On 16 December 2025, the FCA published a consultation paper on its proposed prudential rules (CP25/42) – a key component of the UK’s future crypto regime. The FCA plans to introduce a multi-layered capital and liquidity framework designed to ensure that cryptoasset firms can absorb losses and wind down in an orderly manner. These rules reflect the feedback the FCA received on its earlier consultation (CP25/15, which we covered at the time).
As described in our earlier blog post, the FCA proposes bespoke CRYPTOPRU and COREPRU sourcebooks that draw heavily on the existing Investment Firms Prudential Regime (IFPR). The high-level plans outlined in CP25/15 remain largely unchanged, although CP25/42 provides significantly more detail – encompassing own funds requirements, liquid asset thresholds, eight distinct K-factors, an overall risk assessment (ORA) process and public disclosure obligations. The proposals are notable for several policy decisions, including the absence of transitional provisions and the decision not to create a fully bespoke framework.
The overall financial adequacy rule (OFAR) would be the primary consideration for cryptoasset firms assessing their compliance with the proposed prudential rules. The OFAR would require that a firm at all times maintains financial resources that are adequate in both amount and quality for its business. In practice, the FCA would monitor compliance by assessing whether a firm satisfies (i) its own funds threshold requirement (OFTR) and (ii) its liquid asset threshold requirement (LATR), although a firm’s ORA findings could require it to hold regulatory capital and liquid assets in excess of what would otherwise be required to meet their OFTR and LATR.
The proposed prudential rules (including the ORA) would only apply to cryptoasset firms that are FCA-solo regulated. PRA-regulated banks, insurers and PRA-designated investment firms would not be subject to these rules.
What is the OFTR?
A firm’s own funds threshold requirement is calculated as the higher of (i) its own funds requirement (OFR) and (ii) the total own funds necessary to fund its ongoing business operations as evaluated through the ORA (taking into account potential periods of financial stress during the economic cycle, or own funds as necessary for wind-down without causing material harm). Therefore, firms should note that meeting their OFR alone may not be enough to satisfy their OFTR.
In addition to calculating their OFR, firms will need to estimate the financial impact of any other risks that may cause material harm and, if necessary, hold additional own funds to cover those other risks. This may be appropriate where identified risks are not covered by specific OFRs, or where a risk is particularly severe (e.g. where staking-specific risks may be heightened for an individual firm beyond the standard operational risks for safeguarding). This assessment would be undertaken as part of the ORA, as explained further below.
As described in our previous blog post, a firm’s OFR would be the higher of its:
- Permanent minimum requirement (PMR): CP25/42 now specifies PMRs for the full range of cryptoasset activities, ranging from £75,000 (for arrangers and agents) to £750,000 (for principal dealers);
- Fixed Overhead requirement (FOR): the FOR would broadly represent the amount of own funds a firm would need to wind down without causing material harm, calculated on the basis of one quarter of a firm’s “relevant expenditure” (meaning its total expenditure prior to the distribution of profits, less any fully discretionary costs) across the preceding year; or
- K-factor requirement (KFR): the KFR is composed of cumulative, activity-based and exposure-based metrics. In addition to the two crypto-specific K-factors already included in CP25/15 – K-SII (2% of average stablecoins in issuance) and K-QCS (0.04% of client cryptoassets safeguarded) – CP25/42 proposes six new K-factors. Three are activity-specific: K-CCS (0.04% of client cryptoassets staked), K-CCO (0.1% of client orders) and K-CTF (0.1% of cryptoasset trading flow). The other three are exposure-based: K-NCP (position risk, with a 40% charge for Category A cryptoassets and 100% for Category B), K-CCD (counterparty default risk) and K-CON (concentration risk). The exposure-based K-factors involve more complex calculations that firms should review carefully. A firm’s overall KFR would be the sum of all applicable K-factors.
What is the LATR?
