On November 23, 2021, the federal bank regulators provided the clearest indication yet that the agencies intend, in short order, to become more active in the supervision of regulated banks’ crypto-asset activities. The Federal Reserve, Federal Deposit Insurance Corporation (FDIC), and Office of the Comptroller of the Currency (OCC) together issued a Joint Statement on Crypto-Asset Policy Sprint Initiative and Next Steps, summarizing months of interagency “policy sprints” designed to reach a common understanding of the relevant terminology, risks, and applicable regulations regarding crypto-assets. The Joint Statement provides the regulators’ “roadmap” that outlines planned actions in 2022 that will elucidate the agencies’ views on the permissibility of, and supervisory expectations around, banks’ crypto-related activities.
We have already seen evidence of collaboration across the agencies in evaluating issues impacting crypto-assets and related innovations. The Joint Statement follows the Report on Stablecoins issued earlier in November by the President’s Working Group on Financial Markets, joined by the FDIC and OCC, which highlighted certain risks associated with the use of stablecoins. In addition, leadership of the agencies have expressed their tone-setting views on issues related to banks, crypto-assets, and regulation.
The Joint Statement emphasized that the agencies would provide greater clarity related to six specific activities: (1) crypto-asset safekeeping and traditional custody services; (2) ancillary custody services; (3) facilitation of customer purchases and sales of crypto-assets; (4) loans collateralized by crypto-assets; (5) issuance and distribution of stablecoins; and (6) holding of crypto-assets on balance sheets. The Joint Statement noted that the agencies plan to evaluate the application of bank capital and liquidity standards to crypto-assets. In addition, the Joint Statement promised further engagement and collaboration with other regulatory authorities on issues related to crypto-assets.
The Joint Statement clearly reflects the agencies’ willingness to take an active role in the development of a regulatory framework around crypto-assets, at least insofar as regulated banks are concerned. The planned activities may include formal rulemakings, as well as the issuance of supervisory guidance, such as frequently asked questions or interpretive letters; it remains to be seen whether any of the agencies will use enforcement actions to announce their positions. The agencies indicated a willingness to continue to seek commentary from within the industry related to issues involving crypto-based activities and, presumably, the impact any new regulations or guidance may have on banks.
The OCC’s issuance of Interpretive Letter #1179 (IL 1179) on the same day the Joint Statement was published suggests IL 1179 will serve as a general guideline for compliance for national banks and federal savings associations until more formal guidance contemplated by the Joint Statement is released. Acting Comptroller Michael Hsu had previously indicated that “everything’s on the table” in his agency’s review of the cryptocurrency and digital asset interpretive guidance issued under the Trump Administration. However, IL 1179 reaffirms that activities previously authorized by the OCC—providing cryptocurrency custody services, holding dollar deposits serving as reserves backing stablecoins, acting as nodes on a distributed ledger, and facilitating payment transactions on distributed ledgers—are legally permissible for national banks and federal savings associations. But IL 1179 adds one significant caveat: The OCC makes clear the agency’s view that activities are not legally permissible for banks—i.e., are not part of the “business of banking”—if they are not conducted in a safe and sound manner.
As a practical matter, IL 1179 imposes an affirmative obligation on a national bank seeking to engage in these activities: the bank must notify its supervisory office, in writing, of the proposed activities and should receive written notification of non-objection before engaging in those activities. IL 1179 makes clear that the “notification” must clearly demonstrate that the bank has the capacity to conduct those activities in a safe and sound manner: the bank must show it has appropriate risk management and measurement processes for the proposed activities, including adequate systems already in place to identify, measure, monitor, and control the risks of these activities, on an ongoing basis. The notification submission should address the fundamental risk factors assessed by the OCC, including operational, liquidity, strategic, and compliance risks. In addition, the bank must demonstrate how it will comply with applicable laws related to the proposed activities.
IL 1179 emphasizes a number of particularly relevant areas, including the federal securities laws, Bank Secrecy Act, Commodity Exchange Act, and consumer protection laws. After receipt of the notification, the supervisory office will evaluate the adequacy of a bank’s risk systems and controls but retains discretion to evaluate “other supervisory considerations relevant to the particular proposal” in deciding whether to issue its non-objection. Once non-objection is secured, the OCC will continue to review those activities as part of its supervisory approach of the institution.
Taken together, the statements in IL 1179 make clear that the OCC intends the notification submission to be detailed, well supported, and transparent. An incomplete, inaccurate, or poorly supported notification could lead to an objection from the OCC, potentially disqualifying the bank from engaging in the activities for months or longer. We would expect that the OCC will engage with banks as the agency evaluates the proposal, so institutions should be prepared for substantive follow-up questions, meetings, and requests for documents, especially related to compliance with existing or forthcoming law and regulation. Banks should also expect that the OCC will consider the condition of the institution at the time of the notification—including the adequacy of its compliance management systems, competence of its management, and its overall regulatory track record—in determining whether the bank can actually conduct the activities in a safe and sound manner.
IL 1179 underscores that banks already engaged in the described activities as of November 23, 2021 do not need to obtain the supervisory non-objection. The letter reminds banks, however, that the OCC will continue to examine these activities and will evaluate the adequacy of the bank’s systems and controls. IL 1179 implies that banks already engaging in these activities—though they can avoid the notification procedure—will be held to the same supervisory standards that the agency will apply to those banks approved to engage in the activities under IL 1179’s new procedure.
In light of a series of approvals of the conversion of state trust companies into national trust banks, IL 1179 also clarifies that the OCC’s authority to charter and approve the conversion to national trust banks remains valid. However, the letter reminds banks that the OCC retains discretion to determine if charter applicants’ activities are trust or fiduciary activities for purposes of federal law, notwithstanding their legality under applicable state law, and that prior approvals did not expand or otherwise change bank obligations under OCC fiduciary regulations.
The Federal Reserve and FDIC, which are not chartering agencies, have not issued similar guidance. Until those two agencies take similar steps, the activities described in IL 1179 may be advanced by enterprising state banks. While state-chartered banks may not be subject to the additional notification procedure described in IL 1179, they should consider the guidance discussed in IL 1179, in particular guidance related to risk management and related controls, if they plan to engage in crypto-asset activities. Consistent with the Joint Statement, we anticipate the federal bank regulators to continue to be active and coordinated in the crypto-asset space as the calendar turns to 2022 and expect state-chartered banks may soon be subject to similar expectations by default.
Alston & Bird’s attorneys regularly counsel national and state-chartered banks on the legality of engaging in specified activities, including in the crypto-asset space, and routinely engage with federal and state regulators on licensing and other applications and notifications.