Innovation VS Regulations: the Customer Appropriateness Assessment for Crypto Assets
The cryptocurrency market has experienced rapid growth in recent years. It’s been driven by a mixture of innovation, normalisation, and exposure to a growing audience. As the audience begins to slowly plateau, more emphasis is being put on innovation so that we can squeeze more practicality out of the blockchain.
A big resistance to this iteration process is the regulators. As digital assets become more mainstream, the need for robust frameworks is undoubtedly needed.
At the heart of these regulatory efforts lies the Customer Appropriateness Assessment, a crucial tool designed to protect retail investors venturing into this novel world that remains in its infancy.
The assessment refers to the guarantee that investors understand the risks associated with cryptocurrency investments before committing their funds. After all, it can be a very brief moment with little resistance between coming into first contact with a project and handing over your money.
In the UK, the Financial Conduct Authority (FCA) has taken many steps of late to regulate the growing market. On 8 October 2023, many of the now-central rules came in, bringing qualifying crypto assets under the financial promotions regime. This move really changed how crypto firms will operate, innovate and market their products to UK consumers.
Understanding the Customer Appropriateness Assessment
The UK has begun to take a proactive stance in regulating crypto assets. The FCA's approach of course focuses on consumer protection, but with room for innovation—this is why a lot of the rules are focused on marketing, not the product itself. Key aspects include
1. Bringing qualifying crypto assets under the financial promotions regime.
2. Requiring crypto firms to register with the FCA for anti-money laundering purposes.
3. Implementing strict marketing rules, including risk warnings and bans on certain incentives.
All three are predominantly concerned with who is using the product and who is being targeted—not so much the technology underpinning it. After all, this is not the expertise of the FCA.
Customer Appropriateness Assessment
The Customer Appropriateness Assessment is a big part of the UK's regulatory framework for crypto assets. Its primary purpose is to make sure that retail investors (everyday people, not professionals) understand the risks associated with crypto investments before they commit their funds.
Under FCA rules, firms must assess whether crypto asset investments are appropriate for their customers prior to allowing them to trade. This assessment focuses on evaluating the customer's knowledge and experience of the market.
Key components of the assessment include
1. Client Categorisation: firms must categorise clients as being retail, professional or eligible counterparties.
2. Knowledge and Experience Evaluation: customers are asked questions to gauge their understanding of crypto assets and associated risks.
3. Risk Awareness: the assessment aims to ensure customers comprehend the volatile nature of crypto investments.
4. Cooling-off Period: new customers must undergo a 24-hour cooling-off period before their first investment.
The FCA provides guidance on 12 topics that appropriateness tests should cover. However, firms have flexibility in how they structure their assessments. Questions should be more in-depth than those used for mainstream retail products, reflecting the complexity of crypto assets.
For example, firms might ask about the percentage of a customer's portfolio invested in crypto assets or their reaction to potential losses. The assessment should be tailored to the firm's specific offerings and the unique risks of their products.
If a customer fails the appropriateness assessment, the firm must wait 24 hours before reassessing. Importantly, firms are not allowed to encourage customers to retake the test or provide hints about where they fell short.
For existing customers, firms may need to conduct new assessments if elements of the customer journey are missing under the new regulations.
The FCA's Guidance on Appropriateness Assessments
The FCA has provided detailed guidance on how firms should conduct appropriateness assessments for crypto assets. This guidance is outlined in the Conduct of Business Sourcebook (COBS) 10 Annex 4.
Key areas that firms must assess include:
1. The nature of crypto assets and their risks.
2. The volatility of crypto asset prices.
3. The complexity of crypto asset technology.
4. The customer's understanding of blockchain and distributed ledger technology.
5. The customer's experience with crypto assets and similar investments.
The FCA expects firms to design questionnaires that effectively gauge a customer's knowledge and experience. These should go beyond simple yes/no questions and really get stuck into the customer's actual understanding of crypto assets.
When the technology of the crypto asset is particularly complex, this needs to be reflected in the assessment. This is the primary way that innovation is impacted by the FCA because the complexity of the innovation needs to be understood by the consumer.
The FCA has also emphasised that the responsibility for the assessment lies with the firm, not the customer. This means firms cannot shift this responsibility back to the customer through disclaimers or self-certification.
Importantly, the FCA's guidance is not static. As firms innovate, the FCA is also innovating.
Implementing the Assessment: Best Practices
When implementing appropriateness assessments for crypto assets, firms should follow these best practices
1. Design effective questionnaires
- Use a mix of multiple-choice and open-ended questions.
- Cover all key areas outlined in the FCA guidance.
- Avoid leading questions or those with obvious "correct" answers.
- Regularly review and update questions to reflect market changes.
2. Develop a robust scoring system
- Assign appropriate weights to different questions based on their importance.
- Set clear thresholds for passing the assessment.
- Make sure the scoring system can be easily explained and justified if questioned by the FCA.
3. Implement proper record-keeping
- Maintain detailed records of all assessments, from the questions and answers to the outcomes they led to.
- Store records securely and in compliance with data protection regulations.
- Ensure records are easily accessible for internal reviews and potential FCA inspections.
4. Train staff effectively
- Ensure all relevant staff understand the purpose and importance of the assessment.
- Provide regular training on crypto assets and market developments.
- Teach staff how to explain the assessment process to customers without providing unfair assistance.
5. Regularly review and update the assessment
- Conduct periodic reviews of the assessment's effectiveness.
- Analyse data to identify any patterns or issues in customer responses.
- Update the assessment to reflect new FCA guidance or market developments.
6. Implement proper controls
- Enforce the 24-hour cooling-off period for new customers.
