InfoBytes Blog
Filter
Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
OCC’s Hsu discusses managing tail risks
On March 31, acting Comptroller of the Currency Michael J. Hsu spoke before the American Bankers Association Risk 2022 Conference to discuss managing low probability, high impact risk events, or tail risks. In particular, Hsu highlighted the connection between Russia’s invasion of Ukraine and heightened tail risks associated with geopolitical risk, cyber risk, and inflation risk. Hsu warned that multiple possible events stemming from the conflict, including cyber-attacks from Russia, broader conflict in Europe, and increased inflation could materialize simultaneously increasing the chances that tail risks materialize that could trigger a recession. Hsu noted that the increase of sanctions to oil and gas would put upward pressure on fuel prices, and “Ukraine’s role as a producer of wheat, neon, platinum, and palladium is also beginning to affect global prices in certain markets.” Despite the elevated risks, Hsu noted that enhanced stress testing has positioned large banks to absorb a range of shocks, but warned that “nonetheless, greater caution and risk management vigilance is warranted today, perhaps more than any time in recent memory.” Hsu also singled out risks associated with crypto assets and said that the OCC is collaborating with other agencies on “how to maintain a consistent, careful and cautious” approach to bank involvement in cryptocurrency. Hsu cautioned that in light of “limited or unreliable price histories” of crypto-assets, financial institutions should “carefully consider” the tail risks associated with factoring cryptocurrency positions into the overall risk management process. Hsu discussed his worry regarding the potential for crypto derivatives to create “wrong-way risk” in which a leveraged party use trades to “double-down” at the same time it is experiencing financial stress. Hsu stated that the OCC has engaged with government agencies in the U.K. and U.S. on “how to maintain a consistent, careful, and cautious approach to bank involvement in crypto.”
SEC 2022 examination priorities include information security, emerging technologies, and crypto-assets
On March 30, the SEC’s Division of Examinations announced that its 2022 examination priorities will focus on key risk factors related to private funds, environmental, social and governance investing, retail investor protections, information security and operational resiliency, emerging technologies, and crypto-assets. SEC registrants, including investment advisers, broker-dealers, self-regulatory organizations, clearing firms, and other registrants, are reminded of their obligations to address, manage, and mitigate these key risk areas. The SEC stated that examiners will continue to review whether firms are taking appropriate measures to safeguard customer accounts to prevent intrusions. Firms are expected to implement procedures to respond to incidents, identify and detect red flags for identity theft, and manage operational risk, including oversight of vendors and service providers. With respect to emerging technologies and crypto-assets, the SEC announced it will review whether firms are considering emerging financial technologies when designing their regulatory compliance programs. The SEC will also focus on firms that offer new products and services or employ new practices “to assess whether operations and controls in place are consistent with disclosures made and the standard of conduct owed to investors and other regulatory obligations.” Additionally, examinations of market participants engaged in crypto-assets will continue to focus on custody arrangements for such assets, as well as “the offer, sale, recommendation, advice, and trading of crypto-assets” offered by these participants. The SEC also warned that it will be investigating whether registered investment advisors are “overstating or misrepresenting” environmental, social, and governance factors in their portfolios or disclosures.
SEC seeks to include market participants as dealers or government securities dealers
On March 28, the SEC announced two proposed rules, which would require market participants, such as proprietary (or principal) trading firms, who assume certain dealer functions, in particular those who as act as liquidity providers in the markets, to register with the SEC, to become members of a self-regulatory organization (SRO), and comply with federal securities laws and regulatory obligations. According to the SEC, the rules would establish that a market participant engaging in the activities described in the rules is a “dealer” or “government securities dealer” and, absent an exception or exemption, is required to: (i) register with the Commission under Section 15(a) or Section 15C, as applicable; (ii) become a member of an SRO; and (iii) comply with federal securities laws and regulatory obligations, including as applicable, SEC, SRO, and Treasury rules and requirements. A footnote in the proposal indicates that its new rules would apply to any digital asset that is regarded as a security or a government security within existing laws. The SEC also released a Fact Sheet regarding the proposals, which provides information on why the proposal matters and how it applies. Comments are due 60 days after publication of the proposing release on the SEC’s website or 30 days after publication in the Federal Register, whichever period is longer. SEC Chair Gary Gensler released a statement stating he believes that the proposed rules “reflect[] Congress’s statutory intent that firms engaging in important liquidity-providing roles in the securities markets, including in the U.S. Treasury market, be registered with the Commission.”
