Cryptoasset Automated Teller Machines – Ye Be Warned!

In a recent warning to the operators of cryptoasset automated teller machines (“CATMs”), the FCA confirmed that of the cryptoasset firms listed on its register, none have been approved to offer CATM services. Therefore, any providers that do operate CATMs in the UK do so unlawfully and risk getting on the wrong side of the regulator.


What are CATMs?

In simple terms, they are computer terminals that act as ‘real world’ cryptoasset exchanges. They enable users to insert fiat cash and convert it to a cryptoasset to be paid into a digital wallet of their choosing. Some machines also enable users convert cryptoassets into fiat cash and withdraw it from the machine in the same way you would with a run of the mill ATM.

If most cryptoassets are unregulated, why is the FCA so bothered?  

Yes, it’s true that the tokens involved here will almost exclusively be exchange tokens (e.g., Bitcoin) which are not regulated by the FCA; however, amendments to the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 (SI 2017/692) (“MLRs”), brought “cryptoasset businesses” within the scope of the anti-money laundering/counter-terrorist financing (“AML/CTF”) regime and, since 10th January 2020 those businesses have been required to register with the FCA and comply with their obligations under the MLRs. For the purposes of the MLRs, “cryptoasset businesses” are cryptoasset exchanges and custodian wallet providers, both of which the operators of CATMs very likely are (certainly cryptoasset exchanges in all cases). 

Even though registering with FCA under the MLRs is not as onerous as applying for full Part 4A permission, it does not mean that it will be a cake walk. The recent Upper Tribunal case Gidiplus Limited -v- The Financial Conduct Authority [2022] UKUT 00043 (TCC) demonstrates that the FCA and the courts are showing no leniency when it comes to compliance, and respectively they will reject registration applications and subsequent appeals where businesses are unable to demonstrate compliance with their obligations under the MLRs.

OK, but what’s the big deal?

Staying with the Gidiplus case; Gidiplus’ CATMs allowed users to deposit up to £250 per day and a total of £1,000 per month without any additional identity checks beyond the CATM taking a ‘selfie’ of the user and the user providing a mobile phone number. The Upper Tribunal also found that Gidiplus did not have detailed written procedures to monitor transactions, and to identify and report suspicious activity.  Failings like these make CATMs a very viable option for “smurfing”, which is a method of laundering large amounts of cash in several smaller transactions (often using multiple user accounts) to avoid going above regulatory reporting limits. Although the scale of the operation in the Gidiplus case was very small, its non-compliant CATMs still posed a significant money laundering risk, especially if its operation was scaled up and the CATMs became more accessible.  

How does enforcement of the AML/CTF regime protect consumers?

Let’s address the elephant in the room: even FCA registered, compliant CATM operators still enable consumers to invest in wildly volatile digital assets which are unregulated and, therefore, do not enjoy the protection afforded by the Financial Services Compensation Scheme. All the warnings in the world to consumers about the dangers of investing in cryptoassets are ineffective as a tool of regulation once the transaction is completed and the FCA is absolved of its supervisory and enforcement responsibilities.

Let’s not be too critical of the FCA and the courts; after all, they must operate within the Procrustean confines of the current legislative framework which, if we’re honest, is not fit for purpose. If you are in the pro-regulation of cryptoassets camp, the FCA clamping down on non-compliant CATM operators under the MLRs is a step in the right direction and helps to distance cryptoassets like Bitcoin from the previously shady reputation they held as being the means of payment on the online black market, Silk Road. This, it is argued, generates greater consumer confidence in cryptoassets and the supporting technologies which could in turn lead to wider adoption and greater innovation.

If we’re being contrarians (we’re lawyers, we often can be!), there is a constructive argument that widespread adoption and use of CATMs is ironically stifled by the underlying cryptoassets. Most CATMs deal with Bitcoin and although Bitcoin was originally intended as a decentralised, digital currency, very few retailers accept it as a form of payment, the reality is that Bitcoin is a just digital investment asset with very limited practical application. So, “cryptoasset automatic teller machine” is really a bit of a misnomer because CATMs do not provide the same level of functionality that bank ATMs do. Until that circle is squared, we’re not sure if they’ll ever ‘take off’. But if they do, we’ll be sure to keep you up to date with how they are regulated.

Joshua Bates