Regulating cryptoassets Phase I (stablecoins): consultation response

Towards the close of last year, the UK Government, Financial Conduct Authority (FCA), Bank of England (BoE) and Prudential Regulation Authority (PRA) together released a series of documents outlining proposals for the next phase of UK cryptoasset regulation.

Comprising an intentend approach document from HM Treasury, discussion papers from the BoE and FCA, a CEO letter from the PRA, and a joint roadmap document from the combined regulators, the purpose of this initiative was to tackle the implementation of phase 1 of the future financial services regulatory regime for cryptoassets, focused on the treatment of the stablecoin asset class. 

As a reminder, stablecoins are a specific type of cryptoasset designed to maintain as stable a price as possible by pegging their price to a given reference asset (commonly the US dollar, although also other currencies including, as relevant to this case, the British Pound). The combined proposals provided a first indication of the direction of travel for regulation of these assets in the UK marketplace, with proposed oversight split into three main strands of stablecoin activity: issuance; custody/exchange; and use in payments.

Notably, rules predominantly target UK-issued stablecoins, with coverage of ‘overseas’ stablecoins limited to use in payments chains. Additionally, use of stablecoins in trading & exchange contexts falls under custody as opposed to payments; and peer-to-peer transfers on a non-commercial basis are also excluded from the payments scope.

Even for those not directly involved with prospective regulated stablecoin activities, however, the proposals will hold interest as the basis (in aspects such as custody) for further rule-making applying to non-stablecoin cryptoassets in Phase 2.

Below we include a copy of the responses submitted to the FCA by Zumo in response to its phase 1 discussion paper, outlining some of our perspectives and thoughts on this topic as a platform provider facilitating cryptoasset custody and exchange.   

 ******************

Response to FCA Discussion Paper DP23/4: Regulating cryptoassets (Phase 1, stablecoins)

Executive summary

We appreciate this outline of thinking by the FCA on the topic of future regulated stablecoins, which we believe captures the main present issues. This response is written from the perspective of Zumo as a platform facilitating cryptoasset custody and exchange; accordingly, the focus of our answers in this invitation to response is the implications surrounding those custody and exchange elements, which we believe has a carryover implication to phase 2 and rules established for regulated cryptoassets beyond stablecoins. Our answers are specific to the retail end user context, and centre on the discussion of the omnibus vs individual wallet structure as well as the retail customer/firm-side implications of changes to the integrated custody/exchange model. 

Chapter 5: Custody requirements

Q13: Should individual client wallet structures be mandated for certain situations or activities (compared to omnibus wallet structures)? Please explain why.

Speaking to custody specifically, we consider it most appropriate and operationally efficient (see Q14) to have omnibus wallet structures with robust safeguarding controls as covered in this DP.

Individual wallet structures are, we suggest, more relevant in non-custodial contexts, where the emphasis is on self-direction and the individual user, than in custodial contexts, where the client has made an express decision to delegate the management of their cryptoassets to a third-party custodian for the sake of speed, cost efficiency and convenience.

Ultimately, clients use custodial cryptoasset solutions because it allows them to transact faster and cheaper (given that balances may be managed using an off-chain ledger) and to have someone else manage their cryptoasset security.

Returning to a 100% on-chain, individually segregated model for custody would negate the custodial model’s efficiency advantages without any benefit: as those clients who want individual, on-chain wallets can make use of a non-custodial wallet service. 

From our perspective, having an individually structured model within a custodial environment is unlikely to be attractive: it imposes significant inefficiency on speed, cost and convenience conscious clients; and would have to compete with entirely non-custodial models that would no longer be at an operational disadvantage. 

From our own experience having operated a non-custodial wallet only service alongside exchange functionality, omnibus custody structures are the only commercially viable model if a provider wants to compete on fees in the current marketplace. 

Overall, therefore, we think that an omnibus wallet structure as described in this DP is an effective model within the custody context. The critical factor becomes the protections and assurances that apply to any assets entrusted to a third party (see also response to Q14).

