FCA CP26/13: Crypto-asset Perimeter Guidance - Defining Who Needs Authorisation for the October 2027 Regime
Credit: Money Magpie
With the authorisation gateway opening in September 2026, firms need clarity on whether their activities require FCA permission and this consultation provides the most detailed perimeter map to date.
Context:
On 15 April 2026, the FCA published Consultation Paper CP26/13 (Cryptoasset Perimeter Guidance), the latest step on the UK's cryptoasset regulatory roadmap. The consultation closes 3 June 2026. It follows the making of the Financial Services and Markets Act 2000 (Cryptoassets) Regulations 2026 in Parliament on 4 February 2026, which brought new cryptoasset activities within the FCA's regulatory remit under the FSMA framework. The new cryptoasset regime is expected to go live on 25 October 2027, with the authorisation gateway opening in September 2026.
CP26/13 is a perimeter guidance paper; it does not introduce new substantive rules but proposes draft guidance in the FCA's Perimeter Guidance Manual (PERG) to help firms understand when FCA authorisation will be required. Given the novelty and complexity of many cryptoasset business models, the perimeter question is far from straightforward, and the FCA has acknowledged this through an extensive guidance document covering seven categories of regulated cryptoasset activity.
The publication of CP26/13 follows a comprehensive series of consultations on the substantive rules: CP25/14 (stablecoin issuance and custody), CP25/15 and CP25/42 (prudential rules), CP25/25 and CP26/4 (FCA Handbook application), CP25/40 (trading platforms, intermediaries, staking, and DeFi), CP25/41 (admissions, disclosures, and market abuse), and GC26/2 (Consumer Duty for crypto firms). Final rules across all these CPs are expected in a series of policy statements in summer of 2026.
Rules and Guidelines:
CP26/13 proposes a new chapter in PERG setting out guidance on seven regulated cryptoasset activities under the Cryptoasset Regulations 2026: (i) issuing qualifying stablecoins in the UK; (ii) safeguarding, or arranging safeguarding of, qualifying cryptoassets and relevant specified investment cryptoassets; (iii) operating a qualifying cryptoasset trading platform; (iv) dealing in qualifying cryptoassets as principal; (v) dealing in qualifying cryptoassets as agent; (vi) arranging deals in qualifying cryptoassets; and (vii) arranging qualifying cryptoasset staking.
The guidance explains how the regulatory perimeter interacts with the Regulated Activities Order (RAO), which already covers cryptoassets that are specified investments (e.g., security tokens). The CP also addresses exclusions from the regulated perimeter, equivalence provisions for overseas activities, and the interaction between the new crypto regime and existing authorisations for dual-regulated firms. Dual-regulated firms (banks and insurers engaging in cryptoasset activities) should engage the PRA in parallel with any FCA authorisation process.
The FCA intends to publish final perimeter guidance in autumn 2026. Firms planning to apply for cryptoasset permissions should note that the gateway opens in September 2026, meaning that applications for the October 2027 go-live must be submitted promptly. The FCA has indicated it will determine applications within the gateway period to enable firms to be authorised by the regime commencement date.
Businesses Affected:
All firms currently operating in the UK cryptoasset market, whether as exchanges, custodians, stablecoin issuers, intermediaries, staking service providers, or DeFi participants, must assess whether their activities fall within the new regulated perimeter.
Overseas cryptoasset firms serving UK clients, who must determine whether the territorial scope of the regulated activities catches their cross-border services.
Banks, payment institutions, and e-money institutions with existing FCA authorisation who are adding cryptoasset activities to their business models.
Legal, compliance, and regulatory advisory teams supporting firms through the authorisation gateway process, which requires robust perimeter analysis.
Next Steps:
Respond to CP26/13 by 3 June 2026. The perimeter guidance is being developed based on industry input; firms with unusual or novel business models should engage directly to ensure their structure is captured accurately.
Conduct a perimeter analysis against the seven regulated activity categories now, ahead of the September 2026 gateway opening. Do not wait for final guidance; the CP provides enough detail to begin internal scoping work.
Begin authorisation preparation. The gateway opens in September 2026; applications should be substantive and complete to avoid delay. The FCA has published extensive guidance on what a complete application requires.
For dual-regulated firms: engage the PRA proactively on any cryptoasset activity additions. The prudential rules under CP25/15 will apply from October 2027, and firms with significant cryptoasset exposure will need a PRA-specific capital and liquidity assessment.
Monitor summer 2026 policy statements for final rules on prudential requirements, conduct rules, market abuse, and admissions. Together with the CP26/13 final guidance, these will constitute the complete regulatory framework.
Source | Financial Conduct Authority | Consultation Paper - Cryptoasset
