of an overseas CATP via a UK branch.
  
  To assist international cryptoasset firms seeking UK authorisation, the FCA proposes to issue separate guidance, which it will consult on in Q1 2026.
• Platform access and operation
  
  The FCA rules aim to ensure that CATPs allow for fair and non-discriminatory access, as well as have in place robust systems and controls both in terms of governance. CATPs will be obliged to manage access and prevent any form of discriminatory routing or preferential treatment. UK CATP operators will also be required to mitigate appropriately against the risks of disorderly markets that can arise from poor use of trading algorithms.
  
  Firms must also ensure that trades are executed to support the best outcomes for clients. This follows questions raised in DP 25/1 on whether traditional concepts such as best execution could apply to cryptoasset trading. The FCA has landed on applying these rules but remains flexible as to how this is achieved. The Consultation Paper cross-references CP25/25 which was published earlier this year in relation to CATPs’ operational resilience/SYSC requirements.
• Conflicts of interest
  
  The FCA notes that specific conflicts issues arise in relation to CATPs. Examples include operating a trading venue whilst dealing on own account; acting as an intermediary; and listing or issuing cryptoassets whilst providing custody and lending services.
  
  The FCA requires clear functional separation where this is possible and governance controls where this is not possible. However, the FCA has not proceeded with some of the proposals from DP25/1 which would have prevented CATPs from issuing their own tokens or admitting trading tokens in which they have a financial interest.
• Transparency record keeping and reporting
  
  The FCA rules will require pre and post trade transparency that will assist price formation. CATPs will have tailored reporting obligations, both to clients and the FCA. The FCA will not require order-by-order data to be reported to them but will require firms to provide clients with reporting data and to maintain records for supervisory requests.
  
  This is a more calibrated and proportionate approach in comparison to what was set out in DP 25/1.
• Market Integrity
  
  CATPs must have systems and controls to detect and prevent market abuse, monitor activity for suspicious patters and cooperate with the FCA. These rules are detailed further in CP 25/42.
• Settlement arrangements
  
  The FCA proposes for firms to have flexibility over whether they internalise settlement or arrange it externally. In either case, they must ensure their clients understand the firm’s settlement responsibilities.

The FCA has set out high level expectations and said it will consult separately on detailed settlement-related rules for CATPs and intermediaries in H1 2026. In DP 25/1 this was set out as a central risk.

Further rules are also under consultation for how CATPs will be responsible for complying with admissions and disclosure rules and the market abuse regime - see CP 25/41.

Cryptoasset intermediaries

Cryptoasset intermediaries will be required to apply for authorisation with the FCA. A cryptoasset intermediary is anyone who deals in qualifying cryptoassets (either as principal or agent) or arranges deals in qualifying cryptoassets.

The Consultation Paper sets out the rules that it is proposed will apply to cryptoasset intermediaries on authorisation, systems and controls, conflicts of interest, best execution considerations, client reporting and record-keeping, and settlement responsibilities. In many respects, the FCA has aligned its requirements with those for traditional regulated investments (such as securities), whilst tailoring the rules for cryptoasset-specific issues.

• General execution and dealing rules: As is the case for traditional investments, firms will be required to provide best execution and to act fairly, honestly and professionally, in the best interests of their clients. Intermediaries will have to establish and maintain order-handling and execution arrangements that are appropriate to the nature, scale and complexity of their business.
• Specific eligibility and execution requirements for retail users: When dealing with retail clients, cryptoasset intermediaries may only arrange or execute trades in cryptoassets that are admitted to trading on a UK CATP and are supported by a compliant Qualifying Cryptoasset Disclosure Document. It will be the responsibility of the intermediary to ensure that retail clients receive the appropriate disclosures before execution and do not trade in ineligible or non-admitted assets.
• Rules to manage specific conflicts of interest: Intermediaries will be subject to specific rules regarding conflicts of interest.
• Transparency, record keeping and reporting requirements: Intermediaries who deal in cryptoassets as principal and who are above a certain size will be subject to pre-trade transparency requirements. All intermediaries will be required to record and store details of their transaction and report to clients in certain situations.
• Settlement and Safeguarding: Where applicable, intermediaries will be required to have arrangements to ensure trades are settled in a timely and effective manner. In Q1 2026, the FCA will consult on more detailed proposals for settlement-related requirements for intermediaries and on guidance about the scope of the temporary settlement exclusion from the regulated activity of ‘safeguarding’.

Cryptoasset lending and borrowing

The FCA confirms that cryptoasset lending and borrowing will be brought within the FCA regulatory perimeter as a regulated cryptoasset activity and firms must hold the specific cryptoassets lending/borrowing permission to carry out this activity. This includes lending cryptoassets to third parties, borrowing cryptoassets from clients and arrangements where clients earn a return through lending or rehypothecation of their cryptoassets.

