52.Investors in crypto-assets face a number of risks. These include:
53.Despite this, “crypto-assets themselves […] are generally not within the scope of FCA regulation. Transferring, buying and selling of crypto-assets, including the commercial operation of crypto-asset exchanges will also typically fall outside the FCA’s regulatory perimeter.” This chapter will consider the current regulatory remit and look at each of these risks in turn.
54.In the FCA’s written evidence to the Committee, it clarified that “crypto-assets themselves (i.e. those designed primarily as a means of payment / exchange) are not within the scope of FCA regulation.” This is because crypto-assets “generally will not meet the criteria to be considered a specified investment under the Regulated Activities Order, nor would they typically qualify as ‘funds’ or ‘e-money’ in the Payments Services Directive 2 and E-Money Regulation 2009.”
55.Whether an Initial Coin Offering (ICO) is regulated in the UK depends on how it is structured and what the token subsequently represents. For example, when tokens represent a transferable security such as shares and bonds, that ICO would fall within the regulatory perimeter of the FCA. Issuers would thus be subject to the FCA’s Principles and relevant rules. If an ICO falls within the regulatory perimeter, the FCA would also be required to ensure an appropriate degree of protection for ICO investors as they are ‘consumers’ for the purposes of the FCA’s statutory objectives. However, when tokens represent a claim on prospective services or products, they do not amount to transferable securities or other regulated products and thus fall outside the regulatory perimeter. Issuers would therefore not be required to follow the FCA’s principles and relevant rules, and the FCA would not be required to ensure an appropriate degree of protection for investors. The FCA states that “most ICOs are not regulated by the FCA and many are based overseas.”
56.David Geale, Director of Policy at the FCA, noted that this distinction creates risks for consumers, and that the FCA “have concerns that […] consumers may think they are operating in a regulated space when they are not.” However, he did note that ICOs “can be a useful way for some small and mediumsized enterprises to raise capital.”
57.Regulatory initiatives to bring crypto-asset exchanges into the money laundering regulations are underway in the EU. The European Parliament adopted the Fifth Anti-Money Laundering (AML) Directive on 19 April 2018. The Fifth AML Directive will extend AML and Counter-Terrorist Financing rules to virtual currencies, such that rules will now apply to entities which provide services that are in charge of holding, storing and transferring virtual currencies. In future, these entities will have to identify their customers and report any suspicious activity to relevant regulators and authorities. The Directive came into effect on 9 July 2018 and EU member states will have until 10 January 2020 to amend their national laws to conform with the new Directive.
58.As discussed earlier in this report, crypto-asset prices are volatile. The price of a Bitcoin in January 2013 was less than $20. In December 2013 the price of Bitcoin reached just over $1,000 but its value subsequently fell back into the hundreds. In March 2017, the price of Bitcoin began to rise again and greatly surpassed its previous records, reaching a peak of $19,206 in December 2017. However, within two months, the price dropped to just over $7,000 by February 2018. Since then, the price of Bitcoin has fluctuated between just over $11,000 and just under $6,000, to $6,467.25 in September 2018 when this report was published. Coinbase’s chart below tracks the value of Bitcoin from January 2013 to now.
Source: Coinbase. These figures were obtained from Coinbase, a crypto-asset wallet and platform where merchants and consumers can transact with crypto-assets. Coinbase tracks the value of Bitcoin, Bitcoin Cash, Ethereum and Litecoin.
59.Other crypto-assets that emerged since Bitcoin have not achieved the same market capitalisation, but have exhibited similar or greater volatility. For example, the price of Ethereum has varied from $0 to $1,339 between August 2015 and August 2018. At the time of writing, the price of Ethereum was $203.59.
60.The chart below plots the volatility of crypto-asset returns over a year against other assets. It shows that Bitcoin (represented by BTC) is in fact not as volatile as other crypto-assets, such as Ethereum (ETH) and Stellar (XLM). The chart also highlights that crypto-assets are considerably more volatile than other assets, such as gold, equities and other financial assets.
Source: Sifr Data.
61.The FCA explained why the price volatility of crypto-assets exceeds that of other asset classes:
Price discovery in a traditional marketplace is set by the information on the current consumption and expected future demand for a particular asset or commodity. […] As most crypto-assets do not have any inherent worth in and of themselves […] and they are not actively used in commerce or secured by a central bank of a nation state, their price is reliant on market sentiment and speculative use cases [rather] than real world applications. This results in greater price instability—especially over a short time horizon.
62.Iqbal Gandham, Chair of Crypto UK and Managing Director at eToro, argued that the price volatility of crypto-assets has been decreasing over time:
If you have a look at the volatility of individual currencies, Bitcoin’s volatility at launch was 50 per cent of its price on a daily basis. Last year, it was 10 per cent. This year, if I have a look at the data on eToro’s platform—one of our members, CryptoCompare, supplied the data—it is 4 per cent to 5 per cent. The same trend can be seen in Ethereum, Litecoin or any other currencies that have been around for five to six years, so the daily volatility is falling.
