Federal Banking Agencies Clarify Approach to Bank-Permissible Crypto-Asset Activities

The Office of the Comptroller of the Currency (OCC) and the Federal Deposit Insurance Corporation (FDIC) each recently took action to clarify prior interpretive guidance regarding the authority of banking organizations to engage in certain crypto-asset activities. These represent the first of potentially several actions by the federal banking agencies to advance the objective of promoting innovation and technology adoption¹ through the establishment of a clear supervisory framework for banks’ engagement in crypto-asset activities. This objective is aligned with the broader objective of the Trump administration to promote the United States as a leader with respect to crypto-assets and financial technology, as expressed in an executive order issued in the first week of the administration.²

This Advisory summarizes the recent actions of the OCC and FDIC, as well as the stance of the Board of Governors of the Federal Reserve System (Federal Reserve) and certain related initiatives and developments. This Advisory also highlights important takeaways for banking organizations as the federal banking agencies recalibrate their approach to the regulation of crypto-assets and the engagement by banking organizations in crypto-asset-related activities. We note that this Advisory uses the term “crypto-asset” to refer generally to any asset based on distributed ledger technology (DLT). As the regulatory framework for crypto-assets and banking activities relating to crypto-assets continues to materialize, efforts may be made by the federal banking agencies and other federal regulators to more clearly distinguish between the various terms used in practice to define crypto-assets (including “cryptocurrencies” and “digital assets”).

This Advisory is one in a series that will explain the evolving landscape of crypto-assets under the Trump administration and the current Congress, and the implications for banking organizations and other financial services firms.

OCC Interpretive Letter No. 1183

On March 7, 2025, through the issuance of Interpretive Letter 1183 (IL 1183),³ the OCC re-affirmed that crypto-asset custody and certain DLT and stablecoin activities are permissible for national banks. OCC interpretations of the National Bank Act are important because they expand or shrink the activities in which national banks may engage. In addition, because of state “wild card” statutes and Federal Reserve policy, the OCC’s interpretations carry through to the powers that state-chartered banks supervised by the FDIC and Federal Reserve may exercise as well.⁴

The OCC initially established the permissibility of such activities through the issuance in 2020 of Interpretive Letters 1170⁵ (allowing national banks to provide custody services to customers related to cryptocurrency), 1172⁶ (allowing national banks to accept dollar deposits as reserves for stablecoins), and 1174⁷ (allowing national banks to act as nodes on certain DLT networks in order to verify customer payments, and engage in the facilitation of payments on a DLT network) (IL 1174). The utility to national banks of those interpretive letters was later muted by the issuance of Interpretive Letter 1179 (IL 1179).⁸

IL 1179, which was rescinded by IL 1183, established a supervisory non-objection process for engagement in national bank-permissible crypto-asset activities. In practice, IL 1179 functioned as a gating mechanism for the OCC, and by extension the other federal banking agencies, to restrict engagement by depository institutions in crypto-asset activities. With that mechanism now lifted, national banks are authorized to engage in permissible crypto-asset activities on the condition that such activities are conducted in accordance with safe and sound banking principles and carried out in a manner consistent with the bank’s risk management practices and overall business plans and strategies, and with the understanding that such activities will be subject to examination as part of the OCC’s routine supervisory process.

In connection with the issuance of IL 1183, the OCC also withdrew from two interagency statements issued during the Biden administration regarding liquidity and other risks posed to banking organizations by crypto-assets and/or crypto-asset market features.⁹ Those statements established a very high bar, both as a substantive regulatory matter and with regard to supervisory procedure, for banking organizations to overcome in order to demonstrate that certain crypto-asset-related risks could be managed effectively and relevant activities carried out in a safe and sound manner.¹⁰ From that perspective, national banks eager to commence or increase their engagement in crypto-asset activities may welcome the OCC’s actions. By contrast, however, the interagency statements covered substantial ground and highlighted supervisory expectations for the management of risks that the OCC may closely monitor as part of the supervisory process — such as fraud, liquidity market concentration and volatility, unfair and deceptive practices, third-party risk management, and operational resiliency — and the absence of this guidance may introduce some level of uncertainty into future examinations of national banks that commence or expand crypto-asset activities in the near-term.

FDIC Financial Institutions Letter 7-2025

On March 28, 2025, the FDIC issued Financial Institutions Letter 7-2025 (FIL 7-2025),¹¹ which rescinds Financial Institutions Letter 16-2022¹² and clarifies the FDIC’s supervisory approach to the crypto-asset activities of state nonmember banks. FIL 7-2025 establishes that state nonmember banks may engage in crypto-asset activities, without notifying or seeking the prior approval of the FDIC, provided that the bank can adequately manage relevant risks and conduct any such activities in a safe and sound manner. FIL 7-2025 also provides that state nonmember banks “should consider” risks and operational issues associated with crypto-asset activities — such as market and liquidity risk, cybersecurity risk, consumer protection requirements, and anti-money laundering (AML) requirements — and engage with FDIC supervisory staff “as appropriate,” but does not prescribe a formal pre-activity risk assessment process or explicitly require notice to the FDIC staff, whether prior to or after commencement of a crypto-asset-related activity.

