By Phil Cotter, Managing Director of Risk, Refinitiv.
The recent warning from the Basel Committee on Banking Supervision (BCBS) relating to crypto-assets has emphasised once again the importance of a robust risk management framework for banks – but what does that mean in practical terms and what are some of the implications?
The risks the BCBS has highlighted from crypto-assets include a threat to liquidity, credit, market and operational risk, as well as risks related to money laundering and terrorist financing.
Prominence in the statement is given to the need for governance and risk management. Of concern is the anonymity and limited regulatory oversight of most crypto-assets. BCBS advises that a bank’s risk management framework for crypto-assets should be fully integrated into the overall risk management processes, including those related to anti-money laundering and combating the financing of terrorism and the evasion of sanctions.
The BCBS is, of course, right to highlight the financial crime risks associated with crypto-assets.
Advances in anonymous crypto currencies have raised concern for many. As are the developments by a number of countries to create their own crypto-assets in order to circumvent international sanctions. As a result, few banks have been willing to take on crypto or virtual asset providers as clients due to the perceived risks of falling foul of stringent money laundering and terrorist financing legislation.
However, current financial crime laws and regulations in most countries around the world already place strict obligations on banks and other regulated institutions. They are required to establish and maintain financial crime compliance (FCC) programs, and ensure the programs are risk based and designed to identify, mitigate, manage, monitor and report on financial crime related risks.
Based on the strict requirements placed on banks to implement, maintain and oversee robust FCC programs, the crypto-assets warning from the BSBC should already be reflected in banks’ and other regulated financial institutions’ existing financial crime risk management practices.
Many banks, if not most, will consider crypto-asset related businesses, such as crypto exchanges, a “higher risk” business for a client to be engaged in given lack of regulation and other risks noted in the BCBS statement.
In practical terms, if the crypto-asset client is designated a higher risk customer, then a bank will subject the client to more extensive Know-Your-Customer (KYC) requirements at on-boarding and throughout the course of the relationship with the crypto-asset client.
This will mean the bank will conduct enhanced due diligence and enhanced transaction monitoring during the course of the relationship. Banks will also need to account for the fact that a small number of countries, including as of 2018 China and Iceland, consider crypto currencies to be illegal. Providing any banking service to a crypto-asset related client in those countries might immediately cause violations of money laundering laws, depending on the nature of the relationship, the source of funds in the account, and the activity engaged in by the client.
We shouldn’t lose sight of the fact that the crypto-asset market remains small relative to the global financial system, and banks currently have very limited direct exposures to crypto assets. This is acknowledged in the BCBS in its warning but it is also quick to highlight the continued growth of crypto-asset trading platforms.
While the BCBS has spoken out about the lack of maturity in the market and the continued growth of crypto-asset trading platforms, there are a number of developments on both of these fronts.
First, there is evidence that crypto exchanges are moving to adopt the established KYC practices used by banks themselves for managing risk. Second, there is an expectation that updated global rules for the regulation of the crypto-asset industry are on their way.
These developments could help overcome some of the barriers to growth for the industry and banks, investors and the BCBS alike will no doubt watch them closely.
Crypto exchanges are adopting regulatory technology and customer due diligence processes to help manage the risks associated with on boarding and transacting with customers and third-parties. By implementing proven KYC processes they are looking to build trust with both regulators and financial institutions. Leading crypto exchange Binance has recently integrated the same KYC solution used by some the biggest banks in order to grow its compliance competency.
The Financial Action Task Force (FATF), the global standard setter for money laundering prevention standards, is to release its much anticipated plan on governing rules for the crypto industry by June 2019. It has said jurisdictions worldwide will be required to license or regulate cryptocurrency exchanges and some firms providing encrypted wallets.
Global rules for crypto exchanges are a sensible move and will help bank understand how they should treat these businesses when it comes to on boarding. Furthermore, the implementation of the guidelines will be seen as a progress towards a more mature market.
To the extent the banks are considering exposure to crypto-assets, they will do well to adhere to the BCBS warning and conduct their due diligence in line with normal practices for higher risk clients and asset classes.