FCA DP23/4: UK Regulation of Stablecoins

On 6 November 2023, the UK Financial Conduct Authority ("FCA") set out proposals for its regulation of fiat-backed stablecoins ("DP 23/4"). DP 23/4 invites stakeholders to provide feedback by 6 February 2024.

DP 23/4 forms part of a wider set of publications, including HM Treasury ("HMT")'s intention to regulate cryptoassets; HMT published its 'Future Financial Services Regulatory Regime for cryptoassets, response to consultation and call for evidence' on 30 October 2023, at the same time as HMT issued its 'Update on Plans for the Regulation of fiat-backed stablecoins'. The Bank of England ("BoE") also issued a discussion paper on the 'Regulatory regime for systemic payment systems using stablecoins and related service providers' on 6 November 2023. These publications come against a background of discussion around the regulation of stablecoins by regulators across the globe.

Together, these publications set out plans for legislation to create a regulatory regime in the UK for fiat-backed stablecoins, which is part ("Phase 1") of a wider plan to bring other cryptoasset-related activities into the scope of the Regulated Activities Order ("RAO") ("Phase 2"). The phased approach is intended to provide a degree of flexibility for firms wishing to undertake Phase 1 activities as "early adopters" and for those businesses which intend to focus only on Phase 2 activities.

This alert looks specifically at DP 23/4, which includes FCA's response to HMT's proposals for 'payment arrangers' in its Update on Plans for the Regulation of fiat-backed stablecoins'. Together these proposals form the core of Phase 1, a regulatory framework designed to harness the opportunities and mitigate risks present in the current stablecoin market.

What are fiat-backed stablecoins?

Phase 1 aims to create a regulatory regime for fiat-backed stablecoins. The FCA refers to the Financial Stability Board's approach to stablecoins as "a category of cryptoassets that aim to maintain a stable value relative to a specified asset, or basket of assets, providing perceived stability when compared to the high volatility of unbacked cryptoassets" and adopts the same definition.

A fiat-backed stablecoin as issued by an FCA authorised issuer (a "regulated stablecoin") is expected to include stablecoins that seek to maintain a stabilised value by reference to (and which may include the holding of) one or more specified fiat currencies.

What activities will fall in scope of the new rules?

DP 23/4 sets out proposals for the FCA to regulate:

• the issuance and/or custody of regulated stablecoins under the Financial Services and Markets Act 2000 ("FSMA") by introducing these as activities to the RAO; and
• the use of regulated stablecoins as a means of payment under the Payment Services Regulations 2017 (the "PSRs").

What requirements will apply to regulated stablecoin issuers?

A firm that issues regulated stablecoins will need to obtain FCA authorisation under Part 4A FSMA to do so in or from the UK.

Regulated stablecoin issuers will be expected to ensure that (i) their regulated stablecoins maintain their value relative to their reference currency or currencies, and (ii) the regulated stablecoin's value can promptly be redeemed at par value by the holder.

To meet these expectations, the FCA proposes that issuers will need to hold sufficient backing assets which are stable in value and sufficiently liquid to enable consumers to redeem the regulated stablecoins promptly. Proposed requirements in respect of backing assets include:

• restricting backing assets to low risk, highly liquid and secure instruments and cash deposits to protect consumers;
• restricting regulated stablecoin issuers from paying income or interest gained from backing assets to consumers;
• record keeping requirements for firms holding regulated stablecoin backing assets;
• measures to address discrepancies (i.e. where backing assets are either greater in value or less in value than required, the FCA is considering applying the same approach as currently applied under the CASS Client Assets sourcebook ("CASS") of the FCA Handbook for firms holding excess client assets); and
• requiring backing assets for regulated stablecoins to be held on statutory trust and, where a firm issues more than one regulated stablecoin, to ensure that each coin's backing assets are segregated from each other.

The FCA highlights concerns with stablecoin issuers' current redemption practices and policies. Specifically, recourse to redemption can be restricted to wholesale users and stablecoin issuers' redemption policies can be unclear, unreasonable and disproportionate. The FCA proposes requiring that all stablecoin issuers will need to ensure redemption at par to all holders of the regulated stablecoin by the end of the next UK business day after receiving the redemption request, as well as imposing more specific requirements around redemption policies and transparency around the fees charged.

Certain CASS provisions will also apply to regulated stablecoin issuers. For example, the FCA is considering imposing requirements to appoint a 'CASS oversight officer', conduct an annual independent audit to review CASS compliance and provide the FCA with monthly reports on their regulated stablecoin backing asset holdings. The FCA asks for views from stakeholders around the optimal custodian model for safeguarding regulated stablecoin backing assets.

What requirements will apply to regulated stablecoin custodians?

Firms carrying out custody activities in relation to regulated stablecoins (i.e. issued by an authorised person and which fall into the definition above) will also need to obtain FCA authorisation under Part 4A FSMA.

