A concise guide to the FCA’s crypto perimeter, the authorisation timeline and the immediate actions firms should take to comply
The UK is moving from a patchwork of rules to a unified framework for crypto activity, and firms operating in this space need to plan now. The Financial Conduct Authority (FCA) is finalising the wider cryptoasset regime that will take effect when the new framework becomes live in October 2027, and Parliament has already taken steps to place core elements on a statutory footing by making the relevant statutory instrument on 4 February 2026.
The FCA intends to publish the remaining rules this summer and has opened a perimeter guidance consultation to clarify which activities fall within scope. This consultation is part of a broader programme described in the FCA’s crypto roadmap and aims to give firms clarity ahead of authorisation.
The regulator is asking for industry views on its interpretation of several specific activities. Respondents are being invited to comment on definitions for stablecoin issuance, operating crypto trading platforms, custody and safeguarding, dealing and arranging in qualifying cryptoassets, and staking services.
The consultation document explains how the FCA intends to treat these functions and sets out examples of activity that it considers regulated. Firms should note that the consultation closes on 3 June 2026, and the FCA will use responses to refine its perimeter guidance and publish a final policy statement in due course.
What activities will be regulated
The new regime brings a clearly defined set of activities inside the regulatory perimeter so that consumers and markets are protected. In plain terms, the five core activities the FCA highlights are: issuing qualifying stablecoins, running crypto trading platforms, providing custody or safeguarding of cryptoassets, dealing and arranging in qualifying cryptoassets, and offering staking services on behalf of clients. Each term is described in the consultation: for example, the FCA uses qualifying to denote tokens that meet the statutory tests for inclusion, and it distinguishes between mere software provision and services that create regulatory responsibilities.
Key dates and the authorisation gateway
Timing is critical. The FCA will open its authorisations gateway on 30 September 2026, and firms that fall within scope should plan to submit applications in the authorised window. Firms that apply within the window may continue to operate while their submissions are assessed; the agency has confirmed the application window runs until 28 February 2027. Firms that do not apply, or that miss the appropriate deadlines, may face a requirement to cease UK activity before the regime goes live in October 2027. The FCA will also operate a Pre-Application Support Service (PASS) to help applicants prepare, and PASS is scheduled to open in July 2026, offering tailored guidance ahead of formal submissions.
Authorisation essentials and expectations
What the FCA will expect from applicants
Applying for FCA authorisation means adapting to a regime modelled on existing financial services rules. Applicants must demonstrate the fitness and propriety of senior managers, hold adequate financial resources under applicable prudential requirements, and maintain robust anti-money laundering and know your customer systems. The FCA expects clear governance frameworks, operational resilience plans, and consumer protection processes; firms should also prepare to comply with the Senior Managers and Certification Regime where it applies. Preparing the extensive documentation required will take time, so early planning is advisable.
Practical steps firms should take now
Start with a careful legal and operational review to confirm whether your services fall within the defined activities. Create a roadmap for your authorisation project that covers governance updates, capital modelling, AML/KYC improvements, policies for client money and asset segregation, and incident response planning. The FCA is hosting authorisation-focused webinars: introductory material on the new regime and anti-money laundering requirements is available on demand, and a live webinar on 29 April will focus on the SM&CR. Firms that begin compiling management information, risk registers, and compliance manuals now will be better placed to submit a complete application when the gateway opens.
Other regulatory work and next steps
The perimeter guidance consultation complements a series of other FCA and government exercises. The FCA has already consulted on topics such as stablecoin issuance, custody arrangements, prudential rules and market abuse for qualifying cryptoassets. Later this year the regulator plans further consultations on guidance for decentralised finance (DeFi) and operational resilience for firms using distributed ledger technology (DLT), as well as updates to its Financial Crime Guide relevant to cryptoasset businesses. Taken together, this package is intended to create an open, sustainable and competitive market that consumers can trust, provided firms treat compliance as a structured project rather than a last-minute form-filling exercise.
