CP25/42: The FCA’s prudential reset for crypto firms

This is the third in a series of three articles examining the UK’s emerging regulatory framework for cryptoassets. Together, the series explores the expansion of the regulatory perimeter for cryptoasset activities, the new admissions, disclosure and market abuse regime, and the prudential requirements designed to strengthen the resilience of cryptoasset firms.

CP25/42 completes the FCA's framework for regulating cryptoasset activities by setting out a dedicated prudential regime for cryptoasset firms. As we have previously mentioned in this article series, this latest volley of changes brings further activities within the regulatory perimeter, namely operating a qualifying cryptoasset trading platform (CATP), staking, arranging deals and dealing as agent or principal. CP25/42 incorporates additional proposals that were previously deferred from CP25/15.

Rather than starting from scratch, the FCA has adapted the existing Prudential Sourcebook for MiFID Investment Firms framework to the cryptoasset context. The aim is to reflect the unique risks associated with cryptoassets while maintaining proportionality and consistency with established investment firm regulation. This consultation sits alongside the FCA’s wider crypto proposals and is intended to ensure that firms undertaking cryptoasset activities are adequately capitalised, liquid and resilient.

K-Factor requirements

At the core of the regime are K-factor (capital) requirements, designed to capture operational risks arising from specific cryptoasset activities. These requirements are calibrated to the scale of the firm’s business, measured by the volume or value of client activity it handles. In particular, the FCA proposes K-factors linked to:

• Client cryptoassets staked;
• Client cryptoasset orders; and
• Cryptoasset trading flow.

In addition to operational risk, exposure-based K-factors are intended to capture market risk, counterparty credit risk and concentration risk arising from a firm's own cryptoasset positions. Notably, the framework applies differentiated risk weightings across categories of cryptoassets (with higher risk weights for volatile or illiquid tokens), creating a clear incentive for firms to hold higher-quality assets and manage balance-sheet risk more carefully.

Notably, the FCA proposes a Permanent Minimum Requirement (PMR), which varies according to the type of regulated activity. Each firm must hold the greatest of:

• the PMR (set thresholds such as c. £75,000 for dealing as agent, £150,000 for CATP operation, or £750,000 for dealing as principal),
• the Fixed Overhead Requirement (FOR), and
• the K‑factor Requirement (KFR) tied to the firm’s activity and exposure profile.

In practice, this means maintaining sufficient own funds, held in capital, cash, or other high‑quality liquid resources to absorb both operational and market shocks. Activities involving custody may attract higher floor requirements due to the elevated consumer protection risks involved.

Liquidity regime

The FCA’s liquidity regime sits alongside its capital framework, requiring firms to hold sufficient cash‑like resources to survive short‑term stress. Each firm must maintain a Basic Liquid Assets Requirement (BLAR) equal to one‑third of its FOR plus 1.6% of any client guarantees, ensuring it can meet obligations even during market disruption. Stablecoin issuers face an additional Issuer Liquid Asset Requirement (ILAR) reflecting their redemption obligations. Liquidity planning must span a rolling 90‑day horizon, include stress testing and wind‑down analysis, and demonstrate that firms can withstand severe but plausible shocks. Taken together, these standards aim to prevent the liquidity failures seen in past crypto collapses and to safeguard client assets during periods of extreme volatility.

Overall risk assessment framework

Beyond baseline capital requirements, CP25/42 introduces a forward-looking overall risk assessment framework. Firms will be required to hold additional capital and liquidity where institution-specific risks justify it, rather than relying solely on minimum thresholds. This shifts expectations decisively from reactive capital management toward proactive planning.

Firms must demonstrate that they have considered growth scenarios, stress events and operational disruptions in their business plans, and that they can respond to these risks without breaching prudential requirements. A central component of this approach is recovery and wind-down planning. Firms will need to show they can exit the market in an orderly way, without causing harm to clients or undermining market integrity – a direct response to past crypto firm failures that resulted in significant consumer detriment.

Liquidity risk is also a key focus. As part of its overall risk assessment, a firm must assess its liquidity needs over a rolling 90-day period and calculate the amount of liquid assets it needs to meet those needs. This is intended to ensure firms can continue to meet obligations even during periods of market stress or operational disruption.

To reinforce market discipline, the FCA also proposes a tailored public disclosure regime for cryptoasset firms. These disclosures are designed to improve transparency around firms' prudential positions and risk management practices. The requirements apply to all cryptoasset firms on an individual basis and must be complied with at least annually, giving counterparties and regulators clearer insight into firms’ financial resilience.

Building resilience without choking innovation

CP25/42 marks an important step in completing the FCA’s prudential framework for cryptoasset firms. Together, these measures seek to reduce the risk of disorderly failures and improve confidence in the UK cryptoasset market, while maintaining proportionality and supporting innovation.

The forward‑looking risk assessment framework should improve resilience, especially through stress testing and wind‑down preparedness. However, the impact is unlikely to be felt evenly. Smaller firms may face higher implementation costs in producing credible forecasts, rolling 90‑day liquidity assessments and recovery plans, while larger firms may be better placed to operationalise these requirements quickly. Although the consultation emphasises proportionality, the absence of activity-specific cost data for newly scoped services makes it difficult to assess whether that principle will bite in practice, or whether barriers to entry will increase.

Success will depend on supervisory calibration: how flexibly the FCA responds as implementation challenges emerge, and whether proportionality is applied consistently enough to preserve competition while lifting baseline resilience across the sector.

Building resilience without choking innovation

CP25/42 marks an important step in completing the FCA’s prudential framework for cryptoasset firms. Together, these measures seek to reduce the risk of disorderly failures and improve confidence in the UK cryptoasset market, while maintaining proportionality and supporting innovation.

The forward‑looking risk assessment framework should improve resilience, especially through stress testing and wind‑down preparedness. However, the impact is unlikely to be felt evenly. Smaller firms may face higher implementation costs in producing credible forecasts, rolling 90‑day liquidity assessments and recovery plans, while larger firms may be better placed to operationalise these requirements quickly. Although the consultation emphasises proportionality, the absence of activity-specific cost data for newly scoped services makes it difficult to assess whether that principle will bite in practice, or whether barriers to entry will increase.

Success will depend on supervisory calibration: how flexibly the FCA responds as implementation challenges emerge, and whether proportionality is applied consistently enough to preserve competition while lifting baseline resilience across the sector.