Obi Nwosu, Chief Executive Officer of Coinfloor, shared this view and argued that increasing liquidity entering the market could reduce volatility further:
Price volatility has been reducing all the time, and one thing that has caused that is the increase in volume and liquidity entering the market. There are a number of institutional players that would like to get into the market, but they can only deal with other regulated institutions. If they enter the market, they will bring the disciplines that relate to that, but they will also massively increase the liquidity, stabilise the price and make it a safer place for consumers.
63.However, Izabella Kaminska, Editor of the Financial Times Alphaville, argued that the price volatility of crypto-assets indicates they are not suitable assets for mainstream investors:
The question we should be asking is this: should this be propagated and should its use be encouraged among day-to-day people […] Anyone who had invested in November or December last year would be very disappointed in the returns they had had. Yes, you can look at the whole picture and say, ‘the early adopters have done fabulously well’, but this turns out to be a poor case for the currency argument, because that encourages the sort of inequality that we have never even seen before in any currency spectrum. Something like less than 1 per cent of all the wallets own most of the wealth in bitcoin. Yes, you might be able to argue that people who entered it early have benefited […] if you are a late adopter, you tend to lose out.
64.Crypto-assets have no inherent value. In the absence of any market fundamentals, their prices fluctuate according to sentiment. This causes far higher volatility than other asset classes, exposing investors to larger potential gains, but correspondingly greater risk of loss. The use of blockchain as a payments system exacerbates these risks, since the exchange rate (vis-à-vis other crypto-assets, or conventional currency) can fluctuate significantly during the time it takes to settle a transaction.
66.Crypto-asset exchanges enable people to use fiat currency to buy crypto-assets, such as Bitcoin. Crypto-asset exchanges can be custodial and non-custodial. Custodial crypto-asset exchanges hold crypto-assets on behalf of their customers whereas non-custodial crypto-asset exchanges do not have custody of customers’ money. In these cases, customers have complete ownership of their money and are responsible for its security. David Raw, Deputy Director of Banking and Credit at HM Treasury, told the Committee it is the custodial exchanges that are at a greater risk of being hacked. To hack a non-custodial exchange would be to hack the blockchain itself, which, as far as is known, has not yet been successfully done.
67.Several custodial crypto-asset exchanges have been hacked and customers’ crypto-assets have been stolen. For example, on 28 February 2014 Mt Gox, a Japanese Bitcoin exchange, filed for bankruptcy after announcing that it may have lost all of its investors’ virtual coins, after its computer system was hacked. More recently, over the weekend commencing 9 June 2018, South Korean exchange Coinrail suffered a cyber-attack which caused a loss of approximately 30 per cent of the crypto-assets traded on the exchange.
68.Martin Etheridge, Head of Notes Operations at the Bank of England, noted the importance of distinguishing between the hacking of crypto-asset exchanges and the hacking of the blockchain:
This reinforces the need for a distinction between the underlying technology and the tokens themselves, because people will tell you how resilient and secure distributed ledger technology is but, when you look at the system that is currently in operation, it is not the distributed ledger that is being hacked; it is the custodians [i.e. the custodial wallet providers and exchanges] that are being hacked.
69.When asked why crypto-asset exchanges appeal to hackers, Izabella Kaminska, Editor of the Financial Times Alphaville, argued that the characteristics of crypto-assets and the underlying technology incentivises and facilitates their theft:
On the hacking point, it is important to put this in lay terms. What we have here is the creation of a bearer asset. We hear a lot about how amazing it is that the blockchain is immutable. The downside of immutability is that if somebody steals your asset it continues down the chain, unless we start to blacklist said coins that have been stolen. […] In terms of what we are talking about physically, we are talking about [crypto-asset owners’] capacity to remember a very complicated string of numbers [which] is what gives you access to your funds. It is all about how securely those numbers can be kept. […] If a criminal finds your string they have full access. By the time it has gone and been spent you have lost access. You are only as secure as your own capacity to remember those numbers. […] The real weak point is the user.
70.When asked how crypto-asset exchanges can mitigate the risk of hacking, Iqbal Gandham, Chair of Crypto UK and Managing Director of eToro, explained that by keeping customers’ details offline, greater security can be achieved. He said:
We at Crypto UK have created a self-regulatory code of conduct, one aspect of which is that any member exchange needs to keep 90plus per cent of customer currency in cold storage, so not connected to the internet, to avoid [hacking]. People are moving their assets, they are disconnecting them from the internet. They are also now insuring any assets that are connected to the internet. It is very difficult to get insurance, because the insurance products have not matured enough, but they are working to address these concerns.
71.Obi Nwosu, Chief Executive Officer of Coinfloor, elaborated on the concept of cold storage further:
[An individual’s] private key, the stamp for authorising [a transaction], can be kept online, in what is known as hot storage, on an internet-connected device, or it can be kept in cold storage, offline, on a device that is not connected to the internet. It would be created offline, stored offline and used offline. That is known as cold storage. This is important, because every single successful hack of an exchange has always involved the hot element. […] This is the equivalent of money in your purse versus money in a bank vault. One is online, available for other people to access, while the other is money offline and behind various security.
