Consumer Duty and crypto: a practical checklist for professional firms

FCA CP26/4 proposes applying Consumer Duty to cryptoasset firms. Here's a practical checklist for professionals and compliance teams.

Introduction

One of the most important lines in CP26/4 is the FCA's proposal to apply the Consumer Duty (Principle 12 and PRIN 2A) to cryptoasset firms in the same way it applies generally to authorised firms, with additional guidance to clarify how the Duty applies to cryptoasset activities. For professional firms, you don't need to become a regulator. But you do need to understand how this changes client expectations — and how it affects the providers you introduce clients to.

Why this matters for your clients

Your clients may hear 'Consumer Duty' and assume it means: • 'I'm protected if something goes wrong.' • 'The firm can't sell me something unsuitable.' • 'The firm must communicate clearly and fairly.' In reality, the detail depends on what activity is regulated and how it is performed. But your firm's reputational risk increases if you appear unaware of this framework when discussing crypto.

The Consumer Duty lens: what professionals should watch for

Below is a practical checklist you can use in provider due diligence conversations and client education. 1) Communications: clarity beats excitement Crypto marketing often fails when it oversimplifies risk. Under a Consumer Duty mindset, you should expect: • Plain-English risk explanations • No minimising volatility or complexity • Clear statements about what is and isn't protected 2) Products and services: matching the client's reality For HNW clients, the 'product' isn't just a token. It's the whole operating environment: • Where assets sit (exchange vs self-custody) • How access is controlled • What happens during incapacity or death • What the client's household can realistically execute 3) Outcomes: the real failure modes A useful professional framing is to focus on outcomes your client cares about: • Avoiding total loss from operational failure • Avoiding family deadlock on death • Avoiding scams during stressful events • Having a documented process that survives staff turnover, device loss, and time 4) Support: what happens when things go wrong CP26/4 also discusses complaints handling frameworks and disclosure around Ombudsman access in different circumstances. For professionals, support questions should include: • How does the provider handle disputes and access issues? • What evidence is required to act on incapacity or death? • What escalation path exists for time-sensitive events?

A 'Consumer Duty-ready' client process you can adopt

You can operationalise this without taking custody and without turning your firm into a crypto helpdesk: 1. Identify crypto holdings (baseline mapping) 2. Classify custody model (exchange/self-custody/mixed) 3. Document continuity responsibilities (who does what) 4. Educate on scams and redress differences 5. Review on a schedule (quarterly or biannual for active holders) Bitzo's process is designed to sit inside this structure, as a non-custodial coordination layer.