Crypto-regulatory affairs: US federal regulators clarify common approach to crypto-asset regulation

🇺🇸 US federal regulators clarify joint approach to crypto-asset regulation

early November, we noticed that she is the president The US Federal Deposit Insurance Corporation (FDIC), Jelena McWilliams, has commented on the regulation of crypto-assets and reviewed cooperation with the Federal Reserve and the Office of the Comptroller of the Currency (OCC) on this issue. On November 23, three regulatory agencies released a statement outlining their approach and plans to provide greater clarity on banks’ ability to offer crypto-asset-related services.

The interagency statement details the main focal points of the “policy sprints” it has conducted:

• Developing a commonly understood vocabulary using consistent terms related to the use of crypto-assets by banking organizations.

• Identification and assessment of key risks, including those related to safety and reliability, consumer protection and compliance, and consideration of legal permissibility in relation to potential crypto-asset activities conducted by banking organizations.

• Analyze the applicability of existing regulations and guidelines and identify areas that could benefit from additional clarification.

Based on the above activities undertaken during the policy sprint, the agencies have identified five key activities in the cryptoasset space that may be of interest to banks:

• Safekeeping of cryptoassets.

• Facilitating the buying and selling of cryptoassets.

• Loans secured by crypto assets.

• Activities involving payments, including stablecoins.

• Activities that may result in the holding of crypto-assets on the balance sheet of a banking organization.

During 2022, agencies will work to clarify the legality of banks to provide crypto-asset services to consumers. According to their statement, the Fed, FDIC and OCC are particularly interested in considering the regulatory implications:

• Custody of crypto assets and traditional custody services.

• Auxiliary custody services.

• Facilitating the buying and selling of crypto assets.

• Loans secured by crypto-assets.

• Issuance and distribution of stablecoins.

• Activities that involve holding crypto assets on the balance sheet.

In addition, the statement said that “the authorities will also assess the applicability of capital and liquidity requirements and liaise on this matter with international and intergovernmental organizations”.

While the agency’s joint statement falls far short of providing actual regulatory guidance on any of these topics, it does offer an important signal about where these agencies will focus their attention in the coming months. Greater regulatory clarity on these topics will only increase banks’ confidence and ability to take advantage of opportunities in the cryptoasset space and further encourage banks to accelerate their offerings of related products and services.

In connection with that move, also on November 18, the OCC announced new interpretative letter clarifying the obligations of banks when starting crypto-asset services. Earlier, the OCC clarified in instructions issued during the tenure of the former Acting Comptroller Brian Brooks which banks can provide guardianship services for cryptoassets, hold reserves for stablecoin issuersand deal with others activities related to blockchain and stablecoin.

According to its new interpretive letter, the OCC still maintains that banks have the authority to engage in these activities, but with an important caveat: They must now seek and receive a no-objection letter from bank supervisors before engaging in these activities. As part of that process, according to the OCC, a bank must demonstrate “that it has controls in place to conduct activities in a safe and sound manner . . . including, but not limited to, operational risk (e.g., risks related to emerging new technologies, hacking, fraud and theft risk, and third-party risk management), liquidity risk, strategic risk, and compliance risk (including, but not limited to on compliance with the Law on banking secrecy, prevention of money laundering, sanctions and laws on consumer protection).

Therefore, banks do not have the unfettered green light to engage in crypto-asset activities without regulatory permission, as some may have interpreted earlier interpretation letters. Instead, they’ve been given more of a glaring yellow light: they must put compliance and risk management issues in mind before launching crypto-asset products and services, and they must satisfy their regulators that they’ve done so.

Some observers may interpret this new clarification as likely to backfire the convergence of cryptobanking it is already underway. However, at Elliptic, we believe that an emphasis on upfront compliance and risk management considerations will actually ultimately foster greater adoption of cryptoassets by financial institutions.

Financial institutions are already very sensitive to the regulatory and compliance risks they might face in the process of launching cryptoasset services — and the lack of regulatory clarity can sometimes be a barrier to doing so. By providing a framework for banks to approach and discuss these issues with their supervisors before launching cryptoasset services, the OCC is letting banks know that there is a path to offer these services in a sound and compliant manner.

