Skip to content

FDIC
Federal Deposit Insurance Corporation
25 Jessie Street at Ecker Square, Suite 2300
San Francisco, California 94105

Division of Risk Management Supervision
Division of Consumer Protection
San Francisco Regional Office
(415) 546-0160

Sent via secure email to XXXXX

November 4, 2022

Board of Directors
XXXXX

Subject: Proposed Testing of Digital Asset Accounts

Dear Members of the Board:

On May 31, 2022, Interim Chief Financial Officer (CFO) XXXXX submitted a draft three-year business plan (Plan) pursuant to FDIC's Financial Institution Letter-16-2022, Notification of Engaging in Crypto-Related Activities (FIL-16-2022). FDIC staff held a brief discussion with President and Chief Executive Officer (CEO) XXXXX, Interim CFO XXXXX, and the Digital Banking Division's Chief Operating Officer (COO) XXXXX on June 22, 2022. On July 28, 2022, the FDIC responded to the institution regarding the notification of engaging in crypto-related activities. The FDIC’s response acknowledged the bank’s Plan while requesting the opportunity to review additional information, when available, to assess the risk management framework surrounding these activities.

The FDIC’s July 28, 2022 letter included a request list of essential elements and requested that the bank not proceed with planned activities until the FDIC had completed its review and provided supervisory feedback. On August 5, 2022, President and CEO XXXXX submitted a new notification of XXXXX intent to originate test accounts and perform limited testing on two digital asset infrastructure providers, XXXXX (for XXXXX payments) and XXXXX (as sub-custodian for digital assets). On August 17, 2022, FDIC staff held a discussion with President and CEO XXXXX, Interim CFO XXXXX, and COO XXXXX, during which Bank management reaffirmed their commitment not to proceed with planned activities or account testing until the FDIC had completed its review.

The FDIC requests that the Bank provide the items requested in the Attachment to this letter, which seeks additional documentation and information regarding the proposed test accounts and the planned activities for lending and market making that were outlined in the Plan. Please provide the items requested in the Attachment, as well as the items requested in the July 28, 2022 letter by December 19, 2022. If the requested information has not yet been developed, include the status and timeline for developing each item in the response, as applicable. We will review documentation and information as it is received in order to assess the safety and soundness, consumer protection, and financial stability implications of the proposed activities.

Board of Directors

Page 2

Please notify us of any material changes in the planned activities, the status of this project, or implementation to ensure that the bank is operating in a safe and sound manner and in full compliance with consumer protection regulations.

This letter is confidential and may not be disclosed or made public in any manner under part 309 of the FDIC Rules and Regulations (12 CFR part 309). If you have any questions related to Risk Management, please contact Assistant Regional Director Jaclyn Valderrama or Case Manager XXXXXXX at XXXXXXX, respectively. For questions related to Consumer Protection, please contact Assistant Regional Director Matthew Sheeren or Review Examiner XXXXXXX and XXXXXXX, respectively. Written correspondence should be addressed to my attention at the San Francisco Regional Office, and sent as a PDF document through the FDIC’s Secure Email portal (https://securemail.fdic.gov/) using the following e-mail address: XXXXX@FDIC.gov. Information about how to use secure email and FAQs about the service can be found at https://www.fdic.gov/secureemail/.

Sincerely,

/s/ Kathy L. Moe

Kathy L. Moe
Regional Director

cc: XXXXXXX
Federal Reserve Bank of San Francisco

Attachment

Proposed Stablecoin and Custody Testing

  • All due diligence performed by the bank on XXXXX and XXXXX, including all supporting documents used for the analysis.
  • All due diligence performed by the bank on XXXXX, including all supporting documents used for the analysis. Please include any master service agreements or other contracts between the bank and XXXXX (or related entities).
  • Risk assessment performed on the proposed activities in the August 5th letter.
  • Permissibility analysis regarding XXXXX under 12 U.S.C. § 1831a and 12 CFR part 362 and any accompanying opinion of legal counsel.
  • Analysis of whether XXXXX is a security under the Securities Act of 1933 and the Securities Exchange Act of 1934, including an analysis of the factors identified in SEC v. W.J. Howey Co., 328 U.S. 293 (1946) (“The Howey test”).
  • Detailed information on the proposed activities, including how the digital asset infrastructure providers and any related crypto-assets will be used in bank operations, activities, or services.
  • Detailed description of the digital assets for which the bank seeks to provide custody related services via XXXXX.
  • Detailed descriptions of how these services would be marketed to customers. Provide copies of any draft or final marketing documents and literature, including press releases, internal scripts, and educational materials for both items to be tested.
  • Risk management policies and procedures for the proposed testing activities. For custody services, include address generation and private key management processes and procedures.
  • Board and committee minutes reflecting approval, discussion, analysis, and any documentation provided on the proposed testing activity.
  • Draft contracts and legal agreements between the bank and crypto-related third party vendors.
  • An overview of the contracting process, including the personnel involved in the review, analysis, and structuring.
  • Analyses performed with respect to SEC Staff Accounting Bulletin No. 121 and proposed services.
  • Describe in detail the specific tests that will be performed on the accounts at XXXXX and XXXXX. Include a discussion of the research goals that are being pursued, the parties involved in the testing, wallet/custodial structures used, who will have control of associated keys, and a descriptive roadmap that would indicate the timeline needed for testing. Also, explain how the testing will be accomplished without (i) operation or linkage to third-party platforms, and (ii) implementation of any digital activity to which notice, non-objection, or consent would be required, as stated in the bank’s August 5th letter.

Board of Directors

XXXXX

Page 4

  • Please describe the titling, user access, and control of accounts the bank proposes to establish and test on the platforms noted by the bank.

Proposed Crypto Lending

  • Draft loan and security agreements.
  • Loan policy and customer eligibility criteria related to crypto-asset collateralized lending and associated underwriting standards/procedures.
  • Board minutes reflecting approval, discussion, analysis, and any documentation provided to the board on the activity.
  • Bank’s analysis of SEC Staff Accounting Bulletin No. 121 and its applicability, and any accompanying opinion of counsel.
  • Bank’s legal analysis and determination, and any accompanying opinion of legal counsel, with respect to permissibility of lending activity collateralized by crypto-assets, ownership of the crypto-assets serving as collateral, authority to pledge the crypto-assets serving as collateral, security interest perfection, and foreclosure on the crypto-asset collateral.
  • If collateral involved is rehypothecated collateral tendered by the borrower’s clients, documentation of borrower’s authority to rehypothecate (such as from the borrower’s underlying financing arrangements) and analysis of the adequacy and enforceability of the borrower’s documentation.
  • For any collateral custodians and entities that provide collateral maintenance functions:
  • Contracts or agreements
  • Risk assessment and due diligence
  • Analysis of bankruptcy implications performed by the bank
  • Documentation relating to any ongoing monitoring activities
  • Detailed description of the information technology arrangement or infrastructure utilized for collateral maintenance function, including all data flows, interfaces with bank’s core systems, and new IT development and costs to implement/facilitate.
  • Detailed description of the collateral maintenance monitoring function.
  • Bank reporting on collateral maintenance monitoring.
  • Describe how crypto-asset lending activities will be monitored to identify and report suspicious activity.
  • Independent credit review documentation.
  • Capital risk weighting treatment plans of the credit.
  • Loan loss reserve plans associated with such loans.
  • Bank’s conflict of interest/ethics/conduct policy.
  • Planned marketing materials, press releases, and any other publicly distributed information related to the activity (draft or proposed).

Proposed Market Making

  • Please provide additional details regarding the comments on page 44 of the Plan regarding this activity.