Overseas firms carrying out cryptoasset business in the UK: what you need to know

The Financial Services and Markets Act 2000 (Cryptoassets) Regulations 2025 (Cryptoasset Regulations) and associated Financial Conduct Authority (FCA) proposed rules introduce a suite of new regulated activities, each requiring FCA authorisation if conducted “by way of business” in the UK. The activities now brought within the regulatory perimeter are:

• issuing qualifying stablecoin;
• safeguarding of qualifying cryptoassets and relevant specified investment cryptoassets;
• operating a qualifying cryptoasset trading platform;
• dealing in cryptoassets as principal;
• dealing in qualifying cryptoassets as agent;
• arranging deals in qualifying cryptoassets;
• qualifying cryptoassets staking.

A feature of the UK regime is its extraterritorial reach, designed to ensure robust consumer protection for UK retail clients. The Cryptoasset Regulations provide that any firm serving UK consumers, whether operating from within the UK or overseas, must be FCA authorised if it carries on any of the regulated cryptoasset activities. This includes operating a Cryptoasset Trading Platform (CATP), dealing or arranging deals in cryptoassets, and providing custody or staking services, unless an exclusion applies. Notably, the overseas person exclusion has not been extended to include these activities. As such, the territorial scope of these activities is currently being discussed and undergoing industry consultation as part of the FCA consultations and may be subject to change.

Overseas firms that serve only UK institutional clients, and not UK consumers, are broadly not required to obtain FCA authorisation, provided those institutional clients are not acting as intermediaries for UK consumers.

The breadth of the UK’s new regulatory perimeter for cryptoassets demands that firms, especially those based overseas, undertake a granular assessment of their business models. The regime’s extraterritorial reach means that firms cannot rely solely on the location of their legal entity or operations to determine regulatory obligations. Instead, the nature of client relationships, digital distribution channels, and marketing activities could trigger the requirement for UK authorisation. Firms must interrogate not only their current activities, but also future growth strategies, partnerships, and product offerings, as these could evolve in ways that bring them within scope.

For overseas firms, this assessment should be continuous and dynamic, factoring in the evolving expectations of the FCA and potential changes in UK consumer demand. The risk of inadvertent non-compliance is significant; failure to identify UK nexus points could result in regulatory intervention, forced wind-down of UK based activity, warning notices and consequential reputational damage. Moreover, breach of the general prohibition, which prohibits any person or firm from carrying on a regulated financial activity in the UK, or purporting to do so, unless authorised or exempt is a criminal offence. Proactive engagement with UK legal and regulatory advisors, and the development of robust cross-border legal and regulatory frameworks, will be essential.

On 15 April 2026, the FCA published Consultation Paper 26/13: Cryptoasset Perimeter Guidance (CP26/13). The deadline for comment is 3 June 2026 and final guidance is expected in September 2026.

Overseas CATPs serving UK retail clients must obtain FCA authorisation. This requirement applies even if the CATP is operated entirely from outside the UK, provided UK consumers are able to access the platform’s services.

Additionally, the FCA expects that UK retail customers must have a relationship with a UK legal entity, ensuring effective supervision and recourse. The proposed regime reflects the reality that many cryptoasset platforms operate globally and may wish to maintain access to international liquidity pools while serving UK customers. The FCA recognises this and permits two principal structures for overseas CATPs seeking UK authorisation:

1.    An overseas parent company may incorporate a UK subsidiary, which then seeks FCA authorisation to operate a UK CATP. The UK subsidiary would be a distinct legal entity subject to UK law and FCA supervision. It is likely that it will be more straightforward for CATPs to gain authorisation for retail-facing activities using this structure, as it ensures UK retail clients have a direct relationship with a UK entity, facilitating regulatory oversight and consumer redress.

2.    Alternatively, the FCA may authorise a UK branch of an offshore legal entity to operate a UK CATP (a branch authorised CATP). This structure may be desirable where seamless access to a global liquidity pool is necessary, and the platform’s operations are integrated internationally. The FCA will assess the suitability of a branch structure on a case-by-case basis at the authorisation gateway, considering effective supervision, and the roles of home and host state regulators.

