FDIC Imposes Notification Requirement on Financial Institutions Engaging in Digital Assets

Written By Haley Metteauer

On April 7, 2022, the U.S. Federal Deposit Insurance Corporation (“FDIC”) issued a Financial Institution Letter (“FIL”) which required FDIC-supervised institutions currently engaged in, or planning to engage in, crypto assets activities to notify the FDIC of such activity.

Definition of “Crypto Assets” and “Crypto-Related Activities”

Crypto assets are generally defined under the FIL as “any digital asset implemented using cryptographic techniques.” Crypto-Related Activities are defined as:

  • acting as a custodian of a crypto-asset;

  • maintaining a reserve of stablecoins;

  • issuing digital assets, including cryptocurrency;

  • “acting as market makers or exchange or redemption agents”;

  • participating in blockchain;

  • engaging in activities related to cryptocurrency, such as “finder activities and lending.

These definitions are generalized and, as the FIL stresses, not “exhaustive” as the nature of the digital asset sector is ever-changing and emerging activities or practices may “fall within the scope of this FIL.”

Risk Considerations

The FIL includes the following considerations that financial institutions should review prior to deciding to issue crypto-assets or outlining the manner in which they will engage in the crypto-asset industry.

  • Safety and Soundness -

    • Considering the newness of these assets, the FIL warns that there are unique and heightened “credit, liquidity, market, pricing, and operational risks that could present safety and soundness concerns.”

    • Financial institutions should consider:

      • Fundamental ownership issues, such as clearly validating and confirming the ownership of the asset;

      • Anti-money laundering/countering the financing of terrorism implications and concerns, such as reporting requirements;

      • Information technology (“IT”) and information security, including risk exposure, review and amendment of current IT frameworks to be able to detect, assess, respond, or mitigate these risks;

      • Credit risk exposures, including determining whether the asset is “bankable” or insurable;

      • Accounting, auditing, and financial reporting requirements and parameters, which is still evolving and forthcoming.

  • Financial Stability -

    • Financial institutions should consider the systemic risks to the financial systems in the issuance, transmission, and maintenance of these digital assets, such that they attempt to shield the system from a “run” on these financial assets resulting from these transactions.

  • Consumer Protection –

    • Financial institutions should act to ensure risks posed to consumers through the engagement in crypto-related activities are considered, such as the risk of consumer confusion with regard to the role of the bank in the transaction, the speculative nature of the asset as compared to other, more traditional, banking products, and the management of consumer protection law requirements.

Notification Procedures

Prior to engaging in, or continuing to engage in, a crypto-related activity, an FDIC-supervised institution must “promptly” notify the FDIC Regional Director for the institution. This initial notification should describe the activity in detail and provide the FDIC with a proposed timeline for engagement in the activity.

Haley Metteauer
Previous

FDIC and FinCEN Announce Winning Teams for Digital Identity Tech Sprint
Next

FDIC Requests Comment on Proposed Principals for Climate-Related Financial Risk Management