Three federal bank regulators, including the Office of the Comptroller of the Currency (OCC), US Federal Reserve Bank, and Federal Deposit Insurance Corporation (FDIC), have joined to caution the public on “crypto asset” risks to banking firms.
The statement follows a year of turmoil in digital asset markets, with the failure of FTX being the pinnacle for 2022. While not definitive, 2023 may bring more pain to crypto markets.
The Joint Statement cautions banking firms to be aware of the following:
- Risk of fraud and scams among crypto-asset sector participants.
- Legal uncertainties related to custody practices, redemptions, and ownership rights, some of which are currently the subject of legal processes and proceedings.
- Inaccurate or misleading representations and disclosures by crypto-asset companies, including misrepresentations regarding federal deposit insurance, and other practices that may be unfair, deceptive, or abusive, contributing to significant harm to retail and institutional investors, customers, and counterparties.
- Significant volatility in crypto-asset markets, the effects of which include potential impacts on deposit flows associated with crypto-asset companies.
- Susceptibility of stablecoins to run risk, creating potential deposit outflows for banking organizations that hold stablecoin reserves.
- Contagion risk within the crypto-asset sector resulting from interconnections among certain crypto-asset participants, including through opaque lending, investing, funding, service, and operational arrangements. These interconnections may also present concentration risks for banking organizations with exposures to the crypto-asset sector.
- Risk management and governance practices in the crypto-asset sector exhibiting a lack of maturity and robustness.
- Heightened risks associated with open, public, and/or decentralized networks, or similar systems, including, but not limited to, the lack of governance mechanisms establishing oversight of the system; the absence of contracts or standards to clearly establish roles, responsibilities, and liabilities; and vulnerabilities related to cyber-attacks, outages, lost or trapped assets, and illicit finance.
The three regulators’ add:
“Given the significant risks highlighted by recent failures of several large crypto-asset companies, the agencies continue to take a careful and cautious approach related to current or proposed crypto-asset-related activities and exposures at each banking organization.”
The statement explains that banks are not prohibited from providing banking services to crypto firms – as permitted by law. The agencies state they are continuing to review and assess the ecosystem. Banking systems should act with caution ensuring appropriate risk management and oversight.