Cryptoasset Marketing Rules: A Complete Guide for UK Firms
Regulation

Cryptoasset Marketing Rules: A Complete Guide for UK Firms

MC
MEMA Regulatory Team
9 min read

Understanding FCA's financial promotions regime for cryptoassets, approval requirements, and compliance checklist for crypto marketing in the UK.

On 8 October 2023, the UK's financial promotions regime was extended to cover cryptoassets for the first time, fundamentally changing how crypto marketing UK firms and overseas businesses can promote digital assets to UK consumers. This regulatory shift, implemented through amendments to the Financial Promotions Order and detailed in Policy Statement PS23/6, has created new compliance obligations that every firm active in the crypto space must understand and implement.

Over two years on from implementation, the FCA has demonstrated it takes these rules seriously, issuing thousands of alerts for potentially illegal crypto promotions and taking action against firms that fail to comply. For businesses seeking to market cryptoassets to UK consumers legitimately, understanding the FCA crypto rules is no longer optional—it is essential for survival.

This guide provides a comprehensive overview of the cryptoasset financial promotions regime, explaining who is affected, what compliance looks like in practice, and how firms can ensure they meet regulatory expectations.

What Changed in October 2023

The extension of the financial promotions regime to cryptoassets represented the most significant regulatory change to the UK crypto market since the introduction of anti-money laundering registration requirements. Understanding what changed is crucial for assessing your firm's compliance position.

Extension of the Financial Promotions Regime

Prior to October 2023, cryptoassets existed in a regulatory grey area regarding marketing. Whilst certain crypto-related investments (such as security tokens) were already subject to financial promotions rules, the vast majority of cryptoassets—including Bitcoin, Ethereum, and most other tokens—fell outside the regime.

The Financial Services and Markets Act 2000 (Financial Promotion) (Amendment) Order 2023 changed this by adding "qualifying cryptoassets" to Schedule 1 of the Financial Promotions Order as a new category of controlled investment. This means that any communication that constitutes an invitation or inducement to engage in cryptoasset activity is now a "financial promotion" subject to FCA rules.

A "qualifying cryptoasset" is defined broadly as any cryptographically secured digital representation of value or contractual rights that is fungible and transferable. This captures the vast majority of cryptocurrencies and tokens traded on exchanges, though certain exclusions apply (including NFTs that are genuinely non-fungible and electronic money).

Who is Affected

The scope of the new regime is intentionally broad. It affects:

  • UK-based crypto exchanges and trading platforms marketing their services to UK consumers
  • Overseas crypto firms communicating promotions to persons in the United Kingdom, regardless of where the firm is based
  • Token issuers promoting new token offerings to UK audiences
  • Crypto investment services including staking, lending, and yield-generating products
  • Financial advisers and intermediaries recommending cryptoassets to clients
  • Social media influencers and affiliates being paid to promote crypto products or services to UK audiences

The territorial scope is particularly important: any promotion that is "capable of having an effect in the United Kingdom" falls within the regime, regardless of where the promoter is located. This means overseas exchanges and platforms must either comply with UK rules or take robust steps to exclude UK consumers from their marketing.

Who Can Approve Crypto Promotions

One of the most significant aspects of the regime is the restriction on who can lawfully communicate crypto promotions. Unlike general advertising, crypto marketing UK rules require promotions to be approved by an authorised or registered person, or to fall within a specific exemption.

FCA-Authorised Firms

Firms that are authorised by the FCA for cryptoasset activities can approve their own promotions without needing external approval. However, authorisation must specifically cover the cryptoasset activities being promoted—holding a general investment permission does not automatically authorise a firm to approve crypto promotions.

The FCA has been clear that firms should not seek to "shoehorn" cryptoasset activities into existing permissions. Firms wishing to carry out cryptoasset activities requiring authorisation should apply for the appropriate Part 4A permission.

FCA-Registered Cryptoasset Businesses

Firms registered with the FCA under the Money Laundering Regulations for cryptoasset activities can communicate their own promotions for those registered activities. This route is available only for the firm's own promotions—registered firms cannot approve promotions for third parties.