Upcoming Treasury reports will highlight CBDC issues
On March 22, Treasury Under Secretary for Domestic Finance Nellie Liang spoke before the National Association for Business Economics on topics related to stablecoins and a possible central bank digital currency (CBDC). As instructed by President Biden’s Executive Order on digital assets (covered by InfoBytes here), Liang announced that Treasury will partner with other agencies in the coming months to produce a series of reports and recommendations focusing on (i) the future of money and payment systems, with a discussion of CBDCs; (ii) financial stability risks and regulatory gaps posed by digital assets; (iii) the use of digital assets for illicit finance and associated national security risks; and (iv) international engagement supporting global principles and standards for digital assets and CBDCs. “Regulatory policy for new financial products may need to evolve, but should follow ‘same risk, same regulation,’ in the sense that regulations should be based on risks of the activity rather than the technology itself,” Liang stressed, adding that Treasury’s work will “complement” other agency efforts such as the Federal Reserve Board’s recent discussion paper which emphasized that any CBDC should ensure users’ privacy, have an intermediated model, be transferable, and prevent illicit finance (covered by InfoBytes here).
Senate holds hearing on the role of digital assets in illicit finance
On March 17, the Senate Banking, Housing, and Urban Affairs Committee held a hearing titled “Understanding the Role of Digital Assets in Illicit Finance” to consider the risks crypto technology and digital assets pose for consumers and the financial system. The Committee heard from several witnesses, including FinCEN’s Former Acting Director, Deputy Director/Digital Innovation Officer Michael Mosier, who stressed that policymakers should focus on finding a balance that does not only “chase bad actors but also prevents exploitation of the vulnerable from the start.” Chairman Sherrod Brown (D-OH) opened the hearing by explaining that the “dollar has safeguards to protect against crime and illicit activity” because companies dealing in real money “are required to know their customers, and report suspicious transactions.” In contrast, digital assets “make it easier for money launderers to use webs of transactions across the globe to cover their tracks” and hinders law enforcement agencies’ ability to trace illicit funds. Brown cautioned that “lax rules and little oversight” are providing bad actors more opportunities to “hide and move money in the dark” using cryptocurrency. He stressed, however, that President Biden’s recent executive order, which outlined a coordinated approach to digital asset innovation (covered by InfoBytes here), will “drive progress on this issue” and “jumpstart a coordinated strategy from law enforcement and regulators to fight bad actors who want to use crypto.” Ranking Member Pat Toomey (R-PA) took a different view, noting that the “traceable nature of many cryptocurrencies” can also support the detection and prevention of illicit crime, which is “a factor making [cryptocurrency] terribly risky to utilize for criminal purposes.” He also expressed concerns that the lack of regulatory clarity surrounding digital assets has driven innovation abroad.
Witnesses provided various recommendations designed to, among other things, reduce the risk of sanctions evasion through digital assets, as well as improve detection, disruption, and deterrence of the illicit use of digital assets. While one witness stated that “transparency of blockchains enhances the ability of policymakers and law enforcement to detect, disrupt, and ultimately, deter illicit activity,” another witness cautioned that “[e]ven with the latest blockchain analytics, investigations can take years to complete,” particularly because “prosecutors must demonstrate that an identifiable person is behind the criminal activity.”
