With crypto winter fully upon us, most regulated financial institutions understand that if they want to engage directly in cryptocurrencies—i.e., operating exchanges, providing custody services, issuing tokens—they may have to obtain approval from a US state or federal regulator. Indeed, the New York Department of Financial Services ("NYDFS") recently announced that any NY-regulated entity must submit a business plan 90 days before getting involved in certain specified crypto activities. (For more on that, read our coverage of the NYDFS guidance and takeaways).
But the ongoing fallout from bankruptcies of prominent crypto firms such as FTX, BlockFi, Voyager Digital, and Celsius Network has brought into focus a new set of crypto-related risks for financial institutions to consider. For example, on December 7, 2022, in letters sent to the Federal Reserve, the Federal Deposit Insurance Corporation, and the Office of the Comptroller of the Currency, Senators Elizabeth Warren and Tina Smith raised concerns that "crypto firms may have closer ties to the banking system than previously understood." Concerned with possible contagion from future firm collapses, the letter highlights exposure by traditional banks to the crypto system beyond handling crypto itself, including investments by crypto firms and making loans to crypto ventures or in connection with margin trading. (These risks are, of course, in addition to other risks that come along with any financial institution doing business with a company accused of impropriety, including litigation by private plaintiffs.) According to the letters, these activities raise possible safety and soundness concerns, and the senators asked the regulators for a range of information regarding the crypto and crypto-related activities of institutions under supervision.
This focus on potential crypto contagion likely will persist. Given the high profile of the FTX collapse, financial institutions should expect that regulators—both federal and state—will continue their close look at the crypto industry, potentially looking beyond actual crypto services and into the sorts of second-order connections highlighted in the Warren-Smith letter, as regulators are doing with respect to bank partnerships with fintechs in pandemic-related programs such as the Paycheck Protection Program. As with any regulator priority, firms should consider whether to get ahead of their regulators and investigate their own ties to crypto firms, a process similar to the data mapping many companies did to prepare for implementation of the EU's GDPR. In addition to understanding your own business risks, an already-made analysis can help build confidence with long-term regulators that your financial institution is on top of this area of recent focus.
Visit us at mayerbrown.com
Mayer Brown is a global legal services provider comprising legal practices that are separate entities (the "Mayer Brown Practices"). The Mayer Brown Practices are: Mayer Brown LLP and Mayer Brown Europe - Brussels LLP, both limited liability partnerships established in Illinois USA; Mayer Brown International LLP, a limited liability partnership incorporated in England and Wales (authorized and regulated by the Solicitors Regulation Authority and registered in England and Wales number OC 303359); Mayer Brown, a SELAS established in France; Mayer Brown JSM, a Hong Kong partnership and its associated entities in Asia; and Tauil & Chequer Advogados, a Brazilian law partnership with which Mayer Brown is associated. "Mayer Brown" and the Mayer Brown logo are the trademarks of the Mayer Brown Practices in their respective jurisdictions.
© Copyright 2020. The Mayer Brown Practices. All rights reserved.
This Mayer Brown article provides information and comments on legal issues and developments of interest. The foregoing is not a comprehensive treatment of the subject matter covered and is not intended to provide legal advice. Readers should seek specific legal advice before taking any action with respect to the matters discussed herein.