Q14: Are there additional protections, such as client disclosures, which should be put in place for firms that use omnibus wallet structures? Are different models of wallet structure more or less cost efficient in business as usual and, (ii) firm failure scenarios? Please give details about the cost efficiency in each scenario.

From Q13, we believe the question of wallet structure is of lesser importance than the implementation of the custody-generic protections outlined in this DP, particularly with regard to records of ownership, safeguarding and backing assets, assignment of liability, insolvency process and client disclosures. 

Concerning the omnibus wallet structure, we do not see the need for additional operational controls beyond those outlined in this DP. However, for transparency and information, we agree it would be good practice to inform customers in the case their assets are stored in omnibus wallets, with a clear explainer of why this is done, the operational efficiencies it brings, and how individual balances are tracked within the system.

(i) Omnibus wallets in business as usual operations

As outlined in Q13, clients use custodial solutions for cost-efficiency, speed and convenience. By managing funds in an omnibus fashion, custodians are able to leverage efficiencies in three aspects:

1/ They can more effectively and efficiently manage the flow of funds between ‘hot’ and ‘cold’ storage so that the minimum of aggregate client funds is put at risk. This relies on putting a minimum amount of funds in higher-risk ‘hot’, or online, wallets to meet short-term obligations, and being able to custody the rest in more secure ‘cold’ or offline wallets.

2/ They can minimise on-chain transactions (and therefore the cost of associated blockchain-related transaction fees) by handling intra-entity transactions in an off-chain ledger. This allows custodians to provide transaction functionality at far lesser cost than would be the case were each transaction to be processed individually on the blockchain.

3/ Linking to point 2/, operations can be processed at far greater speed, as a transaction can be a record on an off-chain ledger as opposed to a transaction processed on a blockchain. This provides near-instant processing from the client perspective, as opposed to having to wait for blockchain finality which, depending on the blockchain in question, can take some significant time. 

(ii) Omnibus wallets in firm failure scenarios

This scenario relies to some extent on whether client payouts would take place in fiat or directly in the relevant cryptoasset to a user’s non-custodial wallet.

In the fiat scenario, all funds that may remain need to be exchanged back into fiat so there is no obvious advantage to having individual wallets over omnibus – on the contrary, it is easier to make an omnibus exchange than have to make conversions from a large number of individual wallets.

In the cryptoasset scenario, individual wallets would have an advantage in terms of an easily identifiable and proven on-chain record. Potentially also, clients would be able to take control of their individual wallet from the failed third party; however if this had always been managed on their behalf, it is questionable whether the client would have sufficient means/knowledge to assume responsibility for their funds in this way and how this would be done in a secure fashion. 

On the other hand, assuming the integrity of the off-chain ledger in the omnibus case, we do not see any operational cost or distinction between paying out individual creditors from individual wallets, or paying out individual creditors from an omnibus wallet based on an off-chain record. 

There is of course an extra cost and operational resource involved in the maintenance and reconciliation of a separate off-chain ledger, but as outlined in this response this is easily offset by the efficiency of being able to manage cryptoasset funds in omnibus as opposed to at individual client level.

Q15: Do you foresee clients’ cryptoassets held under custody being used for other purposes? Do you consider that we should permit such uses? If so, please give examples of under what circumstances, and on what terms they should be permitted. For example, should we distinguish between entities, activities, or client types in permitting the use of clients’ cryptoassets?

While Zumo is not involved in any such activities at the current time (beyond ancillary exchange activity), we do believe a future-proofed stance should be taken that allows for evolution of activities in a controlled way. On this basis, we would advocate against narrowly restricting usage at this stage, especially given the overall controls proposed to apply to cryptoasset custodians. Please see also our answer at Q21 (iii) for sample functionality that arises out of an integrated custody/exchange model.

Q16: Do you agree with our proposals on minimising the risk of loss or diminution of clients’ cryptoassets? If not, please explain why not? What additional controls would you propose? Do you agree with our proposals on accurate books and records? If not, please explain why not.

Broadly we agree with the suggested approach to minimising risk of loss / accurate books and records.

Arising out of our responses to Q13/14, we believe it is very likely that record-keeping will involve a mix of on and off-chain records in the custody instance, at least speaking from the perspective of an exchange platform.

