By Alma Angotti, Gene Bolton
On April 7, 2022, the FDIC issued a Financial Institutional Letter (FIL or the Letter) that required all FDIC-supervised financial institutions that are currently engaged in or intend to engage in any activities involving or related to digital assets provide notice to the FDIC. The FDIC cited several concerns driving the FIL, which it sent to more than 4,000 supervised institutions. The Letter primarily highlighted the FDIC’s concern over safety and soundness relating to digital assets1. Specifically, the Letter addressed the significant AML/CFT implications in the use of digital assets. It explained that, under safety and soundness, digital assets present “fundamental ownership issues,” and questioned covered banks’ abilities to verify ownership of digital assets. The Letter also raised concerns over credit risk exposure and liquidity implications for insured institutions that engage with highly volatile digital assets.
In addition to safety and soundness and financial stability risks, the FDIC letter also addressed concerns over consumer protection and covered institutions’ ability to apply consumer protection laws to digital assets. In the Letter, the FDIC cited the risk of consumer confusion over the role of the covered institutions vis-à-vis the nature of certain digital assets. For example, the FIL stated that consumers may not understand the role of the bank, or the speculative nature of certain crypto assets as compared to traditional banking products. The FDIC claimed that banks could face challenges in applying consumer protection laws against unfair or deceptive acts or practices to new and changing crypto-related activities2.
The recently issued FIL forms part of a larger roadmap developed by the FDIC and other regulators to address risks posed by rapidly evolving digital assets. On November 23, 2021, the FDIC, Board of Governors of the Federal Reserve System, and Office of the Comptroller of the Currency announced their efforts to analyze digital asset risks and enhance the agencies’ understanding of the emerging crypto-asset sector. The agencies intended to provide further guidance on digital assets throughout 2022, including expectations of covered institutions for safety and soundness, consumer protection, and compliance with existing laws and regulations.
In the wake of high-profile bankruptcy announcements of several prominent online cryptocurrency exchanges, namely Celsius and Voyager Digital, the FDIC has addressed apparent misconceptions of the role of deposit insurance and its application. On July 29, 2022, the FDIC published a second FIL, “Advisory to FDIC-Insured Institutions Regarding Deposit Insurance and Dealings with Crypto Companies,” which seemingly seeks to address the highly publicized bankruptcies in the digital assets sector.
The July 2022 FIL reiterated that the FDIC does not insure assets issued by non-bank entities, such as crypto companies. It also stated that covered banks should confirm and monitor that their crypto company partners do not misrepresent the availability of deposit insurance. Notably, on July 28, 2022, the FDIC and Federal Reserve Board issued a cease-and-desist to Voyager Digital from making false or misleading representations of deposit insurance status. According to the agencies, Voyager Digital advertised via various media that the platform was FDIC-insured and that its users who invested in the platform would receive FDIC insurance coverage.
The FIL, which directly impacts 4,839 FDIC-insured institutions, signaled the FDIC’s push to operationalize its digital assets roadmap in 2022. Indeed, the Acting Chair of the FDIC, Martin Gruenberg, included crypto-asset risks as a top priority for the FDIC two days after assuming the role. Accordingly, the FIL directed covered entities to provide “prompt” notification of all digital asset-related activities to the FDIC, which would allow the agency to quickly engage institutions regarding their related risks.
The expectation set forth by the FDIC is that all supervised entities demonstrate the ability to conduct digital asset-related activities in a “safe and sound” manner. Institutions that are planning on conducting digital asset-related activity, or that already do so, should plan on notifying the appropriate FDIC Regional Director and describe the institution’s digital asset-related activity in detail. Alternatively, an institution could provide a detailed timeline for conducting relevant activities if it intends to do so in the future. After such notification, the FDIC may request additional information on a case-by-case basis to assess specific risk areas and provide regulatory feedback.
Digital assets offer numerous opportunities to financial institutions and consumers and with that, new and unfamiliar risks. Generally, financial institutions should plan to engage with their regulator early and often, particularly before conducting activities related to digital assets. The FIL reflects the FDIC’s intent to ensure that all supervised institutions can demonstrate their ability to undertake such risks in a safe and sound manner.
In anticipation of regulatory feedback from the FDIC, supervised financial institutions should consider proactively assessing whether their activities sufficiently meet the expectations set forth by the FDIC for safety and soundness, financial stability, and consumer protection risks associated with the digital asset-related activity.
Moreover, a financial institution that is considering engaging with digital assets should plan on assessing how doing so might affect the enterprise’s compliance with FDIC expectations and its overall risk. This includes identifying and assessing operational or technical limitations that may inhibit compliance with regulatory requirements and an increasingly volatile digital asset ecosystem. Institutions should plan on evaluating their current policies, procedures, and controls to ensure they meet these requirements and in preparation for feedback from the regulator. Covered banks should also consider developing a plan to implement necessary changes as clearer rules are rolled out as part of the FDIC’s 2022 roadmap. These may include updated rules over holding cryptocurrency in custody to facilitate client trading, issuing and distributing stablecoins, using cryptocurrency as collateral for loans, or even holding cryptocurrency on balance sheets like traditional assets. Covered institutions should ensure they are able to implement necessary changes, including additional costs and resources required, to facilitate timely compliance with the revised rules.
Guidehouse can help members of the digital assets industry and more traditional financial institutions assess their compliance programs to navigate regulatory risks, including developing and implementing updates to operations, policies, procedures, controls, and technology systems. Guidehouse is uniquely positioned to help financial institutions determine whether their programs meet requirements under an evolving landscape and prepare institutions that are seeking to enter this rapidly growing market. Its areas of relevant expertise include the following:
Guidehouse can quickly review and assess your compliance program to determine whether it is sound, identify gaps or weaknesses, or conduct training on digital assets, AML and Sanctions compliance, including blockchain tracing and analytics, and consumer protection requirements. Guidehouse is well-equipped to make an individualized assessment of your unique circumstances and offer innovative advice and solutions for responding to increased regulatory scrutiny.
1 Section 39 of the Federal Deposit Insurance Act.
2 Unfair or Deceptive Acts or Practices by State-Chartered Banks, Section 5, Fair Trade Commission Act.