72.However, Ms Kaminska argued that the use of cold storage highlights the inefficiencies of the crypto-asset exchanges, and creates market liquidity issues:
Cold storage has been put forward as a solution here, but we need to recognise what that actually means. It means total inefficiency. There is something called a security access paradox, insomuch as if it is secure it is not accessible, and if it is accessible it is not secure. When everything is in cold storage, it is very difficult to maintain the liquid availability of funds to manage things in real time.
73.When asked if exchanges had mechanisms for compensation in the event of a hack and subsequent loss of crypto-assets, Mr Nwosu stated that most exchanges did not have any mechanisms for compensation at this stage.
74.An additional risk that consumers may not be aware of came to the attention of the Committee during the inquiry relating to the storing and access to passwords of crypto-asset platforms. The Committee has heard of instances where customers that have lost their passwords (and consequently access to their accounts) and have been told by the firm that runs their account that the passwords cannot be restored. For example, in response to a customer who had forgotten their password and recovery phrase, Blockchain, a non-custodial software platform that provides wallets to customers, stated that “your recovery phrase is the only way to restore access to your wallet if you forget your password.” Thus, there is no recourse for customers who have lost their password and recovery phrase.
76.There is no collective deposit insurance scheme to compensate investors in the event of a hack, nor do individual exchanges generally have arrangements in place to do so. The risk of hacking associated with crypto-assets may not be something investors in conventional assets have experience of, and therefore they may not be well placed to judge this risk. It constitutes further evidence that crypto-assets are particularly ill-suited to retail investors.
77.There have also been instances of investors losing access to their crypto-assets when they have lost their passwords to their accounts with exchanges or crypto-asset platforms. Exchanges and crypto-asset platforms have subsequently been unable to recover their customers’ details, so customers are locked out of their accounts permanently. This often unexpected outcome for investors is a stark contrast against how customers of banks, and other regulated financial services firms, are treated when they have forgotten their details.
78.Many Initial Coin Offerings (ICOS) have failed in their fruition, resulting in financial losses for those who had initially invested in the ICO. A crowdsourcing website that keeps track of coins that have gone out of existence, www.deadcoins.com, has identified over 900 ICOs that have failed. The website lists whether the ICOs failed due to their inadequate business proposals, through a successful hack of the coins or whether they were a fraud or scam to begin with. For example, CraftCoin was designed to be a crypto-asset that would be used as an in-game currency for Minecraft users but failed to launch. According to CoinMarketCap, a website tracking the market capitalisation of crypto-assets, the value of CraftCoin in September 2018 was $0.000738 and the market capitalisation, volume traded in the last 24 hours and the circulation supply were unknown. Additionally according to ICO Data, a website that lists the funds raised of ICOs, an ICO for a new crypto-asset called Infinitum Coin was launched in January 2018 and ended in April 2018, having raised $0. A study of 2,400 ICOs by a research team at Boston College, Massachusetts found that 56 per cent failed within the first four months.
79.Izabella Kaminska, Editor of the Financial Times Alphaville, told the Committee that would-be investors in ICOs should be cautious:
You have to ask: why are these companies going to the ICO markets instead of going to the conventional markets? If your product is good enough to raise money in the markets, you should be able to raise it in the regulated markets, not just go to the ICO issuance.
80.As discussed earlier, most ICOs are not regulated in the UK, and investors are extremely unlikely to have access to regulatory protections. David Geale, Director of Policy at the FCA, explained that:
The bulk of this [ICO] activity seems to be in the unregulated space, around things like the utility tokens, where you are buying, for example, future rights to access a theme park or something that does not exist at the moment. Is that the sort of thing we would regulate? It is certainly not the sort of thing we regulate at the moment […]
81.In its evidence to the Committee, MIT Media Lab argued that “ICOs are essentially a new method of capital raising for a new enterprise [and] they should not be able to avoid relevant securities regulations just by tweaking the form.” This view is reflected in the approach taken by the US Securities and Exchange Commission, whose Chairman, Jay Clayton, issued a public statement in December 2017 that:
A change in the structure of a securities offering does not change the fundamental point that when a security is being offered, our securities laws must be followed. Said another way, replacing a traditional corporate interest recorded in a central ledger with an enterprise interest recorded through a blockchain entry on a distributed ledger may change the form of the transaction, but it does not change the substance. The Commission applied longstanding securities law principles to demonstrate that a particular token constituted an investment contract and therefore was a security under our federal securities laws. Specifically, we concluded that the token offering represented an investment of money in a common enterprise with a reasonable expectation of profits to be derived from the entrepreneurial or managerial efforts of others.
82.In particular, Mr Clayton highlighted that “utility” tokens would generally be treated by the SEC as securities, and regulated accordingly:
Certain market professionals have attempted to highlight utility characteristics of their proposed initial coin offerings in an effort to claim that their proposed tokens or coins are not securities. Many of these assertions appear to elevate form over substance. Merely calling a token a ‘utility’ token or structuring it to provide some utility does not prevent the token from being a security. Tokens and offerings that incorporate features and marketing efforts that emphasize the potential for profits based on the entrepreneurial or managerial efforts of others continue to contain the hallmarks of a security under U.S. law.
