Client Alert

New Strides in Crypto-Asset Regulation

06 Dec 2021

On November 23, 2021, the Office of the Comptroller of the Currency (OCC) released Interpretive Letter 1179 (the “Letter”), which is the culmination of a review of prior Interpretive Letters on cryptocurrency and related activities. The Letter sets forth a process that requires a notice and non-objection before a national bank or federal savings association (collectively, “Banks”) may engage in such activities.  That same day, the OCC, along with the Federal Reserve Board and Federal Deposit Insurance Corporation (FDIC) (collectively, the “Agencies”), released the Joint Statement on Crypto-Asset Policy Sprint Initiative and Next Steps (the “Statement”), which detailed the Agencies’ policy sprint on crypto-assets and the work undertaken by the Agencies in conducting an analysis of crypto-asset issues. Taken together, and in the context of other recent government issuances, the Letter and the Statement represent an ongoing, and increasingly forceful, government effort to regulate crypto-assets and crypto-related products and activities.

Interpretive Letter 1179

Regulating Cryptocurrency Activities

After taking office in May 2021, Michael J. Hsu, Acting Comptroller of the OCC announced a review of OCC Interpretive Letters (IL) 11701172, and 1174 (collectively, the “Prior Letters”).

  • IL 1170 (July 2020) permitted Banks to provide cryptocurrency custody services, including holding cryptographic keys associated with cryptocurrency. 
  • IL 1172 (October 2020) permitted Banks to hold stablecoin reserves as a service to bank customers, subject to certain conditions. 
  • In weighing the permissibility of Banks acting as nodes on independent node verification networks and engaging in related stablecoin activities, IL 1174 (January 2021) announced that Banks could use new technologies to conduct bank-permissible functions.[1]

Each of the Prior Letters emphasized that a Bank must effectively manage risk and comply with applicable law, but the Prior Letters also represented a trend at the OCC to enable Banks to adopt new technologies and respond to the demand for faster, cheaper, and more efficient payments.

But the OCC’s open-arms policy on new technologies has become something of a stiffer embrace with the results of Acting Comptroller Hsu’s review, as published in the Letter. The Letter clarifies that the activities permitted by the Prior Letters are permissible for a Bank only once the Bank has demonstrated, to its supervisory office’s satisfaction, that the Bank has adequate controls in place for such activities. Specifically, before a Bank can engage in certain cryptocurrency, distributed ledger, and stablecoin activities, the Bank must: (1) notify its supervisory office of its intent to engage in such activities; and (2) receive written notification of the supervisory office’s non-objection. This purported clarification appears to be an entirely new requirement, since none of the Prior Letters includes a formal notice and non-objection requirement.[2]

The Letter sets out a process for a Bank to demonstrate adequately its understanding of applicable law, and that it has established appropriate risk management and measurement processes for the proposed activities. The Letter also outlines criteria that the supervisory office will use in evaluating the Bank’s controls, e.g., whether the Bank has demonstrated that it understands and will comply with applicable law. Once an activity receives the OCC’s non-objection, the OCC will review the activity as part of its ordinary supervisory process.[3]

The Statement

Policy Sprints

In the Statement, the Agencies noted that the emerging crypto-asset industry presents both risks and opportunities, and that the Agencies should provide coordinated and timely clarity to promote safety and soundness, consumer protection, and compliance with applicable law. To further that goal, the Agencies conducted interagency “policy sprints” where Agency staff of various backgrounds and expertise analyzed crypto-asset issues. 

In particular, the sprints focused on:

  1. Developing a common vocabulary;
  2. Identifying and assessing key risks, including risks relating to safety and soundness, consumer protection, and compliance with applicable law;
  3. Considering legal permissibility related to potential crypto-asset activities conducted by banking organizations; and
  4. Analyzing the applicability of existing regulations and guidance and identifying areas requiring clarification.

Agency staff also focused on crypto-asset activities in which banking organizations may be interested in engaging, including crypto-asset custody, facilitation of customer purchases and sales of crypto-assets, loans collateralized by crypto-assets, activities involving payments, and activities that may result in the holding of crypto-assets on a banking organization’s balance sheet.

The Roadmap

After identifying areas in need of clarification, the Agencies developed a crypto-asset roadmap, which is included in the Statement and outlines areas where the Agencies plan to provide greater clarity on the permissibility of these activities to banking organizations. These include:

  1. Crypto-asset safekeeping and traditional custody services;
  2. Ancillary custody services;
  3. Facilitation of customer purchases and sales of crypto-assets;
  4. Loans collateralized by crypto-assets;
  5. Issuance and distribution of stablecoins; and
  6. Activities involving the holding of crypto-assets on balance sheets.

In consultation with the Basel Committee on Banking Supervision, the Agencies also plan to evaluate the application of bank capital and liquidity standards to crypto-assets for activities involving U.S. banking organizations.

The Bigger Picture

On November 1, 2021, the President’s Working Group on Financial Markets (PWG),[4] along with the FDIC and the OCC, released a long-awaited Report on Stablecoins,[5] recommending comprehensive federal legislation, including a requirement that stablecoin issuers be insured depository institutions, and enforcement based on existing regulatory authority. The Financial Crimes Enforcement Network has issued a series of releases relating to cryptocurrency and related risks, most recently on November 8, 2021, identifying new trends and typologies of ransomware and associated payments, including the growing proliferation of anonymity-enhanced cryptocurrencies and decentralized mixers.[6] In this respect, the Letter and Statement are just the latest in the government-wide efforts to provide clarity on the emerging regulatory framework for crypto-assets.[7]

[1] Read our Client Alert on IL 1174.

[2] The prior standard called for consultation with the Bank’s supervisory office, but not a formal notice and non-objection process.

[3] The Letter also clarifies that IL 1176, which addressed the OCC’s chartering authority, did not change a Bank’s existing obligations under the OCC’s fiduciary activities regulations, and that the OCC retains discretion in determining whether an activity is conducted in a fiduciary capacity under federal law.

[4] The PWG consists of the Secretary of the Treasury and the respective chairs of the Board of Governors of the Federal Reserve System, the Securities and Exchange Commission, and the Commodity Futures Trading Commission.

[5] Read our Client Alert on the PWG report.

[6] For additional related information, please see our Client Alert.

[7] There is also a global trend to further develop the crypto-asset regulatory regime, and on October 28, 2021, the Financial Action Task Force released Updated Guidance for a Risk-Based Approach to Virtual Assets and Virtual Asset Service Providers, which updates guidance from 2019. Among other things, the updated guidance clarifies the definitions of virtual assets and provides guidance on related risks and risk mitigation tools.



Unsolicited e-mails and information sent to Morrison & Foerster will not be considered confidential, may be disclosed to others pursuant to our Privacy Policy, may not receive a response, and do not create an attorney-client relationship with Morrison & Foerster. If you are not already a client of Morrison & Foerster, do not include any confidential information in this message. Also, please note that our attorneys do not seek to practice law in any jurisdiction in which they are not properly authorized to do so.