InfoBytes Blog
Filter
Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
Senate Banking grills regulators on crypto
On November 15, the Senate Committee on Banking, Housing, and Urban Affairs held a hearing entitled “Oversight of Financial Regulators: A Strong Banking and Credit Union System for Main Street” to hear from federal financial regulators about growing risks related to bank mergers, bailouts, climate change, crypto assets, and cyberattacks, among other topics. Committee Chairman Sherrod Brown (D-OH) opened the hearing by emphasizing that Congress “must stay vigilant and empower regulators with the tools to combat these growing risks,” and said that banks and credit unions must be able to partner with third parties in a manner that enables competition but without risking consumer money. He also warned that big tech companies and shadow banks should not be allowed to “play by different rules because of special loopholes.” In his opening statement, Ranking Member Patrick J. Toomey (R-PA) challenged the regulators to “not stray beyond their mandates into politically contentious issues or establish unnecessary new regulatory burdens,” pointing to the participation of the Federal Reserve Board, FDIC, and OCC in the Network for the Greening the Financial System as an example of politicizing financial regulation.
Testifying at the hearing were the Fed’s Vice Chair for Supervision Michael S. Barr, NCUA Chair Todd M. Harper, acting FDIC Chairman Martin J. Gruenberg, and acting Comptroller of the Currency Michael J. Hsu. Cryptocurrency concerns were a primary focus during the hearing, where Toomey asked the regulators why they still have not provided public clarity on banks’ involvement in crypto activities, such as providing custody services or issuing stablecoins.
Pointing to a major cryptocurrency exchange’s recent major collapse, Toomey pressed Hsu on whether the OCC “discourages banks from providing custody services” for crypto assets. Toomey speculated, “it seems to me if people had access to custody services provided by a wide range of institutions, including regulated financial institutions, they might be able to sleep more comfortably knowing that those assets are unlikely to be used for some completely inappropriate purpose.” Answering that the OCC discourages banks from engaging in activities that are not safe, sound, and fair, Hsu acknowledged that there are underlying fundamental issues and questions about what it means to control crypto through a custody “which have not been fully worked out.” Toomey emphasized that part of the obligation rests on the OCC to provide clarity on how banks could provide these services in a safe, sound, and fair manner, and stressed that currently these activities are operating in a space outside the regulatory perimeter. Barr agreed that it would be useful for the Fed to provide guidance to banks on how to safely custody crypto assets and said it is something he plans to work on with his colleagues.
Toomy further noted that Congress’s failure “to pass legislation in this space and the failure of regulators to provide clear guidance has created ambiguity that has driven developers and entrepreneurs overseas where regulations are often lax at best.” Senator Bill Haggerty (R-TN) cautioned that lawmakers should not resort to a “heavy-handed” regulatory response to the cryptocurrency exchange’s collapse. “No amount of poorly considered, knee-jerk over-regulation here in the U.S. would have prevented a foreign-domiciled company like [the collapsed cryptocurrency exchange] from doing what it did,” Haggerty said. “The fact of the matter is that crypto, much like all of finance, isn’t beholden to a specific country or a specific legal system, and by not acting and by failing to provide legal clarity here in the United States, Congress only incentivizes activity to migrate outside of our country’s borders,” Haggerty stated, adding that it is “important to recognize that whatever happened with a bad actor running a centralized exchange and defrauding customers” has “nothing to do with the technology underpinning crypto itself.” When asked by Sen. John Kennedy (R-LA) which regulator was responsible for watching the collapsed cryptocurrency exchange, Gruenberg said “I think in the first instance, you’d probably want to engage with the market regulators, the SEC and the CFTC, to talk about the activities and the authorities in this area.”
The regulators also discussed efforts to mitigate cybersecurity risks and strengthen information security within the banking industry. Hsu stressed during the hearing that “the greatest risk is the risk of complacency,” while noting in his prepared remarks that the OCC is aware of the risks associated with cybersecurity and has “encouraged banks to stay abreast of new technology and threats.” Barr pointed to the importance of operational resilience in his prepared remarks, noting that “technology-based failures, cyber incidents, pandemics, and natural disasters,” combined with the growing reliance on third-party service providers, expose banks to a range of operational risks that are often challenging to anticipate. Harper commented in his prepared remarks that the NCUA continues to provide guidance for credit unions to reinforce their ability to withstand potential cyberattacks, and recommends that credit unions report cyber incidents to the NCUA, the FBI, and the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency. In his prepared remarks, Gruenberg pointed to recent examination findings revealing that banks that have dedicated resources for implementing appropriate controls are better at defending against cyberattacks, and said the FDIC is “piloting technical examination aids that will help [] examiners focus on the controls [] found to be most effective in defending against these attacks.”