It is important to note that MLR registration is limited to certain activities (primarily exchange and custodian wallet services). Firms engaged in activities beyond their registration scope would need separate authorisation.

The Section 21 Approver Route

For firms that are neither FCA-authorised nor FCA-registered for cryptoassets, the only lawful route to communicate promotions is to have them approved by an authorised person under Section 21 of the Financial Services and Markets Act 2000.

However, this route has been significantly restricted for cryptoassets. Following concerns about inappropriate approvals, the FCA introduced a new "crypto marketing gateway" requiring any firm wishing to approve cryptoasset promotions for third parties to apply for a specific variation of permission.

The gateway requirements are demanding. Applicant firms must demonstrate:

  • Appropriate expertise and resources to assess cryptoasset promotions
  • Robust due diligence procedures for approving third-party promotions
  • Adequate compliance monitoring arrangements
  • Willingness to accept ongoing regulatory obligations

As of late 2025, only a limited number of firms have successfully passed through the gateway, creating a genuine bottleneck for firms seeking S21 approval for their crypto marketing UK activities.

Requirements for Crypto Promotions

Even where a lawful route to communication exists, crypto promotions must meet specific content and process requirements. These go significantly beyond what applies to most other financial promotions.

Risk Warnings

All qualifying cryptoasset promotions must include a specific, prominent risk warning. The FCA has prescribed the exact wording that must be used:

"Don't invest unless you're prepared to lose all the money you invest. This is a high-risk investment and you should not expect to be protected if something goes wrong. Take 2 mins to learn more."

This warning must be:

  • Prominent: Displayed with equal prominence to any other information in the promotion
  • Proximate: Positioned close to any invitation or inducement to invest
  • Unobscured: Not hidden by other content or requiring scrolling to view
  • Linked: Including a hyperlink or reference to further risk information

The FCA has taken action against firms using modified wording or positioning warnings in ways that reduce their prominence. Compliance requires exact adherence to prescribed requirements.

The 24-Hour Cooling-Off Period

One of the most innovative aspects of the regime is the mandatory 24-hour cooling-off period for first-time retail investors. Before a firm can onboard a new retail customer to trade cryptoassets, it must implement a process that:

  • Requires the customer to request access to the cryptoasset service
  • Provides prescribed risk warnings and information
  • Prevents the customer from completing any cryptoasset transaction for at least 24 hours after the request
  • Sends a reminder of the risks before the cooling-off period expires

This cooling-off requirement applies to each new cryptoasset firm a customer engages with, not just their first-ever crypto investment. The aim is to interrupt impulsive decision-making and ensure consumers genuinely consider the risks before investing.

Appropriateness Assessments

Firms must assess whether cryptoasset investment is appropriate for each retail customer before allowing them to transact. This assessment must evaluate:

  • The customer's knowledge and experience of cryptoassets
  • Their understanding of the specific risks involved
  • Their ability to bear potential losses

Critically, appropriateness assessments must be meaningful. The FCA has warned against assessments designed to be "easily passed" or that provide answers within the questions. Where a customer fails an appropriateness assessment, the firm cannot simply allow them to proceed—it must provide enhanced risk warnings and implement additional friction.

Client Categorisation

Promotions must be appropriately targeted based on customer categorisation. The enhanced protections described above apply to retail customers. Firms may communicate to professional clients or eligible counterparties with reduced restrictions, but must have robust processes for correctly categorising customers.

Self-certification as a sophisticated or high-net-worth investor may be possible for certain cryptoasset promotions, but the FCA has warned that firms should not design journeys that encourage inappropriate self-certification. Any self-certification must be genuinely based on qualifying criteria.

Compliance Checklist for Crypto Marketing UK

Meeting the cryptoasset financial promotions requirements demands a systematic approach. The following checklist outlines the key elements firms should have in place.