On the matter of loss and diminution, we agree that terms should be clearly set out in client agreements, and provide as robust a level of client protection as is operationally feasible. One interesting area of implication is whether the protections currently proposed for regulated stablecoins can compete with other emerging forms of money (e.g. tokenised bank deposits, which include potential FSCS protection), as and when such instruments become more widely available, and how this may affect both client choices and the competitive landscape.

Q18: Do you consider that firms providing crypto custody should be permitted to use third parties? If so, please explain what types of third parties should be permitted and any additional risks or opportunities that we should consider when third parties are used.

We strongly agree that firms providing crypto custody should be permitted to use third parties. The sub-custodian model is prevalent in the industry, and allows for custodians to draw on specialised providers to provide the best quality end service. Restricting such a model would not only be a significant disruptor to the industry, it would likely also result in a poorer overall quality of service given the specialisation and sophistication of sub-custodian technology providers in areas such as key management and cryptoasset storage solutions.

We also observe that custodians may be relying on sub-custodians that operate out of overseas jurisdictions. On this point, we would welcome specific clarification (beyond the general advice given at 5.38) on the extent to which sub-custodians in offshore jurisdictions, as technology providers, would be subject to UK-based authorisation – and the general approach to be applied to UK-authorised businesses that wish to draw on the services of such providers. As part of this, where technology providers are based in jurisdictions such as the EU, or Switzerland, which have regulatory or self-regulatory frameworks, we would welcome further clarification on the types of equivalence arrangements that might be put in place to allow UK-based businesses to work with non-UK providers. This is particularly important given that not all business needs will be easily and/or optimally served from within the UK.

Q20: Should cryptoasset custodians undertaking multiple services (eg brokers, intermediaries) be required to separate custody and other functions into separate legal entities?

Overall, we would encourage a proportionate approach in this area. Similarly to the systemic significance factor being addressed by the Bank of England in its consideration of systemic payment systems using stablecoins, services by cryptoasset custodians within the prospective UK regulated environment remain at early growth stage. Instead of breaking out activities prematurely in alignment with a much more mature traditional finance model, we suggest it may be worthwhile to define these sorts of features on the basis of some defined systemic significance threshold and/or delay this consideration to a future phase once there has been opportunity to monitor activity and growth. 

Segregation into multiple entities at this early stage is likely to suffocate growth, with each entity firm having to go through its own application process and meeting FCA threshold conditions with regard to, for instance, equity and skilled resource. This potentially gives rise to unnecessarily complex group structures that nevertheless are closely interwoven in practice and in operation. 

In time, we believe firms entering the space will seek to specialise in certain areas and there will be a more mainstream resource to call upon. It is at this juncture that it could start to make sense to explore multiple legal entities per defined activities.

For the time being, however, the industry is in an early stage of development as it transitions to a more regulated foothold. Resource, and especially skilled resource for the type of split outlined here, remains limited, and therefore we do not believe this is an appropriate step to take at this time given the present scale of activity and infrastructure.

Q21: Are there any practical issues posed by requiring cryptoasset exchanges to operate a separate legal entity for custody-like activities? Specifically, please could you explain your thoughts on the following:

i. Would these issues differ between institutional and retail clients?

One difference between institutional and retail clients would be expected access to funds. In general, retail clients expect immediate (or close to immediate) access to funds, unless they are held in a yielding or other type of account that specifies a withdrawal period.

For institutional clients, access to funds can depend on the % of funds held between hot and cold wallets (typically the majority of funds would be held in cold storage with additional access requirements required for transfers). The institutional client may also prefer to batch transactions that are being broadcast from custody: for instance, on a 24 hour basis, instead of transferring funds as they are requested, agree a batched transfer that minimises network fees if being broadcast to an on-chain destination. 

