What’s Happening

• Federal Reserve (FRB) denies membership and master account application for state-chartered Custodia Bank with crypto-focused business model
• FRB presumptively prohibits banks it supervises from holding crypto as principal and certain other crypto-related activities
• Current and prospective Fed-member banks with crypto interest should review business models and internal controls in light of this new policy statement

Change of Tone, Custodia Gets Denied

While the Federal Deposit Insurance Corporation (FDIC), the Office of the Comptroller of the Currency, and state regulators like the New York Department of Financial Services required prior approval before a bank could engage in new crypto activities, the FRB only required that a bank provide notice that it is engaging in crypto-related activities, so long as the bank had determined that the activities are legally permissible.

Last week, the tone shifted. On January 27, the White House released a statement that expressed particular concern with interconnections between crypto and traditional finance, arguing, “In the past year, traditional financial institutions’ limited exposure to cryptocurrencies has prevented turmoil in cryptocurrencies from infecting the broader financial system.”

Immediately following the White House statement, the FRB denied an application by Wyoming-chartered Custodia Bank to become a member of the Federal Reserve System and gain master account access. The application would have given Custodia direct access to Federal Reserve payments systems.

The FRB had harsh words for Custodia stating that its “novel business model and proposed focus on crypto-assets presented significant safety and soundness risks,” and that its risk management framework “was insufficient to address concerns regarding the heightened risks associated with its proposed crypto activities, including its ability to mitigate money laundering and terrorism financing risks.” The FRB decision with more detail regarding the rationale has yet to be released.

The Federal Reserve’s Thinking

As it handed down the Custodia decision, the FRB released a policy statement, which contained more strongly worded assertions regarding the risks presented by crypto that applies to all state member banks, including those without deposit insurance.

The policy statement clarifies that Fed-supervised banks are limited to engaging as principals only in activities permissible for national banks, unless the activity is specifically permitted for state banks by federal statute or FDIC regulations. The statement highlighted crypto-related activities such as holding crypto-assets and issuing dollar tokens as examples of activities that would be presumptively not permissible.

The FRB clarified that this presumption may be rebutted “if there is a clear and compelling rationale for the [Federal Reserve] Board to allow the proposed deviation in regulatory treatment among federally supervised banks, and the state member bank has robust plans for managing the risks of the proposed activity in accordance with principles of safe and sound banking,” although the FRB noted it has yet to be presented with a plan that would justify rebutting the presumption.

Custodial crypto activities are still permissible for Fed-supervised banks “if such activities are conducted in a safe and sound manner and in compliance with consumer, anti-money-laundering, and anti-terrorist-financing laws.”

Implications for Fed-supervised Banks

Fed-supervised banks should be mindful of this warning from the Fed: “A state member bank must at all times conduct its business and exercise its powers with due regard to safety and soundness. For instance, it should have in place internal controls and information systems that are appropriate in light of the nature, scope, and risks of its activities.” Banks should be prepared to demonstrate this readiness, particularly concerning areas that could be under increased scrutiny such as third-party relationships with crypto-focused entities.

Prospective applicants for Federal Reserve master accounts should also consider the context of previous FRB guidelines for master account access. Earlier this year, the FRB explained that nonbank institutions or institutions without FDIC insurance would be subject to heightened levels of review. (Read Patomak’s take on the FRB’s account access guidelines here).

Put Patomak’s Banking Expertise to Work  

The policy statement and Custodia denial demonstrate that the FRB is rigorously applying this increased level of scrutiny, and that prospective applicants should prepare their risk frameworks accordingly. Bank management and boards will need to figure out how to assess their governance, internal risk, and control functions proactively if they are considering engaging in any of the activities described by the FRB. Patomak’s expertise can help banks navigate these challenges and meet their business goals. Contact us to learn how Patomak can help you navigate these challenges and help you meet your business goals.

Related Links

• Policy Statement on Section 9(13) of the Federal Reserve Act
• Federal Reserve Board announces denial of application by Custodia Bank, Inc.