DFPI addresses MTA licensing requirements
Recently, the California Department of Financial Protection and Innovation (DFPI) released new opinion letters covering aspects of the California Money Transmission Act (MTA) related to a digital currency trading platform and the referral of customers to financial institutions. Highlights from the redacted letters include:
- Digital Currency Trading Platform. The redacted opinion letter examines whether the inquiring Company requires licensure under the MTA. The letter describes that the Company’s customers would transfer digital currency into the account they have with the Company, with the balance being reflected in the customer’s wallet issued by the Company. The letter further explains that the Company would provide California residents access to its digital currency trading platform to buy, sell, or hold digital currency and provide liquidity services. The letter also describes, among other things, how customers could use the platform, transfer digital currency into the account, and transfer fiat currency by transferring it from their own bank account or by debit or credit card to the Company. Customers would not be able to send fiat or digital currency to others, except in the context of a sale. DFPI concluded that while the Company’s wallets holding fiat currency meet the definition of stored value, licensure under the MTA was not required because the Company offered fiat currency wallets to customers solely to facilitate the trade of digital currency. DFPI also noted that the Company does not require licensure under the MTA to perform Platform trading services or to issue wallets holding digital currencies.
- Referral of customers to financial institutions. The redacted opinion letter examines whether the inquiring Company’s referral service is subject to the MTA. The letter describes that under this service, the Company would refer customers to banks, trust companies, and other entities which are either licensed as money transmitters in California or exempt from licensure. Under the proposed referral service, customers would be re-directed to a financial institution’s website where they could set up and fund an account. Customers wishing to buy, sell, or exchange cryptocurrency or fiat currency could do so from the Company’s website and use a third party’s software platform to input their order details. The platform would check to make sure that the customer has sufficient assets in the customer’s account with the financial institution to purchase the cryptocurrency. The financial institution would be the only party to hold, receive, or transmit all cryptocurrencies in the customer’s account. DFPI concluded that the referral service does not meet the definition of money transmission because the service entails connecting customers with financial institutions from which customers can buy, sell, or exchange cryptocurrency. Further, DFPI noted that the transactions between customers and financial institutions are also not money transmission because the customer would simply exchange cryptocurrency directly with the financial institution. Accordingly, DFPI held that licensure under the MTA is not required because the Company will not sell or issue payment instruments, sell or issue stored value, or receive money for transmission by offering the referral service.
OFAC sanctions Russians, issues guidance on sanctions evasion through virtual currency, general licenses, and FAQs
On March 11, the U.S. Department of the Treasury’s Office of Foreign Assets Control issued guidance, in line with the G7 leaders' statement, to guard against possible attempts to use virtual currency to evade U.S. sanctions imposed on Russia. According to OFAC, the public guidance “further cut[s] off avenues for potential sanctions evasion by Russia” and “continues to make clear that Treasury’s expansive sanctions actions against Russia require all U.S. persons to comply with OFAC regulations, regardless of whether a transaction is denominated in traditional fiat currency or virtual currency.
Additionally, OFAC announced sanctions against Russian and Kremlin elites, and Russia’s political and national security leaders who have supported Russia’s invasion of Ukraine. As a result of the sanctions, all property and interests in property belonging to the sanctioned individuals and entities that are in the U.S. or in the possession or control of U.S. persons, and “any entities that are owned, directly or indirectly, 50 percent or more” by the targeted individuals and/or entities are blocked and must be reported to OFAC. The sanctions complement an Executive Order (E.O) issued by President Biden that imposes new import and export restrictions on Russia, including the export of U.S. banknotes to Russia. Among other things, this E.O. prohibits the importation into the U.S. of certain products of Russian Federation origin. Additionally, the E.O. bans the exportation, reexportation, sale, or supply, directly or indirectly, from the U.S., or by a U.S. person, wherever located, of U.S. dollar-denominated banknotes to the Russian government or to any person located in the Russian Federation.
OFAC also issued Russia-related General License 17 to authorize the import of existing purchases of prohibited products that are under pre-existing contract until March 25, 2022, and General License 18 and General License 19 to authorize certain activities regarding U.S. dollar-denominated banknotes as they pertain to personal remittances and U.S. persons, respectively. OFAC also issued Ukraine-related General License 23, “Blocking Property of Certain Persons and Prohibiting Certain Transactions With Respect to Continued Russian Efforts to Undermine the Sovereignty and Territorial Integrity of Ukraine,” “to authorize certain transactions that are ordinarily incident and necessary to nongovernmental organizations’ activities in the so-called Donetsk People’s Republic (DNR) or Luhansk People’s Republic (LNR) regions of Ukraine, including activities related to humanitarian projects to meet basic human needs, democracy building, education, non-commercial developments projects, and environmental and natural resource protection,” and published new Frequently Asked Questions and amended one Frequently Asked Question regarding Russia sanctions.
