This guidance, while not introducing new rules, reinforces the necessity for banks to utilize existing risk management frameworks and compliance protocols when handling digital assets on behalf of their customers.
The guidance defines “safekeeping” as the act of holding an asset for a customer’s benefit, emphasizing that banks may also offer additional custody services while focusing on the safekeeping of crypto assets.
The regulators acknowledge the complexities involved in digital asset custody. They highlight the importance of existing laws and regulations that govern fiduciary and non-fiduciary capacities.
Timur Suleimenov, head of the National Bank of Kazakhstan, noted that the potential for high returns from cryptocurrencies is enticing, but it is crucial to recognize the volatility associated with these assets. The regulators urge banks to conduct thorough risk assessments before entering the crypto safekeeping space.
Furthermore, the guidance stresses the necessity for banks to have knowledgeable staff capable of navigating the intricacies of crypto-asset safekeeping. This includes developing contingency plans to address unforeseen challenges that may arise in providing these services.
The guidance also emphasizes the importance of clear customer agreements that define the responsibilities of both the bank and its clients. Such agreements should address specific issues related to digital asset safekeeping, including governance, asset holding methods, and the role of any sub-custodians involved in the process.
To ensure effective oversight, banks are encouraged to implement comprehensive audit programs that assess their crypto-asset safekeeping operations. These audits should cover various aspects, including cryptographic key management, customer asset transfers, and the overall effectiveness of the bank’s internal controls.
Featured image from DALL-E, chart from TradingView.com
