On January 3, The Board of Governors of the Federal Reserve System, the Federal Deposit Insurance Corporation, and the Office of the Comptroller of the Currency (the Agencies) issued a joint statement to banking organizations highlighting a number of risks associated with crypto-assets.

While the Agencies expressly state that “banking organizations are neither prohibited nor discouraged from providing banking services to customers of any specific class or type, as permitted by law or regulation,” they nonetheless caution that “holding as principal crypto-assets that are issued, stored, or transferred on an open, public, and/or decentralized network, or similar system is highly likely to be inconsistent with safe and sound banking practices.” Some banks may interpret this to mean that, practically speaking, they cannot engage in such activities. Further, the Agencies state that they “have significant safety and soundness concerns with business models that are concentrated in crypto-asset-related activities or have concentrated exposures to the crypto-asset sector.” It will be interesting to see whether state banking regulators issue a similar statement.

The risks highlighted by the Agencies, which are nothing new, include:

  • Risk of fraud and scams;
  • Legal uncertainties related to custody practices, redemptions, and ownership rights of crypto assets;
  • Inaccurate representations by crypto-asset companies, including misrepresentations regarding federal deposit insurance;
  • Significant volatility in crypto-asset markets;
  • Susceptibility of stablecoins to run risk;
  • Contagion risk within the crypto-asset sector resulting from interconnections among certain crypto-asset participants;
  • Inadequate risk management and governance practices in the crypto-asset sector; and
  • Heightened risks stemming from lack of oversight, the absence of clearly established roles, and vulnerabilities related to cyber-attacks, outages, lost or trapped assets, and illicit finance.

The Agencies further stated that they are “supervising banking organizations that may be exposed to risks stemming from the crypto-asset sector and carefully reviewing any proposals from banking organizations to engage in activities that involve crypto-assets.” The joint statement concludes by advising banking organizations to ensure that crypto-asset-related activities are performed in a safe and sound manner in compliance with applicable laws and regulations. Banking organizations should also ensure appropriate risk management to effectively identify and manage the inherent risks.