On April 7, the Federal Deposit Insurance Corporation (FDIC) released a letter, requiring all FDIC-supervised institutions that intend to engage in, or that are currently engaged in, crypto-related activities to notify its FDIC Regional Director. The FDIC also encouraged institutions to notify their state regulator. The FDIC provided an initial noncomprehensive list of activities requiring notification, which includes:

  • Acting as crypto-asset custodians;
  • Maintaining stablecoin reserves;
  • Issuing crypto and other digital assets;
  • Acting as market makers or exchange or redemption agents;
  • Participating in blockchain- and distributed ledger-based settlement or payment systems, including performing node functions; and
  • Any related activities, such as finder activities and lending.

Citing concerns with the rapidly changing nature of crypto-related activities, the FDIC noted that it cannot assess these risks without considering each activity on an “individual basis.” Therefore, an institution’s notice to the FDIC must provide a detailed description of the activity that allows the FDIC to assess the safety and soundness, financial stability, and consumer protection risks presented by the activity.

  • Safety and Soundness. The FDIC specifically raised concerns about the fundamental ownership issues that arise with crypto assets, as well as the implications for information technology, information security, and anti-money laundering monitoring and enforcement. The FDIC also cited heightened and unique concerns relating to credit risk exposure, market risk, liquidity risk, and accounting, auditing, and financial reporting.
  • Financial Stability. The FDIC noted the potential systemic risks to the financial system that crypto-related activities may cause, including due to disruptions or operational failures related to such activities.
  • Consumer Protection. The FDIC worries about customer confusion that may arise due to FDIC-insured institutions offering crypto assets, transactions, and other crypto-related activities, as well as the institutions’ ability to effectively apply consumer protection requirements to such activities.

These risks echo those laid out in President Biden’s March 2022 Executive Order on Ensuring Responsible Developments of Digital Assets (Executive Order). The Executive Order called for a number of regulatory agencies to identify certain risks associated with crypto-related activities and develop frameworks and policy recommendations to deal with such risks.

The FDIC’s letter builds on the increasing attention of U.S. banking regulators to crypto-related activities of their regulated institutions. Prior to this letter, neither the FDIC nor the Federal Reserve had spoken definitively on such activities. However, the Officer of the Comptroller of the Currency (OCC) published a letter in November 2021, requiring OCC-regulated institutions to provide written notification of proposed crypto-related activities. At this time, the Federal Reserve continues to remain silent on any similar notification requirements. Although, given the quickly growing interest in this issue, we would not expect the Federal Reserve to maintain its silence for much longer.

FDIC-regulated institutions that currently engage in crypto-related activities should notify their FDIC Regional Director promptly and be prepared to provide requested information on such activities. To the extent they have not already done so, these institutions should also consider engaging with their state regulator.