Breaking down the joint statement on crypto-asset risks to financial institutions

In the past year, cryptocurrency markets have been marked with volatility and uncertainty. Market capitalization has dropped significantly on cryptocurrencies, and there was also the unprecedented collapse of FTX — the third-largest cryptocurrency exchange.

It comes as no surprise that regulatory agencies have rushed to make financial institutions aware of the risks associated with crypto assets and crypto-asset sector participants.

Crypto-asset risks

A crypto-asset sector is loosely defined as a classification of cryptocurrency, such as transactional currencies, platform currencies, utility currencies or application currencies.

On January 3, 2023, the Board of Governors of the Federal Reserve System, the Federal Deposit Insurance Corporation (FDIC) and the Office of the Comptroller of the Currency (OCC) issued a joint statement on crypto-asset risks.

Included was a list of risk considerations that financial institutions should be aware of as they relate to crypto assets. The key risk factors noted by the agencies are:

• The risk of fraud and scams among crypto-asset sector participants.
• Legal uncertainties related to custody practices, redemptions and ownership rights, some of which are currently the subject of legal processes and proceedings.
• Inaccurate or misleading representations and disclosures by crypto-asset companies. This includes misrepresentations regarding federal deposit insurance; practices that may be unfair, deceptive or abusive; or practices that contribute to significant harm to retail and institutional investors, customers and counterparties.
• Significant volatility in crypto-asset markets, the effects of which include potential impacts on deposit flows associated with crypto-asset companies.
• Susceptibility of stablecoins to run risk, creating potential deposit outflows for financial institutions that hold stablecoin reserves. (While stablecoins are attached to an underlying asset such as currency or precious metals, they have not been immune to market volatility.)
• Weak risk management and governance practices in the crypto-asset sector.
• Heightened risks associated with open, public and decentralized networks or similar systems. This includes, but is not limited to, the lack of governance mechanisms establishing oversight of the system; the absence of contracts or standards to clearly establish roles, responsibilities and liabilities; and vulnerabilities related to cyberattacks, outages, lost or trapped assets and illicit finance.

Financial institutions are neither prohibited nor discouraged from providing banking services to customers based on a specific class or type. However, the interagency guidance stressed that if the above risks cannot be mitigated or controlled, they should not migrate into the banking system.

While the agencies continue to assess how crypto-asset related activities can be conducted in a safe and sound manner, their joint statement indicated hesitancy. It reads, “Based on the agencies’ current understanding and experience to date, the agencies believe that issuing or holding as principal crypto-assets that are issued, stored, or transferred on an open, public, and/or decentralized network, or similar system is highly likely to be inconsistent with safe and sound banking practices.”

It goes on to say that, “Further, the agencies have significant safety and soundness concerns with business models that are concentrated in crypto-asset-related activities or have concentrated exposures to the crypto-asset sector.”

The statement reemphasizes the requirement to engage in robust supervisory discussions with your regulator about any existing or proposed crypto-related activities.

Previous guidance on crypto-asset management

Each agency previously issued guidance specific to their financial institutions:

• In November 2021, the OCC issued IL 1179.
• In August 2022, the Fed’s board issued SR 22-6/CA 22-6.
• In April 2022, the FDIC issued FIL-16-2022.

Financial institutions that decide to venture into the crypto-asset space are strongly encouraged to familiarize themselves with their respective agency’s risk tolerance for this higher-risk endeavor. The agencies have stated that they will issue additional guidance, as warranted.

How Wipfli can help

Wipfli has the knowledge and experience to help your financial institution understand the risk and mitigants of banking crypto assets and crypto-asset participants. We can assist with drafting policies and procedures, so that you can be confident in your risk management.

Contact us to learn more.

Sign up to receive more financial institution information, or keep reading:

• Podcast: Role of crypto and blockchain for banks and credit unions
• Tune in for a dynamic conversation about the state of the economy
• Regulatory scrutiny is rising in fintech partnerships
• Be prepared for new FinCEN beneficial ownership rules