Bank's Digital Asset Entry Evaluation

Board of Directors
XXXXX

Members of the Board:

On April 11, 2022, and April 21, 2022, we received correspondence from President and Chief Executive Officer, XXXXX, addressing XXXXX (bank) potential entrance into digital asset activities. Additionally, President XXXXX and several members of his staff met with representatives from the FDIC and XXXXX on May 4th, 2022, to discuss the products and services that may be offered by the bank. We appreciate the opportunity to review the information provided and to meet with President XXXXX and his staff. We understand that due diligence is ongoing, as is the development of the program’s framework, and that the bank is not currently engaged in digital asset related activity.

The correspondence includes a high level description of potential digital asset activity, and the meeting expanded on this activity. The potential activities include the offering of small dollar loans secured by digital assets to certain known customers with sources of repayment other than digital assets. To provide the means for the customer to transfer these digital assets to your bank, management proposed to establish digital wallets with two third party digital asset platforms. Additionally, management is exploring establishing an arrangement with another third party service provider, which would provide customers the capability to use the bank’s online banking platform to purchase, sell, and hold digital assets through the third party service provider.

So that we may better assess management’s proposed activities, please provide the following information:

  • For each product or service planned
  • the structure thereof, including borrower credit criteria, allowable loan purposes, transaction approval structure, any limitations for individual loan amounts or portfolio concentrations, and third party services used for each stage of activity from the bank and consumer perspective;
  • Bank Secrecy Act (BSA) / Countering the Financing of Terrorism (CFT) / Office of Foreign Assets Control implications thereof, including how suspicious activity is monitored;
  • how engaging in the various activities relating thereto may impact customer risk scoring, consumer compliance, and consumer disclosure requirements; and
  • IT related impacts thereof such as the maintenance of the confidentiality of personally identifiable information and data integrity.

  • Regarding loans secured by digital assets, please include an overview of the valuation methodology used to determine the loan to value ratio at origination and on an ongoing basis, frequency of the valuation, reconciliation of sources with different valuations, and process for administering customer disputes regarding valuations. Additionally, provide draft copies of loan and security agreements, if available.

  • Board approved policies and procedures developed to administer all digital asset activities. Additionally, please provide Board minutes reflecting approval, discussion, analysis, and any associated documentation relating to the planned digital asset activity.

  • Information on the types of wallets selected, how wallets are structured (e.g. custodial wallets or other), how customer digital assets will be identified within wallets, how any customer digital assets will be transferred into wallets (e.g. will the bank receive assets directly from customers or will they be transferred directly into wallets), private key management framework (e.g. how will private keys be handled, who will have access to keys, etc.), and other associated controls.

  • All vendor due diligence conducted on third parties associated with digital asset activities, including vendor contracts, the bank’s legal review or assessment of contracts, financial reviews of third parties, and any related documentation.

  • Framework of assigned responsibilities and qualifications for personnel involved in day to day administration of digital asset activity, including internal controls responsibilities. Additionally, please provide oversight responsibilities of the Board and each applicable committee, including members, frequency of meetings, and approval authority.

  • The potential activity includes lending secured by digital assets, possible liquidation of digital assets, and use of third parties to perform various functions such as providing customers a platform to purchase, sell, and hold digital assets. Please provide the process of perfecting the bank’s interest in the collateral and the process of a liquidation scenario, including if the bank will own or hold digital assets at any step in the process.

  • Risk assessments conducted for planned digital asset activities. Additionally, please include those assessments that incorporate digital asset activity, such as the BSA/CFT risk assessment.

  • Strategic Plan that details how digital asset activity achieves objectives of the Board, contingency plan should the activity fail to achieve those objectives, projections, and cost / benefit analysis for the planned activity.

  • Consumer disclosures and marketing material used for the digital asset activity.

  • Legal opinion discussing the permissibility under Federal and State law for each of the activities the bank proposes to enter into, specifically, the digital asset secured lending and the integration of third party digital asset purchase, selling, and holding services into the bank’s online banking platform, along with supporting documentation.

Page 2

  • Analysis with respect to the U.S. Securities and Exchange Commission Staff Accounting Bulletin No. 121 and the planned digital asset activity.

Please provide the information requested within 60 days from the date of this letter. If the requested information has not been developed within this timeframe, the response should include the implementation status and timelines for each item. Additional follow-up will be needed for those items not yet developed. Please contact Case Manager XXXXX at XXXXX or Assistant Regional Director Mark G. Taylor at XXXXX if you have any questions. As a reminder, written correspondence should be addressed to Kristie K. Elmquist, Regional Director, FDIC, Dallas Regional Office, and sent as a PDF document through the FDIC's Secure Email portal (https://securemail.fdic.gov/) using the following e-mail address: XXXXX@FDIC.gov. Information about how to use secure email and FAQs about the service can be found at https://www.fdic.gov/secureemail/.

Sincerely,

Kristie K. Elmquist
Regional Director

Page 3

REL0000042354