Federal Reserve Requires Banks to Provide Notice Regarding Crypto-Asset-Related Activities
The Federal Reserve Board (“FRB”) announced a significant shift requiring FRB-supervised banking organizations to disclose any current crypto-asset-related activity and to notify FRB in advance of entering into any such business activities in the future. This notification requirement may add some friction to the bank adoption of crypto-asset activities. This announcement follows the OCC’s previous direction to its supervised entities to “notify its supervisory office, in writing of its intention to engage in a range of crypto related activities.” With similar direction aimed at Federal Reserve banks that more regularly interact with crypto projects, legal and regulatory compliance diligence will be even more important.
What Happened
- On August 16, 2022, FRB issued a letter to all of its supervised banking organizations requiring those institutions to notify their lead FRB supervisory point of contact if such banking organization is engaged in or intend to engage in “crypto-asset-related activities” in order to “ensure such activity is legally permissible and determine whether any filings are required under applicable federal or state laws.”
- “Crypto-asset-related activities” include crypto-asset safekeeping and traditional custody services; ancillary custody services; facilitation of customer purchases and sales of crypto-assets; loans collateralized by crypto-assets; and issuance and distribution of stablecoins.
- The letter also specifically referenced stablecoins as potentially posing risks to financial stability if adopted at large scale.
How Will This Affect Banking Organizations?
Supervised banking organizations must:
- Ensure the Activities Are Legally Permissible
- Supervised banking organizations must assess the legality of the proposed crypto-asset-related activities under state and federal laws and determine whether any filings are required under federal banking laws, including The Bank Holding Company Act, Home Owners’ Loan Act, Federal Reserve Act, and Federal Deposit Insurance Act.
- If permissibility is not clear, supervised banking organizations are directed to consult their point of contact at the FRB prior to the commencement of such activities.
- Notify the Federal Reserve
- If a supervised banking organization is already engaged in crypto-asset-related activity, it should disclose all activities to its lead supervisory point of contact promptly.
- Supervised banking organizations must notify their lead supervisory point of contact prior to engaging in crypto-asset-related activity.
- Enact and Maintain Proper Controls
- FRB’s letter emphasizes the importance of supervised banking organizations enacting and maintaining adequate risk management and controls related to crypto-asset-related activities, including:
- Having adequate systems in place to identify, measure, monitor, and control the risks associated with crypto-related activities on an ongoing basis; and
- Ensuring that these systems cover “operational risks (for example, the risks of new, evolving technologies; the risk of hacking, fraud and theft; and the risk of third-party relationships), financial risk, legal risk, compliance risk (including, but not limited to, compliance with the Bank Secrecy Act, anti-money laundering requirements, and sanctions requirements), and any other risk necessary to ensure the activities are conducted in a manner that is consistent with safe and sound banking and in compliance with applicable law, including applicable consumer protection statutes and regulations.”
- Consider Notifying State Regulators
- FRB encourages state member banks to also notify their state regulators prior to engaging in crypto-asset-related activity.
- FRB’s letter emphasizes the importance of supervised banking organizations enacting and maintaining adequate risk management and controls related to crypto-asset-related activities, including:
Why Does This Matter?
- If you are a supervised banking organization that is currently involved in active crypto-asset activities, re-confirm that your activities are compliant and take another look at your service providers to ensure their compliance;
- If you are a potential partner of a supervised banking organization, expect an even more robust diligence process, time to execution may be extended, and you may face increased ongoing reporting and information disclosure requirements; and
- For all participants in the crypto-asset space, this is another example of the growing all-hands on deck approach to the regulation of crypto spurred by the Executive Order from earlier this year. The Executive Order’s first objective was to “protect consumer, investors, and businesses,” and we expect to see further action from the FRB and other regulators.