As described in our previous blog post, the FCA also plans to assess firms’ compliance by reference to their liquid asset threshold requirement. CP25/42 provides further detail on two key components: the basic liquid asset requirement (BLAR) and the issuer liquid asset requirement (ILAR). The BLAR would amount to one third of a firm’s FOR (plus 1.6% of any client guarantees), meaning firms would need to hold liquid assets roughly equivalent to one month’s non-discretionary expenditure across the previous year. The ILAR would require qualifying stablecoin issuers to hold sufficient liquidity to top up their stablecoin’s backing pool within the timeframe determined by the relevant rules; issuers of multiple qualifying stablecoins must calculate their ILAR on the basis of the backing asset pool for each qualifying stablecoin.
To satisfy the BLAR and ILAR, cryptoasset firms could hold “core liquid assets” (e.g. cash or gilts) and “non-core liquid assets” that could be easily and promptly converted into cash (e.g. non-UK government bonds). Assets would not be treated as non-core liquid assets if they belong to a client, are encumbered or are issued by the firm or a firm’s affiliated entity. Qualifying stablecoins are conspicuously absent from the list of acceptable non-core liquid assets, which will likely be disappointing to a number of in-scope firms.
A cryptoasset firm would need to hold the sum of (i) its BLAR, (ii) its ILAR (if the firm is a qualifying stablecoin issuer) and (iii) the higher of (a) the liquid assets required for ongoing operations (taking into account potential periods of financial stress) or (b) the additional liquid assets required to begin its wind-down without causing material harm (as determined through the firm's ORA). Meeting its minimum BLAR and ILAR requirements alone would therefore not be sufficient for a cryptoasset firm to satisfy its LATR.
How do firms conduct the ORA?
The FCA has confirmed that overall risk assessment requirements would be applied proportionally to the risks associated with a firm’s business. The ORA would require cryptoasset firms to carry out a prudential risk assessment on an ongoing basis, similar to the IFPR’s internal capital adequacy and risk assessment (ICARA). However, firms familiar with the ICARA process should note that references to the ICARA in CP25/15 have been replaced with references to the ORA in the latest proposals, meaning that merely conducting an ICARA would not satisfy the new requirements.
As part of the ORA, firms would be required to conduct an internal assessment of their financial resources to evaluate whether additional own funds or liquid assets need to be held. Consequently, firms could be required to hold regulatory capital and liquid assets in excess of what would otherwise be required to meet their OFTR and LATR. To facilitate this exercise, firms will need to implement and maintain systems and controls for prudential assessments on an ongoing basis. At a more granular level, firms would need to (i) carry out a business assessment to identify material risks, (ii) carry out stress testing using “severe but plausible” scenarios, (iii) develop wind-down plans and (iv) where necessary, monitor and mitigate group-related risks.
The firm’s ORA findings will determine what it needs to publicly disclose. CP25/42 introduces a tailored public disclosure regime requiring firms to disclose information related to their prudential position (e.g. information related to their risk management practices, own funds held, OFR and group arrangements).
Policy decisions for industry to consider
The following points should be considered by any firms that would be affected by the proposed rules:
- No fully bespoke framework: the FCA has elected not to introduce a fully bespoke prudential framework for cryptoasset firms, instead opting for a regime that generally builds on the existing IFPR for investment firms. Whilst investment firms that are already FCA-regulated may view these proposals as resulting in an incremental shift, new entrants or presently unregulated firms may find this a steep learning curve.
- No transitional provisions: in contrast to the approach taken when IFPR was implemented, the proposed prudential rules for cryptoasset firms do not currently include transitional provisions. Unless the FCA’s position changes, this means the full weight of the new capital and liquidity requirements would apply from day one, creating an implementation cliff-edge for firms. Industry respondents may wish to push for the implementation of a transitional phase for all prudential requirements.
- Rules not applied on consolidated group basis: a notable change from earlier proposals is that the FCA does not intend to require cryptoasset firms to apply the new prudential rules on a consolidated group basis. Firms would instead consider group risk as part of their ORA and make disclosures of general information stemming from their membership of a group. This will likely be a relief for many market participants within group structures, although businesses with pre-existing MIFIDPRU investment firm groups should note that a cryptoasset firm in their group could still be captured by MIFIDPRU consolidation requirements, potentially creating an uneven playing field for mixed trad-fi/cryptoasset groups.