Find continuing InfoBytes coverage on the U.S. sanctions response to Russia’s invasion of Ukraine here.
DFPI reminds financial institutions of their sanctions compliance obligations
On March 4, the California Department of Financial Protection and Innovation (DFPI) issued guidance, in light of the evolving situation in Ukraine, to remind financial institutions of their sanctions compliance obligations under state and federal law. Licensees are reminded that they are prohibited from participating in financial transactions with individuals and entities listed on the SDN List, and encouraged to review specific, more limited sanctions that have been placed on several Russian entities. This information can be found on OFAC's website.
Additionally, licensees are strongly encouraged to immediately ensure their systems, programs, and processes comply with OFAC regulations, and review and monitor all transactions (particularly trade finance transactions and funds transfers) to identify and block transactions subject to sanctions. Licensees should also follow OFAC directions related to blocked funds.
DFPI further warned that Russia’s invasion of Ukraine increases the risk that listed individuals and entities will attempt to evade sanctions by using virtual currency transfers, and encouraged licensees to review OFAC Guidance to protect against these risks. Licensees engaged in transactions involving virtual currencies are instructed to implement policies, procedures, and processes to protect against the unique risks posed by virtual currencies and should “consider virtual currency-specific control measures including sanctions lists, geographic screening, and any other measures appropriate to the licensee’s specific risk profile.”
Additionally, DFPI cautioned that the “Russian invasion significantly elevates the cyber risk for the U.S. financial sector,” and licensees are instructed to take measures to mitigate cybersecurity threats, including adopting core cybersecurity hygiene measures, eliminating any non-essential networking protocols, ensuring procedures are able to address a ransomware attack, and reevaluating “plans to maintain essential services, protect critical data, and preserve customer confidence considering the realistic threat of extended outages.” Licensees are encouraged to track alerts from the Cybersecurity and Infrastructure Security Agency.
Licensees conducting business in Ukraine and/or Russia should also “take increased measures to monitor, inspect, and isolate traffic from Ukrainian or Russian offices and service providers,” and “segregate networks for Ukrainian or Russian offices from the global network.”
NYDFS also recently issued similar guidance for New York state regulated entities on its cybersecurity and virtual currency regulations in response to the Russian invasion and recently imposed sanctions. (Covered by a Buckley Special Alert.)
OCC’s Hsu discusses improving crypto literacy
On March 8, acting Comptroller of the Currency Michael J. Hsu spoke before the Financial Literacy and Education Commission’s (FLEC) Public Meeting to discuss and commend FLEC’s efforts to improve crypto literacy and crypto education. In his remarks, Hsu described that a “younger, more financially vulnerable” population makes up a large portion of crypto owners, and that the risk of scams and hacks are increasing. He also argued that “it is hard to find neutral, trusted sources of information on crypto,” calling it “nearly impossible to find neutral information about something as simple as fees.” Describing “an urgent need for improved crypto literacy and education,” Hsu urged the commission to make available neutral, trusted educational materials to educate the public on crypto. He added that “consumers are left with an information landscape dominated by a lot of hype, jargon, attractive yields, and only boilerplate disclaimers about the risks they could face.”
