red 
Last week, the US Federal Reserve released two important regulatory guidelines, clarifying its position on the issuance of – and engagement with – stablecoins by the entities it oversees, and announced that it will launch a new program to oversee member banks’ digital asset activities.
The first guidance – SR 23-8 / CA 23-5: Supervisory No-Objection Process for Member State Banks Seeking to Engage in Certain Activities Involving Dollar Tokens – makes it clear that member banks must obtain a no-objection letter before engaging in any stable activity, including testing.
In order to receive this no-objection letter, banks must demonstrate that they have established appropriate risk management practices for the proposed activities, with particular emphasis on those related to:
- operational risks;
- cyber security risks;
- liquidity risks;
- illegal financial risks; and
- consumer compliance risks.
The second part of the guidelines – SR 23-7: Creation of a New Activity Oversight Program – establishes a program to address “new activity related to cryptoassets, distributed ledger technology (DLT) and complex, technology-driven partnerships with non-banks to provide financial services to customers”. The program will not be independent, but will supplement the existing monitoring processes.
This is a major advance in the evolution of regulatory policy in the US, as it marks a move towards creating a compliance framework that regulated banks can work towards to safely engage in the digital asset sector.
While this is not a perfect solution to the many regulatory issues facing the industry, it is nevertheless significant in its scope and attempt to create “rules of the road”. There is likely to be pushback from some participants, who feel that these guidelines and the new regime they establish are duplicative of existing regulatory ordinances.
Click here to read more An Elliptical Analysis of the Fed’s New Guidance.
The SFC in Hong Kong warns that virtual resources platforms have inappropriate practices
Hong Kong’s Securities and Futures Commission (SFC) noted last week that it had observed certain unlicensed virtual asset trading platforms (VATPs) engaging in inappropriate practices.
The regulator also warned that there could be major legal and regulatory ramifications for these inappropriate practices, while reminding investors to be wary of the risks posed by the sector. Among the alleged improper activities are falsely claiming to file with the SFC, failing to comply with the SFC’s published requirements and establishing business by unlicensed entities in Hong Kong.
Entities that engage in inappropriate activities are likely to face civil penalties and service restrictions. The SFC urged investors to carefully investigate the regulatory permissibility of their activities and the status of the entities they do business with.
PayPal launches stablecoin in US dollars
Last week, PayPal announced the launch of a US dollar regulated stablecoin, issued in collaboration with crypto-tech firm Paxos.
Users will reportedly be able to transfer PayPal USD (PYUSD) between PayPal and compatible external wallets, send person-to-person payments using PYUSD, fund purchases by selecting it at checkout, and convert any of PayPal’s supported cryptoassets to and from PayPal USD.
Given the efficiency and convenience of digital assets pegged to the dollar, this is a potential game changer for the industry as the payments giant can offer this product to its nearly 500 million users.
Read more about Elliptic’s analysis on PYUSD here.
UK think tank publishes guidance on institutional VASPs and virtual asset risk assessment
The Royal United Services Institute (RUSI) – the UK’s leading defense and security think tank – published a guide last week providing insight into how to properly carry out a proper virtual asset risk assessment.
According to RUSI, the guide “documents how [virtual asset service providers] and [financial institutions] need to understand the cryptocurrency-related financial crime risks they face through their customers, the tokens and services they offer, the jurisdictions in which they operate, transactions, delivery channels, fraud and cyber threats.”
The guide – which mainly addresses the identification of cryptocurrency-related red flags by private sector participants – includes information on financial crime risks and elevated risk factors, risk mitigation strategies and best practices for designing compliance programs and performing risk assessments.
Worldcoin facilities in Kenya have been raided by local authorities
Worldcoin – a crypto project founded by OpenAI CEO Sam Altman – faced a challenge last week after Kenyan officials raided its warehouse in Nairobi.
Kenya’s Data Protection Commissioner Immaculate Kassait has reportedly claimed that Worldcoin’s parent company “Tools for Humanity” acted fraudulently about its intentions when it registered in Kenya.
The machine containing Worldcoin’s data has apparently been taken to the headquarters of the Criminal Investigation Department for further questioning. The seizure comes after the Kenyan government shut down Worldcoin’s local operations last week over privacy and data protection concerns.
Compliance with Financial Services Regulations
