Banking organizations safekeeping digital assets for customers must do so in a safe and sound manner and in compliance with applicable laws and regulations.
By Arthur S. Long, Parag Patel, Pia Naib, and Deric Behar
On July 14, 2025, the Board of Governors of the Federal Reserve System (FRB), the Federal Deposit Insurance Corporation (FDIC), and the Office of the Comptroller of the Currency (OCC) (collectively, the agencies) issued a joint statement (the Joint Statement) on risk-management
The federal banking agencies continue to open the channels for regulated entities to engage in digital asset activities.
By Arthur S. Long, Parag Patel, Pia Naib, and Deric Behar
On May 7, 2025, the Office of the Comptroller of the Currency (OCC) published Interpretive Letter 1184 (a response to an inquiry from a regulated entity) affirming that national banks and federal savings associations (collectively, banks) may provide and outsource cryptocurrency custody and execution services on behalf of
FRB eases crypto restrictions on supervised entities in alignment with the new administration’s support for the digital asset industry.
By Arthur S. Long, Pia Naib, and Deric Behar
On April 24, 2025, the Board of Governors of the Federal Reserve System (FRB) announced that it was rescinding guidance for banks issued in 2022 related to digital asset and stablecoin activities. It also announced that, together with the Federal Deposit Insurance Corporation (FDIC), it is joining the Office of
New FDIC guidance permits crypto activities by supervised institutions without prior approval, emphasizing risk management and compliance with applicable laws and regulations.
By Arthur S. Long, Parag Patel, Pia Naib, and Deric Behar
On March 28, 2025, the Federal Deposit Insurance Corporation (FDIC) issued a Financial Institution Letter (FIL-7-2025) that provides new guidance for FDIC-supervised institutions engaging in or seeking to engage in crypto-related activities (the Guidance). Specifically, the Guidance clarifies that FDIC-supervised institutions can engage in
In a break from restrictive Biden-era policies, OCC-supervised banks may now engage in crypto without supervisory nonobjection, potentially opening new avenues for innovation.
By Arthur S. Long, Parag Patel, Pia Naib, and Deric Behar
On March 7, 2025, the Office of the Comptroller of the Currency (OCC) reaffirmed that national banks and federal savings associations (collectively, banks) may participate in a range of cryptocurrency activities, including crypto custody, certain stablecoin activities, and participation in independent node verification
Digital asset activities of licensed institutions must be approved and will be assessed for potential safety and soundness risks.
By Arthur S. Long, Pia Naib, and Deric Behar
On December 15, 2022, the New York State Department of Financial Services (NYDFS) issued final guidance to covered institutions engaging in (or seeking to engage in) virtual currency-related activity (the Guidance). Such covered institutions are New York “banking organizations” — New York-chartered banks, trust companies, private bankers, savings banks, safe
The FinTech sandbox would aim to foster innovation in the financial, credit, and insurance sectors.
By Antonio Coletti and Isabella Porchia
The Italian Ministry of Economy and Finance has launched a public consultation on a draft ministerial decree (Draft Decree) implementing the mandate received by the Italian legislature (Decreto Crescita) to set up a regulatory sandbox to test FinTech activities in the financial, credit, and insurance sectors and establish a FinTech Committee.
FinTech Sandbox
The Draft Decree proposes that activities eligible for the sandbox include regulated or non-regulated activities that (i) use technologies contributing to the innovation of banking, financial, and insurance products and services, (ii) require an exemption from the regulatory provisions or guidelines adopted by the supervisory authorities or a joint testing and assessment from the supervisory authorities, and (iii) bring added value at least in terms of (a) benefits for final users enhancing the quality of the services, competition, access conditions, availability, protection, and costs, (b) general efficiency of the financial system and market participants, or (c) less burdensome and more efficient compliance with the financial regulations.
Before submitting an application to the sandbox, entities may present and discuss informally the project with the FinTech Committee. The proposed testing period for any admitted project has a maximum duration of 18 months, which may be extended upon request of the applicant entity.
US lawmakers urge FSOC to designate cloud-based storage systems used by major banks as systemically important financial market utilities.
By Alan W. Avery, Victoria McGrath, and Pia Naib
In an August 22, 2019, letter addressed to Treasury Secretary Steven Mnuchin, in his capacity as chair of the Financial Stability Oversight Council (FSOC), Congresswoman Katie Porter and Congresswoman Nydia Velazquez urged Secretary Mnuchin to designate the three leading cloud-based storage systems used by major banks — Amazon Web Services, Microsoft Azure, and Google Cloud — as systemically important financial market utilities (SIFMUs). This designation would subject such cloud-based storage systems to supervision and regulation by the Board of Governors of the Federal Reserve System (Federal Reserve). Citing Title VIII of the Dodd-Frank Act, which was enacted to promote stability in the financial system, the Congresswomen highlighted the dependence on cloud services by banks and financial institutions for their data needs and the subsequent risks such services pose to the safety and stability of the financial system.
While the payments industry scrambles to meet new standards for APIs, the FCA grants an extension for SCA compliance.
By Christian F. McDermott, Jagveen Tyndall, and Amy Smyth
In an effort to evaluate the readiness of banks to comply with the revised EU Payment Services Directive (PSD2), Tink, a banking platform and data provider, has reported that it tested 84 application programme interfaces (APIs) spanning 2,500 banks and 12 European markets. According to Tink the results showed that none of these APIs were sufficiently robust to meet the new regulatory standards. Separately, the UK’s Financial Conduct Authority (FCA) has delayed the implementation of the strong customer authentication (SCA) requirements introduced by PSD2 to enhance the security of all electronic payment services.
The Federal Reserve is finally stepping into the real-time payments arena.
By Todd Beauchamp, Loyal T. Horsley, and Deric Behar
On August 5, 2019, the Board of Governors of the US Federal Reserve System (the Fed) announced that it plans to roll out a real-time payment and settlement service by 2023 or 2024. The service, named FedNow, is being developed with the stated goal of modernizing the national payment system. Facing political and societal pressure to upgrade the national payment system, the Fed sought comment on the development of a faster payment service in late 2018. After receiving more than 350 comments, the Fed is now moving forward and seeking additional comment on the best way to design the system so that it maximizes inclusivity and utility for all stakeholders. The Fed envisions that FedNow will capitalize on its nationwide infrastructure to provide consumers, businesses, and banks the ability to safely make and receive immediate and fully settled payments 24 hours a day, seven days a week.