Overall, we would argue that an operationally and legally separated exchange/custody mechanism is more suited to institutional clients who are trading in large volumes and with a proportionate need to manage risk. On the other hand, the speed and convenience benefits provided to small-volume retail customers in a pre-funding model (see also our answers below) outweigh the drawbacks of the integrated approach. Because of this, we would suggest the best option for retail customers is to focus on the robust safeguarding of custodied assets as outlined in these proposals without splitting out the exchange element. Similarly to custody, customers whose needs are not met by the integrated pre-funding exchange model have different options at their disposal, including trading non-custodially via a decentralised exchange.

ii. What would be the operational and cost impact?

We consider the current proposals would have very significant operational and cost impact, including:

• The potential costs of establishing and maintaining separate vaults for exchange and client custody funds.
• Increased operational costs, as any transaction with a client would be a transaction between different vaults on-chain, incurring an additional network fee.
• Increased settlement time, as any transaction with a client would involve different vaults and have to settle on-chain.
• Increased operational complexity to implement the required multi-vault setup.
• Added failure scenarios surrounding blockchain finality that do not exist in a pre-funded model, such as double-spending or dropping of a transaction from the blockchain mempool, at the same time increasing exposure risks.
• Reduced trading efficiency, as cryptoassets would need to be “locked” in pending blockchain transactions for the time of transfer, rendering it impossible to transfer them further or sell for that time.
• Increased operational and compliance burden to set up different legal entities and manage authorisation processes among them.

Overall, we do not believe that the benefits provided to retail clients in the process would justify the increased complexity in a cost-benefit analysis. The end implication is extra exchange cost to be passed on to the customer, and a slower, less user-friendly experience that in our view would be both difficult to communicate to the customer and unlikely to be fully appreciated.

Note: in our answer above, we have interpreted an instance in which custody and exchange funds are segregated into separate custody ‘vaults’ to avoid commingling of assets and achieve the segregation of functions proposed in this DP. While we are aware of some evolving solutions that can remove custody from exchange entirely on the basis of customers providing collateral off-exchange, we note that these solutions are currently targeted to large institutional clients only. Given the trading volume and needs of the average retail client, we do not believe this would be appropriate in the retail context, nor do we believe the (retail-facing) portion of the industry currently has the infrastructure to implement the traditional trading firm style structure where trade execution is split from clearing and settlement.

  iii.        What are the benefits to clients of cryptoasset exchanges prefunding trades? Can these be achieved if there is legal separation of entities?

The benefit to pre-funding is speed of execution. In a typical market order trade the customer requests a quote, which is then held for a period of time (x seconds) during which time the customer can choose to execute the trade or decline the trade. Without prefunding the customer funds must be received by the exchange before the trade can proceed. Depending on the various parties involved in the flow of funds, this can add additional time to the final completion of the trade, during which time the original quoted price may have changed. Therefore, exposure to potential market fluctuation is reduced by prefunding. Any potential risk associated with prefunding trading can be mitigated by an initial funds available check conducted before the quote is provided: i.e. only provide RFQ if customer funds are sufficient to complete the trade.

By enabling near-instant settlement, the pre-funding model also enhances the client’s control over their crypto exposure as it reduces the time needed for the assets to become available for sale or transfer after buying.

Prefunding can be achieved if two separate entities (custodian and exchange) are connected in the exchange process and have access to confirm initial customer balance. In the flow as described above, the custodian would have to confirm proof of funds to the exchange entity to allow the quote to be generated and the trade to proceed.

From a customer product and functionality perspective, having an integrated custody/exchange system also allows for simple implementation of additional desirable features including trading features such as limit orders; automated recurring buys; or integration with payments functionality to allow for conversion of crypto holdings to fiat currency for use with a linked debit card.

We therefore consider the current proposals would remove significant customer-facing benefits and adversely impact the range of features that could be made available to them without sufficient workability or upside. 

iv. Would separating custody and exchange functions impact the way clients’ accounts are managed and structured (in omnibus and individual client wallets)?

       As outlined in (ii), if client funds are required to be moved from a custody entity to an exchange entity in advance of the trade proceeding the time to complete trade would increase and potential exposure risk to the price offered would increase concurrently.

However, in this setup at least, nothing would fundamentally change in terms of the omnibus/individual client wallet structure. 

v. Do you agree that the conflicts of interest we have identified exist? Are there other conflicts of interest we should consider?