The FCA explains that the present lack of a clear regulatory framework could create uncertainty in the event of a regulated stablecoin custodian's insolvency, and in turn cause harm to consumers (through delay in the return of assets, extra costs or a loss of assets).

To ensure adequate protection of clients' regulated stablecoins while in the custody of a custodian, the FCA proposes applying certain core components of existing custody provisions in CASS. As an overview, regulated stablecoin custodians would be expected to maintain:

• Adequate arrangements to protect clients' rights to their cryptoassets (regulated stablecoins) – i.e. segregation of clients' regulated stablecoins from their own, as well as adequate records to correctly identify the owners of assets held in custody at all times.
• Adequate organisational arrangements to minimise the risk of loss or diminution of clients' custody assets – for example, due to misuse, fraud, poor administration, inadequate record-keeping, use of assets as part of money laundering, illicit activities or negligence.
• Accurate books and records of clients' custody assets holdings – this goes to the record-keeping requirements that the FCA is considering imposing upon custodians, to ensure that they can distinguish the assets held for each client accurately. The FCA is considering requiring custodians to conduct reconciliations to identify and resolve any discrepancies promptly (taking into account on- and off-chain internal and relevant external records).
• Adequate controls and governance to protect clients' custody asset holdings – the FCA explains that it is considering requiring custodians that use sub-custodians (or other third parties) to comply with additional due diligence and contractual requirements.

What existing requirements will apply to both regulated stablecoin issuers and custodians?

Organisational requirements

The FCA are considering applying the following organisational requirements (that already form part of its existing regulatory framework) to regulated stablecoin issuers and custodians:

• The Senior Management Arrangements, Systems and Controls ("SYSC") sourcebook, to ensure robust governance arrangements with clear lines of responsibility, effective risk management and internal control mechanisms.
• Operational resilience requirements (under SYSC 15A), noting that regulated stablecoin issuers and custodians should be operationally resilient and understand the processes, technology, people and information that are critical to their business. This aligns with the IOSCO Policy recommendations for Crypto and Digital Asset Markets.
• Financial crime rules (under SYSC 6), as well as existing requirements under the FSMA and MLRs, to ensure that regulated stablecoin issuers and custodians assess how their operations might be misused by criminals.
• The Senior Managers & Certification Regime. In particular, the FCA:
• is considering applying the current 'enhanced firm' categorisation to regulated stablecoin issuers and custodians where they meet the criteria;
• expects the certification functions linked to 'significant management', 'CASS oversight' and 'anyone who supervises or manages a Certified Person' to apply, as well as additional certification functions (such as liquidity management of backing assets held for regulated stablecoins); and
• all existing components of the conduct regime would be expected to apply, with no changes.

Conduct of business and consumer redress

In DP 23/4 the FCA consulted the following standards applying (subject to changes following feedback):

• The FCA's 'Principles for Business', which express the key elements of the FCA's 'fit and proper' standards set by the FSMA Threshold Conditions.
• The Consumer Duty, which introduced the principle that "a firm must act to deliver good outcomes for retail clients" and requires firms providing services to consumers to consider the needs, characteristics and objectives of their customers at every stage of the customer journey. Even if an issuer does not issue directly to consumers, the Consumer Duty could still apply if the distribution chain reaches to consumers.
• The Conduct of Business Sourcebook ("COBS"), where the FCA draws particular attention to the COBS rules on inducements, client categorisation and disclosure requirements regarding information on the firm and services, costs and charges and transaction statements. It will be interesting to see the market response to this proposal: COBS is principally designed with investment services in mind and while the FCA hazards that the use of regulated stablecoins may expand in the future to be used as investments, as well as for payments, this is less intuitive where the objective is that they have a stable value and (it is proposed) will not be able to offer interest, income or returns. Where their principal purpose will be for payment transactions, it may be thought that the equivalent (and to a great extent overlapping) conduct standards contained in the Payment Services Regulations 2017 would be a better place to start, particularly if payment services providers offering payment services using regulated stablecoins (and possibly certain unregulated overseas stablecoins) will need to comply with these standards.
• The FCA's conflict of interest rules (SYSC 10), which set out the importance of identifying and preventing, or otherwise managing, conflicts of interest between the firm and its client, or individual clients.
• The FCA also proposes that other high-level standards should apply to regulated stablecoin issuers and custodians, such as the General Provisions and the Fees Manual.
• In terms of consumer redress, it is proposed that the FCA's 'Dispute resolution: Complaints' sourcebook will apply, to ensure that regulated stablecoin issuers and custodians handle complaints from consumers fairly and effectively. The FCA explains that it would also be appropriate for customers of regulated stablecoin issuers and custodians to have recourse to the Financial Ombudsman Service if a complaint is not resolved.
• The FCA states that it will not propose extending the Financial Services Compensation Scheme ("FSCS") to cover regulated stablecoin issuers or custodians. This is due to the (currently) unquantifiable levels of harm or residual risk that may arise. The FCA has previously stated that compensating consumers where they have chosen to engage in higher risk services or products might create wrong incentives amongst consumers and firms. This position will be kept under review.

