Regulators are calling on banks looking to safekeep cryptoassets to have an effective risk management program and conduct sufficient due diligence. .The guidance was issued July 14 by the Office of the Comptroller of the Currency, Federal Reserve Board and FDIC. According to the regulators, effective risk management includes considering core financial risks; understanding the “complex, evolving, and potentially unfamiliar asset class, including by keeping abreast of industry leading practices”. Banks should also ensure strong controls and have contingency plans for unexpected challenges. “Given the complexities of crypto-asset safekeeping, a banking organization’s board, officers and employees should have the requisite knowledge and understanding of cryptoasset safekeeping services to establish adequate operational capacity and appropriate controls to conduct the activity in a safe and sound manner and in compliance with applicable laws and regulations,” according to the guidance. Banks must determine the exact type of cryptoasset they will safekeep as different types could require separate key management solutions. Another important step is identifying internal vulnerabilities and dependencies that could pose risks, according to the report. Crypto safekeeping is subject to Bank Secrecy Act/anti-money laundering requirements, regulators stated.