83.Mr Geale explained how differences in the law gave rise to the different regulatory approaches to ICOs in the UK and the US:
The tests [the SEC] applies are different [from the FCA]. It applies them on the basis of case law, which is more like asking, ‘does it look and feel like an investment, because you are investing for some form of speculative return?’, whereas the definitions of a ‘financial instrument’ are laid down in legislation here. It is different, but if it is a financial instrument that looks like a form of security, or if there is a form of security […] it will be regulated. […] For utilities, where it is not conferring rights to future returns but there might be a future reward of some description, it is outside the perimeter.
84.On 12 September 2017 the FCA published a consumer warning about the risks of Initial Coin Offerings (ICOs), stating that ICOs are “very high risk, speculative investments” and highlighting the absence of regulatory protections. The consumer warning went on to highlight the risks faced by consumers from price volatility, potential for fraud and inadequate documentation that are typically associated with ICOs. It cautioned that investors should be “prepared to lose [their] entire stake.”
85.The FCA’s power to issue consumer warnings extends to products that fall within its remit. Mr Geale conceded that the FCA’s warning on ICOs may “have gone a little bit outside of our remit.”
86.It is not known how many current or prospective ICO investors have read the FCA’s warning. When asked whether it had been useful, Ms Kaminska stated that “personally, I do not think they have gone far enough, and they have been very late to the game as well. We were all waiting to see action much earlier than it happened.”
87.The FCA’s stark consumer warning on ICOs is evidence that they present significant risks to investors. But apart from drawing attention to the risks, there is little the FCA can do to protect individuals from being defrauded or losing their money. This is because most ICOs do not promise financial returns, but instead offer future access to a service or utility, meaning they fall outside the regulatory perimeter.
88.While there may be no explicit promise of financial returns, investors in ICOs clearly expect them: they are not buying tokens to gain access to as-yet unbuilt theme parks, or to obtain dental services in years to come, but in the hope of selling them at a profit. The development of ICOs has exposed a regulatory loophole that is being exploited to the detriment of ordinary investors. The Regulated Activities Order should be updated to bring ICOs within the FCA’s perimeter as a matter of urgency, and bring investor protections into line with those in the United States.
90.Although they will fall within the scope of the Fifth Anti-Money Laundering (AML) Directive and will have to comply with anti-money laundering and counter-terrorist financing rules, crypto-asset exchanges are not included in Anti-Money Laundering (AML) regulations that are currently in force. As the FCA notes:
The activities that require firms to comply with anti-money laundering (AML) obligations are set out in the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 (MLR). Crypto-asset exchange activities are not included in the MLR, which means that such firms are not currently subject to AML requirements.
91.It is suspected that crypto-assets and crypto-asset exchanges appeal to money launderers and are being used to facilitate money laundering and terrorist financing. The Solicitors Regulation Authority noted that given the current lack of regulation, “crypto-[assets], and any similar technologies […] facilitate anonymity […].”
92.When asked about crypto-assets’ role in facilitating money laundering, David Raw, Deputy Director of Banking and Credit at HM Treasury, stated that “the latest risk assessment from the National Crime Agency is that [crypto-assets’] use for money laundering and terrorist financing is currently low. They are seeing cases of it, but it is not widespread.”
93.In evidence to the Committee’s Economic Crime inquiry, Donald Toon, Prosperity Command at the National Crime Agency, explained that even though there is a growing risk that crypto-assets are facilitating money laundering and terrorist financing, “it is important that we place virtual currencies in the context of the whole money laundering problem.” There are “other large-scale areas of the problem.” Nevertheless, he stated that “we are not relaxed about this. We see it as a problem.”
94.Mr Raw, HM Treasury, explained that, although they provide a degree of anonymity, some characteristics of crypto-assets disincentivise criminals and terrorists from using them to launder money:
[While crypto-assets are] an anonymous way of paying for illicit activity, there is the fact that you are potentially creating a more transparent record of the transaction, which is potentially auditable. There is a question over whether terrorists would want to use this method. There are other methods available to them, many of which are easier, such as cash couriers.
95.However, the FCA stated that the role of crypto-assets in money laundering could be more significant than previously assessed:
In 2017, the UK’s National Risk Assessment of money laundering and terrorist financing risk (NRA), assessed the risk of crypto-asset use for money laundering to be relatively low. This was because of a lack of evidence of crystallised risk. However, FCA work on this issue using information that postdates the intelligence the NRA relied on shows evidence supporting wider-scale criminal use and we now view the potential harm in this space to be greater than previously assessed.
96.The Committee received written evidence from Crypto UK arguing that “lack of regulation around the ‘on’ and ‘off’ ramps, where fiat is converted into a cryptocurrency and vice versa, [i.e. crypto-asset exchanges], means that these points are currently vulnerable to criminal activity.”
