CryptaCount
EN
EnglishENDeutschDEEspañolESFrançaisFRItalianoIT日本語JA한국어KONederlandsNLPolskiPLPortuguêsPT
Log in Start Free

FCA/PRA June 2026: Sanctions, Crypto Market Abuse Penalties and Basel 3.1 Updates

CryptaCount Editorial · · 6 min read
NEWS FCA/PRA June 2026: Sanctions, CryptoMarket Abuse Penalties and Basel 3.1Updates

The FCA and PRA have released a cluster of significant regulatory updates this month. For UK accounting firms, auditors, and CFOs with cryptoasset exposure, the most immediate items are a consultation that extends the market abuse penalty framework to cryptoassets and a sanctions review that found persistent control gaps across financial services. Neither development can wait for a quarterly compliance review.

FCA/PRA June 2026: Sanctions, Crypto Market Abuse Penalties and Basel 3.1 Updates

FCA Sanctions Review: Where Firms Are Still Falling Short

The FCA has published findings from its review of sanctions systems and controls across financial services. The headline is cautiously positive: firms have made meaningful progress in preventing breaches. The underlying detail is less reassuring.

The Most Common Root Causes of Breaches

The regulator identified weaknesses across three broad areas:

  • Due diligence failures, particularly at onboarding and during periodic reviews
  • Alert management and screening system deficiencies
  • Difficulties managing frozen assets and complying with both specific and general licences

The FCA's expectation is explicit: firms must proactively identify, investigate, and mitigate suspicious activity. Reactive postures are no longer acceptable. Compliance teams should benchmark their current systems and controls against the review's findings and document that benchmarking exercise. For firms handling cryptoassets, the stakes are amplified because on-chain transactions create a much larger surface area for inadvertent sanctions exposure. Understanding how sanctions screening gaps create crypto accounting exposure has become a core operational concern, not an edge case.

FCA DEPP Consultation: Cryptoasset Market Abuse Enters the Penalty Framework

This is arguably the most consequential item for firms active in digital assets. The FCA is consulting, with responses due by 10 August, on targeted amendments to its Decision Procedure and Penalties Manual.

Two Changes That Matter for Crypto Firms

The first change is procedural: the minimum fine for individuals involved in the most serious market abuse cases rises from £100,000 to £150,000. The second change is structural, and it directly affects the digital asset sector. The consultation proposes extending the penalty framework to cover cryptoasset market abuse. Until now, the FCA's formal deterrent architecture for market manipulation sat firmly in traditional financial instruments. That boundary is being removed.

The proposal also introduces flexibility for the FCA to calibrate penalties against a person's income and assets as an additional deterrent mechanism. Firms that advise on or hold cryptoassets on behalf of clients should treat this consultation as read-and-act, not read-and-file. Responses are due by 10 August.

PRA Basel 3.1: IMA Consultation and Pillar 2A Final Policy

Two PRA publications cover capital framework refinements. Both are technically dense, but each has a clear operational implication.

CP9/26: Internal Model Approach Adjustments

The PRA is consulting, with responses due by 18 September, on targeted amendments to the internal model approach for market risk under Basel 3.1. The proposals in CP9/26 address calibration, proportionality, and operational friction that firms flagged during implementation. Key changes include extending the monitoring period for the profit and loss attribution test from one year to three years, adjustments to the risk factor eligibility test, and measures designed to make the gradual approval pathway for IMA more accessible. The relevant sections of the PRA Rulebook affected are the Trading Book, Market Risk: Internal Model Approach, and Reporting parts. IMA implementation remains on track for 1 January 2028.

PS on Pillar 2A Phase 1: Implementation Date Moves to January 2027

The PRA has published its final policy statement following consultation CP12/25 on Phase 1 of the Pillar 2A review. Several adjustments from the original consultation proposals are worth noting. On credit risk, exposures to SMEs are excluded from the systematic methodology for unconditionally cancellable commitments in the retail exposure class. Firms also gain greater flexibility in assessing idiosyncratic credit risks rather than being required to use credit scenarios as originally proposed. On operational risk, the methodology for Small Domestic Deposit Takers has been aligned with the approach for other firms, along with transparency and guidance improvements. The implementation date has shifted from 1 July 2026 to 1 January 2027, harmonising timelines across pension, market, and counterparty credit risk workstreams.

Other Regulatory Movements Worth Noting

FCA Streamlines Retail Banking Data Collections

The FCA has consolidated its previously ad hoc Retail Banking Business Models data collections into a single annual regulatory return, effective from 1 June 2026 under PS26/8. This applies to retail banks and building societies. The change removes the unpredictability of ad hoc requests and consolidates reporting via RegData.

