If you’re running or planning to launch a crypto exchange that touches UK customers, you need to understand the local licensing framework. The UK’s Financial Conduct Authority (FCA) requires specific registrations for crypto businesses, and the bar is higher than many founders expect. Getting this right matters because operating without proper authorization can lead to fines, shutdowns, and serious legal trouble.
What the FCA Actually Requires
The UK doesn’t have a full crypto exchange license in the traditional sense. Instead, the FCA enforces crypto asset business registration under anti-money laundering (AML) regulations. Any firm that operates an exchange, custodian wallet, or crypto ATM in the UK (or serves UK residents) must register with the FCA.
This registration covers activities like facilitating the exchange between crypto and fiat, crypto to crypto trades when you control customer funds, and providing custodial wallet services. If your platform is purely software that connects buyers and sellers without ever touching funds, you might fall outside this scope, but that’s rare.
The FCA has been rejecting most applications. As of recent years, the approval rate hovers well below 50%, and many applicants withdraw before a final decision. The regulator has made it clear they want robust AML controls, clear governance, and serious financial backing.
The Registration Process Step by Step
First, you’ll need to prepare extensive documentation. The FCA wants to see your AML policies, risk assessment frameworks, governance structure, business plan, and proof of financial resources. They’ll also run background checks on every beneficial owner and senior manager.
You submit the application through the FCA’s Connect portal. The process typically takes several months, often six to twelve or longer if the FCA requests additional information. They’re not shy about asking for clarifications, revisions, and deep dives into specific operational details.
While your application is pending, you cannot operate unless you were already registered before certain cutoff dates. The FCA had temporary regimes that allowed some firms to operate while awaiting decisions, but those windows have closed. If you’re starting fresh today, you need approval before going live.
The application fee is substantial. Budget for thousands of pounds just for the initial submission, plus ongoing annual fees once registered. Legal and compliance consulting costs often run into five or six figures for a proper application.
Why So Many Applications Fail
The FCA has taken a strict stance on crypto registration. Many applications fail because firms can’t demonstrate adequate AML systems. The regulator wants to see transaction monitoring tools, customer due diligence processes, and clear procedures for reporting suspicious activity.
Another common issue is inadequate governance. The FCA expects senior management to understand the crypto business deeply and show they can manage the specific risks. If your board members are inexperienced with AML or crypto operations, that’s a red flag.
Financial resilience also matters. The FCA wants assurance that your firm can survive operational issues and potential market downturns. Undercapitalized startups often struggle to meet these expectations.
Finally, many firms underestimate the documentation burden. Vague policies or generic templates copied from the internet won’t cut it. The FCA wants bespoke, detailed procedures that show genuine understanding of your business model and risks.
Example: A Small Exchange’s Journey
Imagine a team launching a platform that lets UK users buy and sell Bitcoin and Ethereum with GBP. They hire a compliance consultant, spend four months drafting policies, and submit their FCA application in January. By March, the FCA asks for more detail on their transaction monitoring system and source of funds checks. The team responds in April, providing screenshots of their monitoring tool and sample customer verification workflows.
In June, the FCA requests an in person interview with the CEO and compliance officer. They ask tough questions about how the platform would handle a surge in high risk transactions and what happens if a sanctioned entity tries to use the service. The team’s answers are solid because they’ve actually thought through these scenarios.
By October, nine months after the initial submission, the FCA grants registration. The total cost including legal fees, compliance consulting, and application fees hits around £80,000. The team can finally launch, but they know ongoing compliance will require a dedicated hire and continuous investment in monitoring systems.
Common Mistakes
- Underestimating the time and cost involved. Many founders budget for a quick three month process and £20,000 in expenses, then face reality when it stretches to a year and six figures.
- Submitting generic AML policies instead of tailored procedures that reflect actual business operations and risk appetite.
- Failing to demonstrate senior management competence in crypto specific risks and AML requirements.
- Assuming a noncustodial model automatically exempts you from registration when customer funds still pass through your accounts.
- Not preparing for detailed FCA questions about every aspect of your tech stack, customer onboarding, and operational controls.
- Ignoring the need for ongoing compliance investment, treating FCA registration as a one time hurdle rather than a permanent operational requirement.
What to Verify Right Now
- Check the current FCA register to see which crypto firms hold active registration and which have withdrawn or been rejected.
- Review the latest FCA guidance on crypto asset businesses, as expectations evolve and the regulator publishes updated materials periodically.
- Confirm whether your specific business model requires registration by consulting the FCA’s perimeter guidance or getting professional legal advice.
- Look up current application fees on the FCA website, as these can change and you need accurate budget planning.
- Verify the processing times for recent crypto asset registrations to set realistic expectations for your timeline.
- Check if there are any pending regulatory changes that might affect crypto licensing, as UK policy discussions continue.
- Ensure your AML transaction monitoring tools meet current FCA expectations by reviewing recent enforcement actions and feedback statements.
- Confirm the financial resources threshold the FCA expects for firms of your size and business model.
- Verify professional indemnity insurance requirements and find providers willing to cover crypto businesses.
- Check whether any of your senior managers or beneficial owners have regulatory issues that could complicate approval.
Next Steps
- Get professional legal and compliance advice before starting your application. The cost of expert help is far less than the cost of a rejection or enforcement action.
- Build your AML and governance frameworks first, then design your product around compliant operations rather than trying to retrofit compliance later.
- Set aside at least 12 to 18 months and a realistic budget before expecting to go live, and prepare for the possibility that the FCA says no despite your best efforts.
Category: Crypto Regulations & Compliance