Pre-Approval Review Process

Before any crypto promotion is communicated, firms should have a documented review process that verifies:

  • Lawful route: Confirmation that the promotion can be lawfully communicated (own authorisation, registration, or S21 approval)
  • Content compliance: Verification that all required risk warnings are present and correctly positioned
  • Targeting: Confirmation that the promotion is appropriately targeted and any restrictions on audience are implemented
  • Accuracy: Assessment that claims made in the promotion are fair, clear, and not misleading
  • Incentive restrictions: Verification that no prohibited "refer a friend" bonuses or similar incentives are offered
  • Sign-off: Documented approval by an appropriate individual before communication

Record-Keeping Requirements

The FCA requires firms to maintain comprehensive records of all crypto promotions communicated. This includes:

  • A copy of every promotion in the form it was communicated
  • The date of first communication and (where applicable) withdrawal
  • The basis on which the promotion was lawfully communicated
  • Evidence of compliance review and approval
  • Details of any modifications made and the reasons for them
  • Records of any customer complaints relating to promotions

Records must be retained for a minimum of five years and be readily available for FCA review. Firms should implement systematic record-keeping processes rather than relying on ad hoc retention.

Monitoring and Withdrawal Procedures

Ongoing compliance monitoring is essential. Firms should implement:

  • Regular review: Periodic assessment of live promotions to ensure continued compliance
  • Market monitoring: Tracking of how promotions are being used, shared, or modified by third parties
  • Complaint analysis: Review of customer complaints for indications of misleading or unclear promotions
  • Withdrawal procedures: Clear processes for withdrawing promotions that no longer comply or have been modified without approval
  • Affiliate oversight: Monitoring of any affiliates, influencers, or partners communicating promotions on the firm's behalf

Where issues are identified, firms should act swiftly to withdraw non-compliant promotions and consider whether remedial customer communications are required.

Common Mistakes to Avoid

Experience since the regime's introduction has highlighted several recurring compliance failures. Firms should be particularly alert to these common mistakes.

Inadequate Risk Warning Prominence

The most frequent issue identified by the FCA is risk warnings that lack the required prominence. Common failures include:

  • Positioning warnings below the fold or requiring scrolling to view
  • Using font sizes significantly smaller than promotional content
  • Placing warnings in footnotes or obscure locations
  • Failing to include warnings in all promotional materials, including social media posts

The FCA expects risk warnings to be genuinely prominent and proximate to any invitation to invest. Firms should review all promotional materials critically to assess whether warnings would be noticed and read by a typical consumer.

Incomplete Appropriateness Assessments

Many firms have implemented appropriateness assessments that the FCA considers inadequate:

  • Questions that are easily guessable without genuine knowledge
  • Assessments that allow unlimited retakes with different answers
  • Failure to implement meaningful consequences for failed assessments
  • Assessments that do not cover the specific risks of the products being promoted

Appropriateness assessments must be genuinely designed to identify customers for whom cryptoasset investment may be inappropriate, not merely a box-ticking exercise.

Misleading Performance Claims

Historical price performance and potential returns are areas of particular concern:

  • Presenting historical price increases without adequate risk context
  • Implying future returns are guaranteed or likely
  • Cherry-picking favourable time periods for performance data
  • Failing to make clear that past performance does not indicate future results

Any performance information must be presented fairly, with appropriate risk warnings and a balanced view of potential outcomes.

Failing to Control Third-Party Communications

Firms are responsible for promotions communicated on their behalf, including by affiliates and influencers. Common failures include:

  • Inadequate vetting of influencer content before posting
  • Lack of contractual controls over promotional messaging
  • Failure to monitor how approved content is being used
  • Paying for promotions without ensuring compliance

Firms must have robust processes for controlling and monitoring any third-party promotional activity.

Enforcement and Penalties

The FCA has made clear that it will take robust action against firms and individuals that breach the cryptoasset promotions regime.