PRA Insurance Branches and Captives

PS13/26 updates the policy framework for insurance third-country branches, including an increased subsidiarisation threshold and revised reporting requirements. Quarterly reporting is discontinued for all branches, not just smaller ones, reducing operational burden while annual reporting continues on either a full or reduced basis. Separately, the PRA is consulting in summer 2026 on a UK captive insurance regime, targeting a competitive and credible framework by 2027.

FCA Money Market Fund Reform

The FCA has updated its plans to reform the UK Money Market Fund Regulation. A proposed new rule would require all UK MMFs to hold sufficient liquidity for adequate resilience, with a modified approach to Weekly Liquid Assets thresholds. The government plans to repeal the UK MMFR by end of 2026, with the FCA making replacement rules to match that timeline.

Finfluencer Enforcement Week

The FCA led a coordinated international action involving 17 regulators to address illegal financial influencer activity, more than double the participants from the previous year. The FCA's own activity included criminal proceedings for illegal promotions, warning letters, and account takedown requests to social media platforms.

FAQs

What does the FCA's DEPP consultation mean for firms holding or advising on cryptoassets?

The consultation proposes extending the FCA's formal market abuse penalty framework to cryptoassets. If adopted, the FCA would have explicit authority to apply fines, including the proposed raised minimum of £150,000 for the most serious individual cases, to cryptoasset market abuse. Firms should review their cryptoasset trading surveillance and internal escalation procedures before the 10 August response deadline.

What gaps did the FCA's sanctions review identify?

The FCA found the most common breach drivers were weaknesses in due diligence, alert management, and screening systems, along with difficulties managing frozen assets and complying with licence conditions. The FCA expects firms to proactively review their controls against the review findings, not simply wait for a breach to occur.

When does the PRA's IMA for market risk under Basel 3.1 take effect?

The internal model approach will proceed as planned from 1 January 2028. The current consultation, CP9/26, addresses calibration and proportionality issues ahead of that date, with responses due by 18 September 2026.

Has the Pillar 2A Phase 1 implementation date changed?

Yes. The PRA moved the implementation date from 1 July 2026 to 1 January 2027 to harmonise timelines across pension, market, and counterparty credit risk workstreams. The final policy statement also introduced several adjustments to the credit risk and operational risk methodologies based on consultation feedback.

How does this month's FCA activity connect to ongoing UK AML supervision priorities?

The sanctions review findings align closely with broader UK AML supervision themes. Firms that have already reviewed their controls against HMRC economic crime supervision obligations will find many of the FCA's expectations familiar, but the FCA's focus on alert management and frozen asset handling adds granularity that AML frameworks alone may not fully address.

Source: KPMG Digital Assets

UKGeneral

FAQ

What does the FCA's DEPP consultation mean for firms holding or advising on cryptoassets?

The consultation proposes extending the FCA's formal market abuse penalty framework to cryptoassets. If adopted, the FCA would have explicit authority to apply fines, including the proposed raised minimum of £150,000 for the most serious individual cases, to cryptoasset market abuse. Firms should review their cryptoasset trading surveillance and internal escalation procedures before the 10 August response deadline.

What gaps did the FCA's sanctions review identify?

The FCA found the most common breach drivers were weaknesses in due diligence, alert management, and screening systems, along with difficulties managing frozen assets and complying with licence conditions. The FCA expects firms to proactively review their controls against the review findings, not simply wait for a breach to occur.

When does the PRA's IMA for market risk under Basel 3.1 take effect?

The internal model approach will proceed as planned from 1 January 2028. The current consultation, CP9/26, addresses calibration and proportionality issues ahead of that date, with responses due by 18 September 2026.

Has the Pillar 2A Phase 1 implementation date changed?

Yes. The PRA moved the implementation date from 1 July 2026 to 1 January 2027 to harmonise timelines across pension, market, and counterparty credit risk workstreams. The final policy statement also introduced several adjustments to the credit risk and operational risk methodologies based on consultation feedback.

How does this month's FCA activity connect to ongoing UK AML supervision priorities?

The sanctions review findings align closely with broader UK AML supervision themes. Firms that have already reviewed their controls against HMRC economic crime supervision obligations will find many of the FCA's expectations familiar, but the FCA's focus on alert management and frozen asset handling adds granularity that AML frameworks alone may not fully address.

Related articles

Aml kyc licensing|enforcement
AFM Evaluation 2021-2025: Risk-Based Oversight Confirmed, Crypto Supervision Intensified
AML/KYC & Licensing
FCA Finalizes UK Crypto Regulatory Framework: What Firms Must Know
AML/KYC & Licensing
UK FCA Crypto Authorization: What Firms Must Do Before 2027
Market Structure
ESMA CCP Fire Drill 2025: What the Global Default Simulation Report Means for Firms