For the first time in UK history, cryptoassets are officially part of the financial regulatory system. Starting in 2025, HM Treasury made it clear: if you’re handling crypto in the UK, you’re now playing by the same rules as banks and investment firms. This isn’t a suggestion. It’s the law. And if you’re running a crypto exchange, issuing stablecoins, or holding crypto for clients, you need to get authorized by the FCA-or stop serving UK customers.
What Exactly Is Regulated Now?
The core of HM Treasury’s new rules is simple: five crypto activities are now regulated under the Financial Services and Markets Act 2000. If your business does any of these, you need FCA approval by 2026:- Operating a cryptoasset trading exchange
- Issuing qualifying stablecoins
- Dealing in qualifying cryptoassets (buying/selling for yourself or clients)
- Providing custody services for cryptoassets
- Arranging transactions in qualifying cryptoassets
These aren’t vague terms. A qualifying cryptoasset means any digital asset that functions like money or an investment-not just Bitcoin or Ethereum, but tokens tied to real-world value or used for payments. A qualifying stablecoin is one that’s pegged to a currency like the pound or dollar, and issued by a UK-based entity. That last part matters: if a stablecoin is issued in the US or Singapore, it’s not directly regulated under this law. But if a UK resident buys it, they’re still protected under other rules.
Why This Changes Everything
Before this, crypto firms in the UK operated in a gray zone. Some registered with the FCA for anti-money laundering checks, but that was it. No capital requirements. No consumer protection rules. No accountability if a platform collapsed. Now, firms must meet the same standards as traditional financial institutions: robust financial health checks, clear disclosure of risks, secure custody systems, and transparent operations.This isn’t just about safety-it’s about trust. When a UK-based stablecoin issuer like a fintech startup launches a digital pound token, users need to know it’s backed properly. If a crypto exchange goes bust, customers won’t be left with nothing because the platform didn’t have enough reserves. That’s the point.
And here’s the twist: truly decentralized platforms are exempt. If there’s no company, no team, no central authority controlling the code-like a permissionless DeFi protocol running on Ethereum-HM Treasury won’t try to regulate it. The FCA will only step in if someone can be identified as having control. That’s a smart move. Trying to regulate code that runs on thousands of computers worldwide isn’t practical. But regulating the companies that build interfaces, wallets, or bridges to that code? That’s doable.
Who Does This Apply To?
The rules have a clear geographic scope. If you’re a UK-based company doing any of the five regulated activities, you’re in. If you’re based in the US, India, or Brazil, but you actively market your crypto exchange or stablecoin to UK customers-yes, you’re still covered. HM Treasury made it clear: it doesn’t matter where you’re headquartered. If you’re targeting UK users, you need FCA authorization.This is a big deal for international firms. Many thought they could avoid UK regulation by operating offshore. Now they can’t. The FCA will monitor website language, payment options in GBP, and customer support in English to determine if you’re targeting UK users. Ignorance won’t be an excuse.
But here’s the flip side: if you’re a small crypto startup in London, this gives you a real advantage. You’re not competing with unregulated offshore platforms anymore. Customers can now tell the difference between a licensed, accountable firm and a fly-by-night operation. That’s good for honest players.
How Is This Different From MiCA?
The EU’s Markets in Crypto-Assets Regulation (MiCA) was the first major global framework. The UK’s approach is similar-but not identical. Both cover the same five activities. Both require FCA or ESMA-style authorization. But the UK didn’t copy MiCA word-for-word. It adapted it to fit its existing financial laws.One key difference: MiCA regulates all stablecoins, no matter where they’re issued. The UK only regulates stablecoins issued by UK entities. That means a US-based stablecoin like USDC can still be used in the UK, but the issuer isn’t directly regulated by the FCA. Instead, UK users are protected through anti-money laundering rules and consumer safeguards tied to the platforms they use.
This gives the UK more flexibility. It avoids overreach while still protecting consumers. It also lets UK-based stablecoin issuers compete on a level playing field with global players, without being forced to comply with extra layers of foreign regulation.
What’s Coming Next?
The 2025 draft was just the beginning. HM Treasury has already signaled what’s coming:- Updated anti-money laundering rules for crypto firms (published September 2025)
- Market abuse rules to prevent crypto price manipulation
- Admissions and disclosure rules for cryptoasset listings
- Detailed FCA rulebooks and authorization checklists
By mid-2026, firms will need to comply with all these layers. The FCA has already released a discussion paper on how it plans to supervise crypto firms-everything from stress testing custody systems to auditing reserve holdings for stablecoins.
For crypto-native companies, this is a massive undertaking. Many don’t have compliance teams, legal departments, or capital reserves. Traditional banks and asset managers already have these systems in place. That’s why some experts predict a wave of consolidation-smaller firms will either get bought by larger players or shut down.
What Should You Do Now?
If you’re running a crypto business in the UK, here’s your action plan:- Check if your activity falls under the five regulated categories. Don’t guess-read the official draft order.
- If yes, start preparing your FCA application. That includes financial statements, risk assessments, and proof of secure custody systems.
- If you’re not UK-based but serve UK customers, assess whether your marketing or operations trigger territorial jurisdiction.
- If you’re a DeFi developer or run a truly decentralized protocol, document your lack of central control. That’s your shield.
- Don’t wait. The FCA is already reviewing applications. Delays mean lost customers and revenue.
There’s no grace period. The clock started ticking in 2025. Firms that delayed are already falling behind.
What This Means for Everyday Users
If you’re not a business, this still affects you. In 2026, the crypto platforms you use will be required to:- Clearly explain fees, risks, and how your assets are held
- Not promise returns or guarantee profits
- Have insurance or reserves to cover losses in case of breach or failure
- Provide faster, clearer dispute resolution
That means fewer scams. Fewer sudden platform shutdowns. Fewer people losing life savings because a crypto firm ran out of cash. It doesn’t mean crypto is safe-it’s still volatile. But it means the platforms you use are now accountable.
And if you’re buying a stablecoin? You’ll know if it’s issued by a UK-regulated entity. That’s a big step toward trust.
Will This Kill Innovation?
Some say regulation will drive crypto firms out of the UK. Others say it will attract them. The truth? It’s already working.Since the draft rules were announced, London has seen a surge in applications from fintechs wanting to launch regulated stablecoins. Hedge funds are setting up crypto desks under the new regime. Venture capital is flowing into compliant crypto startups-not because they’re chasing hype, but because they know the rules now.
Regulation doesn’t kill innovation. Uncertainty does. Now that the rules are clear, builders can focus on products, not legal loopholes.
The UK isn’t trying to ban crypto. It’s trying to make it part of the financial system-responsibly. That’s not a threat. It’s an opportunity.
