The UK Prudential Regulation Authority has specified its expectations of firms that have exposure to crypto-assets. In a “Dear CEO” letter addressed to top executives of banks, insurance companies and designated investment firms, Sam Woods – Deputy Governor and Prudential Regulation CEO of the PRA, warns that crypto-assets raise concerns related to misconduct and market integrity – many appear vulnerable to fraud and manipulation, as well as money-laundering and terrorist financing risks. Entering into activity related to crypto-assets may give also rise to reputational risks.
The Letter stipulates a set of risk strategies and risk management systems that the PRA considers most appropriate to crypto-assets.
First, the risks associated with cryptos must be considered fully by the board and highest levels of executive management. More precisely, the PRA expects that an individual approved by the regulator to perform an appropriate Senior (Insurance) Management Function (S(I)MF) to be involved actively in reviewing and signing off on the risk assessment framework for any planned business direct exposure to crypto-assets and/or entities heavily exposed to crypto-assets.
In addition, firms’ remuneration policies and practices will have to be adapted to ensure that the incentives provided for engaging in this activity do not stimulate excessive risk-taking.
Finally, firms must ensure that their risk management approach is commensurate to the risks of crypto-assets. Firms will have to conduct extensive due diligence before taking on any crypto-exposure and maintain appropriate safeguards against all the related risks. This includes not only financial risks, but also operational (including cyber) and reputational risks.
Classification of crypto-asset exposures for prudential purposes will depend on the precise features of the asset, but crypto-assets must not be considered as currency for prudential purposes, the Letter says.
Where relevant, firms will have to set out their consideration of risks relating to crypto-exposures in their Internal Capital Adequacy Assessment Process or Own Risk and Solvency Assessment. The regulator also expects firms to inform their usual supervisory contact of any planned crypto-asset exposure or activity on an ad hoc basis and to provide an assessment of the risks associated with the intended exposure.
The cautionary tone of the Letter reflects that of a “Dear CEO” Letter sent by the Financial Conduct Authority (FCA) earlier this month. The FCA said it was particularly worried that this class of products can be abused because it offers potential anonymity and the ability to move money between countries. The banks were told to take “reasonable and proportionate measures” to lessen the risk of their firm facilitating financial crimes which are enabled by cryptoassets.
With regard to clients offering services related to cryptoassets, banks are told that it may be necessary to enhance their scrutiny of these clients and their activities. The services that may require extra attention are those of cryptoasset exchanges which effect conversions between fiat currency and cryptoassets and/or between different cryptoassets, as well as trading activities where banls’ clients’ or counterparties’ source of wealth arises or is derived from cryptoassets.
The post PRA clarifies its expectations regarding firms with exposure to crypto-assets appeared first on FinanceFeeds.