Author: James Borley, Director of Payment Services
After years of talking about a cryptoasset regime in the UK, and having been overtaken in that regard by most other jurisdictions, notably Europe and the introduction of MiCA, we finally see light at the end of the regulatory tunnel. Now that HM Treasury has published the draft statutory instrument, the Financial Conduct Authority (FCA) has quickly followed up with detailed guidance on how the “gateway” for cryptoasset applications will operate under the new regime.
For some time, the UK cryptoasset sector has existed in a state of regulatory limbo. Anti-Money Laundering (AML) registration under the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 (MLRs), alongside the financial promotions regime, has provided only partial regulatory coverage. Under the forthcoming framework, currently expected to come into force on 25 October 2027, firms carrying on newly defined cryptoasset regulated activities will, for the first time, require full FCA authorisation under the Financial Services and Markets Act 2000 (FSMA).
In a webinar hosted by the FCA’s Authorisations Division on 29 January, the regulator set out early but important expectations for firms that will be required to obtain authorisation to conduct cryptoasset activities in or into the UK. Central to this transition is the proposed gateway process, which explains how and when firms must apply, what engagement the FCA expects, and the consequences of failing to do so.
Why the Gateway Matters: No Automatic Conversion
Simply speaking, existing registrations will not automatically convert into authorisation under the new cryptoasset regime. There will be no grandfathering.
This represents a significant shift from the current position. Many cryptoasset firms operating in the UK today are registered with the FCA under the MLRs and, depending on their business model, may also be authorised under the payments or e-money regimes. Others rely on a third-party FCA-authorised firm to approve their financial promotions under section 21 of FSMA.
Under the proposed regime:
- MLRs registration alone will not be sufficient. Firms will need to obtain, or have applied for, full FCA authorisation under FSMA before the regime comes into force.
- Existing FSMA permissions will not automatically extend to cryptoasset activities. Firms will need to apply for a variation of permission to cover the relevant regulated crypto activities.
- Reliance on third-party financial promotions approvers will fall away. Firms currently marketing to UK consumers using a section 21 approver will need their own FCA authorisation to continue doing so.
In short, whether you are an MLRs-registered crypto exchange, a wallet provider, or a payments firm with crypto exposure, operating regulated crypto services in the UK after October 2027 will require full FCA authorisation. The gateway process is the critical route to achieving that.
Gateway Timing — The September 2026 Window
The gateway will not be open indefinitely. As with previous regulatory transitions, the FCA intends to operate a defined application window, expected to run from 30 September 2026 to 28 February 2027.
According to the draft statutory instrument:
- The application period must be at least 28 days in length.
- It must close at least 28 days before the regime commences.
- The FCA expects to determine applications ahead of full implementation in October 2027, subject to volume and quality.
This creates a clear cliff-edge deadline. Firms that delay risk missing the opportunity to transition smoothly into the new regime.
Support Before You Apply — Plan Early
The FCA understands that many firms will need help navigating this new landscape, so it has set out two forms of support it will provide:
- Information Sessions
The FCA will run a programme of information sessions and webinars targeted at:
- Firms registered only under the MLRs, payments or e-money regimes;
- Firms already authorised under FSMA that will need to vary their permissions; and
- Firms with no current FCA registration or authorisation that intend to carry on regulated crypto activities.
These sessions are designed to clarify regulatory expectations and are strongly recommended for firms serious about achieving authorisation.
- Pre-Application Support Service (PASS)
Firms may also request a free, optional pre-application meeting via the FCA’s Pre-Application Support Service (PASS). These meetings allow for:
- An overview of the firm’s business model;
- Discussion of the authorisation process; and
- Early clarification of regulatory expectations.
While the FCA encourages firms to use PASS, it is clear that participation does not guarantee authorisation and does not constitute regulatory advice. Independent legal and compliance support remains essential, and that is where Complyport can assist.
Applying During the Window
Where a firm submits an application within the application window, the FCA expects, though does not guarantee, to determine it before the regime commences. This will depend heavily on the quality of submissions and overall application volumes.
The draft statutory instrument includes a saving provision intended to mitigate cliff-edge risks. Under this provision:
- Firms with applications still under consideration at commencement may continue to provide cryptoasset services; and
- This may also apply where a refusal is under appeal before the Upper Tribunal.
However, this is not unconditional. The Treasury’s draft legislation permits the FCA, in certain circumstances, to place firms into a transitional provision, restricting activities while applications are finalised.
Firms relying on the saving provision will also be required to notify the FCA when the regime commences and again when reliance on the provision ends.
Applying Outside the Window — A More Limited Route
Firms that do not apply during the designated window may still submit an application before the regime starts. However:
- Late applications will not be prioritised; and
- The FCA will not expedite assessments to compensate for delay.
Where authorisation has not been secured by commencement, firms will enter the transitional provision by operation of law and will be unable to carry on new regulated crypto activities until authorised.
In all cases, the FCA has been clear: poor-quality or incomplete applications are likely to be rejected.
What Firms Should Do
Taken together, the FCA’s guidance sends a clear and strategic message: early engagement and thorough preparation are essential.
From a compliance planning perspective, firms should:
- Map existing and planned crypto activities against the proposed regulated activity definitions;
- Begin authorisation or variation planning well in advance of September 2026;
- Engage early with FCA support services and experienced compliance advisers; and
- Prepare for robust scrutiny, particularly in relation to governance, financial crime controls, operational resilience and consumer protection.
Preparations Can Start Now
Even ahead of final legislation, the FCA’s guidance on the operation of the authorisations gateway represents the first meaningful milestone in the UK’s crypto regulatory regime. It is not merely an administrative exercise, but a material regulatory transition requiring investment, planning and strategic intent.
The FCA has been explicit that crypto firms must evolve from informal, high-growth models into disciplined, transparent businesses capable of sustaining long-term regulatory supervision. The next 12–18 months will shape the future of the UK’s regulated crypto market.
Firms that engage early and prepare effectively will be best placed to succeed. We will continue to monitor developments, including the design and content of application packs, to support firms in achieving positive authorisation outcomes.
How Complyport Can Help
At Complyport, we help UK and international payments and e-money firms navigate the complexities of cross-border regulatory requirements. Whether you’re assessing your ability to provide services into the EEA, seeking authorisation in the UK or managing the evolving perimeter rules, our team of regulatory experts offers deep experience and strategic insight.
We can provide:
- Advice on the applicability of reverse solicitation and passporting frameworks;
- Guidance on UK FCA perimeter issues, including PERG interpretations;
- Support with the TPR and UK authorisation; and
- Strategic assessments of market access options and restructuring.
Contact Complyport today to book a meeting with a Subject Matter Expert and discuss how we can support your crypto regulatory strategy.
Ask ViCA, your Virtual Compliance Assistant. Claim your complimentary 20 queries today! Register here: https://vica.chat
