The OCC greenlights bank custody of cryptoassets, opening a significant door to mainstream adoption and innovation.
By Alan W. Avery, Todd Beauchamp, Yvette D. Valdez, Pia Naib, Loyal T. Horsley, Charles Weinstein, and Deric Behar
On July 22, 2020, the US Office of the Comptroller of the Currency (OCC) issued Interpretive Letter #1170 (the Letter), giving national banks and federal savings associations (FSAs) the greenlight to provide customers with custody services for cryptocurrencies and digital assets that are not broadly used as currencies (collectively, cryptoassets). The Letter, addressed to an unspecified recipient bank seeking to offer cryptoasset custody services as part of its existing custody business, noted that the opinion applies to national banks and FSAs of all sizes.
The Letter also reaffirms that national banks, consistent with applicable laws and risk management principles, may provide banking services “to any lawful business they choose, including cryptocurrency businesses.”
A national bank or FSA that seeks to custody cryptoassets must:
- Conduct custody services in a safe and sound manner
- Perform adequate pre-acceptance reviews before accepting a fiduciary account
- Implement due diligence processes
- Review accounts for compliance with anti-money laundering rules
- Have adequate systems in place to identify, measure, monitor, and control risks
- Implement policies, procedures, internal controls, and management information systems specific to custody services
- Maintain effective internal controls
- Safeguard assets under custody
- Ensure that assets held in custody are kept separate from the assets of the custodian and maintained under joint control to ensure that that an asset is not lost, destroyed, or misappropriated by internal or external parties
- Maintain effective information security infrastructure and controls to mitigate hacking, theft, and fraud
- Determine if specialized audit procedures are needed for cryptoasset custody
- Produce reliable financial reports
- Comply with all applicable laws and regulations
Banks Can Finally Catch Up With Technology
The OCC’s move to expressly permit national banks to provide cryptoasset custody services on behalf of customers is a logical step toward modernizing the way banks custody physical and non-physical assets. The safeguarding of digital assets has been a traditional function of banks, and the custody of crypto-related digital assets and digital keys is simply an extension of that mandate. According to the Letter, the ability of banks to provide cryptocurrency custody services, including the safeguarding of unique cryptographic access keys associated with cryptocurrency, “is a modern form of traditional bank activities related to custody services.” Retail customers, registered investment advisers, and institutional investors may benefit from the enhanced safety of maintaining cryptoassets keys with regulated custodians.
Not All Regulators Are Aligned
Due to regulatory uncertainty, banks have long been reluctant to affiliate with cryptocurrency businesses or provide cryptoasset custody services to their customers. The Letter provides nationally chartered banks (and FSAs) with the clarity they need to consider — if not embrace — cryptoassets services as viable business development opportunities. The Letter may also give cryptoassets additional regulatory legitimacy needed for more widespread retail and institutional adoption.
The OCC maintains, however, that banks should conduct a thorough legal analysis to ensure that cryptoasset custody services are consistent with applicable laws. The OCC recommends that prior to engaging in cryptoasset custody services, a bank “should consult with OCC supervisors as appropriate.” A prudent institution would also consult with applicable non-OCC regulators before initiating any crypto-related services, as each regulator may have unique concerns of their own.
The Securities and Exchange Commission (SEC), for example, has not yet allowed broker-dealers to custody digital assets. In a joint statement with Financial Industry Regulatory Authority (FINRA) published on July 8, 2019, the SEC noted its misgivings with granting permission to registrants to custody digital assets (previously covered in this post). Sound risk management and customer protection is critical to the OCC’s stance, although perhaps not quite at the level of the SEC’s customer protection rule, which currently stands in the way of broker-dealers’ ability to custody cryptoassets.
The Commodity Futures Trading Commission (CFTC), on the other hand, recently finalized guidance for retail commodity leveraged transactions, which applies relevant custodial regulations regarding the custody of certain digital assets as a central tenet for achieving delivery, when such assets are in custody under the exemptions afforded retail commodity leveraged transactions (previously covered in this post).
A Path Forward, but Not Without Pitfalls
The Letter comes not long after Brian P. Brooks assumed the role of Acting Comptroller of the Currency, in the wake of his predecessor’s unexpected departure from the post. Brooks notably spent time as chief legal officer for Coinbase, a leading digital currency exchange and custodian, and has not wasted time advancing the OCC’s fintech-focused initiatives, which include the introduction of a “Payments Charter 1.0” this fall (previously covered in this post). The Letter represents a significant turning point in the relationship between federal financial regulators and cryptoasset innovators. Market participants should remember, however, that the Letter is mere guidance and not an official rulemaking. As such, it is not immune from competing regulatory directives or abrogation by future rulemakings. Careful planning and execution is critical for any institution seeking to develop cryptoasset services, in order to ensure that all governing regulators are satisfied.
Submit a comment about this post to the editor.