A UK subsidiary offers the advantage of clear regulatory oversight and direct consumer recourse, but may require duplication of capital, resources and infrastructure. A branch model can facilitate integration with global trading operations, but will be subject to case-by-case scrutiny at the authorisation gateway and may raise issues around responsibility, enforcement and relationship between regulators. Firms must weigh the operational benefits of accessing global liquidity pools against the heightened supervisory expectations and potential conflicts between home and host state rules. Strategic decisions on structure should be informed by a holistic analysis of business objectives, risk appetite, and the ability to maintain and keep pace with compliance across multiple jurisdictions.

The FCA has recognised, in CP26/4, that certain ancillary services are integral to the effective functioning of CATPs, and provides for the authorisation of such services under specific permissions for branch authorised CATPs, despite the branch authorised CATP not being a separate legal entity.

One key service is matched principal trading (MTP). Under the proposed framework, CATPs will be permitted to perform MTP services, provided they obtain a principal dealer permission from the FCA. This mechanism enables a CATP to act as an intermediary, matching client orders and momentarily taking title to the cryptoasset, rather than trading as principal for its own account. CP26/4 clarifies that branch authorised CATPs may apply for a restricted principal dealer permission, allowing them to conduct MTP without the need to establish a separate UK subsidiary solely for this purpose.

However, the scope of permitted trading activity under this model is deliberately narrow. The principal dealing permission for branch authorised CATPs is limited to MTP services and does not extend to proprietary trading or other forms of principal trading. Where a CATP wishes to engage in proprietary trading or broader dealing activities, the FCA’s expectation is that such activities must be conducted through a UK-incorporated legal entity. This distinction reflects the FCA’s focus on ensuring effective supervision, clear lines of responsibility, and robust consumer protection for higher-risk activities.

In addition, some CATPs use “float” arrangements, where the platform holds client funds or cryptoassets temporarily to facilitate efficient settlement. To operate a settlement wallet in this context, CATPs must obtain a restricted safeguarding permission. Notably, the FCA proposes that branch authorised CATPs may also be granted this restricted permission, notwithstanding the general expectation that safeguarding activities should be performed by a UK-based entity. This exception acknowledges the operational realities of international platforms and aims to facilitate efficient settlement while maintaining appropriate regulatory oversight.

In both cases, MTP and settlement wallet services, the FCA’s willingness to permit restricted permissions for branch authorised CATPs reflects a pragmatic approach to balancing market efficiency with regulatory objectives. However, the regime is clear that these permissions are strictly limited in scope and subject to ongoing FCA supervision. Overseas firms seeking to rely on these permissions must demonstrate robust systems and controls and effective governance arrangements to ensure compliance with UK standards.

Overseas firms should therefore undertake a detailed analysis of their trading and settlement models to determine whether and how ancillary permissions may be required. Early engagement with the FCA and the development of clear operational and compliance frameworks will be critical to securing and maintaining these permissions. As the regime evolves, ongoing monitoring of FCA guidance and regulatory expectations will be essential, particularly as the FCA has signalled that further guidance on ancillary permissions and the authorisation process for branch structures will be published in due course.

The regulatory regime also sets strict requirements for intermediaries (such as brokers and dealers) located overseas but serving UK clients.

It is proposed that any overseas intermediary executing or transmitting orders for UK retail or elective professional clients must ensure those orders are ultimately executed only on UK-authorised execution venues (ie UK-authorised CATPs). This would mean UK retail client orders cannot be executed on unauthorised overseas venues.

However, if an overseas intermediary deals with a UK consumer through another intermediary that is FCA-authorised to operate a CATP or deal in qualifying cryptoassets as principal, it is unlikely the overseas firm would require authorisation, provided the authorised intermediary sits between it and the UK consumer. Further detailed analysis would be expected to confirm this arrangement.

Before an intermediary can buy or sell a qualifying cryptoasset (other than UK-issued qualifying stablecoins) for a UK retail client, that cryptoasset must be admitted to trading on at least one UK-authorised CATP, and the relevant Qualifying Cryptoasset Disclosure Document (QCDD) must be available. UK-issued qualifying stablecoins can be offered directly to retail clients without CATP admission, but intermediaries must provide a link to the relevant QCDD on an FCA central repository.

