Go back to menu

FCA issues guidance to banks advising banks on how to handle financial crime risks posed by cryptoassets

Cryptocurrencies and ICOs

18 July 2019

On 11 June 2018, the UK Financial Conduct Authority (FCA) published a "Dear CEO" letter to banks advising banks on how to handle the financial crime risks posed by cryptoassets. The FCA has defined cryptoassets as any publicly available electronic medium of exchange that features a distributed ledger and a decentralised system for exchanging value (for example, Bitcoin and Ether).

Provision of services by banks to clients

The FCA calls on banks to enhance their scrutiny on current or prospective clients who derive significant business activities or revenues from crypto-related activities. 

The services that were highlighted in the letter as particular examples of where banks may be at risk are: provision of services to cryptoasset exchanges; dealing with clients whose source of wealth arises or is derived from cryptoassets; and arranging, advising or participating in an ICO.

The letter then sets out a number of steps which banks should consider when managing such risks.  They are:

  • Developing staff knowledge and expertise on cryptoassets to help them identify the clients or activities which pose a high risk of financial crime.
  • Ensuring that existing financial crime frameworks adequately reflect the crypto-related activities which the firm is involved in, and that they are capable of keeping pace with fast-moving developments.
  • Engaging with clients to understand the nature of their businesses and the risks they pose.
  • Carrying out due diligence on key individuals in the client business including consideration of any adverse intelligence.
  • In relation to clients offering forms of crypto-exchange services, assessing the adequacy of those clients' own due diligence arrangements.
  • For clients which are involved in ICOs, considering the issuance's investor-base, organisers, the functionality of tokens (including intended use) and the jurisdiction.

The FCA adds that it expects banks to exercise particular care in cases where a customer's wealth or funds derive from the sale of cryptoassets or other cryptoasset-related activities by applying the same criteria for checking source of funds on that source as would be applied to other sources of wealth or funds.  It goes on further to say that where a bank identifies that a customer is using state-sponsored cryptoasset which is designed to evade international financial sanctions, it would see it as a high-risk indicator.

Retail customers

The letter concludes by noting that retail customers contributing large sums to ICOs may be at a heightened risk of falling victim to investment fraud and the FCA reminds banks of the 2012 FSA review regarding bank defences against investor fraud.


The FCA has always been alive to the risks posed by cryptocurrencies and have been issuing warnings on the risks of investing in cryptocurrencies which the FCA have previously said are not themselves regulated by the FCA and so consumers do not have the protections offered by the UK's financial regulatory framework (although derivative instruments which reference cryptocurrencies may be regulated investments).

This is however the first guidance the FCA has given to banks on how banks can tackle cryptoassets financial crime and is a clear sign that the FCA is aware of the fact that banks are increasingly getting involved and the important role they play in this area and hence the corresponding heightened financial crime risk posed.

As the market awaits any further guidance from the FCA, there is little doubt that this first guidance is a step in the right direction to help combat cryptoassets financial crime.