The regulator suggested taking a risk-based approach including the following steps:
- training staff on cryptoassets to help them identify high-risk clients and activities;
- understanding the nature of a client’s business and the risks it poses;
- ensuring that existing financial crime frameworks adequately reflect the crypto-related activities which the bank is involved in;
- keeping bank staff up-to-date with new developments and standards;
- increasing reviewing measures on customers with cryptocurrencies, to perform their due diligence on crypto-related activities.
The letter continues by advising how banks should handle financial crime that may occur as a result of ‘cryptoassets’ which the FCA defines as cryptocurrencies or any type of ‘publicly available electronic medium of exchange that features a distributed ledger and a decentralised system for exchanging value’.
One specific high-risk indicator of fraud mentioned by the FCA is if a customer is using a state-sponsored cryptocurrency ‘which is designed to evade international financial sanctions’. The FCA advises that such cryptoassets are mainly used to circumvent international financial sanctions – such as Venezuela’s petro. The FCA believes trading in such digital currencies should constitute a red-flag. Such red-flags ought to be investigated further by the bank and other stakeholders.
It has also been warned that retail customers who contribute large sums to Initial Coin Offerings (ICOs), are at a ‘heightened risk’ of becoming victims to investment fraud.
The FCA regulates over 58,000 businesses and is the prudential regulator to approximately 1,500 banks, building societies, credit unions, insurers and major investment firms. As a prudential regulator, the FCA is meant to promote the safety and soundness of those firms.