These provisions require overseas intermediaries to reassess their execution arrangements, disclosure practices, and client onboarding processes to ensure compliance when serving UK clients.

Having said this, on 21 April 2026, HM Treasury issued a policy note and draft statutory instrument on amendments to the Financial Services and Markets Act 2000 (Cryptoassets) Regulations 2026 (draft SI).
 
In general terms, HMT notes that the UK Crypto Regulation seeks to require firms to secure authorisation from the FCA where they are providing services within scope of the regulated activities either in the UK or to UK customers. However, in the case of the dealing activities, HMT feels that this approach could stand to create uncompetitive dynamics for firms where they are trading on their own account and not providing a service to client. As such HMT is concerned that this stands to push firms offshore to the detriment of the UK and therefore the draft SI seeks to address this matter so that firms can provide market making services in the UK without being penalised. HM Treasury will consult with industry on this and other proposals, with a deadline for feedback set for 22 May 2026.

Issuing a qualifying stablecoin from outside the UK is not in scope of the new regime. However, the intermediation and distribution of stablecoins to UK consumers may be captured by the new regime if intermediaries are involved.

For a stablecoin to be admitted to a UK CATP, the issuer must prepare and lodge a QCDD with the FCA. UK-issued qualifying stablecoins do not require CATP admission to be offered to UK retail clients but still must have a QCDD available.

Overseas stablecoin issuers must assess whether any part of their issuance activity is conducted from a UK establishment, and whether their distribution arrangements to UK consumers bring them within scope of the regulatory perimeter. Intermediaries distributing overseas stablecoins to UK clients may require authorisation depending on their activities.

Additionally, it is currently proposed that non-UK based sterling-denominated systemic stablecoin issuers, irrespective of their location, must establish a subsidiary in the UK to carry out business and issuance activities in the UK and with UK-based consumers. The UK based subsidiary will also be required to hold their backing assets and assets funded by capital in the UK.

On 21 April 2026 HMT indicated that it will shortly consult on the inclusion of payment services utilising stablecoins, where those stablecoins are issued in the UK by a firm authorised for the new regulated activity set out in regulation 9M (issuing qualifying stablecoin), within the scope of regulated payment services, as part of its forthcoming payment services reforms. To prevent the creation of unnecessary barriers for firms wishing to provide payment services involving UK qualifying stablecoins (UKQS) prior to the implementation of these reforms, the draft SI excludes UKQS from the new regulated activities of dealing in qualifying cryptoassets as principal, dealing in qualifying cryptoassets as agent, and arranging deals in qualifying cryptoassets. However, HMT does not consider it appropriate to permanently exclude lending and borrowing activities involving UKQS from the regulatory perimeter.
 
HMT will also assess any remaining barriers to certain cross-border stablecoin payments resulting from overseas-issued stablecoins staying within the regulatory perimeter for cryptoasset dealing and arranging. HMT notes that excluding UKQS from the cryptoasset dealing and arranging perimeter until they are brought within the regulated payments perimeter does not remove the requirement for firms providing UKQS payments to obtain safeguarding permissions under the UK Crypto Regulation if they safeguard or arrange safeguarding of cryptoassets (including UKQS) for others. HMT intends to consult on moving safeguarding undertaken as part of payment services from the crypto regime to the payments regime under its payments services reforms.
 
HM Treasury will consult with industry on these and other proposals, with a deadline for feedback set for 22 May 2026.

The regime addresses DeFi by focusing on the presence (or absence) of a controlling party. Where activities are undertaken on a “truly decentralised basis”, with no identifiable person carrying on the activity by way of business, the authorisation requirement does not apply. The FCA will assess, case-by-case, whether there is sufficient control by any party to trigger the need for authorisation. However, the FCA recognises that DeFi can present heightened risks (eg operational resilience, financial crime) due to the absence of traditional intermediaries and controls. Firms or individuals with any degree of control or centralisation should expect close scrutiny as to whether authorisation is required, particularly where the service provided is consumer facing. The FCA has committed to consult separately on guidance to clarify how it will assess degrees of decentralisation and control, and to provide examples of good practice for managing financial crime and operational risks in DeFi.