This position has developed from DP25/1 where discussion focused on whether this activity should be regulated at all and whether it should be treated as an ancillary activity to trading.

Firms engaging in lending and borrowing (“L&B”) of cryptoassets will need to bear the following in mind:

• Retail access: One of the key developments from DP25/1 is that the FCA has refrained from prohibiting retail access to cryptoasset lending and borrowing but instead treats it as a high-risk activity which requires enhanced safeguards. The FCA proposes strengthened disclosure, express consent and conduct and governance requirements to mitigate against the risks in respect of retail lending.
• Disclosures: L&B firms will be required to provide clear, prominent and tailored risk disclosures before a client enters an L&B arrangement. The disclosures must include information such as (but not limited to): the transfer and return of the qualifying cryptoassets; the retail client’s access to their qualifying cryptoasset; and the risks and any material information which may aid the understanding of the retail client.
• Express consent: A key theme in this Consultation Paper is that retail clients must provide express, informed consent to the key terms of an L&B arrangement. This must be affirmative, obtained before the assets are used and clearly cover the specific disclosures. Records of the consent must be retained.
• Use of proprietary tokens for L&B: As suggested in DP25/1, the FCA proposes that firms will not be able to use their own proprietary tokens in connection with their L&B services.
• Margin calls and liquidation: Firms will be required to obtain a retail client’s express consent in order to supplement collateral held with additional assets. The supplementary amount must not exceed 50% of the market value of the initial collateral. In addition, retail clients will only be able to receive over-collateralised borrowing services and there must be negative balance protection to prevent retail clients losing more than the amount of the collateral. Firms will also be required (for all clients, not just retail clients) to model and set appropriate and reasonable LTV, margin call and liquidation levels.

The FCA has decided not to apply the rules for traditional consumer credit (CONC) to cryptoasset borrowing, as it had been considering in DP25/1.

Staking

Staking is one of the new forms of regulated cryptoasset activity and will require a specific permission from the FCA. The regulated activity of cryptoasset staking arises where a firm facilitates or provides staking services to clients. This captures custodial or pooled staking services, arrangements where a firm stakes clients’ cryptoassets on their behalf and models where staking rewards are generated and distributed by the firm.

• Regulatory approach: Staking will not be prohibited to retail clients but is considered a higher risk service, and so there will be additional safeguards in place. The FCA also differentiates between self-staking (where no service is provided) and intermediated staking (which will be in scope of these rules).
• Risk disclosures: Much like the requirements proposed for cryptoasset L&B firms, staking firms must set out key risk disclosures including information about the transfer and return of cryptoassets and any rewards, the access to cryptoassets and rewards during staking as well as the implications of any transfer of ownership of the cryptoassets and the risks of loss of cryptoassets due to operational disruption.
• Consent: Once again, firms will need to ensure that there is expressed, informed consent before cryptoassets are staked and that it is clear the client has understood the risks and the status of their assets. Staking will require a specific consent and not just a general consent.
• Marketing and product governance: staking must be marketed clearly without misleading emphasis on the yields it may generate. It is important to note that Financial Promotions rules and Consumer Duty will apply to regulated staking firms.
• Governance and operational resilience: DP25/1 proposed regulated staking firms must compensate retail clients’ losses from preventable operational and technological failures. This was dropped in this Consultation Paper following feedback that these risks were quite low to justify standard compensation mechanism. Instead, subject to consultation responses, regulated staking firms will be subject to existing FCA rules, including the operational resilience framework outlined in CP25/25.

Decentralised Finance (DeFi)

The FCA does not propose to regulate DeFi as such in its latest publications, but the FCA does regulate activities and responsible persons where these fall within the regulatory perimeter. In this Consultation Paper, the FCA explicitly discusses the position of firms engaging in DeFi.

Whilst DP25/1 discussed the possibility of a bespoke framework for DeFi firms, the Consultation Paper moves towards integrating DeFi within the main cryptoasset framework. The FCA proposes to apply rules and guidance to firms engaging in DeFi where there is a clear controlling person(s) carrying on one or more of the new cryptoasset activities. This is in line with the Treasury’s legislative intent and the FCA’s principle of ‘same risk, same regulatory outcome'.

The FCA says it will consult on and issue DeFi guidance – specifically on:

• Indicators of control/(de)centralisation and interaction with Centralised Finance (CeFi); and
• Additional guidance for FSMA authorised firms (including new cryptoasset firms) when interacting with firms with a high degree of automation/decentralisation.

Authored by John Salmon, Lavan Thasarathakumar, Dominic Hill, and James Sharp.