TL;DR
On Monday, the Federal Reserve, FDIC, and OCC issued a joint statement explaining how banks should apply existing rules when holding crypto for customers. The statement does not introduce new policies but says banks must manage crypto risks like they would with any other service.
The agencies said banks should have clear plans to handle cybersecurity, protect private keys, and keep sensitive data secure. These expectations apply before offering crypto safekeeping services.
The regulators want banks to adjust their internal controls as the crypto market changes. They wrote:
A banking organization that is contemplating providing safekeeping for crypto-assets should consider the evolving nature of the crypto-asset market.
Banks are expected to maintain risk controls, response plans, and strong oversight. These steps should match the standards already in place for traditional financial products.
In a related development , the U.S. Federal Reserve announced that it is eliminating the use of reputational risk as a supervisory factor. This decision could shift how banks approach relationships with crypto businesses.
In recent months, each agency has taken steps to allow more crypto use by banks. In May, the OCC said banks can buy and sell digital assets for their own portfolios. The FDIC followed by stating that banks do not need to notify the agency before starting crypto services.
Meanwhile, these changes make it easier for banks to offer crypto-related products such as trading, custody, and settlement. Industry watchers say the joint statement is a move toward clear and consistent rules.
Last week, the Senate confirmed Jonathan Gould as head of the OCC. Gould worked at blockchain company Bitfury and held senior roles at the OCC in the past. His background suggests more crypto experience at the top of the agency.
Banks and regulators are now expected to work more closely as interest in digital assets continues to grow.