The House Financial Services Committee also held a hearing later in the week that focused on similar topics with the regulators. Chair Maxine Waters (D-CA) and Rep. Patrick McHenry (R-NC) also announced that the committee will hold a hearing in December to investigate the aforementioned cryptocurrency exchange’s collapse and understand the broader consequences the collapse may have on the digital asset ecosystem.
CFPB finalizes nonbank supervisory rule
On November 10, the CFPB announced a final rule finalizing changes to a nonbank supervision procedural rule issued in April. As previously covered by InfoBytes, the Bureau announced earlier this year that it was invoking a “dormant authority” under the Dodd-Frank Act to conduct supervisory examinations of fintech firms and other nonbank financial services providers based upon a determination of risk. Specifically, the Bureau said it intends to use a provision under Section 1024 of Dodd-Frank that allows it to examine nonbank financial entities, upon notice and an opportunity to respond, if it has “reasonable cause” to determine that consumer harm is possible. Concurrently, the Bureau issued a request for public comment on an updated version of a procedural rule that implements its statutory authority to supervise nonbanks “whose activities the CFPB has reasonable cause to determine pose risks to consumers,” including potentially unfair, deceptive, or abusive acts or practices. Provisions outlined in the procedural rule would exempt final decisions and orders by the Bureau director from being considered confidential supervisory information, thus allowing the Bureau to publish the decisions on its website. Subject companies would be given an opportunity seven days after a final decision is issued to provide input on what information, if any, should be publicly released, the Bureau said.
After reviewing public comments received on the procedural rule, the Bureau incorporated certain changes to clarify the standard that the agency will apply when deciding what information is appropriate for public release, in whole or in part. The Bureau explained that information falling within Freedom of Information Act Exemptions 4 and 6 (which protect confidential commercial information and personal privacy) will not be published. Additionally, the Bureau said it may also choose to withhold information if the director determines there is other good cause to do so. The final rule also extends the deadline from seven to ten business days for nonbanks to submit input about what information should be released. The final rule will take effect upon publication in the Federal Register.
Notably, the Bureau emphasized that the “amended procedures only relate to the initial decision to extend supervision to a nonbank entity” and “do not affect the confidentiality of any ensuing supervisory examination or any other aspect of the supervisory process.”
FHFA to host “tech sprints” on housing finance fintech solutions
On November 2, FHFA published a notice in the Federal Register announcing plans to hold a series of competitions called “Tech Sprints” to solicit innovative solutions on ways to advance housing finance fintech in a safe, sound, responsible, and equitable manner. Recognizing the significant effects that regulated entities’ potential use of fintech products and innovations could have on the mortgage market and market participants, FHFA said it wants to gather information about new and emerging technologies that may have applications in the mortgage space. Two tech sprints are planned each year over the next three years, with participation expected from housing finance industry members as well as other industries, such as tech companies, mortgage companies, academia, industry groups, and other members of the public. FHFA is accepting comments through January 3, 2023, on the necessity of the information collection, the burden of such collection, and ways to minimize the burden on members and project sponsors when providing information on ways to enhance the quality, utility, and clarity of the information collected from the Tech Sprints.
OCC to establish Office of Financial Technology
On October 27, the OCC announced it intends to establish an Office of Financial Technology early next year that will build on and incorporate the agency’s Office of Innovation (established in 2016 and covered by InfoBytes here). Intended to strengthen the OCC’s expertise and ability to adapt to a rapidly evolving banking landscape, the Office of Financial Technology will provide strategic leadership, vision, and perspective for the agency’s financial technology activities and related supervision. The new office will be led by a chief financial technology officer who will be a deputy comptroller reporting to the senior deputy comptroller for bank supervision policy. “Financial technology is changing rapidly and bank-fintech partnerships are likely to continue growing in number and complexity. To ensure that the federal banking system is safe, sound, and fair today and well into the future, we need to have a deep understanding of financial technology and the financial technology landscape,” acting Comptroller of the Currency Michael J. Hsu said. “The establishment of this office will enable us to be more agile and to promote responsible innovation, consistent with our mission.”