FIL 7-2025 also notes that the FDIC intends to coordinate with the other federal banking agencies to replace the interagency guidance regarding crypto-asset-related risks and risk management from which the OCC withdrew as discussed above.

Federal Reserve Developments

While the OCC and FDIC have taken steps to remove legal and supervisory impediments to engagement by banking organizations in crypto-asset-related activities, the Federal Reserve to date has not taken comparable action. In 2022, the Federal Reserve issued SR Letter 22-6,¹³ which addressed supervisory expectations and procedures for engagement by banking organizations supervised by the Federal Reserve, including bank holding companies and state member banks, for engagement in crypto-asset-related activities. Importantly, SR Letter 22-6 requires banking organizations to ensure that proposed activities are legally permissible and to notify Federal Reserve supervisory staff (and, for state member banks, the staff of their state chartering authority) prior to engagement in such activities. Under the Federal Reserve’s guidance, banking organizations are expected, prior to engaging in any proposed crypto-asset activities, to have implemented adequate systems, risk management processes, and internal controls — specifically addressing operational risk, financial risk, legal risk, and compliance risk — to ensure that the activities are conducted in a safe and sound manner and in compliance with applicable laws and regulations. While SR Letter 22-6 does not explicitly impose a prior approval requirement, it prescribes a comprehensive pre-activity risk assessment requirement and, through the supervisory notification process, has created a mechanism for the Federal Reserve staff to question proposed crypto-asset activities in a way that could significantly delay or deter a banking organization from engaging in such activity. Relatedly, in August 2023, the Federal Reserve issued SR Letter 23-8, which established a supervisory non-objection process for state member banks seeking to engage in activities covered by IL 1174, including using DLT or similar technologies to issue, hold, or transact in dollar-denominated tokens.¹⁴

The Federal Reserve also continues to maintain a Novel Activities Supervision Program (the Program),¹⁵ which is focused on activities including crypto-asset-related activities, DLT-related activities, and other technology-driven activities and engagements. The Program effectively provides an additional layer of risk-based oversight of novel activities conducted by Federal Reserve-supervised banking organizations.

As described above, it is well established that state member banks generally are afforded the same powers as national banks and therefore, in consideration of the OCC’s issuance of IL 1183, there should be no legal impediment to the engagement by state member banks in national bank-permissible crypto-asset activities.¹⁶ (Bank holding company powers present a more complex picture.) Accordingly, the Federal Reserve has been pressured by certain stakeholders to relax applicable supervisory requirements as the OCC and FDIC have done. By a letter dated March 31, 2025, Republican members of the Financial Services Committee of the U.S. House of Representatives called on the Federal Reserve to rescind SR Letters 22-6 and 23-8 on the basis that those letters impose “unnecessary supervisory burdens” on the use of DLT.

Nevertheless, it is unclear how those letters, as well as the Program and other relevant Federal Reserve regulations, policy statements, and guidance,¹⁷ will be administered in practice in the months ahead in light of recent developments. Federal Reserve Chair Jerome Powell has commented favorably, including before Congress, on the authority of banking organizations to provide certain crypto-asset-related services, such as custody, to their customers;¹⁸ however, to date this endorsement has not translated into action by the Federal Reserve staff. The confirmation of Federal Reserve Governor Michelle Bowman to serve as the Federal Reserve’s Vice Chair for Supervision, which is pending, may serve as a catalyst in this regard.

Related Considerations for Banking Organizations

While supervisory expectations and processes relating to crypto-asset-related activities are becoming clearer in certain respects, banking organizations should be mindful of related developments and regulatory considerations when contemplating engagement in such activities.

Accounting Treatment. Effective January 30, 2025, the U.S. Securities and Exchange Commission (SEC) issued Staff Accounting Bulletin 122 (SAB 122) and rescinded the guidance provided in the heavily-criticized Staff Accounting Bulletin 121 (SAB 121), which was issued in March 2022.¹⁹ SAB 121 required banking organizations that are SEC filers, when engaged in the provision of crypto-asset custody services on behalf of their customers, to recognize an asset and a liability on their balance sheets in respect of the underlying crypto-asset, reflecting both the obligation to safeguard the crypto-asset held for the customer and the fair value of the crypto-asset as of initial recognition and each subsequent reporting date. The capital and liquidity management implications of the SAB 121 requirement to recognize customer crypto-assets on their balance sheets significantly deterred banking organizations from providing crypto-asset custody services. SAB 122 eliminates this requirement; however, banking organizations that elect to provide such services must continue to determine whether and to what extent to recognize a liability relating to the risk of loss under an obligation to safeguard customer crypto-assets.

