Skip to content

Bank's Bitcoin Service Proposal Review

Board of Directors

XXXXX

Subject: Proposed Third-Party Crypto-Asset Activity

Dear Members of the Board:

By letter dated September 12, 2022, we received XXXXX (the Bank) notification that you are considering offering customers the ability to buy, sell, and hold Bitcoin through the Bank’s branded online and/or mobile app interface banking platform in conjunction with: XXXXX in response to Financial Institution Letter (FIL), FIL-16-2022, Notification of Engaging in Crypto-Related Activities. FIL-16-2022 requested that all FDIC-supervised institutions that intend to engage in, or that are currently engaged in, any activities involving or related to crypto-assets (also referred to as “digital assets”) promptly notify the appropriate FDIC Regional Director.

As notified through your letter, the Bank is in the exploratory stages and is not currently engaged in any crypto-related activities. As such, please keep us updated as the bank progresses, including the Bank’s proposed timeline for engaging in the activity.

As stated in FIL-16-2022, the FDIC may request that institutions provide information necessary to allow the FDIC to assess the safety and soundness, consumer protection, and financial stability implications of such activities. Please provide the information in the attached list by December 30, 2022, in order for the FDIC to begin those assessments. If the requested information has not yet been developed, include the status and timeline for developing each item in the response, as applicable. Once the FDIC has completed its review of the requested information, we will determine whether additional information is necessary to complete the review of the activity. When we have completed our review, the FDIC will provide the institution with relevant supervisory feedback, as appropriate.

This letter is confidential and may not be disclosed or made public in any manner under part 309 of the FDIC Rules and Regulations (12 CFR part 309). If you have any questions, please contact Case Manager, XXXXX at XXXXX or Acting Review Examiner XXXXX at XXXXX. Written correspondence should be addressed to my attention at the New York

Regional Office, and sent as a PDF document through the FDIC’s Secure Email portal
(securemail.fdic.gov) using the following e-mail address: XXXXX@FDIC.gov.

Sincerely,
Frank R. Hughes
Regional Director

cc: XXXXX

Institution: XXXXX

Request List: Crypto-Asset Trading Through Institution with Third Party

  1. Contracts (including any draft contracts that bank is reviewing/considering).
  2. Overview of the contracting process (e.g., who is/was involved in the review, analysis, and structuring).
  3. Any contract analysis performed prior to execution.
  4. Description of the transaction flows and related controls.
  5. Detailed description of the settlement process for customer buy/sell transactions between the bank, XXXXX, and other related parties.
  6. The bank’s permissibility analysis and determination with respect to the activity.
  7. Bank’s analysis of SEC SAB 121 and its applicability.
  8. Cost-benefit analysis for the activity.
  9. Project plan for the activity.
  10. Vendor management due diligence documentation and analysis related to both the third party XXXXX and XXXXX, including audits, financials, insurance, complaints, etc.
  11. Description of what happens to customers’ accounts or holdings of Bitcoin if the bank does not continue or cancels offering the services provided by XXXXX or if the third party cancels or fails to perform under the contract.
  12. Description of any fees that will be charged to customers related to the activity, and how they will be calculated. Also, describe if and how fees are split amongst the bank and any third-parties involved in the activity.
  13. Description of any transaction limitations imposed by XXXXX or the bank on the amount of Bitcoin a customer may purchase or sell (e.g. daily, weekly, monthly).
  14. Description of the methodology that determines the price customer pays to XXXXX for Bitcoin. This includes providing an explanation of how any market price is determined and how the spread, if any, is calculated.
  15. Customer agreements, disclosures, sample account statement, sample transaction receipt, and other terms and conditions related to the activities provided by or through the bank and by third parties (draft or proposed).
  16. Marketing materials, press releases, internal scripts, educational materials, and any other publicly-distributed information related to the activity (draft or proposed). This includes screen shots/screen recordings of any online banking or mobile application user interfaces (including hidden text that must be clicked) that will be made visible to customers by, or through, the bank in connection with activity. Also, a live demonstration of the user interface of the online banking or mobile application customer experience may be requested during the review of this activity.
  17. Any other due diligence materials.
  18. Strategic plan that details how crypto-asset activity achieves objectives of the board and the contingency plan should the activity fail to achieve the objectives.
  19. Implementation plan. Please include expected activity volumes, income projections used to determine whether the products are financially feasible, and any other analysis performed to support launching the products.
  1. Board and committee minutes reflecting discussion, analysis, approval, and any
    documentation provided on the activity.
  2. Risk assessment(s) related to the activity.
  3. Internal training materials related to the activity.
  4. Policies and procedures that will govern the crypto-related activity, including those related to
    consumer compliance and complaint resolution.
  5. If not outlined in policies and procedures, framework of assigned responsibilities and
    qualifications for those involved in day-to-day administration of crypto-related activity,
    including internal controls responsibilities. Description of oversight responsibilities (e.g.
    management, staff, committees (including members, frequency of meetings), and
    collectively, their approval authority).
  6. If program is Live/Beta Testing, provide transaction volumes that include: 1) number of
    active accounts using this service through bank, 2) total number and dollar volume of buy
    transactions completed (since implementation), and 3) total number and dollar volume of sell
    transactions completed (since implementation).