Commissioner says CFTC should take a “same risk, same regulatory outcome” approach for addressing crypto risks
On October 26, CFTC Commissioner Christy Goldsmith Romero spoke before the International Swaps and Derivatives Association’s Crypto Forum 2022, where she presented thoughts on the financial stability risks of cryptocurrency assets. Romero cautioned that the “rapidly developing crypto market” is facing similar financial stability risks as the traditional financial system, including parallel themes from the 2008 financial crisis. She highlighted events such as those that happened earlier in the year where an algorithmic stablecoin and related crypto-asset collapsed and triggered a broad sell off of cryptocurrency that spread losses to several institutions who abruptly cut off lending. These vulnerabilities serve as a warning for growing intra-market risks, Romero said, explaining that “[j]ust as regulators could not see the true exposures or risk in 2008 due to unregulated companies and products, [regulators] cannot see that today with unregulated crypto markets.” Moreover, without additional regulatory authority, the CFTC’s ability to monitor these risks is hampered, she said, adding that “[f]inancial stability risk will increase, and could rise to the level of systemic risk if in the future there are greater interconnections between the crypto industry and traditional finance players performing critical market functions.”
Romero recognized that novel technologies bring novel risks, and said that the CFTC should address these risks by using its existing authority to follow a “same risk, same regulatory outcome” approach and establish customer protections and guardrails that investors and customers are familiar with and have come to expect from other regulated financial products and markets. She emphasized that financial institutions interested in entering the digital asset space “should undertake substantial due diligence to determine vulnerabilities” in areas such as cyber theft, money laundering, and sanctions evasion; fraud, scams, and market manipulation; customer asset segregation; and conflicts of interest.
FDIC’s Gruenberg discusses the prudential regulation of crypto assets
On October 20, FDIC acting Chairman Martin J. Gruenberg spoke before the Brookings Institution on the prudential regulation of crypto-assets. In his remarks, Gruenberg first discussed banking, innovation, and crypto-assets, which he defined as “private sector digital assets that depend primarily on the use of cryptography and distributed ledger or similar technologies.” He stated that innovation “can be a double-edged sword,” before noting that subprime mortgages, subprime mortgage-backed securities, collateralized debt obligations and credit default swaps were considered financial innovations before they were “at the center of the Global Financial Crisis of 2008.” Gruenberg further discussed that such innovations resulted in catastrophic failure because, among other things, consumers and industry participants did not fully understand their risks, which were downplayed and intentionally ignored. He then provided an overview of the FDIC’s approach to engaging with banks as they consider crypto-asset related activities, and the potential benefits, risks, and policy questions related to the possibility that a stablecoin could be developed that would allow for reliable, real-time consumer and business payments. He stated that “[f]rom the perspective of a banking regulator, before banks engage in crypto-asset related activities, it is important to ensure that: (a) the specific activity is permissible under applicable law and regulation; (b) the activity can be engaged in a safe and sound manner; (c) the bank has put in place appropriate measures and controls to identify and manage the novel risks associated with those activities; and (d) the bank can ensure compliance with all relevant laws, including those related to anti-money laundering/countering the financing of terrorism, and consumer protection.”
Gruenberg pointed to an April financial institution letter from the FDIC (covered by InfoBytes here), which requested banks to notify the agency if they engage in crypto asset-related activities. He added that as the FDIC and other federal banking agencies develop a better understanding of the risks associated with crypto-asset activities, “we expect to provide broader industry guidance on an interagency basis.” Regarding crypto-assets and the current role of stablecoins, Gruenberg noted that payment stablecoins could be significantly safer than available stablecoins if they were subject to prudential regulation, including issuing payment stablecoins through a bank subsidiary. He cautioned that disclosure and consumer protection issues should be “carefully” considered, especially if custodial wallets are allowed outside of the banking system as a means for holding and conducting transactions. Specifically, he said that “payment stablecoin and any associated hosted or custodial wallets should be designed in a manner that eliminates—not creates—barriers for low- and moderate-income households to benefit from a real-time payment system.” Gruenberg added that if a payment stablecoin system is developed, it should complement the Federal Reserve's forthcoming FedNow service—a faster payments network that is on track to launch between May and July of next year—and the potential future development of a U.S. central bank digital currency. In conclusion, Gruenberg stated that although federal banking agencies have significant authority to address the safety, soundness and financial stability risks associated with crypto assets, there are “clear limits to our authority, especially in certain areas of consumer protection as well as the provision of wallets and other related services by non-bank entities.”
Dems ask regulators to address crypto’s “revolving door”
On October 24, Democratic lawmakers sent letters to the leaders of the SEC, CFTC, Treasury Department, Federal Reserve, FDIC, OCC and CFPB regarding concerns about “the revolving door between [] financial regulatory agencies and the cryptocurrency (crypto) industry.” In the letters, the lawmakers argued “that the crypto revolving door risks corrupting the policymaking process and undermining the public’s trust in our financial regulators.” The letters also noted that Treasury saw the most movement from the Treasury Department, with 31 former employees joining the crypto industry. The SEC was second with 28 former employees, according to Tech Transparency Project. The lawmakers argued that “Americans should be able to trust that financial rules are crafted to reduce risk, improve security, and ensure the fair and efficient functioning of the market,” and that “Americans should be confident that regulators are working on behalf of the public, rather than auditioning for a high-paid lobbying job upon leaving government service.” The letters requested that the agencies provide information by November 7, including answers to inquiries about each agency’s ethics guidelines and polices in place to protect the agency from being influenced by current or former employees’ potential conflicts of interest.