97.Obi Nwosu, Chief Executive Officer of Coinfloor, argued that there is an important role for exchanges in mitigating the risk of money laundering:
If exchanges put efforts into knowing their customer, track the source and destination of funds on the crypto side as well as the fiat side, have strong policies around monitoring behaviour on the site and have a policy of submitting suspicious activity to the National Crime Agency […] they [would] have very low rates of issues in [money laundering].
98.However, Izabella Kaminska, Editor of the Financial Times Alphaville, argued that the current policies and practices of crypto-asset exchanges are often ineffective:
There is a difference between asserting that you are pre-emptively compliant and the reality of that compliance. In my day job as a journalist, I often test a lot of these platforms for exactly that. I have often been privy to situations where I can open accounts without providing the full spectrum of information that is usually needed to fulfil KYC [Know Your Customer] requirements. […] It is very easy to say that you are compliant, but who is testing that compliance?
99.Mr Raw highlighted to the Committee that the Government is already considering how to apply AML regulation to the crypto-asset landscape. He said the “key thing […] in terms of tackling money laundering and terrorist financing, is […] to bring the exchanges, which is the point at which fiat currency exchanges for cryptocurrencies, into the money laundering directive regulations”.
100.Mr Raw told the Committee that the next step was for the UK to transpose the European Directive into UK regulation:
Transposing the Fifth AML Directive is certainly a matter of urgency. […] We will be consulting on how to transpose that over the remainder of this year and the course of next year. The precise timings are still being worked out, but by the end of next year it will be transposed so we will know precisely what that new money laundering framework looks like in relation to crypto assets and exchanges, including who the responsible regulator is. We will know precisely how we are going to deal with it.
101.The Committee also heard in evidence from David Geale, Director of Policy at the FCA, that the FCA has reminded firms of their own AML responsibilities whilst the Fifth AML Directive is being transposed:
In the interim, we have […] written to the chief executives of the banks, asking them to think about the use of crypto assets in terms of whom they are dealing with, the due diligence they do on the customers they have and who those people are dealing with, the jurisdictions they are dealing in, the underlying technology and the governance that is being put around that. There are interim steps that we can take and are taking to remind the banks of their own responsibilities under existing antimoney laundering laws. The new ones will help in terms of what actually comes through the exchanges.
102.The Committee also heard from Iqbal Gandham, Chair of Crypto UK and Managing Director of eToro, that some crypto-asset exchanges are preparing for the implementation of the Fifth AML Directive, but also require further guidance from the Government and regulators:
[Some exchanges] are also aligning themselves with the Fifth Anti-Money Laundering Directive. [But]we still need clarity from the UK Government to say, ‘these are the checks that we want you to do.’
103.Owing to their anonymity and absence of regulation, crypto-assets can facilitate the sale and purchase of illicit goods and services, and can be used to launder the proceeds of serious crime and terrorism.
105.The adoption of the Fifth Anti-Money Laundering (AML) Directive represents a step forward in this respect. Under the Fifth AML Directive, crypto-asset exchanges will have to comply with anti-money laundering and counter-terrorist financing rules. The Committee urges the Government to treat the transposition of the Directive as a priority, and to expedite the consultation process, which is currently not planned to finish until the end of 2019. If the UK leaves the EU without a transition period in March 2019, the Committee would nonetheless expect the Government to seek to replicate the relevant provisions of the AML Directive in UK law as quickly as possible.
107.In its written evidence to the Committee, the FCA highlighted the risk of price manipulation in the crypto-asset market:
Because of the […] dynamics of crypto-asset markets, where trading volume and capitalisation is considerably lower than established financial markets, there is a greater potential for malicious actors to coordinate price manipulation—such as ‘pump and dump’ schemes. This presents a risk for any potential buyers—retail or institutional—who may interpret sudden price appreciation as a sign of a high quality crypto-asset with strong potential, only to lose their money as these price rises are reversed.
The FCA also noted the risks of other forms of market abuse:
The relatively immature market infrastructure underpinning the crypto-asset market could lend itself to more complex forms of market manipulation such as insider trading or spoofing orders—the latter enabled by the lack of reporting standards and the overreliance on non-professional websites for price or market information.
The FCA indicated that these risks are exacerbated by the difficulties of policing crypto-asset markets, even if they had the powers to do so:
[T]here would be practical difficulties policing market abuse in many crypto-assets, even with the requisite powers, since much of the exchange trading is concentrated in non-EU jurisdictions, and identifying the underlying owners of crypto-assets, who may hold ‘inside information’ or those malicious actors spreading false information may be hampered by the virtual and, in part, anonymised nature of these assets.
108.An example of market manipulation of the price of Bitcoin was highlighted in a paper by academics at the University of Texas, published on 25 June 2018. The paper investigated whether Tether, a digital currency pegged to the US dollar, influences the price of Bitcoin and found that:
Purchases [of Bitcoin] with Tether are timed following market downturns and result in sizable increases in Bitcoin prices. Less than 1 per cent of hours with such heavy Tether transactions are associated with 50 per cent of the meteoric rise in Bitcoin and 64 per cent of other top cryptocurrencies. […] These patterns cannot be explained by investor demand proxies but are most consistent with supply-based hypothesis where Tether is used to provide price support and manipulate cryptocurrency prices.
