OFFICIAL PUBLICATION OF THE NEBRASKA BANKERS ASSOCIATION

Pub. 17 2022-2023 Issue 2

SWOT-ing-at-the-Crypto-Crossing-Crackdown-Feature-Image

SWOT-ing at The Crisscrossing Crypto Crackdown

INTRODUCTION

In the 14 years since blockchain technology’s invention, banks have been left to compete with emerging business models and new stores of value, while operating in an uncertain vacuum of regulatory guidance. The resulting whiplash of lightning-fast innovation seemingly incapacitated the U.S. regulators of currencies, commodities, and securities.

With only crisscrossing guidance offered thus far, it may seem impossible to make a risk-based decision on whether, and to what extent, a bank should adopt blockchain technology, including cryptocurrency and web3. However, using the tried-and-true SWOT analysis, banks can establish a baseline with which to evaluate the impact the crisscrossing crypto crackdown will have on their internal and external environment.

First, a refresher on the more recent commentary and actions by banking regulators. We know that Basel will be releasing a second consultation later this year with an eye on a “global minimum prudential framework” to address risks
associated with crypto assets. Their first consultation offered a risk-weighting methodology.

The U.S. Office of the Comptroller of the Currency (OCC) confirmed in July 2020 that national banks could offer crypto
custodial services. However, Acting Comptroller Chu recently publicly remarked that it is time to ‘reset and recalibrate.’ The Federal Reserve Board (FRB) hasn’t released much guidance other than to say they will be releasing guidance. The FRB did examine the pros and cons of a Central Bank Digital Currency (CBDC) but “does not favor any policy outcome.” And, the U.S. Treasury has offered a risk assessment of money laundering risks in the crypto asset space. The FDIC joined the OCC and FRB in their “Crypto-Asset Policy Sprint” statement but has offered little else outside of requiring banks to notify the FDIC prior to engaging in crypto-related activities. The CFPB broadened its own enforcement authority in this space last year, formalized in March by Executive Order. FinCEN And finally, legislation introduced in early June appears ready to assign rulemaking and enforcement authority to the Commodity Futures Trading Commission (CFTC), leaving the Securities Exchange Commission (SEC) any leftover crypto assets that are classified as securities.

THE BASICS
It can be difficult to understand and analyze the risks associated with crypto assets if you don’t have a grasp of some foundational terminology. Unfortunately, there’s a lot of so-called ‘gatekeeping’ in the ‘crypto community’ – e.g., folks who use overly-complicated lingo to seem more tech-savvy than others. So, here are a few layperson examples to help understand the basic terms and concepts.

What is blockchain?
Have you ever worked on a document at the same time as another person or team? You can see others’ initials moving
about on the page followed by their edits to the collaborative document. And the revision history is saved so everyone can see who made what changes. Well, this is a great analogy for ‘distributed ledger technology’ (DLT). But the key difference between DLT and blockchain is that there is no single authority that maintains the data (e.g. OneDrive, Google, AWS). With blockchain, there is no centralized authority holding the data, and the data is not valid unless ‘approved’ by a program that runs on many different devices around the world.

What is a crypto asset?
Crypto assets are much like your everyday tangible assets: cash, contracts, artwork, investments, information, etc.
However, crypto assets are entirely digital. Here, everyone knows that your unique address (known as a wallet address)
owns those assets because of the transaction information stored on the blockchain. A dollar bill may be compared to a
Bitcoin. A contract may be compared to a ‘Smart Contract’. A non-fungible token may be compared to your house Deed.
Nearly every transaction made in your everyday life can be hosted on a blockchain.

What makes a crypto asset a security versus a commodity versus fiat currency?
A ‘security’ represents an investment in a common enterprise with the expectation of profit solely on the efforts of others (“solely” is removed in actual practice). A crypto asset that is offered to raise capital for a startup would likely be classified as a ‘security’.

Crypto assets generally fall into the classification of a commodity. A commodity is a resource that is nearly identical in all its instances and has a commonly known value, such as wheat. Financial commodities include identical (or nearly
identical) futures and options contracts that have commonly known values.

For the purposes of classifying crypto assets, ‘fiat’ is defined as the ‘lawful money’ of the United States. In other words, a
currency that represents the debts of the government. You can’t pay your taxes in wheat, for example, but you can use U.S. dollars. A Central Bank Digital Currency (CBDC) would be classified as fiat currency.

THE SWOT
A SWOT analysis considers your internal strengths and weaknesses and external opportunities and threats. This template offers baseline considerations to review the risks and opportunities associated with the emerging crypto regulatory scheme.

Strengths & Weaknesses

  • Management: The Board and senior managers of the bank have a clear understanding of the existing regulatory parameters surrounding crypto assets, are knowledgeable about the application of those rules to bank offerings, maintain an awareness of emerging changes, and have a system in place to update the bank’s operations quickly and efficiently to comply.
  • Internal Controls: The bank’s internal controls are built-out and appropriately monitored and tested to manage the increased credit, liquidity, and transaction risks associated with crypto asset custody, transactions, loans, issuance, and holdings. The bank stress tests contagion risks and enhances areas of identified deficiencies. The bank has consistent margin call triggers, procedures, and communication channels, where applicable. Evaluations of crypto assets as collateral are reviewed for fair lending purposes.
  • Personnel: Bank personnel are properly trained to understand and communicate the products and services offered to customers, are aware of and can appropriately mitigate the related risks, the number of assigned personnel is appropriate for the associated risks, and enough redundancy is built into roles to prevent any system failures that may result from the termination of key personnel. Vendors undergo a risk-based due diligence review before business begins, and periodically thereafter.
  • Technology: The hardware and software used to transact, secure, and maintain crypto assets are well-maintained
    and secure. External auditors are used to test and verify. The bank has a consistent and safe procedure for securing crypto collateral.
  • Insurance: The bank maintains appropriate levels of insurance related to all facets of crypto asset products and services.
  • Products: The bank can market and advertise crypto asset products and services in a manner consistent with existing laws and regulations, and an eye for fair lending and UDAAP risks. It has reviewed existing non-crypto products and services, identified the potential impacts, and updated those growth strategies to account for the internally driven competition.

Opportunities & Threats

  • Management: The Board and senior managers of the bank can readily identify risks and opportunities presented by the lack of crypto asset laws and regulations.
  • Personnel: Personnel are excited to join a bank that offers roles in the crypto asset space; however, this area
    may also come with increased competition for bank personnel who maintain desirable skills in a new field.
  • Technology: Rapid advances in technology offer opportunities to quickly adopt and roll out new product offerings and services; however, the maintenance and security of aging software and hardware suffer, and investments in new technology depreciate quickly.
  • Competition: The bank is an early adopter of crypto products and services but may now lack the resources to act upon new trends, technology, and opportunities.
  • Reputation: The bank is well-posed to trigger crisis management plans, maintains open channels of communication with relevant stakeholders, and has identified and mitigated risks associated with crypto asset environmental risk factors.
  • Legal & Compliance: The bank’s compliance management system and risk management program appropriately identify and control crypto-asset risks, including the emerging regulatory scheme, and the potential for increased litigation.

CONCLUSION

Given what little we know about the future legal and regulatory landscape of cryptocurrency, a comprehensive and
bank-specific SWOT analysis may offer some comfort in the uncertainty. Take some time to discuss your bank’s crypto
posture with your internal and external stakeholders and analyze the relevant strengths, weaknesses, opportunities,
and threats for your bank. Continue getting involved in the discussions surrounding the proposed laws and regulations.
And take this opportunity to enhance your risk management program and Compliance Management System to monitor
and respond to the crypto regulatory crackdown we all know is coming.