Due Diligence Matters with Digital Assets Partnerships
Guest editorial by Larry Pruss, Managing Director, Digital Assets Advisory Services, SRM (Strategic Resource Management)
Federal regulators continue to advise on how credit unions conduct due diligence for digital assets solution providers. A lapse in vetting could expose CUs to an array of risks, ranging from reputational impact to non-compliance with government sanctions and BSA requirements.
In its Fiscal Year 2023 Bank Supervision Operating Plan, the OCC urged examiners to determine if FIs apply proper risk management governance to third-party relationships. Examiners were encouraged to ensure institutions conduct the proper due diligence for potential relationships.
Risk management governance applies to any third-party relationship, including fintechs. Examiners should identify if a CU's relationships involve member-facing products and services, are critical to operations, represent significant concentrations, affect operational resilience, or impact regulatory compliance. They should also determine if a credit union and its third parties have sufficient, qualified staff to meet contractual obligations. Cyber-related risks are another important consideration.
The direction goes beyond crypto and other digital assets.
The OCC wants examiners to identify institutions that implement significant operational changes using innovations such as cloud computing, AI, digitized risk management processes, and Banking-as-a-Service (BaaS) arrangements. When new products, including crypto-related services, are present, examiners should evaluate items such as reviews of due diligence activities and evaluations of expertise to manage a wide range of risks.
Finally, examiners should assess whether credit unions sought and received supervisory non-objections before engaging in highlighted activities.
A recent OCC regulatory order, along with messaging from the Federal Deposit Insurance Corp. on crypto relationships, provides more evidence that federal regulators are closely watching how FIs evaluate their fintech relationships.
Global Adoption Rises
Other factors are increasing the importance of conducting proper due diligence, including the growing popularity of offering digital assets and leveraging digital ledger technologies (DLT). We continue to see worldwide adoption and buildout of the crypto rails in countries like Vietnam, the Philippines, Ukraine, and India.
Users in lower-middle and upper-middle-income countries often rely on crypto to send remittances, preserve savings in times of fiat currency volatility, and fulfill other financial needs unique to their economies. These countries tend to lean on Bitcoin and stablecoins more than others.
As a result of this adoption, financial institutions around the world are starting to offer digital assets and install digital ledger technologies (DLT), reflecting client demand and recognition that adoption provides opportunities to add revenue, cut costs, and gain clients.
Here are a few examples:
Revolut(UK) offers a variety of banking services as well as the ability to purchase Bitcoin through its app.
Change (Estonia) offers crypto trading services and investment options in traditional assets such as stocks, gold, indices, and commodities.
Worldcore (Czech Republic) offers users the ability to spend via debit and virtual cards in various currencies, including crypto.
We've seen several FIs offer services to retail and institutional investors in the US. While most of these solutions are focused on retail clients and offer crypto buy/sell/hold options, BNY Mellon, America's oldest bank with $43 trillion in assets under custody, has begun offering custodial services for its institutional clients. When surveying those clients, BNY Mellon found that 91% were interested in investing in tokenized products, and 41% already had them in their portfolios.
JPMorgan Chase is another bank that has invested in DLT. It has an entire business unit called Onyx that focuses on digitizing assets and providing real-time cross-border settlement. And Current, a fintech provider, uses DLT to lower operating expenses, letting it offer higher-than-average yields.
Determining if digital assets and/or DLT would benefit an institution and then finding the right partner(s) to deliver a compliant and scalable solution in a timely manner is no easy task. In addition, due diligence is challenging for credit unions to handle independently. Even if an FI believes it has identified a good digital asset partner, it is critical to have an independent review of that decision. Working with a third-party provider who is experienced in helping financial institutions identify and evaluate the risks of engaging with digital assets and DLT is vital to the success of credit unions.
Larry Pruss, Senior Vice President, is the lead of Strategic Resource Management’s Crypto Advisory Practice. The advisory practice assists clients by providing education and strategic guidance on blockchain, cryptocurrencies, and decentralized finance. Larry has over 25 years of financial services experience; successfully leading a broad range of banking and credit union initiatives.