Crypto Law Profile

UK Money Laundering Regulations Cryptoasset AML and Transfer Regime

UK MLRs require in-scope cryptoasset exchange and custodian wallet providers to register with the FCA, apply AML/CTF controls and follow transfer information rules.

United Kingdom Partially effective Regulation Jun 26, 2017

At a glance

Jurisdiction UK AML/CTF regime for cryptoasset businesses.
Supervisor FCA supervises in-scope cryptoasset businesses under the MLRs.
Transfer rule Part 7A sets information duties for cryptoasset transfers.
Phase-ins Selected 2026 crypto amendments take effect in 2027.

Overview

The United Kingdom’s Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017, or MLRs, form the UK’s main AML/CTF framework for cryptoasset exchange providers and custodian wallet providers. As of July 2, 2026, the cryptoasset AML registration and cryptoasset-transfer information rules are in force, while selected 2026 crypto amendments phase in through February and October 2027.

This profile covers the MLRs as amended by the 2019, 2022 and 2026 instruments that brought cryptoasset businesses into scope, added Part 7A cryptoasset-transfer obligations, and aligned parts of the AML framework with the UK’s future financial-services perimeter for cryptoassets.

UK cryptoasset AML/CTF scope under the Money Laundering Regulations

The MLRs require in-scope cryptoasset businesses carrying on business in the UK to register with the Financial Conduct Authority before providing covered services. The FCA states that registration under the MLRs is a legal requirement, but not an endorsement of the business.

The cryptoasset services captured by regulation 14A include exchanging cryptoassets for money, exchanging one cryptoasset for another, operating a cryptoasset ATM, and safeguarding cryptoassets or private cryptographic keys on behalf of customers. The rules are built around AML/CTF supervision, customer due diligence, ongoing monitoring, recordkeeping, reporting and enforcement powers rather than a general conduct or investor-protection licensing regime.

Cryptoasset transfer information requirements

Part 7A of the MLRs applies to cryptoasset transfers unless an exclusion applies. It defines a cryptoasset business as a cryptoasset exchange provider or custodian wallet provider, and a cryptoasset transfer as either an inter-cryptoasset business transfer or an unhosted-wallet transfer.

For inter-cryptoasset business transfers, the originator’s cryptoasset business must ensure that the transfer is accompanied by specified originator and beneficiary information. Depending on whether all participating cryptoasset businesses are carrying on business in the UK, and whether the transfer equals or exceeds the relevant threshold, additional originator information may also be required. The beneficiary’s cryptoasset business must check whether required information has been received before making the cryptoasset available, and repeated failures to provide required information must be reported to the FCA.

Unhosted wallets, supervision and consumer disclosures

The MLRs treat unhosted-wallet transfers separately. A cryptoasset business involved in such a transfer may request information from its customer on a risk-sensitive basis, taking account of money laundering, terrorist financing and proliferation financing risk. The framework therefore does not treat every self-hosted wallet interaction identically, but it does give regulated cryptoasset firms duties to assess risk and respond to law-enforcement requests for information held under Part 7A.

The FCA’s supervisory remit under this regime is limited to AML/CTF registration, supervision and enforcement. The FCA also says that most cryptoasset services outside specified investments are unlikely to carry Financial Ombudsman Service or Financial Services Compensation Scheme protections, and the MLRs include disclosure duties where those protections do not apply.

2026 amendments and future phase-ins

The Money Laundering and Terrorist Financing (Amendment) Regulations 2026 made further changes to the MLRs. Most provisions take effect 21 days after the 9 June 2026 making date. For cryptoasset businesses, the notable future provisions include new enhanced customer due diligence requirements for third-country correspondent relationships from 1 February 2027 and further change-in-control alignment from 25 October 2027.

The 2026 crypto correspondent relationship provision requires cryptoasset exchange providers and custodian wallet providers to gather information about a respondent, assess its AML/CTF controls, obtain senior-management approval for new correspondent relationships, document responsibilities and avoid shell-bank correspondent relationships. These changes sit alongside the UK’s broader move toward a financial-services regulatory perimeter for cryptoassets, but they do not remove the MLRs as an AML/CTF framework.

Status and compliance context

As of July 2, 2026, the UK cryptoasset AML and cryptoasset-transfer regime is best treated as partially effective for structured-data purposes: the core MLRs, FCA registration regime and Part 7A transfer rules are operative, while selected crypto-related 2026 amendments have later commencement dates. This profile is informational and does not provide legal, tax, investment or compliance advice.

Key provisions

FCA AML/CTF registration

In-scope cryptoasset exchange providers and custodian wallet providers must register with the FCA before carrying on UK business.

Licensing Jan 10, 2020 Source

Cryptoasset service scope

Regulation 14A covers crypto-money exchange, crypto-to-crypto exchange, crypto ATMs, crypto custody and private-key custody.

Scope Jan 10, 2020 Source

Transfer information duties

Originator businesses must include specified originator and beneficiary information with covered inter-cryptoasset business transfers.

AML/CFT Sep 1, 2023 Source

Unhosted wallet risk review

For unhosted-wallet transfers, cryptoasset businesses may request customer information using a risk-sensitive assessment.

Self-custody Sep 1, 2023 Source

Crypto correspondent EDD

From Feb. 1, 2027, cryptoasset providers must apply enhanced due diligence to certain third-country correspondent relationships.

AML/CFT Feb 1, 2027 Source

Change-in-control alignment

2026 amendments phase in expanded change-of-control notice categories for MLR-registered cryptoasset businesses.

Registration Oct 25, 2027 Source

Timeline

  1. MLRs made

    The 2017 Regulations were made and laid before Parliament.

    Enacted Source
  2. MLRs came into force

    The core UK AML/CTF regulations entered into force.

    In force Source
  3. Cryptoasset providers added

    2019 amendments inserted cryptoasset exchange and custodian wallet provider scope.

    In force Source
  4. Part 7A transfer rules effective

    2022 amendments brought cryptoasset-transfer information duties into force.

    In force Source
  5. 2026 AML amendments made

    S.I. 2026/621 updated the MLRs, including cryptoasset correspondent-relationship changes.

    Enacted Source
  6. Most 2026 changes effective

    Most 2026 MLR amendments took effect 21 days after being made.

    Partially effective Source

Who it affects

Actors

Cryptoasset exchange providers, Custodian wallet providers, Financial Conduct Authority, HM Treasury

Asset classes

Cryptoassets

Official sources

Editorial note

Interprets the requested label as the UK MLRs cryptoasset AML/CTF and cryptoasset-transfer regime. Monitor 2027 crypto-related phase-ins and the separate FSMA cryptoasset perimeter.