109.In its written evidence to the Committee, Crypto UK noted that the current lack of regulation of crypto-asset exchanges “create[s] an environment where there is a risk to consumer manipulation.” Thus Crypto UK argued that pro-actively introducing regulation of crypto-asset exchanges means that “[the] Government can pre-emptively protect consumers against market abuse and exploitation.”
110.One of the FCA’s three objectives is to “protect and enhance the integrity of the UK financial system.” The FCA argued that “the markets need to be supported by resilient infrastructure, with appropriate access and transparency to meet the needs of the consumers, corporates and other wholesale clients that use them.” The FCA therefore seeks to ensure that senior management are accountable for the capital market activities, there is a positive culture of proactively identifying and managing conflicts of interest, and firms’ business models, activities, controls and behaviour maintain trust in the integrity of markets and do not create or allow market abuse, systemic risk or financial crime.
111.Crypto-asset markets are particularly vulnerable to manipulation, and they fall outside the scope of market abuse rules. In responding to this Report, the FCA should outline the approach it would take to market manipulation were these markets to fall within its remit.
112.In March 2018, the Bank of England’s Financial Policy Committee “judged that existing crypto-assets did not currently pose a material risk to UK financial stability.” Martin Etheridge, Head of Note Operations at the Bank of England, elaborated on the Bank of England’s position:
From the Bank’s perspective, the primary lens through which we look at this is one of financial stability. […] [Crypto-assets] are not currently functioning in payments and settlement, so that is not a particular worry. In terms of the linkages with systemically important firms or systemically important markets, right now, those linkages are pretty negligible. The market itself is small in comparison to other large financial markets. In terms of the activities of UK firms, that is also pretty small.
The Bank of England also emphasised this in its written evidence, noting that “since the peak on 6 January 2018, the crypto-asset market has lost 65 per cent of its value in just 12 weeks […]. Despite this fall, there has been no disruption to the financial system.”
113.Mr Etheridge said that this view is shared by regulators globally:
[This] is also a position shared by our counterparts overseas as part of the Financial Stability Board, which has reported to the G20 that it does not currently believe there are material threats to global financial stability.
114.The Bank of England is taking precautionary measures to ensure crypto-assets do not become a risk to financial stability and Mr Etheridge informed the Committee that the Bank of England is “stepping up […] monitoring activity […] [and] will be monitoring the extent to which there is additional take-up for these asset classes.”
115.Furthermore, Sam Woods, the Deputy Governor for Prudential Regulation and Chief Executive Officer of the Prudential Regulation Authority (PRA), wrote to the CEOs of banks, insurance companies and designated investment firms on 28 June 2018, noting the risks crypto-assets pose and the regulator’s expectations:
Crypto-assets have exhibited high price volatility and relative illiquidity […] raise concerns related to misconduct and market integrity [and] may appear vulnerable to fraud and manipulation, as well as money laundering and terrorist financing risks. […] I remind you of your firm’s responsibilities […] to (i) act in a prudent manner; (ii) have effective risk strategies and risk management systems; and (iii) deal with regulators in an open and cooperative way […]
116.The Committee agrees with the Bank of England that, since they are not being widely used as a means of payment, and the linkages to systemically-important firms and markets are negligible, the risk to financial stability arising from crypto-assets is low. The Committee expects the Bank of England and the FCA to continue to monitor developments in crypto-asset markets, and financial institutions’ exposure to them.
117.Both ICO issuers and crypto-exchanges use advertisements, including on social media, that highlight the potential for quick returns on investments in crypto-assets. Because neither ICO issuers or crypto-exchanges are regulated, these advertisements are not subject to the FCA’s rules, nor does the regulator have any powers to withdraw a misleading advert. For example, Coinshop, a website that enables users to buy Bitcoin and Ethereum, advertised its services in Easy Jet’s inflight magazine in May 2018 stating that “in 2017 we’ve witnessed the Bitcoin rise from $1,000 to $19,000—a 1800 per cent increase. Millionaires, top level CEOs and wall-street strategists predict that the Bitcoin will increase to levels between a conservative $50,000/Coin to a high of $1,000,000/Coin by the end of 2020.” The advert does not mention that the price of Bitcoin fell from $19,000 at its peak in December 2017 to under $7,000 in April 2018. The advert also omits investment warnings that past performance is not a reliable indicator of future results, that investments may fall as well as rise, and that the amount realised may be less than the original sum invested.
118.David Geale, Director of Policy at the FCA, told the Committee how the FCA might approach these advertisements were they to fall within the regulator perimeter:
If [crypto-assets] were to come into our regulatory remit, I imagine the protection we applied would be similar to that we apply elsewhere. We would look at things like the customers the firms are dealing with, who they are targeting through their marketing, the standards of their marketing, the standards of their disclosures through things like risk warnings, the balance and sufficiency of those, and so on. […] For crowdfunding, for example, we have taken steps to restrict the marketing to people who are inexperienced investors at the outset, to try to stop them putting all their life savings into it.