Prudential requirements

The FCA proposes a new prudential sourcebook, referred to as 'CRYPTOPRU', which will set activity-based prudential requirements that will apply cumulatively, along with other activity-based prudential requirements. The FCA will use the current 'Investment Firms Prudential Regime' ("IFPR") as a starting point, with requirements tailored to capture the risks associated with regulated stablecoin issuers and custodians. For example, the FCA explains that it currently anticipates concentration risk requirements to be "dynamic in nature" and relevant firms will be responsible for conducting an appropriate risk assessment for exposures.

Managing regulated stablecoin issuers and custodian firm failures

As mentioned above, the FCA is proposing safeguarding and segregation requirements in respect of regulated stablecoin backing assets. In the event of a firm's failure, the FCA is considering applying similar distribution and transfer provisions to regulated stablecoin backing assets to those currently applied under CASS to financial services firms. The FCA points to several complexities that will be specific to cryptoassets (and regulated stablecoins). For example, a regulated stablecoin issuer will likely not know, or have access to records that identify, all current holders of the coin. Rather, the issuer will only be able to identify the wallet address that the coin is stored in. This point will be subject to further consideration by the FCA, and the FCA intends to develop protective measures for consumers to ensure that they have sufficient opportunity to claim their stablecoins and is exploring how to treat regulated stablecoins that are unclaimed during an insolvency process.

Regulating payment services using stablecoins

HMT propose to extend the scope of the PSRs to capture:

• Where a regulated stablecoin is used at the entrance or exit of an existing fiat payment chain, but where the actual transfer of value would be in fiat by way of a traditional payment service (the "hybrid model"); and
• Where both a payer and payee transact in stablecoin, and the transfer of stablecoins between them occurs 'on-chain' (the "pure stablecoin model").

HMT are exploring whether firms that offer one or both models may need new permissions under the PSRs, as "payment arrangers". A payment is proposed to be in scope where a transaction involves UK customers, or where a UK firm facilitates the transaction.

Existing conduct rules for payment service providers in the PSRs would apply to activities conducted in respect of both the hybrid model and the pure stablecoin model. This includes the information requirements set out in Part 6, and the rights and obligations set out in Part 7, for example:

• Information about how payment instructions can be given, how the consumer can communicate with the payment service provider if they have questions about the service, etc.
• Information about individual payment transactions processed (including transaction amounts, charges and value dates).
• Consumer rights involving execution of transactions (such as maximum regulatory time limits for executing a payment order).
• Rights where a transaction is executed defectively or is unauthorised, and complaints-handling requirements.

The PSRs require payment institutions to safeguard funds received from customers for executing a payment transaction, and the FCA has identified a series of requirements that will apply to payment arrangers.

The same organisational and prudential requirements as will apply to regulated stablecoin issuers and custodians are expected to apply to payment arrangers, as well as the FCA's high-level principles and Consumer Duty.

Similar to the regime proposed for issuance and custodian activities, the FCA comments that DISP is also likely to apply to payment arrangers and consumers will have access to the Financial Ombudsman, while the FSCS will not be extended to payments using regulated stablecoins (the FSCS cannot be extended to activities that are not in the RAO). The MLRs are also proposed to apply to pure and hybrid stablecoin payment services.

HMT are considering only permitting such firms to use 'overseas stablecoins' in their payment services where those stablecoins meet prescribed standards (equivalent to those required for UK-regulated stablecoins). Where payment arrangers allow the use of 'overseas stablecoins', they will need to report the number of transactions to the BoE and FCA.

What is the timeline for Phase 1 proposals?

The period for responses to DP 23/4 closes on 6 February 2024.

Following consideration of the responses received, the FCA will draft appropriate new rules for consultation. HMT indicates that secondary legislation will be presented for Phase 1 "as soon as possible and by early 2024".

Next steps?

While the proposals are not yet final, stablecoin and cryptoasset businesses are recommended to assess the new proposals against their business models and consider whether they might fall in scope of the expanded regulatory perimeter.

_{White & Case means the international legal practice comprising White & Case LLP, a New York State registered limited liability partnership, White & Case LLP, a limited liability partnership incorporated under English law and all other affiliated partnerships, companies and entities.}

_{This article is prepared for the general information of interested persons. It is not, and does not attempt to be, comprehensive in nature. Due to the general nature of its content, it should not be regarded as legal advice.}

_{© 2023 White & Case LLP}