Applying the consumer duty to crypto – rules vs outcomes in action

In its 2024 Consumer Duty CFI, the FCA asked industry whether regulation founded upon high-level ‘outcomes-based’ requirements might be more effective than specific rules and guidance. Whilst this vastly oversimplifies the debate (see further here) the same question is being asked again in the FCA’s recent consultation paper on the Application of the FCA Handbook to Regulated Cryptoasset Activities. Details of the FCA’s broader proposals can be found here. 

In this post I want to focus on the specific proposals concerning the application (or not) of the FCA’s Consumer Duty.

The proposals

The Consumer Duty is the FCA’s flagship consumer protection framework. Cryptoassets are high-risk investments that are often mass marketed to retail customers. In that sense, it might seem surprising that there is even a debate as to whether or not the Duty might apply. There is no question that the FCA wants to secure high levels of protection for customers undertaking cryptoasset activity – the question is more about the optimum method of achieving this. 

Firms have been presented with two options:

1. Apply the Duty, but supplement it with crypto-specific guidance; or 
2. Do not apply the Duty, but instead introduce dedicated rules that will achieve an appropriate standard of consumer protection. 

FCA is also tying this choice to other areas of its proposed rules, for example the application of the Product Governance (PROD) sourcebook, suggesting that if the FCA applies the Duty it won’t apply PROD (or vice versa). While this is consistent with the position the FCA has taken for other manufacturers, it indicates that - to the extent possible – cryptoasset firms will need to think about product governance obligations similar to those expected under the Consumer Duty (given the similarity between PROD and the products and services outcome).

Outcomes vs rules

The FCA has tended to prefer rules in circumstances where it is not convinced that firms are clear about the standard expected of them. An example is the FCA’s proposal to bring payments firms within the scope of the CASS regime (CP24/20). Here the FCA stated that it had considered relying on the Duty, but rejected this because of (amongst other things) “weaknesses [they] have seen in some firms’ understanding of their obligations suggests that additional prescription is needed for them to have more clarity on our expectations”. 

In a developing area like crypto, where technology, regulation and market practice are all still evolving, rules might therefore seem like the more obvious choice. However, one of the advantages of outcomes-based regulation is its flexibility. By specifying the outcome but (largely) giving firms flexibility as to how to meet it, this type of regulation is considered more able to adapt to emerging practices, markets and technology. Given the rapid developments aorund cryptoassets, this is potentially a strong argument for opting for outcomes. 

However, the FCA has rightly identified that applying aspects of the traditional Duty would be difficult given the nature of the cryptoassets market. It will often be difficult to identify ‘manufacturers’ here. The FCA is also concerned that some crypto assets do not have very stable values, such that whether a firm is charging in a way that represents fair value for its services could become difficult to assess.

Its proposal, if it does apply the Duty here, is therefore to supplement this with sector specific guidance. The Duty already comes with a considerable amount of guidance attached, much of it directed at all firms despite being based on research done into a specific sub-section of the market. A consistent complaint by those responding to the FCA’s Consumer Duty CFI was that ingesting the sheer volume of potential relevant material here was imposing an unjustifiable burden on firms. Guidance also only gives a limited level of comfort. The FCA supervises and (crucially) enforces its rules.  For as long as a rule is capable of a different interpretation to the one advocated for in guidance, firms cannot fully assure themselves of compliance.

Sector specific guidance, however, could remedy a separate complaint about the Duty - the fact that the ‘manufacturer - distributor – retail customer’ distribution chain it pre-supposes is not a structure that applies neatly to other sectors. The FCA admits in its own policy statement that distribution chains in the payments sector, for example, ‘may look different’ to the paradigm upon which the Duty is based. Arguably, the FCA could have avoided some of the issues it is currently facing around articulating the application of the Duty to wholesale firms by introducing sector-specific guidance addressing this at the outset.

My concern is this – shouldn’t effective regulatory rules be clear on their face, without requiring pages of specific guidance to tailor them to particular sectors? How far can the Duty really be said to be ‘future-proof’ if it has to be re-explained or re-imagined for every new financial product or practice that comes to market? Equally, at what point does the flexibility offered so-called “outcomes-based” regulation disappear under the weight of clarificatory ‘guidance’?

The FCA’s approach to cryptoassets will rightly be shaped by firms’ responses to these proposals, balancing the needs of consumers with those of a rapidly innovating market. The FCA’s most recent  reports on its work ‘streamlining’ the Duty and removing unnecessary burdens demonstrates that there is still work to do when it comes to deploying outcomes as a means of bolstering consumer protection.