DeFi projects must carefully assess whether any individual, entity, or group exercises sufficient control to be deemed as carrying on regulated activities “by way of business”. The absence of an identifiable controller may exclude a project from authorisation, but ambiguity or complexity in governance structures would invite FCA scrutiny.

Overseas firms seeking to become authorised must satisfy the FCA’s threshold conditions, which establish the minimum standards for obtaining and maintaining authorisation under the Financial Services and Markets Act 2000 (FSMA). The FCA applies these conditions to ensure that only firms capable of operating to the required standards of governance, financial soundness, and regulatory compliance are permitted to provide regulated cryptoasset activities in the UK. The conditions have been considered by the FCA in relation to cryptoasset firms in CP26/4 as follows:

• Effective supervision: Firms must be capable of being effectively supervised by the FCA at all times. The FCA will scrutinise the structure and organisation of overseas cryptoasset firms, including their group arrangements, close links, and reliance on third parties. The regulator expects a sufficient proportion of the firm’s control functions, leadership, and decision-making (“mind and management”) to be located in the UK. The ability for the FCA to access timely and accurate information about the firm’s business, products, customers, and activities is critical. Inadequate supervisory cooperation with home state regulators, complex group structures, or insufficient UK-based management may result in additional scrutiny.
• Appropriate resources: The FCA will assess whether the firm has adequate financial and non-financial resources to meet its obligations and withstand stress events. This includes sufficient capital and liquidity buffers, as well as robust staffing and experienced senior management. Of particular concern for overseas firms is the safeguarding of client cryptoassets. The FCA notes that insolvency regimes in other jurisdictions may not offer the same protections as UK law, potentially exposing UK clients to greater risks if a firm fails. The regulator will examine the firm’s arrangements for safeguarding client assets and the legal certainty around ownership and ring-fencing of cryptoassets. Firms must demonstrate that their resources, systems, and controls are appropriate to mitigate these risks.
• Suitability: The suitability condition requires firms to be fit and proper, with competent leadership, prudent risk management, and a culture of integrity. The FCA will consider the competence and capability of key personnel, as well as the firm’s risk management frameworks and compliance culture. Overseas cryptoasset firms are expected to meet the same standards as traditional financial services firms in this regard, and any deficiencies in governance or risk management may be grounds for further scrutiny or refusal.
• Business model: The FCA will closely assess the viability and sustainability of the firm’s business model. The FCA has noted that poor business plans have been a common reason for unsuccessful Money Laundering Regulations registration applications for cryptoasset firms. The FCA expects firms to have well-developed strategies, robust controls, and a clear understanding of the risks associated with their business, particularly where there is significant retail participation or where the firm issues stablecoins.

While the new UK regime imposes considerable compliance obligations, it also presents a significant opportunity for global cryptoasset firms. The UK continues to position itself as a global leader in responsible innovation and consumer protection, and as a jurisdiction of reputable regulatory standards. The intended aims of regulatory clarity, proportionality and sustainability are qualities that are increasingly valued by all types of businesses.

Strategically, overseas firms should undertake a detailed regulatory perimeter analysis and where required prioritise early application, invest in governance, risk management and compliance infrastructure, and engage transparently with the regulator. The transition is also an opportunity to reset governance, re-assess operational resilience, and align with client expectations. Firms that navigate the transition effectively are likely to be well-placed to gain market confidence and build durable, trusted UK businesses.

Moreover, the UK is committed to aligning its framework with international standards including the Financial Action Task Force standards, the International Organization of Securities Commissions’ Crypto and Digital Assets recommendations and the Financial Stability Board’s recommendations covering cryptoassets. This means that adherence with UK rules could potentially facilitate smoother market entry elsewhere, as other jurisdictions follow suit, adjust their regimes or make comparisons. Firms could embrace the UK regime as a springboard for showcasing their commitment to reputable standards of practices and position themselves as trusted leaders on the international stage.