Contact us to learn more about how Elliptic can help your financial institution meet regulatory requirements so you can confidently engage in the cryptoasset space. You can also read our analysis of how banks can store cryptoassets in a compliant manner here.

🇰🇷 South Korean regulators expand crypto asset regulation efforts to market manipulation

last week, commented Elliptic on South Korea’s legislative proposal to tighten the AML/CFT regime for crypto-asset business. November 23, 2021, South Korea’s Financial Services Commission (FSC) report expanded the efforts of the authorities regulate the crypto-asset industry by addressing market manipulation. The National Assembly authorized the FSC to draft a bill that would resolve this issue within a month. This announcement comes at a time when regulators are increasingly focusing on ffinancial stability risks of cryptoassets.

To learn more about how your business can use Elliptic’s tools to comply with the growing AML/CFT requirements in South Korea, schedule a demo.

🇳🇱The Dutch central bank clarifies regulations on sanctions for dealing with cryptoassets

Central Bank of the Netherlands 19 November 2021 published a draft instruction on the review of sanctions for crypto-asset transactions in the form of a question and answer document. It reminds Dutch companies that under the Sanctions Act of 1977, “the assets of individuals and entities on the sanctions list must be frozen and no financial services may be provided to such individuals and entities.”

To this end, cryptoasset companies must take measures to identify “anyone involved in a financial service or financial transaction.” This includes verifying the transaction, whether inbound or outbound from a business perspective, to identify all other parties and users involved. If the identity of the counterparty is unknown, then the crypto-asset business must, at the very least, verify that their wallet address has not been sanctioned. The regulator states that compliance teams are responsible for establishing appropriate measures to complete these checks according to their business model and risk exposure. This is consistent with Guidelines for a risk-based approach by the Financial Action Task Force on virtual assets.

Schedule a demo to learn how Elliptic can help you comply with these measures by using our sanctions screening capabilities that can prevent your exposure to cryptoasset addresses maintained associated with sanctioned entities and countries. You can also download ours report on compliance with sanctions in cryptoassets for practical advice and best practice examples.

🇪🇺 EU Council adopts proposals for digital finance

On November 24, 2021 The Council of the European Union adopted the proposals for the “Markets in Crypto Assets Ordinance” (MiCA) and the “Digital Operational Resilience Act” (DORA). This adoption paves the way for European legislators to negotiate the details of this framework and reach an agreement with the European Parliament. Both proposals are part of the European digital finance package to ensure competitive, innovative and digitally resilient financial markets. MiCA will create a regulatory framework tailored to cryptoassets and related activities, with comprehensive provisions that will affect stablecoins, decentralized finance (DeFi) token issuers, and other emerging technologies in the cryptoasset space. On top of this, DORA sets out new cyber security rules for the financial sector to prevent and mitigate the impact of cyber attacks. Elliptic will provide ongoing regulatory updates on these measures as negotiations begin.

To learn how your business can comply with current EU legislation and prepare for upcoming requirements using our best-in-class cryptoasset risk management solutions, schedule a demo.

🇪🇺 ECB details customized payment system oversight framework for cryptoassets

European Central Bank (ECB) November 22, 2021 approved a new supervisory framework for the regulation of electronic payments. The Electronic Payment Instruments, Schemes and Arrangements (PISA) framework is aimed at authorities managing electronic payment schemes with the security and efficiency of payment systems in mind. It supports delivery management bodies assessment methodology define the functions and arrangements of the electronic payment ecosystem. The PISA framework includes cryptocurrencies and related services. The methodology details the applicability of 24 principles ranging from legal basis to liquidity risk. The national central banks of the Eurosystem have the responsibility to implement measures that will meet the expectations of the framework. Companies that fall under Eurosystem supervision over payment systems expected to comply with PISA principles by 15 November 2022.

📺 Hot off press

Join Elliptic’s December webinars on the FATF Guidelines and beyond

On 28 October 2021, the Financial Action Task Force (FATF) published updates to its Virtual Asset Guidelines, making it clear that Virtual Asset Service Providers (VASPs) will need to adhere to the same set of comprehensive regulatory compliance standards that banks are already doing it.

Join us in this two-part webinar series as we take a deep dive into key guidance changes and their implications for the industry.