Emma RadmoreAs part of its series of webinars for firms applying for crypto registration and authorisation, the FCA has published a set of FAQs on its expectations of firms once cryptofirms require full FCA authorisation. Among other things the FCA notes:
- its expectations of authorised firms extend to systems and controls for prevention of all financial crimes, not solely AML;
- it is aware firms may use technology to support risk assessment and monitoring, but they must be able to show they meet FCA expectations as the firm remains responsible for compliance;
- authorised firms need to consider governance in line with the SMCR and overarching SYSC controls;
- risk assessments must be customised;
- it expects to see how firms have assessed whether transactions fall within the Travel Rule;
- firms need to recognise the close links between operational resilience and financial crime controls; and
- where firms are in international groups they must ensure compliance with UK requirements.