Fed governor “highly skeptical” of U.S. CBDC
On October 14, Federal Reserve Governor Christopher J. Waller spoke during the “Digital Currencies and National Security Tradeoffs” symposium presented by the Harvard National Security Journal regarding the U.S. dollar and central bank digital currencies (CBDC). Waller said that he is “highly skeptical of whether there is a compelling need for the Fed to create a digital currency.” Regarding foreign CBDCs, Waller first considered the emergence of foreign CBDCs in a world without the U.S. CBDC. He noted that “advocates for a CBDC tend to promote the potential for a CBDC to reduce payment frictions by lowering transaction costs, enabling faster settlement speeds, and providing a better user experience.” Because of “the well-known network effects in payments,” Waller pointed out that “the more users the foreign CBDC acquires, the greater will be the pressure on the non-U.S. company to also use the foreign CBDC.”
However, Waller considered that the broader factors underpinning the dollar’s international role would not change. Waller further noted the possibility that a foreign-issued CBDC could have the opposite of its intended effect and make companies even less willing to use that country’s currency. Waller further noted that creating a U.S. CBDC “would come with a number of costs and risks, including cyber risk and the threat of disintermediating commercial banks, both of which could harm, rather than help, the U.S. dollar's standing internationally.” He said he believes that a U.S. CBDC would raise many issues, including money laundering and international financial stability. Waller also considered a scenario in which a privately issued stablecoin pegged to a sovereign currency is available for international payments. He stated that they may be more attractive than existing options due to their ability to provide real-time payments at a lower cost and their ability to provide a safe store of value for individuals residing in or transacting with countries with weak economic fundamentals. He further warned that stablecoins “must be risk-managed and subject to a robust supervisory and regulatory framework.” Waller reiterated that "no decisions have been made" at the Fed on CBDCs and noted that his remarks are intended to provide a free and open dialogue on their utility. He also noted that he is “happy to engage in vigorous debate regarding my view,” and “remain[s] open to the arguments advanced by others in this space.”
House subcommittee asks CFPB for data on crypto-related fraud
On October 14, the House Subcommittee on Economic and Consumer Policy sent a letter to CFPB Director Rohit Chopra requesting information and documents on the Bureau’s efforts to combat cryptocurrency-related fraud. In the letter, Representative Raja Krishnamoorthi (D-IL) expressed concerns that Congress “may need” to pass legislation to help “bring stability to the digital asset industry.” He also argued that “a lack of a central authority to flag suspicious transactions in many situations, the irreversibility of transactions," and the consumers and investors' limited understanding has made “cryptocurrency a preferred transaction method for scammers.” Among other things, the letter asked the Bureau to provide information by October 28 concerning (i) its efforts to combat crypto-related scams and fraud and inform consumers about the risks related to investments in cryptocurrencies; (ii) its authority to identify and investigate potentially fraudulent digital assets or accounts used on cryptocurrency exchanges associated with illicit activities; (iii) its regulatory authority concerning cryptocurrencies; and (vi) documents setting out the existing framework for interagency cooperation on the regulation of cryptocurrencies. Krishnamoorthi also requested that the Bureau provide answers by October 21 to several questions, such as “what tools, including but not limited to code audits, disclosure requirements, or consumer alerts, could provide consumers with additional information to better assess the risks associated with a digital asset?” and “should cryptocurrency holdings be treated as commodities, securities, or both?”
Senator urges SEC to issue crypto rulemaking
On October 13, Senator John Hickenlooper (D-CO) sent a letter to SEC Chair Gary Gensler urging him to issue regulations on digital asset securities. According to the letter, Hickenlooper urged the agency to publish regulations through a notice-and-comment process, stating that “existing laws and regulations were not designed to deal with how digital assets are being used in the market.” Hickenlooper noted that the SEC has repeatedly mentioned that existing securities regulations do not ‘cleanly apply’ to digital securities and said that retail investors may not always receive proper disclosures for comprehending the risks tied to digital assets. Hickenlooper also commented that “there are some products and investments, such as Initial Coin Offerings (ICOs), where the SEC is well positioned to offer regulatory guidance since ICOs operate similarly to a traditional financial product.” He specifically urged the SEC to, among other things, clarify what types of digital assets are securities, address how digital securities should be issued and listed, determine what disclosures are necessary for investors to be properly informed, and establish a registration regime for digital asset security trading platforms.