Banking on Crypto: Regulators Clarify Rules for Digital Asset Safekeeping
Federal banking regulators continue to promote a more "crypto-positive" regulatory environment through recent joint guidance issued to clarify risk management and compliance expectations for banks providing crypto-asset safekeeping services.
On July 14, 2025, the federal banking regulators—the Federal Reserve, the Federal Deposit Insurance Corporation ("FDIC"), and the Office of the Comptroller of the Currency ("OCC")—released a joint statement ("Guidance") clarifying regulatory expectations for U.S. banks holding crypto-assets for customers. The Guidance does not establish a new authority or approval process for banks to safekeep crypto; rather, it encourages banks to engage in crypto safekeeping activities according to the same high standards kept across the banking sector. The agencies treat crypto-asset safekeeping within the same legal framework as other custodial assets.
The Guidance clarifies that banks may hold crypto-assets in both a fiduciary and nonfiduciary capacity. Regulations and other legal requirements impose heightened standards of care on the former, while the latter is governed by client contracts and general risk management standards.
Key requirements in the Guidance instruct banks to maintain exclusive control over cryptographic keys, ensure robust cybersecurity, and conduct thorough due diligence on any third-party custodians. While banks may use third-party sub-custodians, they remain fully responsible for customer assets and the actions of any sub-custodians. A bank's board of directors, officers, and employees are also expected to have knowledge and understanding of crypto-asset safekeeping services.
Although some crypto-assets favor anonymity in certain contexts, banks must strictly comply with anti-money laundering rules and counter-terrorism concerns. Banks operate under a number of legal requirements that require them to verify customers' identities and monitor for suspicious activity. The Guidance further emphasizes the importance of well-structured customer agreements, regular audits, and ongoing staff training to address evolving risks.
The Guidance reflects a continued shift toward regulatory clarity for banks engaging in crypto-asset activities. The statement aligns with recent actions of the FDIC and OCC to allow for greater crypto inclusion in the financial ecosystem, including the rescission of prior guidance suggesting that digital asset activities, although legally permitted, were unlikely to be conducted in a manner consistent with safety and soundness in banking. The Guidance represents another step forward in opening the door to crypto in the banking system.