Biden calls for coordinated approach to digital asset innovation
On March 9, President Biden issued an Executive Order (E.O.) on digital assets outlining the first “whole-of-government” strategy to coordinate a comprehensive approach for ensuring responsible innovation in digital assets policy. (See also White House fact sheet here.) The White House highlighted that “non-state issued digital assets reached a combined market capitalization of $3 trillion” last November (up from $14 billion five years ago) and noted that many countries are currently exploring, or in certain cases introducing, central bank digital currencies (CBDC). The Executive Order on Ensuring Responsible Development of Digital Assets stressed that “we must take strong steps to reduce the risks that digital assets could pose to consumers, investors, and business protections,” and mitigate “illicit finance and national security risks posed by misuse of digital assets,” including money laundering, cybercrime and ransomware, terrorism and proliferation financing, and sanctions evasion. The E.O. cautioned that future digital assets systems must also promote high standards for transparency, privacy, and security.
The E.O. outlined several principal policy objectives, including that:
- Federal agencies are directed to coordinate policy recommendations to address the growth in the digital asset sector.
- Federal agencies are directed to explore the need for a potential U.S. CBDC. Treasury, along with heads of other relevant agencies, are ordered to submit “a report on the future of money and payment systems, including the conditions that drive broad adoption of digital assets; the extent to which technological innovation may influence these outcomes; and the implications for the United States financial system, the modernization of and changes to payment systems, economic growth, financial inclusion, and national security.” The Federal Reserve Board is also encouraged to continue researching, developing, and assessing efforts for a CBDC, including developing a broad government action plan for a potential launch. The E.O. also directed an assessment of whether legislative changes would be necessary in order to issue a CBDC.
- The Secretary of the Treasury will work with relevant agencies to produce a report on the future of money and payment systems, which will include implications for economic growth, financial growth and inclusion, national security, and the extent to which technological innovation may influence these areas. The approach to digital asset innovation must also address the risk of disparate impact, the E.O. stressed, adding that any approach should ensure equitable access to safe and affordable financial services.
- The Attorney General, FTC, and CFPB are “encouraged to consider what, if any, effects the growth of digital assets could have on competition policy.” The agencies are also “encouraged to consider the extent to which privacy or consumer protection measures within their respective jurisdictions may be used to protect users of digital assets and whether additional measures may be needed.” Additional federal agencies are also encouraged to consider the need for investor and market protections.
- The Financial Stability Oversight Council and Treasury are directed to identify and mitigate systemic financial risks posed by digital assets and develop policy recommendations to fill any regulatory gaps.
- Federal agencies are directed to work with allies and partners to ensure international frameworks, capabilities, and partnerships are aligned and responsive to risks posed by the illicit use of digital assets. Agencies should also explore “the extent to which technological innovation may impact such activities,” and explore “opportunities to mitigate these risks through regulation, supervision, public‑private engagement, oversight, and law enforcement.”
- Federal agencies are directed to establish a framework for interagency international engagement with foreign counterparts to adopt global principles and standards for how digital assets are used and transacted, and to promote digital asset and CBDC technology development.
CFPB Director Rohit Chopra and Treasury Secretary Janet Yellen issued statements following Biden’s announcement. “Today’s Executive Order recognizes that the dramatic growth in digital asset markets has created profound implications for financial stability, consumer protection, national security, and energy demand,” Chopra said. “The [CFPB] is committed to working to promote competition and innovation, while also reducing the risks that digital assets could pose to our safety and security. We must make sure Americans in all financial markets are protected against errors, theft, or fraud.” Yellen stated that in addition to partnering with interagency colleagues to produce a report on the future of money and payment systems, Treasury will also work with international partners to promote robust cross-border standards and a level playing field. “As we take on this important work, we’ll be guided by consumer and investor protection groups, market participants, and other leading experts. Treasury will work to promote a fairer, more inclusive, and more efficient financial system, while building on our ongoing work to counter illicit finance, and prevent risks to financial stability and national security,” she said.
Treasury also recently announced that the Financial Literacy and Education Commission (led by Yellen and Chopra and comprised of the heads of 21 federal agencies and entities, including the OCC, Fed, FDIC, SEC, FTC, and HUD, among others) is forming a new subgroup on digital asset financial education to analyze the impact of digital assets on consumer and investor protections. “History has shown that, without adequate safeguards, forms of private money have the potential to pose risks to consumers and the financial system,” U.S. Under Secretary of the Treasury for Domestic Finance Nellie Liang said.