The FCA’s proposed rules on QCDDs, supplementary documents and UK QCATPs

The FCA’s Consultation Paper CP25/41 sets out draft Handbook rules (CRYPTO 3) for offers of qualifying cryptoassets to the public and their admission to trading on UK qualifying cryptoasset trading platforms (UK QCATPs). CRYPTO 3 is the specialist chapter governing these activities. It is relevant to UK QCATP operators, persons requesting or obtaining admission to trading (including for UK qualifying stablecoins), persons responsible for offers, and intermediaries.

Key concepts and who they affect

A CATP is a UK qualifying cryptoasset trading platform or its operator holding the relevant Part 4A permission. A QCDD is a qualifying cryptoasset disclosure document under the Cryptoasset Regulations. An SDD is a supplementary disclosure document that updates a QCDD in defined circumstances. A qualifying cryptoasset is as defined in Article 88F RAO, with qualifying stablecoins separately defined in Article 88G RAO.

Admissions and disclosures: when a QCDD is needed

CATPs may only admit a qualifying cryptoasset to trading where a QCDD has been prepared and published in line with the FCA’s admissions and disclosures rules. This does not apply where the asset is a UK‑issued qualifying stablecoin, where it is fungible with one already admitted on the same CATP with a compliant QCDD, or where only qualified investors can trade it. Rulebooks must require a QCDD before admission and an SDD if a significant new factor, material mistake or inaccuracy arises after publication and before admission that may be material to prospective buyers.

What a QCDD must cover and how it should read

QCDDs must contain the information material to someone considering buying or subscribing for the cryptoasset to enable an informed assessment. Documents should be concise, comprehensible, in English, and suitable for retail investors. Rulebooks must ensure QCDDs/SDDs meet retail investors’ information needs, are clear, fair and not misleading, and clearly mark any protected forward‑looking statements. Additional items include any Digital Token Identifier and the identity of the person seeking admission. They must also include responsible persons, LEIs where available, a prominent withdrawal‑rights statement, and a statement that an SDD may be published and where it will appear, noting the QCDD text itself will not be updated. Any financial interest of the CATP operator or group/senior personnel must be prominently disclosed. Where an asset seeks or purports to maintain a stable value, features of the stabilisation mechanism, its risks, and the redemption policy should be disclosed.

Summary document

Each QCDD should include a short plain‑English summary, no longer than two pages, warning that investment decisions should be based on the full QCDD and that the summary will not be updated if an SDD is published. Rule 3.4.9R sets the summary’s form, content, and cross‑references to required prominent statements.

Timing, publication and filing

Approved QCDDs and any SDDs must be filed with an FCA central repository (e.g., the NSM) before trading starts and published on the CATP’s website; where an offer is conditional on admission, the QCDD must be published when the offer begins; otherwise, before admission. CATPs will need and maintain an ‘issued’ LEI to use the repository. Operators must also maintain on their websites a list of QCDDs and SDDs they have published for cryptoassets admitted on any UK QCATP they operate. The FCA does not propose mandating a machine‑readable format at this stage.

Point‑in‑time disclosures and when SDDs are required

QCDDs are point‑in‑time disclosures at admission; there is no ongoing update duty unless a significant new factor, material mistake or inaccuracy arises after publication and before admission, in which case an SDD must be used. CATPs must require SDD publication where that test is met in the period after QCDD publication and before admission.

Withdrawal rights for consumers

If a person agreed to buy or subscribe after QCDD publication and an SDD is later published before admission due to qualifying circumstances, the person will have withdrawal rights. These rights may be exercised within two working days after the SDD is published unless extended. CRYPTO 3.5 also requires prominent disclosure of the right and clear details of the period, deadline and contact, and sets notification duties for offerors and intermediaries.

Duties on UK QCATPs: admissions governance, due diligence and records

Operators must set risk‑based, objective admission criteria to assess detriment to retail investors, considering at least the fitness and propriety of specified persons, QCDD/SDD quality, ability to pay compensation, resilience/technical functionality/governance, known technology risks, and the verifiability of information and impacts where it cannot be verified. Criteria must be approved and reviewed by the governing body, published on the website, and applied consistently. Before admission, operators must assess detriment to retail investors and must not admit where detriment is likely; before publishing any QCDD they must produce a report summarising any unverified information and provide it to the requester if the operator did not produce the QCDD. If information cannot be verified, a report must be produced and the QCDD must include a prominent statement of the unverified information. Operators must not publish a QCDD/SDD unless reasonably satisfied the information required by regulation 13(1) of the Financial Services and Markets Act 2000 (Cryptoasset) Regulations 2025 (“Cryptoasset Regulations”) is included, that information is true and not misleading or that unverified information is clearly disclosed, and that documents comply with applicable rules. Where an operator or group entity seeks admission, conflicts must be mitigated, with written policies ensuring separation between commercial and assessment functions. Operators must keep records evidencing compliance, including criteria, conflict‑mitigation, assessments and decisions, for at least five years, or seven if the FCA requests.

Responsibility and liability for QCDDs and SDDs

Those responsible under regulation 12 of the Cryptoasset Regulations include the requester of admission, the UK QCATP operator if it produced the document, and any person stated as accepting responsibility. Providing professional advice on contents alone does not make a person responsible. Where the person seeking admission prepares its own documents, it is responsible for their content along with any person stated as accepting responsibility. If a third‑party document is used, the person seeking admission remains responsible; the third party is only responsible if it accepts and is stated as accepting responsibility for the new admission.

Protected forward‑looking statements (PFLS)

A voluntary PFLS regime is proposed for forward‑looking statements that meet CRYPTO 3.7 requirements, where the statement contains financial or operational information, includes an estimated timing for the event, and is accompanied by general and content‑specific accompanying statements. Protection applies only if the statement meets criteria on future‑assessability, timing estimate, decision‑useful information, and is paired with the required accompanying statements. Statements included to comply with core disclosure requirements are not protected. Accompanying statements must explain how to identify PFLS, provide warnings (including no guarantee, different liability standard, no obligation to update), identify the PFLS, set out principal assumptions following specified principles, and explain comparability where similar financial information appears elsewhere.

How we can assist

If you would like help mapping these proposals to your platform’s rulebook, governance and disclosure processes, our team can assist with readiness reviews, drafting, and implementation planning ahead of final FCA rules. Please contact FM Legal for a confidential discussion.