Banking Agencies Issue Joint Statement on Crypto-Asset Safekeeping

On Monday, July 14, 2025, the Board of Governors of the Federal Reserve System, the Federal Deposit Insurance Corporation, and the Office of the Comptroller of the Currency issued a Joint Statement on Crypto-Asset Safekeeping by Banking Organizations (the “Joint Statement“).

The Joint Statement makes clear that it “discusses how existing laws, regulations, and risk-management principles apply to this activity, and does not create any new supervisory expectations.”  (emphasis added) However, there are helpful nuggets of intel included in this Joint Statement as to what the banking agencies may look at as “appropriate” controls, processes, and risk mitigants.

For purposes of the Joint Statement, safekeeping for crypto-assets “entails controlling the cryptographic keys associated with a crypto-asset.” The Joint Statement reminds banking organizations to consider potential risks prior to engaging in a new activity such as safekeeping for crypto-assets and includes guidance on conducting an effective risk assessment related thereto.

Since the banking agencies clarified that this Joint Statement does not create any new supervisory expectations, banking organizations can and should leverage existing guidance on supervisory expectations with respect to engaging in new activities, conducting risk assessments, effective third-party risk management, creating internal controls, and audit programs. The joint statement uses familiar language from prior guidance, including reminders that before engaging in this activity a banking organizations board management and staff should have the requisite knowledge and expertise to establish adequate oversight and controls to perform the safekeeping activities in a safe and sound manner and in compliance with applicable laws

Additionally, as with prior guidance the banking agencies advised to consider the evolving nature of the risks in the crypto-asset market. Banking agencies note that a key risk (no pun intended) related to crypto-asset safekeeping is the risk that a cryptographic key (or other sensitive information) is compromised or lost, which may create exposure to the banking organization. Risk mitigation on this point requires a strong focus on cybersecurity.

Finally, banking organizations are reminded to consider: (i) contingency planning, (ii) drafting appropriate policies, procedures, and processes, (iii) maintaining an effective control environment with oversight and independent review, (iv) reviewing potentially elevated compliance and legal risks associated with crypto-asset activities, (v) developing strong customer agreements, which should be viewed as a critical tool for managing risk, (vi) reviewing third party risk management guidance as appropriate, (vii) including tailored auditing programs, and (viii) mitigate risk with clear, accurate and timely information provided to customers.

This Joint Statement is further evidence that the banking agencies have become much more open to banking organizations providing services to the digital asset community.  Most importantly, the Joint Statement clarifies that the banking agencies plan to review such services through the lens of existing supervisory expectations.

We expect more to come on this and other digital-asset and cryptocurrency related topics in the near future, so stay tuned!

OCC Reiterates Guidance on Crypto-Asset Activities

On Friday, March 7, 2025, the Office of the Comptroller of the Currency (“OCC”) issued Interpretive Letter 1183, OCC Letter Addressing Certain Crypto-Asset Activities, reiterating the OCC’s prior guidance regarding the activities in which national banks may engage related to crypto-assets, including crypto-asset custody, certain stablecoin activities, and participation in independent node verification networks such as distributed ledgers. Each of these activities were previously addressed and permitted pursuant to OCC Interpretive Letters 1170, 1172, and 1174, respectively. Interpretive Letter 1183 also rescinds Interpretive Letter 1179, which required national banks to receive a “supervisory nonobjection and demonstrate that they have adequate controls in place before they can engage in these cryptocurrency activities.”

Additionally, “consistent with Interpretive Letter 1183,” the OCC’s news release notes that the OCC withdrew its participation in the joint statement on crypto-asset risks to banking organizations and the joint statement on liquidity risks to banking organizations resulting from crypto-asset market vulnerabilities.

Taken together, Interpretive Letter 1183, the recission of Interpretive Letter 1179, and the withdrawal from the two joint statements on specific risks to banking organizations related to crypto-asset activities result in a much friendlier approach to these activities by national banks. This release also potentially signals a forthcoming expansion of the market for banks to engage in such activities.

But for now, national banks are able to engage in crypto-asset activities such as: (1) “holding” digital currencies on behalf of customers by taking custody of the unique cryptographic keys associated with such digital currencies (Interpretive Letter 1170); (2) holding deposits from stablecoin issuers, including deposits that constitute reserves for a stablecoin associated with hosted wallets, including any activities incidental to receiving deposits from stablecoin issuers (Interpretive Letter 1172); (3) validating, storing, and recording payments transactions by serving as a node on an independent node verification network (Interpretive Letter 1174); and (4) using independent node verification networks and related stablecoins to carry out other permissible payment activities (Interpretive Letter 1174).

Each of these Interpretive Letters, as is consistent with OCC precedent, acknowledge that these activities are natural outgrowths of a national bank’s traditional role as a financial intermediary and that any such crypto-asset activities should be “developed and implemented consistently with sound risk management practices and should align with banks’ overall business plans and strategies.” The OCC further expects national banks to “conduct a legal analysis to ensure the activities will be conducted consistent with all applicable laws, including applicable anti-money laundering laws and regulations and consumer protection laws and regulations.”

Finally, we think it is important to recognize that each of Interpretive Letters 1170, 1172, and 1174 were drafted under the guidance of (and executed by) Jonathan V. Gould, then Senior Deputy Comptroller and Chief Counsel, but recently nominated by the Trump administration to be next Comptroller of the Currency. We expect more on the crypto-related activities of national banks from the OCC in the future, especially if Mr. Gould is approved as Comptroller in this administration that wants the US to be the “Bitcoin Superpower.”

FDIC Extends Comment Period for Proposed Rule on Brokered Deposits

On October 8, 2024, the Federal Deposit Insurance Corporation (“FDIC”) announced an extension to the comment period on its notice of proposed rulemaking (“NPR”) regarding brokered deposits. Originally, the comment period for the PR was to close on October 22, 2024, but is now planned to close on November 21, 2024.

The original NPR, “Unsafe and Unsound Banking Practices: Brokered Deposits Restrictions,” was published by the FDIC this past August. The NPR would revise 12 C.F.R. Parts 303 and 337 with a goal of improving the analysis of “deposit brokers” and ensure accurate reporting of such deposits.

The NPR seeks to achieve these goals with a few key revisions, among others. First, the FDIC is proposing to update the definition of a “deposit broker, ” particularly with respect to the analysis of the “primary purpose” exception to the definition, which is critical for anyone trying to avoid brokered deposit classification. Second, the NPR continues to exempt well-capitalized institutions from brokered deposit restrictions, but will generally enhance the rules for other insured depository institutions to “strengthen the safety and soundness of the banking system by ensuring that less than well-capitalized institutions are restricted from relying on brokered deposits to support risky, rapid growth.”

The NPR can be found at https://www.federalregister.gov/documents/2024/08/23/2024-18214/unsafe-and-unsound-banking-practices-brokered-deposits-restrictions.

© 2009-2025 Duane Morris LLP. Duane Morris is a registered service mark of Duane Morris LLP.

The opinions expressed on this blog are those of the author and are not to be construed as legal advice.

Proudly powered by WordPress