In the past several months, bad actors have escalated their attacks against critical infrastructure and industries. These actions are bringing renewed focus to the role of cryptocurrencies in facilitating criminal activity and helping foreign governments evade sanctions and to the resultant need for heightened regulatory intervention.
While policymakers work to tackle crypto’s role in the scourge of ransomware, ICBA is calling for harmonized regulations to ensure strong, clear, and consistent oversight of cryptocurrency service providers.
Community banks stand to benefit from clearly defined guardrails that allow them to explore new opportunities to meet customer needs, evaluate new technologies, and safely grow into cryptocurrencies and other emerging areas.
Ransomware gangs collected almost $350 million last year, up threefold from 2019. Ransomware gangs often work quickly to scatter and conceal their ill-gotten gains. They frequently turn to darknet markets, such as the Russian-language Hydra marketplace, to find other criminals who will convert cryptocurrency into cash, prepaid debit cards, or gift cards.
The attacks have elicited an intensifying federal response. Although the U.S. government successfully recovered most of the ransom paid in response to the recent Colonial Pipeline attack, the government is sounding alarms about the threat of new attacks to municipalities, companies, financial institutions, and schools.
The successful recovery of the funds is evidence of the government’s enhanced efforts to understand and combat ransomware. The Justice Department created a new Ransomware and Digital Extortion Task Force in April, and the team was credited for its crucial work in helping to seize the ransom payment associated with the pipeline incident.
FBI Director Christopher Wray recently likened ransomware’s impact on national security to terrorism. And President Biden discussed ransomware and the “cryptocurrency challenge” at the G7 Summit and his first one-on-one meeting with Russian President Vladimir Putin.
The White House is purportedly interested in developing international standards for Know-Your-Customer protocols and finding ways to require offshore cryptocurrency exchanges to report suspicious transactions. The Biden administration is also urging companies to take the threat seriously and prepare for more attacks.
Community bankers can learn more about cyber and data security mitigation at the ICBA Operational Risk resource center, which has key resources for information, risk assessments, training, and more.
Banking regulators are collaborating on a comprehensive approach to cryptoassets in response to calls from the industry and policymakers to provide regulatory clarity, ensure safety and soundness, and encourage responsible innovation to support the growth and vitality of the U.S. economy.
In prepared testimony for the House Financial Services Committee, Acting Comptroller Michael Hsu resolved to identify a process to help fintechs and payment companies “fit into the banking system,” but he also committed to “do it in coordination with the FDIC, Federal Reserve, and the states.”
Federal Reserve Vice Chair Randall Quarles offered more details on their shared effort. He said the agencies are jointly working on crypto definitions and considering the application of regulations in the crypto space.
The goal of this effort, according to Hsu, is to establish a shared “regulatory perimeter” to prevent a fragmented approach and provide greater clarity to the banking industry and policymakers. Without such clarity, community banks may not know when or how to pursue the potential benefits of these technologies and meet customer needs.
ICBA supports greater cooperation between the agencies to ensure a clear and consistent approach and supports community banks as they find new ways to serve their communities with innovative products and services.
However, some policymakers have said more actions may be necessary to help determine which regulatory agencies have jurisdiction over the wide range of cryptocurrencies and digital assets.
For example, Securities and Exchange Commission Chairman Gary Gensler described Bitcoin as a speculative store of value but said “a lot of crypto tokens…are indeed securities.” Reps. Patrick McHenry (R-N.C.) and Stephen Lynch (D-Mass.) introduced legislation to create a working group of industry experts and representatives from the SEC and Commodity Futures Trading Commission to evaluate the U.S. legal and regulatory framework for digital assets.
Separately, the FDIC recently issued a Request for Information on Digital Assets, which represents the agency’s first effort to solicit industry feedback on these new technologies. Rather than proposing any new actions or regulations, the RFI poses several questions about how banks are exploring digital assets.
Other agencies, notably the Internal Revenue Service, are also keeping a close eye on cryptocurrency. In a June hearing before the Senate Finance Committee, IRS Commissioner Charles Rettig requested statutory authority from Congress to regulate cryptocurrencies. Specifically, he indicated a need for greater clarity about the IRS’s authority to obtain information on high-value cryptocurrency transfers.
Although regulators have not yet issued any new guidance or regulations, all the activity in Washington points towards a new phase of regulatory scrutiny for cryptocurrencies. How regulatory intervention on digital assets will augment payments security, enhance consumer protection, or deter criminals from using cryptocurrency as a tool for evil remains to be seen.
The ICBA Payments and Technology Policy Team is working on several responses to inform regulators on community bank concerns.
Meanwhile, ICBA continues expanding its resources to help members stay informed about these new technologies. Visit the following links to learn more about central bank digital currencies, the basics of Bitcoin, and more:
Brian Laverdure, AAP, is ICBA vice president of payments and technology policy.