Federal banking regulators issued a joint assertion immediately emphasizing that banks concerned in bitcoin and crypto-assets-related custody and different actions by following present legal guidelines and sustaining sturdy threat controls. The assertion, issued by the Federal Reserve, OCC, and FDIC, clarifies that it doesn’t introduce new guidelines however reminds banks of their obligations when dealing with bitcoin and different crypto on behalf of shoppers.
“Banking organizations could present safekeeping for crypto-assets in a fiduciary or a nonfiduciary capability,” the doc acknowledged. “Banking organizations that present crypto-asset safekeeping in a fiduciary capability should adjust to 12 CFR 9 or 150, as relevant, state legal guidelines and rules, and every other relevant authorized provisions, such because the instrument that created the fiduciary relationship.”
The companies emphasize that safekeeping bitcoin and different crypto-assets, primarily via management of shoppers’ cryptographic keys, requires sturdy cybersecurity, operational experience, and full authorized compliance. Banks providing these providers have to be ready to guard in opposition to dangers resembling key loss, cyberattacks, and unauthorized asset transfers.
In addition they observe that bitcoin and different crypto safekeeping could demand specialised employees, safe infrastructure, and fixed monitoring of evolving applied sciences. Regulatory necessities like anti-money laundering (AML), countering the financing of terrorism (CFT), and OFAC sanctions nonetheless apply.
“Like all different banking actions, crypto-asset safekeeping relationships are topic to relevant Financial institution Secrecy Act/anti-money laundering (BSA/AML), countering the financing of terrorism (CFT), and Workplace of International Belongings Management (OFAC) necessities,” mentioned the doc.
The assertion additionally warns that banking organizations ought to conduct a full threat evaluation earlier than participating in bitcoin and different crypto safekeeping. This consists of evaluating the character of various crypto-assets, the expertise used, and the authorized obligations concerned.
“Topic to the phrases and situations within the buyer settlement, a banking group is chargeable for the actions carried out by the sub-custodian…” the doc talked about. “Conducting due diligence earlier than collection of a sub-custodian is a vital a part of sound risk management, and consists of evaluating the effectiveness of the sub-custodian’s cryptographic key-management resolution, together with polices, processes, and inner controls, in addition to its adherence to plain safekeeping threat administration practices.”
