Opalesque Industry Update – On Aug. 16, 2022, the Board of Governors of the Federal Reserve System (FRB) issued a letter regarding FRB-supervised banking organizations (Covered Entities) engaging in crypto-asset-related activities (C-A-R activities).
While the Letter stated that the crypto-asset sector could potentially present beneficial opportunities for Covered Entities, the Letter cautioned that C-A-R activities could also pose risks, specifically concerning consumer protection, safety and soundness, and financial stability.
The Letter elucidated several requirements-as well as suggestions-applicable to Covered Entities regarding C-A-R activities, including the following:
• A Covered Entity must ensure-prior to conducting new activities-that such new activities are legally permissible.
• A Covered Entity seeking to engage in-or currently engaged in-C-A-R activities must analyze whether such activities would be permissible under relevant state and federal laws. In addition, the Covered Entity must evaluate whether any filings are required per federal banking laws (including g., the Home Owners’ Loan Act, the Bank Holding Company Act, the Federal Deposit Insurance Act, or the Federal Reserve Act) or corresponding promulgated regulations, as applicable.
• Prior to engaging in any C-A-R activity, a Covered Entity should notify its lead supervisory point of contact at the FRB.
• If a Covered Entity is already engaged in C-A-R activities, then that Covered Entity should promptly notify its lead supervisory point of contact at the FRB, assuming the Covered Entity has not already done so.
• Covered Entities with questions regarding the permissibility of any C-A-R activities or the applicability of any filing requirements should consult their lead supervisory point of contact at the FRB.
• In all circumstances, prior to engaging in C-A-R activities, a Covered Entity should ensure that it maintains appropriate risk management, systems and controls to conduct C-A-R activities “in a safe and sound manner and consistent with applicable laws, including applicable consumer protection statutes and regulations.” The Letter further states that such systems should cover financial risk, legal risk, operational risk (g., risks posed by new and evolving technologies, hacking risks, third-party risks), compliance risk (including e.g., anti-money laundering and sanctions risks) and “any other risk necessary to ensure the activities are conducted in a manner that is consistent with safe and sound banking and in compliance with applicable laws, including applicable consumer protection statutes and regulations.”
• Prior to engaging in C-A-R activity, a Covered Entity which is a state member bank should also notify its state regulator.
The Letter noted that, given the novel and heightened risks that crypto-assets pose, the FRB will continue to closely monitor developments in the crypto-asset sector and participation by Covered Entities in C-A-R activities.