119.Izabella Kaminska, Editor of the Financial Times Alphaville, told the Committee that regulating the advertising of crypto-assets, crypto-exchange services, and related products, would be an important step in furthering consumer protection:
At the moment, there is a wild west situation with the adverts. They are deployed in a way that presents the impression that it is a one-sided market that will go up and that anyone can make a lot of money very easily. The advertising is prolific as well. It is not in any way catered towards a sophisticated clientele. You see it on the tube. Younger people are being exposed; older people are being exposed. Everybody is exposed at the moment, so that is certainly one area that the Committee should look to.
120.David Gerard, author of Attack of the 50 Foot Blockchain, shared this view and argued that “it would be appropriate to put in place strong consumer protection against mis-selling crypto-asset enterprises as investments to retail-level investors.”
121.As well as considering the absence of regulation around crypto-assets for consumers prior to their purchase, the Committee has also considered the implications of the lack of regulation on consumer detriment once the assets themselves have been bought, and how consumers can pursue redress and compensation.
122.This chapter has raised a number of ways in which consumers may experience economic detriment and not be entitled to redress or compensation:
123.Mr Geale emphasised that the usual consumer redress and compensation, that consumers have come to expect from FCA regulated financial services would not apply to unregulated financial activities and products such as crypto-assets:
We have to separate the regulated space from the unregulated space. In the regulated space, if it is a regulated firm that has done something wrong, [the consumer] has a right to complain. They complain to the firm. Our rules require the firm to deal with that in a particular way. If they remain unsatisfied, they can go to the FOS [Financial Ombudsman Service].
If the firm has failed and has left a loss on the consumer that is not a trading loss—for example, if the firm has misappropriated client money—they may have a call on the Financial Services Compensation Scheme.
In terms of people in the unregulated space, they do not have access to the ombudsman service and they do not have access to the compensation scheme. […] Unless there is some kind of fraud involved or something, their options are very limited.
124.David Raw, Deputy Director of Banking and Credit at HM Treasury, noted that HM Treasury may consider changing the regulatory perimeter to ensure consumers do have access to mechanisms for redress and compensation:
If we discover that there are huge risks to consumers outside the regulatory perimeter where people do not have recourse to the FOS or the FSCS, the answer may well be that the Treasury legislates or takes action to change where the regulatory perimeter is.
125.The FCA’s consumer warnings are a feeble corrective to advertisements—on social media, billboards, trains and taxis—that only emphasise the upside opportunities of crypto-asset investing. The advertisements for crypto-asset investing are clearly misleading to consumers and as crypto-asset activities fall outside the FCA’s regulatory perimeter, the FCA is restricted in actions it can take. The FCA needs more power to control how crypto-exchanges and ICO issuers market their services, by bringing the activities they perform into the regulatory perimeter. Such a step would also provide investors with wider protections against mistreatment, including loss of deposits through fraud and hacking, or losing access to funds due to the loss of passwords.
126.The Committee heard that increasing the regulatory oversight of crypto-assets may help the market to develop. Obi Nwosu, Chief Executive Officer of Coinfloor told the Committee that:
The lack of regulation is one of the things preventing [crypto-assets] getting to a mature stage. […] We know for a fact that there is a huge demand for the provision of much higher levels of liquidity to the market to stabilise the price. The only reason they are not entering the market is because the players are not regulated and there is not appropriate regulation in place. If there were regulation in place in a jurisdiction such as the UK, with such a strong financial and technology base, we would see a massive influx of inward investment and businesses not only migrating to this space but also expanding to this space.
127.Mr Nwosu noted that if more regulation was to be applied to crypto-assets, it could encourage insurance companies to collaborate with crypto-asset exchanges to provide mechanisms for compensation in the event of a hack.
128.Iqbal Gandham, Chair of Crypto UK and Managing Director of eToro, told the Committee that regulation could have wider benefits for the competitiveness of the UK financial services industry:
Hundreds of thousands of [consumers] are buying [crypto-assets] from exchanges, such as the ones that have been hacked abroad. If you speak to these exchanges, they would be more than happy to be regulated and operate out of the UK. Currently they are going to jurisdictions such as Switzerland, Gibraltar, Malta, et cetera. They would be happy to be regulated.
129.Crypto-assets have been embedded in certain pockets of society and industry, and it is highly likely that they are here to stay. The UK Government and financial services regulators appear to be deciding whether they will allow the current “wild west” situation to continue, or whether they are going to introduce regulation. The current ambiguity surrounding the Government’s and the regulators’ positions is clearly not sustainable.
130.The Committee is aware of the establishment of self-regulating bodies in the crypto-asset industry such as Crypto UK, which set out codes of conduct and best practice for the industry. However, as these standards are wholly voluntary, there are inevitably firms ignoring them. When industry is self-regulating, there is no authority to hold industry to account. Throughout the inquiry, the Committee has heard of the crypto-asset industry distributing misleading advertisements and laxing on their self-imposed ‘know your customer’ rules. Self-regulation within the crypto-asset industry is clearly insufficient. The introduction of formal regulation would make standards compulsory and relevant regulators can hold industry to account.