Regulatory Consequences

Potential enforcement outcomes include:

  • Public warning notices: The FCA publishes alerts about firms communicating potentially illegal promotions, causing significant reputational damage
  • Directions: The FCA can direct specific promotional materials to be withdrawn or amended
  • Supervisory action: Firms may face enhanced supervision, s166 skilled person reviews, or restrictions on activities
  • Civil penalties: Financial penalties can be imposed for breaches, with amounts reflecting the seriousness of the breach and any profit derived
  • Criminal prosecution: Communicating financial promotions without lawful authorisation is a criminal offence carrying potential imprisonment of up to two years

Individual Accountability

Individuals responsible for approving or communicating non-compliant promotions may face personal consequences:

  • Prohibition from performing regulated functions
  • Personal financial penalties
  • Fitness and propriety assessments affecting ability to work in financial services
  • In serious cases, criminal prosecution

The FCA has emphasised that senior managers cannot delegate away responsibility for ensuring promotional activities comply with requirements.

The FCA's Approach to Date

Since October 2023, the FCA has issued over 1,700 consumer alerts for potentially illegal crypto promotions. The regulator has stated it is "prepared to take action wherever firms don't comply with the rules" and has emphasised that firms cannot assume geographic distance provides protection.

The volume of alerts demonstrates the FCA's active monitoring of the crypto promotion landscape and its willingness to publicly identify potentially non-compliant activity.

How MEMA Can Help

Navigating the cryptoasset financial promotions regime requires specialist expertise and practical experience. MEMA Consultants has been advising firms on crypto marketing UK compliance since before the regime came into force, and we understand both the regulatory requirements and the commercial realities of operating in this space.

Our cryptoasset promotions services include:

  • Compliance gap analysis assessing your current promotional activities against FCA requirements
  • Promotion review and approval ensuring individual promotional materials meet all requirements
  • Process design creating compliant customer journeys including cooling-off periods and appropriateness assessments
  • Record-keeping frameworks establishing systematic processes for retaining required documentation
  • Staff training ensuring those responsible for promotional compliance understand their obligations
  • Ongoing monitoring support providing resources for maintaining compliance over time
  • Regulatory engagement supporting interactions with the FCA on cryptoasset-related matters

Whether you are an established crypto firm seeking to strengthen your compliance arrangements, or a new entrant needing guidance on meeting requirements from day one, our experienced team can provide the practical support you need.

Contact us today to discuss how we can help your firm navigate the cryptoasset financial promotions regime with confidence.

About the Author

The MEMA Regulatory Team comprises former FCA supervisors and experienced compliance consultants with extensive expertise in financial promotions regulation and cryptoasset compliance across all FCA-regulated sectors.

This article is for general guidance only and does not constitute legal or regulatory advice. Firms should seek independent professional advice tailored to their specific circumstances.

CryptoassetsFinancial PromotionsFCACrypto MarketingDigital Assets
About the Author
MC

MEMA Regulatory Team

The MEMA Regulatory Team includes ex-FCA supervisors and Big 4 consultants with deep expertise across all aspects of UK financial services regulation and compliance.

Need regulatory support?

Our team can help with FCA authorisation, compliance outsourcing, and regulatory change implementation.

Book a consultation
Related Insights

Continue Reading

Cryptoasset Licensing: Preparing for the September 2026 Deadline
Regulation15 May 2026

Cryptoasset Licensing: Preparing for the September 2026 Deadline

A comprehensive guide to FCA cryptoasset authorisation requirements, the new licensing regime, and how firms should prepare.

10 min readRead
Targeted Support: The New Advice Framework for Pensions and Investments
Regulation10 Mar 2026

Targeted Support: The New Advice Framework for Pensions and Investments

Understanding the FCA's targeted support regime taking effect April 2026, including authorisation requirements and implementation guidance.

8 min readRead
Motor Finance Redress Scheme: What Firms Need to Know
Regulation12 Feb 2026

Motor Finance Redress Scheme: What Firms Need to Know

Understanding the FCA's motor finance commission redress scheme, key deadlines, eligibility, and what affected firms must do to prepare.

9 min readRead