Regulatory Compliance

Federal Reserve Issues Supervisory Letter on Crypto Activities for Banks

Close Up Shot Of Bitcoin And Alt Coins Cryptocurrency Standing Over A Hundred Dollar Bill. High Angle View, No People

Similar to what the OCC issued in December 2021, in August 2022, the Federal Reserve Board (FRB) issued a Supervisory Letter outlining the steps FRB member banks should take prior to engaging in crypto-asset-related activities, such as assessing whether such activities are legally permissible and determining whether any regulatory filings are required. Additionally, the Supervisory Letter states that Board-supervised banking organizations should notify the Board prior to engaging in crypto-asset-related activities.

Concerned that crypto-asset-related activities pose risks related to safety and soundness, consumer protection, and financial stability, the Supervisory Letter also emphasized that FRB member banks and affiliates must have adequate systems and controls in place to conduct crypto-asset-related activities.

Risks Highlighted by the Fed in the Supervisory Letter Include:

  • Money laundering – The letter emphasizes that crypto-related financing poses heightened risks associated with the governance of the underlying network as well as cybersecurity.
  • Consumer protection – Concern for the consumer was emphasized throughout the letter as the FRB highlighted risks to the public due to price volatility, misinformation, fraud, as well as the outright loss or even theft of assets.
  • Legal status – There is some question regarding the legal status of many crypto-assets – is it a security, is it fungible, is it a derivative – as well as the very limited legal precedent regarding how crypto-assets would be treated in varying contexts, including, for example, in bankruptcy court.
  • Financial stability – Certain types of crypto-assets, such as stablecoins, if adopted at large scale, could also pose risks to financial stability, potentially through destabilizing runs and disruptions in the payment systems. Perficient covered a well-researched Fed paper on this topic here – NY Federal Reserve Evaluates Stablecoin Frameworks – Perficient Blogs

Determining Legality

To counteract and minimize such risks, the Fed’s Supervisory Letter required that prior to engaging in any crypto-asset-related activity, a supervised banking organization must first ensure such activity is legally permissible and determine whether any filings are required under applicable federal or state laws.  The letter highlighted mandatory compliance with the following federal regulations:

  • The Bank Holding Company Act
  • The Home Owners’ Loan Act
  • The Federal Reserve Act
  • The Federal Deposit Insurance Act

Notification of Proposed Activities

Once legality is determined and the proper filings are completed, financial institutions must then notify in writing the firm’s lead supervisory point of contact at the Federal Reserve.. The letter promises that Federal Reserve supervisory staff will provide relevant supervisory feedback in an unspecified timely manner.

Additionally, the Federal Reserve’s Supervisory Letter also encourages financial institution executives to notify their state regulators prior to engaging in any crypto-asset-related activities.

Engaging in Crypto-Asset-Related Activities: A Federal Reserve Checklist

The Federal Reserve will require a firm, prior to engaging in crypto-asset-related activities, to have in place adequate systems, risk management, and controls so the new activities are practiced in a safe and sound manner that is compliant with applicable consumer protection statutes and regulations. This includes having adequate systems in place to identify, measure, monitor, and control the risks associated with such activities on an ongoing basis. These systems, risk management, and controls must cover:

  • Operational risk, including:
    • the risks of new, evolving technologies,
    • the risk of hacking,
    • fraud,
    • theft,
    • the risk of third-party relationships)
  • Financial risk
  • Legal risk
  • Compliance risk (including, but not limited to, compliance with
    • The Bank Secrecy Act (“BSA”),
    • Anti-money laundering requirements,
    • Sanctions requirements

Read the full Supervisory Letter here.

Check out additional Perficient thought leadership on regulatory compliance here.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Carl Aridas

Carl is certified in the Scaled Agile Framework (SAFe), a Scrum Master, and a Six Sigma Green Belt project manager with more than 25 years of experience in financial services overseeing large-scale development global, multi-currency accounting, regulatory reporting, and financial reporting software platforms. He has hands-on experience completing, reviewing, and filing Federal Reserve, FFIEC, and IRS reports, including Call Reports, Y9C reports, 2900 reports, TIC reports, and arbitrage rebate reports.

More from this Author

Subscribe to the Weekly Blog Digest:

Sign Up
Follow Us
TwitterLinkedinFacebookYoutubeInstagram