We understand that the FCA is concerned about the risks of vertical integration, and incidents such as FTX in which integration led to commingling, and ultimately misuse of, client funds.

We would point out that a segregation of exchange and custody entities does not further address the risk of misappropriation of funds – that risk is present as soon as a customer surrenders custody to a third party and does not change materially even if it is firewalled within different entities. As we noted in answer (ii), this segregated option is the closest workable option that could be offered in a retail scenario, as a traditional trading firm style detachment of trading from custody entirely would be a complete overhaul of the retail cryptoasset exchange model, and not something that is available – or even necessarily desirable – outside of institutional trading contexts.

On this matter, we have noted in this response, particularly (iii), the advantages that an integrated model brings in terms of customer functionality  (limit orders, recurring buys, linked card payments) – and customer convenience (speed, cost, ease of use).

Our position is that the robust custody rules outlined in these proposals are the best barrier against misuse of funds and the repetition of FTX style episodes, and that these may be effective in achieving policy objectives and serving retail customers without requiring an overhaul of the integrated custody/exchange model.

We also note in the next response (vi) a few alternative mechanisms that we believe could complement and further strengthen the already robust proposals around custody of customer funds.

vi. Are there alternative ways to ensure the same level of consumer protection?

Following on from our previous response, we believe that the first line of protection, as set out in these proposals, is to ensure custodians hold customer funds on a 1:1 basis. This includes regular, transparent reporting over ledger balances and clear customer assurances.

This may, we believe, further be supplemented by additional measures such as:

• A specified limit on a provider’s open exposure where custody and exchange are integrated (this would need to be carefully weighed as it would place additional liquidity requirements on cryptoasset exchanges).
• Encouragement to provide integrated non-custodial, or ‘self-custody’ functionality for exchange customers. For instance, in its retail-facing app, Zumo provides both a custody ‘Trade’ wallet and a non-custodial ‘Infinite’ wallet. This allows customers to mitigate risk themselves by only leaving funds they intend to trade in custody, while having the option to safeguard their own funds under their own custody.
• Ultimately, the best assurance that can be given to retail customers in the custody environment is likely not an operationally implemented solution that removes functionality and does not match user sophistication, but rather the confidence that could be inspired through regulation, specifically the provision of FSCS protection, given the robustness of the measures currently proposed. 

Chapter 7: Conduct of business and consumer redress

Q29: Do you agree that the dispute resolution mechanisms provided in traditional financial services (ie the application of the DISP sourcebook and access to the Ombudsman Service) should be applied to the business of regulated stablecoin issuers and custodians? Have you identified any gaps or issues in relation to dispute resolution? Please explain.

A point relating to cryptoassets beyond stablecoins: volatility in cryptoassets means there may be cryptoasset-specific implications of time lags between point of customer dispute and point of customer resolution. Consideration should be given to how to treat unfair practices such as a complaint being deliberately delayed for a profit in payout, or else a customer losing out from time between complaint event and resolution. As a parallel firm failure example, creditors of FTX will be paid out based on the price of their assets at the time of FTX’s collapse – the market prices of those assets have appreciated significantly in the intervening time.

Q30: Do you agree that the FCA should not be proposing to extend FSCS cover to the regulated activities of issuing and custody of fiat-backed stablecoins? If you do not agree, please explain the circumstances in which you believe FSCS protection should be available.

Given the extent of the proposals put forward and the desire to align with traditional financial services, we are surprised that FSCS cover is not under consideration. We believe this is one of the most effective measures that could be put in place to inspire consumer confidence; its absence means that stablecoins are not on a level playing field with fiat assets and, as pointed out out Q16, could instantly put them on the back foot and prevent a level playing field with other emerging forms of money such as tokenised bank deposits. We suggest a banded implementation of the FSCS for regulated stablecoins would be an encouraging statement of positive intent, perhaps also allowing for observation time for the industry to ‘prove itself’ under the new proposed rules. Not having any plans around FSCS cover (as well as a potential reclassification of assets under finproms rules) is, we would argue, disproportionate in comparison with the comprehensiveness of the measures proposed to apply here.