In recent years, Forvis Mazars professionals have seen regulatory agencies increase their concentration on the evolution of technologies and the risks they represent for financial institutions. This has included risks perceived around certain activities related to cryptography. In general, agencies have adopted a fairly conservative approach to try to find the balance between risk management without discouraging innovation.
In this spirit, agencies have worked to provide information concerning the activities related to cryptography for financial institutions through various letters of interpretation and guidance of supervision. One of the largest measures was the obligation of financial institutions to inform their supervisory agency when they wish to provide certain services related to cryptographic assets, as evidenced by the following versions:
With the change of administration, a significant decision was to cancel all the above guidelines to eliminate the notification requirements previously established through a joint announcement in April 2025. separately, the published CEC Letter of interpretation 1183 (March 2025) and Letter 1184 (May 2025) Playing these modifications.
Where does that leave us?
Although the requirements initially established by canceled articles no longer apply, agencies have clearly indicated that the expectations of institutions to effectively manage the risk remains high. In addition, they have declared their intention to provide updated advice, as highlighted in recent notifications.
Fdic
Unlike FIL-16-2022, which has established a requirement for specific notification specific to the activities related to the crypto, this letter of financial institution (FIL) specifies that “the establishments of the FDIC-Superficies can engage in activities related to the crypto allowed without receiving previous approval from the FDIC. As with all other activities, FDIC establishments and FDICS establishments should take into account the rich associates – included, but without limited and risk -free risk; Risks of cybersecurity; consumer protection requirements;
The FDIC will also work with other banking agencies to replace the documents published in January 2023 and February 2023 concerning cryptographic assets by additional directives or regulations.
The FDIC also details expectations as part of the 2024 Risk examinationwhere he declares:
“Some of the challenges that banks can face the evaluation of these risks arise from the dynamic nature of cryptocurrencies, the crypto market and the rapid pace of innovation. Vulnerabilities. “”
West
The occurrence said that he will “examine the activities described in the letters of interpretation 1170,, 1172And 1174 As part of its current supervision process. As with any activity, banks must carry out all crypto-active activities in a safe, healthy and equitable manner and in accordance with the applicable law. New activities must be developed and implemented in accordance with solid risks management practices and align with the overall commercial levels and strategies of banks. »»
It should be noted that the canceled advice included the discussion and explanations of the different models of cryptography, the different ways whose institutions could engage in cryptographic space, and the different risks that institutions should consider linked to the type of activity in which they could engage. These include participation in relations with third parties engaged in cryptographic space. In other words, until agencies provide updates, the information included in previous advice remains a precious resource to understand the different cryptographic structures and risks associated with various cryptographic activities.
Although this article has not specifically mentioned the National Credit Union Administration, it has established a destination page for Financial technology and digital assets with additional information for credit cooperatives.
There was no change in the expectations of the Financial Crimes Enforcement Network (Fincen) concerning the convertible virtual currency, as indicated in the directives of 2019, “Application of Fincen regulations to certain commercial models involving convertible virtual currencies“:
“The term” virtual currency “refers to a means of exchange which can operate as a currency but which does not have all the attributes of the” real “currency, as defined in 31 CFR § 1010.100 (m), including the status of legal tender. CVC is a type of virtual currency which has either an equivalent value as a value of the currency or a substitution subject. As mentioned above, the label applied to a particular type of CVC (such as “digital currency”, “cryptocurrency”, “cryptocurrency”, “digital active”, etc.) is not a regulatory treatment under the BSA. Whether CVC is represented by a physical or digital token, whether the type of large book used to record transactions is centralized or distributed, or the type of technology used for the transmission of value. »»
There are also efforts within the congress to regulate certain aspects through the Genius With a main accent on Stablecoin (adopted by the Senate and subject to the approval of the house at the time of writing this article) and several other laws concerning the cryptographic activities expected in the future.
Upcoming conference
For more questions of interest in financial institutions, join us on September 8 to 12 for our 2025 Regulatory compliance conference In Destin / Miramar Beach, Florida, where we will discuss fashionable deposits, loans, the law on banking secrecy / whitening of dishes (BSA / AML) and subjects of risk management for you!
If you have any questions or need help, please contact a professional at Forvis Mazars.