131.Given the scale and variety of consumer detriment, the potential role of crypto-assets in money laundering and the inadequacy of self-regulation, the Committee strongly believes that regulation should be introduced. At a minimum, regulation should address consumer protection and anti-money laundering.
133.If the Government decides that growth is to be encouraged, the Committee believes that the introduction of regulation could lead to positive outcomes for the crypto-asset market. The implementation of crypto-asset regulation in the UK may enable the market place to move to a more mature business model that improves consumer outcomes and enables it to grow sustainably. The entry of institutional investors into the market would increase liquidity, which in itself could reduce some of the inherent risks that exist at present.
134.If the UK develops an appropriate and proportionate regulatory environment for crypto-assets and if future innovations in crypto-assets proved themselves as beneficial to society and industry, the UK could be well placed to become a global centre for this activity, providing that the crypto-asset market adhered to high standards and was not associated with criminality.
74 Financial Conduct Authority () para 20
75 Financial Conduct Authority () para 3
76 Financial Conduct Authority () para 3
77 Financial Conduct Authority ()
78 Financial Conduct Authority () para 6
79 These include requirements to conduct business with integrity and to treat customers fairly.
80 Financial Conduct Authority () para 6
81 FCA, , 12 September 2017
84 European Commission, Press Release, , 19 April 2018
85 European Commission, Fact Sheet, Strengthened EU rules to prevent money laundering and terrorism financing, 9 July 2018
86 European Commission, Fact Sheet, Strengthened EU rules to prevent money laundering and terrorism financing, 9 July 2018
91 A comparison of volatility of different crypto-assets has been produced by Sifr Data, a cryptocurrency analytics company
92 Price correct at 13 September 2018
93 This chart plotting the volatility of crypto-asset returns was obtained from Sifr Data which conducts analysis of crypto-assets and creates simulations and visualisations to reflect trends.
94 In this chart, GLD represents SPDR gold shares. SPX represents the Standard&Poor’s (S&P)500 Index. TNX represents the CBOE 10 Year Treasury Note Yield Index.
95 Financial Conduct Authority () para 17
96 Crypto UK was established in February 2018 as the first self-regulatory industry body for the crypto-asset industry. Founding members are: BlockEx; CEX.IO; Coinbase; Coinshares; Coinfloor; CommerceBlock; CryptoCompare; eToro.
97 eToro is trading platform which enables its customers to trade crypto-assets.
101 Apart from mining and exchanging fiat currency for wallet keys face-to-face, this is the only way of acquiring crypto-assets, and so the key intermediary in the system.
104 Reuters, S.Korean exchange Coinrail says hit by hackers, bitcoin slides, 11 June 2018
112 Extract from , accessed on 12 June 2018
113 , accessed 20 August 2018
114 Minecraft is an internet-based game where players go on adventures in Minecraft’s digital realm.
118 Benedetti, Hugo and Kostovetsky, Leonard, Digital Tulips? Returns to Investors in Initial Coin Offerings, 20 May 2018
120 FCA, , 12 September 2017
122 MIT Media Lab ()
123 US Securities and Exchange Commission, , 11 December 2017
124 US Securities and Exchange Commission, , 11 December 2017
126 FCA, , 12 September 2017
127 FCA, , 12 September 2017
128 FCA, 12 September 2017
131 Financial Conduct Authority () para 5
132 Solicitors Regulation Authority () para 10
134 Oral evidence taken on 4 July 2018, HC (2017–19) 940, Q262 [Donald Toon, Prosperity Command at National Crime Agency]
135 Oral evidence taken on 4 July 2018, HC (2017–19) 940, Q262 [Donald Toon, Prosperity Command at National Crime Agency]
136 Oral evidence taken on 4 July 2018, HC (2017–19) 940, Q259 [Donald Toon, Prosperity Command at National Crime Agency]
138 Financial Conduct Authority () para 29
139 Crypto UK () para 2.2
147 Financial Conduct Authority () para 20
148 Financial Conduct Authority () para 21
149 Financial Conduct Authority () para 22
150 Griffin, John M. and Shams, Amin, Is Bitcoin Really Un-Tethered? (June 13, 2018). Available at SSRN: or
151 Griffin, John M. and Shams, Amin, Is Bitcoin Really Un-Tethered? (June 13, 2018). Available at SSRN: or
152 Crypto UK () para 2.3
153 Crypto UK () para 2.3
154 FCA, , 9 January 2017
155 FCA, , 9 January 2017
156 FCA, , 9 January 2017
157 Bank of England, on 12 March 2018, published on 27 March 2018
159 Bank of England () para 12
162 Letter from Sam Woods to CEOs on , 28 June 2018
163 Coinshop’s advertisement in Traveller, Easy Jet’s inflight magazine, May 2018
167 David Gerrard () para 33
Published: 19 September 2018