💰 FinTechOn Time📋 Fixed Price

FinTech Crypto Asset Platform — UK FCA Registered Business

UK6 min readUpdated June 2025
Region
UK
Contract
Fixed Price
Tech Stack
8 Technologies
IP
100% transferred

Project Overview

A UK company registered with the FCA as a cryptoasset business (under MLRs 2017 Schedule 7A) wanted to build a...

Technology Stack

Node.js/FastifyPostgreSQLWeb3.js (Ethereum)Bitcoin Core RPCChainalysis APIOnfido KYCDow JonesAWS eu-west-2 (cold storage: on-premises HSM)

Compliance & Standards

FCA Crypto Registration (MLRs 2017)FATF Travel RuleUK GDPRAML/KYCCyber Essentials PlusISO 27001-aligned
Step 01

The Challenge

A UK company registered with the FCA as a cryptoasset business (under MLRs 2017 Schedule 7A) wanted to build a digital asset custody and trading platform. FCA crypto registration obligations (AML/KYC, travel rule), UK GDPR, Cyber Essentials Plus, and a secure multi-signature custody architecture were the primary requirements. The platform would hold customer digital assets — security was the paramount concern. Budget: £130,000.

Step 02

Our Approach

Secure Custody Architecture

  • Multi-signature (MultiSig) custody: customer assets held in multi-sig wallets requiring m-of-n signatures before withdrawal.
  • Hot wallet (online, small balance for instant liquidity) / cold wallet (offline, hardware security module — 95% of assets) separation.
  • Air-gapped signing ceremony: withdrawal from cold wallet requires physical access to hardware HSM with dual-person authentication.

MLRs 2017 Schedule 7A

  • cryptoasset exchange and custodian wallet providers must implement full AML/KYC.
  • Electronic ID verification (

Onfido

  • passport + selfie), PEP/sanctions screening (Dow Jones), source of funds declaration for high-value transactions.
  • FATF Travel Rule (applicable above EUR 1,000 threshold): originator and beneficiary information sent with transfers between VASPs.
  • VASP counterparty screening.
  • On-

Chain Transaction Monitoring

  • Blockchain analytics (Chainalysis API): transaction risk scoring, OFAC/HM Treasury sanctions screening of wallet addresses, dark web marketplace exposure, mixer/tumbler detection.
  • High-risk transaction flags: manual compliance review before execution.

FCA crypto AML

  • suspicious activity reporting to HMRC (not NCA, for cryptoasset businesses under MLRs 2017 Schedule 7A).
  • UK GDPR and Crypto-

Blockchain transparency vs GDPR

public blockchain transactions are pseudonymous (wallet address not name) — personal data is the link between wallet address and customer identity (held off-chain).

UK GDPR basis

contract performance.

Right to erasure

cannot delete on-chain transactions (immutable) but customer identity link can be deleted from off-chain databases.

Step 03

The Results

Platform live at 16 weeks, £122,000 — under budget.

FCA inspection at 6 months: AML/KYC procedures commended.

FATF Travel Rule: 100% compliance on qualifying transfers.

Blockchain analytics: 4 high-risk transactions flagged and blocked in first 3 months.

Cyber Essentials Plus: certified at launch.

Zero security incidents in 12 months of operation.

Customer assets under custody: £4.2M at month 6.

Client Testimonial
The FCA inspection was the most thorough compliance review I have experienced in 12 years of financial services. The AML procedures were specifically commended. The blockchain analytics blocked four high-risk transactions in three months — real criminal activity that we did not complete." — Compliance Director, UK Crypto Asset Platform (name withheld)
ClickMasters Case Study Team
Reviewed by James Whitmore, CTO

Project Details

Sector
FinTech
Country
UK
Status
On Time
Contract
Fixed Price
Tech Stack
8 Technologies
Reading Time
6 min
IP Ownership
100% transferred
Last Updated
June 2025
Written By
ClickMasters Case Study Team
Reviewed By
James Whitmore, CTO

Related Case Studies

View All

Ready to Transform Your Business?

Let's discuss how our technical expertise can help you achieve remarkable results.