The UK Financial Conduct Authority (FCA) has published a “Dear CEO” letter dated June 11, on cryptoassets and financial crime. The purpose is to ensure that banks adequately manage the financial crime risks associated with cryptoassets. The FCA defines cryptoassets as any publicly available medium of exchange that features a distributed ledger and a decentralized system for exchanging value.

According to the FCA’s letter, banks should conduct enhanced client due diligence where the (prospective) client’s activities include operating cryptoasset exchanges, trading involving wealth derived from cryptoassets and any initial coin offering (ICO)-related activity.

The examples of appropriate steps set out in the letter are:

  1. training staff on cryptoassets to facilitate the identification of high risks;
  2. keeping financial crime frameworks up to date in light of any crypto-related activities of the firm and the speed of developments in the area;
  3. engaging with clients to understand their business and any relevant risks;
  4. conducting due diligence of key individuals in the client’s business;
  5. evaluating any cryptoasset exchange clients’ own client due diligence arrangements; and
  6. for clients involved in ICOs, considering the issuance’s investor-base, organizers, the functionality of tokens (including intended use) and the jurisdiction of issue.

The FCA’s predecessor, the Financial Services Authority (FSA), published a review on banks’ defenses against investment fraud in June 2012, which the FCA’s letter refers to for discussion of best practices that also can be applied to ICOs. The examples are set out at the end of each chapter of the FSA’s review and are consolidated in section 11, available here.

The FCA’s letter is available here.