On the heels of an interpretive letter allowing national banks and federal savings associations (FSAs) to provide cryptocurrency custody services to customers (see our LawFlash), the US Office of the Comptroller of the Currency (OCC) issued another interpretive letter on September 21 clarifying that national banks and FSAs are authorized to hold stablecoin reserves. The interpretive letter only addresses stablecoin that is:
- stored in a hosted wallet, defined by the OCC to mean “an account-based software program for storing cryptographic keys controlled by an identifiable third party” that receives, stores, and transmits cryptocurrency transactions on behalf of accountholders, which generally do not have access to such keys themselves;
- backed on a 1:1 basis by a single fiat currency; and
- verified by the bank at least daily to confirm that reserve account balances are always equal to or greater than the number of the issuer’s outstanding stablecoins.
The OCC clarified that national banks and FSAs may receive deposits from stablecoin issuers, including any deposits that are considered stablecoin reserves (associated with hosted wallets), and may engage in activities that are incidental to accepting deposits from stablecoin issuers. If a national bank or FSA wishes to accept deposits that are stablecoin reserves, the bank/FSA should take into account the following compliance considerations:
Deposit Insurance. A bank may structure stablecoin reserve accounts as deposits of the stablecoin issuer or as deposits of the individual stablecoin holder if the requirements for pass through insurance are met. The OCC reminds national banks and FSAs to provide accurate and appropriate disclosures regarding deposit insurance coverage.
Anti-Money Laundering. A national bank or FSA must identify and verify the beneficial owners of legal entity customers opening accounts and comply with customer due diligence and customer identification requirements.
Risk Management. A national bank or FSA must develop and implement new banking activities consistent with sound risk management principles, as further described in OCC Bulletin 2017-43. The OCC pointed to various types of risks that are associated with stablecoin reserves, including:
Liquidity Risk. To address liquidity risk, a bank should manage such risk consistent with the Comptroller’s Handbook on Liquidity and may enter into contractual agreements with a stablecoin issuer to govern the services that the bank provides to the issuer. Any such agreements may include requirements or restrictions regarding assets held in the reserve account.
Issuer Identification. The contractual agreement between the stablecoin issuer and the bank should ensure that the appropriate party is deemed to be the issuer or obligor of the stablecoin.
Audit Requirement. The bank should be able to verify the outstanding stablecoins on a regular basis to confirm that the reserve deposits are always equal to or greater than the number of outstanding stablecoins that the issuer has issued.
In connection with the OCC’s interpretive letter, the US Securities and Exchange Commission’s FinHub Staff issued a statement reminding market participants that whether a stablecoin is a security under federal securities laws is “inherently a facts and circumstances determination.” FinHub Staff encourages market participants to contact Staff to ensure that their digital asset activities are consistent with the federal securities laws.
As a strictly legal matter, it is not clear that the OCC's interpretation says anything remarkable, or even newly substantive. To the contrary, it would be difficult for the OCC to contend as a legal matter, that national banks cannot accept cash deposits and reserves (whether in US or other fiat currencies), or that national banks cannot do business with third parties (with perhaps a few exceptions, such as online gaming firms or unlawful cannabis enterprises). Further, it is not clear why the OCC should draw a legal distinction, as it apparently did, between hosted and unhosted digital wallets, inasmuch as the nature of the person or entity that controls the wallet would at first gloss appear to be immaterial to the legality of the activity.
What the interpretation enables the OCC to do, however, is to incorporate supervisory and risk management requirements into the business of accepting fiat currencies as stablecoin reserves. Thus, for example, by limiting its interpretation to stablecoin reserve activities in connection with hosted wallets, the OCC could be signaling that it is less comfortable with the risk profiles of unhosted digital wallets. Although the OCC is continuing to encourage national bank expansion into digital business lines, the OCC also recognizes that such expansion does not come without supervisory concerns, and that it is important for national banks to manage the risks associated with these lines of business.
Further, the OCC interpretation does not – nor can it – touch upon the SEC's ongoing discussions and deliberations over the federal securities law status of stablecoin products and activities. Therefore, the legality of engaging in stablecoin-related activities under federal banking law on the one hand, and the status and regulation of these activities under the federal securities laws on the other hand, continue to be separate – and highly important – issues, as the SEC’s contemporaneous announcement plainly indicates.