The UK Financial Conduct Authority (FCA) has taken a decisive step towards regulating cryptoassets, publishing three major consultation papers – CP25/40, CP25/41 and CP25/42 – that together will form the backbone of the future UK crypto regulatory framework.

Taken as a whole, the package reflects a clear policy ambition: to bring crypto markets closer to traditional financial services standards without compromising on innovation. Yet the FCA’s own consumer research highlights that whilst regulation can boost demand, without clarity on protections, it may undermine trust.

The three consultations: A joined-up crypto framework

CP25/40 – regulating cryptoasset activities

CP25/40 sets out the conduct and operational rules for firms carrying out cryptoasset activities. These include activities such as crypto trading platforms, intermediating transactions (including lending and borrowing), staking services, and certain decentralised finance (DeFi) activities where firms exercise control or influence.

The FCA’s objectives are familiar but ambitious:

• Enhance market integrity

• Improve consumer protection

• Support innovation and UK competitiveness

The proposals draw heavily on earlier FCA discussion papers, extensive industry engagement, and HM Treasury’s cryptoasset regulations. The message is clear: crypto firms should expect regulatory expectations that increasingly resemble those faced by other financial services firms, adapted for crypto-specific risks.

CP25/41 – admissions, disclosures and market abuse

CP25/41 focuses on how cryptoassets come to market and how trading is supervised. It introduces proposals for:

• Public offerings of qualifying cryptoassets

• Admission to trading on cryptoasset Trading Platforms (CATPs)

• Disclosure requirements for qualifying stablecoins

• Market abuse detection and prevention in crypto markets

This consultation is a critical bridge between Conduct regulation and prudential oversight. It recognises that crypto markets, despite their technological novelty, are susceptible to the same abuses as traditional markets, for example: insider dealing, manipulation and misleading disclosures; often amplified by volatility and information asymmetry.

CP25/42 – a prudential regime for cryptoasset firms

CP25/42 is arguably the most important of the three. It proposes a bespoke prudential regime for FCA-authorised crypto firms, which will be housed in two new rulebooks: COREPRU and CRYPTOPRU.

• COREPRU will act as the foundation, similar in structure to MIFIDPRU but tailored for crypto firms. It sets out core requirements for governance, risk management, liquidity, and capital adequacy. The aim is to ensure firms have strong systems and controls, can absorb shocks, and wind down in an orderly way if needed.

• CRYPTOPRU builds on COREPRU by addressing crypto-specific risks and operational features. This includes rules for safeguarding client cryptoassets, managing custody arrangements, and handling stablecoins. It also covers additional prudential measures for activities such as staking, lending, and operating trading platforms—areas where volatility and counterparty risk are particularly high.

Together, these rulebooks create a proportionate framework that combines traditional prudential principles with bespoke measures for the unique risks of crypto markets. For example, firms will need to hold capital based on fixed overheads and activity-based “K-factors,” with higher charges for riskier exposures like retail lending or volatile tokens. They will also need robust governance and liquidity planning to maintain resilience in fast-moving markets.

CP25/42 also sets rules relating to capital, risk and resilience with specific scope and coverage on the prudential regime applies to firms engaging in activities such as:

• Operating a CATP

• Staking

• Arranging and dealing in cryptoassets

• Dealing as principal, including crypto lending and borrowing

This represents a material expansion beyond earlier stablecoin and custody proposals, signalling the FCA’s intent to regulate the crypto ecosystem holistically.

Core capital requirements: The own funds requirement (OFR)

At the heart of CP25/42 is the own funds requirements. Like MIFIDPRU, the FCA requires firms to hold the highest of three measures: a permanent minimum, a fixed overheads requirement, or a set of activity and exposure-based K-factors.

1. Permanent minimum requirement (PMR)

A fixed capital floor based on the business model, ranging from £75,000 for arrangers and agency brokers to £750,000 for principal dealers.

The permanent minimum requirement acts as a basic safety net. Even the smallest crypto firms must hold a meaningful amount of capital, while firms dealing as principal or operating trading platforms face significantly higher floors. This ensures that authorisation is not granted to undercapitalised entities that could collapse at the first sign of stress.

2. Fixed overhead requirement (FOR)

Based on annual fixed costs, ensuring firms can fund an orderly wind-down without disrupting clients or markets.

The fixed overheads requirement serves a different purpose. It is about failure, not survival. The FCA wants firms to be able to wind down in an orderly manner; pay staff, maintain systems, return client assets in an orderly manner.

The detailed proposals for the FOR calculation are contained within CP25/15.

3. K-factor requirements

An activity-based and exposure-driven requirement that scale with the size and risk profile of the firm’s operations. Some of the most notable components include:

• Market risk, captured through the K-NCP, requires firms to hold capital against adverse movements in crypto prices. The FCA introduces a tiered classification of cyrptoassets as follows, recognising that not all tokens are equally risky.

  • Category A assets are established tokens with deep liquidity and low volatility) attract a lower charge.

  • Category B asset are other assets face higher charges to reflect greater volatility and liquidity risk

This approach does more than protect firms; it actively shapes behaviour by discouraging large exposures to highly speculative or illiquid assets.

• Counterparty default risk, measured through the K-CCD, is even more striking. It is designed to cover losses if counterparties fail to meet obligations. Retail lending is heavily penalised, with a high-risk factor, meaning firms must hold almost full capital against retail exposures after collateral adjustments. This is a clear policy signal. The FCA views retail crypto lending as one of the most dangerous activities in the sector, combining volatility, leverage, valuation uncertainty and operational complexity.

Governance, liquidity and wind-down planning

Beyond the capital and liquidity requirements, COREPRU and CRYPTOPRU impose expectations around:

• Governance and senior management accountability

• Robust systems and controls

• Liquidity risk management

• Credible wind-down planning

Crypto firms will need to carry out on-going assessments of the adequacy of their own funds and liquid asset and will be expected to hold additional capital and liquidity when it is assessed that their internal controls do not fully mitigate the risks of harm to consumers and markets.

Comparison with MIFIDPRU: The proposals for cyptoasset firms bear a strong resemblance to the existing MIFIDPRU sourcebook underlined by similar principles, however COREPPRU and CRYPTOPRU add tailored requirements for digital asset custody, stablecoin issuance, and decentralised finance activities. For example, capital requirements under CRYPTOPRU incorporate crypto-specific K-factors, such as higher charges for retail lending and volatile tokens, which are not present in MIFIDPRU. Other K-Factors (K-CTF, K-CCO, K-CCS, K-QCS, K-SII and K-CON) under the crypto Regime will need to be applied where relevant. The principles and calculations are closely aligned with the MIFIDPRU equivalent.

Together, they mark a shift from treating crypto firms as regulatory outliers to treating them as systemically relevant investment firms.

Conclusion

The FCA’s crypto consultations represent a turning point for the UK market. The framework is comprehensive, risk-sensitive and, in prudential terms, deliberately conservative, particularly for lending, volatile tokens and retail exposure.

The framework seeks to balance consumer protection, market integrity, and innovation in the UK’s evolving crypto landscape. Strong public awareness and a desire for regulation underline the timeliness of these proposals. However, experimental evidence highlights a critical nuance: simply stating that cryptoassets being "regulated" can increase demand but without clearly communicated protections, it may paradoxically erode consumer trust.

Stakeholders including firms, intermediaries, consumer advocates, and professional advisers are encouraged to engage with the proposals before the 12 February 2026 deadline.