Anti-”De-Banking” Measures. Combatting the issue of “de-banking,” including with respect to crypto-asset firms and individuals engaged in the crypto-asset sector, has emerged as a priority of the Trump administration, many members of Congress, and the incoming leadership of the OCC and FDIC. Acting FDIC Chairman Travis Hill stated that regulators must work to end “de-banking” of law-abiding customers.²⁰ Acting Comptroller Rodney Hood referred to the “de-banking” of customers on a categorial basis as “repugnant and odious” and indicated that such activity would not be tolerated under his leadership.²¹ Further, President Trump’s nominee to serve as permanent Comptroller, Jonathan Gould, stated during his confirmation hearing before the Senate Banking Committee that he will “use the OCC’s full powers … to shine a spotlight on [“de-banking” activities] and ensure that they are not allowed within the banking system.”²²

In recent years, certain banking organizations have elected not to engage in crypto-asset-related activities or, in some cases, in banking relationships with certain crypto-asset firms, for reasons including lack of clear legal authority and exposure to various risks, including liquidity risk (the subject of a withdrawn interagency statement, as referenced above) and reputational risk. In addition to taking steps to address questions of legal authority and certain financial risks, the OCC and the FDIC also have begun to address the issue of reputational risk. For its part, the OCC has declared that it will no longer examine national banks and federal savings associations for reputation risk and has removed references to reputation risk in the agency’s examination procedures and licensing and supervisory guidance.²³ As for the FDIC, Acting Chairman Hill has stated that the agency is preparing a rulemaking that will eliminate the concept of reputation risk from the FDIC’s examinations.²⁴ These actions are aimed principally at eliminating a potential source of support for the “de-banking” of certain customers, especially those from the crypto-asset sector.

While the emerging shift away from examining banking organizations for reputation risk reasonably could be interpreted to suggest that banking organizations will not be criticized and may even be encouraged implicitly by their supervisors to provide banking services to crypto-asset firms and market participants, the agencies have indicated that they will not dictate whether specific customers be onboarded or customer accounts be closed. Rather, the agencies have expressed a continued expectation that such decisions will be made based on the risk profiles of specific customers in accordance with sound risk management practices and safe and sound banking principles with a focus on maintaining a strong financial condition and operational resiliency.

Compliance Management Expectations. Despite the agencies’ relaxation of supervisory processes relating to crypto-asset-related activities, regulatory compliance and risk management controls in certain areas continue to be highlighted by agency leadership as critical to a banking organization’s safe and sound engagement in such activities.²⁵ In particular, compliance with the Bank Secrecy Act (BSA) and applicable AML laws and regulations, cybersecurity and fraud controls, and operational resiliency have been cited as areas of focus in this regard. In the current environment, banking organizations may be required to weigh the agencies’ expectations regarding fair access for all customers against the risks that may be posed by certain individual crypto-asset market actors, specifically including risks relating to money laundering, illicit finance, and fraud.

Takeaways

The first few months of the Trump administration have been favorable for the crypto-asset sector and for banking organizations seeking to serve and engage with crypto-asset firms and customers. The OCC and FDIC have already taken actions that make it easier for national and state-chartered banks to engage in crypto activities.

Nevertheless, the legal and regulatory landscape in this area is expected to continue to evolve. In addition to the potential for further rulemaking and supervisory action by the federal banking agencies, other federal officials and regulatory agencies — specifically including those included in the President’s Working Group on Digital Asset Markets, as assembled pursuant to Executive Order 14178²⁶ — are in the process of assessing the current legal and regulatory framework for crypto-assets, and Congress is actively considering various legislative proposals addressing certain crypto-assets, such as stablecoins, and crypto-asset market structure.²⁷ We will address legislative and regulatory developments regarding stablecoins in a related set of Advisories.

In short, banking organizations seeking to enter the crypto-asset arena, or expand their engagement in crypto-asset activities, should continue to monitor regulatory and legislative developments and tailor business and customer engagement strategies, compliance management processes, and internal controls appropriately.

* * *

If you would like more information about the content of this Advisory and how recent developments may impact your business, please contact any of the authors of this Advisory or your usual Arnold & Porter contact. The firm’s Financial Services team would be pleased to assist with any questions that you may have.

© Arnold & Porter Kaye Scholer LLP 2025 All Rights Reserved. This Advisory is intended to be a general summary of the law and does not constitute legal advice. You should consult with counsel to determine applicable legal requirements in a specific fact situation.