- Ensure systems prevent immediate reassessment of failed customers.
- Implement checks to prevent staff from assisting customers unfairly.
7. Integrate with broader compliance processes
- Ensure the appropriateness assessment aligns with other regulatory requirements, such as AML checks.
- Consider how the assessment fits into the overall customer journey.
Common Pitfalls of Customer Appropriateness Assessments
Despite clear guidance from the FCA, many crypto firms still struggle with implementing effective appropriateness assessments. Below are 7 of the most common pitfalls that we see.
1. Ineffective customer categorisation
Some firms fail to properly categorise customers which can lead to inappropriate levels of protection for investors. This often occurs when assuming highly active retail investors are professional.
2. Over reliance on self-certification
While it's important to gather information from customers, firms shouldn't rely solely on self-certification. The FCA expects firms to take responsibility for the assessment, not shift it back to the customer.
3. Inadequate risk disclosure
The FCA has identified issues with risk warnings not being visible enough due to small fonts, font colouring that blends in with the background, or non-prominent positioning.
4. Misleading claims about safety or security
Some promotions make unfounded claims about the 'safety' or 'security' of cryptoasset services without properly highlighting the risks involved.
5. Insufficient information and assumed knowledge
Firms often fail to provide customers with adequate information on the risks associated with specific products being promoted. This is a problem when complex innovations are made but remain unclear to the customer, and assumptions are made that they understand it.
6. Inappropriate incentives
The FCA has warned against promotions that inappropriately incentivise people to invest. While it’s clear that some activities, like refer-a-friend, aren’t allowed, we may see new innovative ways to incentivise people. It’s important to remember that just because the FCA hasn’t denounced your exact process (because it may be new), it doesn’t mean you’re compliant.
7. Lack of evidence for asset-backing claims
For cryptoassets claiming to be backed by commodities or assets, firms often fail to provide sufficient evidence to support these claims.
The Impact on Crypto Firms and Innovation
So, how exactly has the introduction of these new regulations impacted innovation, and is it cramping Web3’s style? Or are the new hurdles and guidelines spurring innovation?
Compliance costs
First and foremost, compliance is costly, and even more so when radical updates are made. Firms have had to invest in new systems and processes, but also staff training in order to meet regulatory requirements. In order to overcome this, innovation is needed more than ever to streamline processes surrounding compliance.
Operational and marketing challenges
The need to implement cooling-off periods and maintain detailed records has added complexity to customer onboarding and transaction processes. It’s required a greater tracking of your audience and their behaviour, and it’s undoubtedly suppressed some of the innovative methods that were being used to funnel and convert consumers more quickly.
Product development
With the increased scrutiny on product risks, it has certainly slowed down the launch of new crypto products or services. The barrier to entry is now higher, which is arguably suppressing competition which is a big driver of innovation.
But, it’s not all doom and gloom...
Increased consumer trust
By implementing robust protections, the regulations are helping build greater trust in the crypto sector. This means that any new innovations that are made are now more trusted, but it’s also getting the backing of more mainstream investors. Some great Silicon Valley minds may end up transitioning, which will only help drive new change.
Regulatory clarity
The rules may be more harsh, but they’re certainly clearer. This stability allows firms to begin thinking about long-term developments without worrying so much about the existential threat to crypto from regulators. They’re given the green light, so long as they toe the line.
Encouraging responsible innovation
The FCA has stated its commitment to fostering responsible innovation, including through regulatory sandboxes. There is also talk about governments adopting blockchain technology for their own processes or perhaps central bank digital currencies.
It’s also important to recognise the innovations made in RegTech. Here at Englebert, we are constantly updating our processes and finding ways to help companies comply more accurately while keeping costs down.
Balancing Innovation and Consumer Protection
The FCA may be viewed by some as an obstacle to innovation, but they will argue they’re at the forefront of it.
One example of them balancing innovation with consumer protection is with the Regulatory Sandbox, launched in 2016 and now open year-round, which allows firms to test innovative products in a controlled environment.
This initiative is complemented by the Innovation Pathways service, which provides tailored regulatory guidance to innovative firms, and the Digital Sandbox (introduced in 2020) which offers a virtual testing environment for proofs of concept.
The FCA's commitment to innovation goes even beyond these, too. They've adopted a technology-neutral approach which focuses on outcomes rather than specific technologies. This is perhaps the most important take-away because it means they’re not interested in your code or tech - they concede that they’re not experts in that, and that’s okay…
Being outcome-orientated allows for the faster evolution of the crypto asset sector without constant regulatory updates. The regulator has actively encouraged dialogue between themselves and innovators through events like TechSprints and CryptoSprints too, so there’s a collaborative atmosphere for addressing regulatory challenges.
The FCA has been a key player in the Global Financial Innovation Network (GFIN) which supports firms looking to overseas. This global perspective is crucial for crypto assets, because they’re intended to be borderless, and because international regulations can sometimes not align. In 2021, they launched the Scalebox, which is designed to support firms as they grow their innovative businesses, with an emphasis on the regulatory issues that arise when scaling up.
The potential of RegTech (Regulatory Technology) has not been overlooked by the FCA either, with TechSprints focusing on areas like financial crime and regulatory reporting. They know that technology is going to play a greater role in the compliance processes, and we’re all for it.
Conclusion
The Customer Appropriateness Assessment strikes an okay balance. It is an important piece of regulation in regards to keeping consumers safe in an increasingly complex and risky world—but it allows crypto firms to innovate within these boundaries, knowing that their efforts will now have longevity and stability. For more information on how this may relate to you, get in touch with Englebert today.