On November 16, 2022, the Office of the Superintendent of Financial Institutions (OSFI), the Financial Consumer Agency of Canada (FCAC) and the Canada Deposit Insurance Corporation (CDIC) issued a joint statement to all regulated entities (regulated entities) engaging in crypto asset activities or crypto-related services, including but not limited to, “acting as crypto-asset custodians; maintaining stablecoin reserves; issuing crypto and other digital assets; sub-custodial arrangements for crypto as well as dealing in any derivatives/securities financing transactions (SFTs), or other assets referencing crypto; acting as market makers or exchange or redemption agents in regards to crypto-assets; participating in blockchain and distributed ledger-based settlement or payment systems, including performing node functions; as well as related activities such as finder activities and lending in regards to crypto-assets.”
The statement comes after the sudden collapse of the second largest offshore crypto asset derivatives exchange in the world.
This joint statement begins by explaining that while crypto-related services and crypto assets may present opportunities for the financial system, they also present risks to consumer protection, as well as to the stability, integrity, privacy, and security of the existing financial system. OSFI, FCAC and CDIC state that they have been proactively monitoring the crypto asset sector. This is evidenced through the Department of Finance Canada’s ongoing work on the digitization of money, as announced in Budget 2022.
The joint statement highlights regulatory guidance and obligations which already apply to regulated entities, as summarized below. The Canadian federal financial regulators note that cryptocurrencies, stablecoin arrangements and decentralized finance applications “require prudent and thoughtful oversight and regulatory approaches, since innovations occur both within and outside of the mainstream financial system, sometimes both simultaneously”, and endorse the Financial Stability Board’s principle of “same activity, same risk, same regulation”.
OSFI Digital Innovation Roadmap
Alongside the statement, OSFI published a Roadmap for an Evolving Digital Asset Landscape and invited feedback from both regulated and non-regulated entities. The roadmap includes the launch of a regulatory sandbox in the first half of 2023 to enable experimentation of new technologies in a safe environment. Organizations are invited to express interest in participating in the sandbox by January 19, 2023, including indicating which type of products or services the organization is interested in.
In their roadmap, OSFI identifies clarity on areas of risk management and governance specific to stablecoin arrangements and crypto asset custody as its key priorities, and welcome suggestions for other priority areas or digital invocation topics. OSFI also indicates that it expects in 2023 to finalize its risk management expectations for digital currencies including stablecoins, and that it intends, starting in 2024, to expand the regulatory sandbox (to potentially include new participants and/or products) and to explore further the topics of crypto custody, lending, issuance, staking, derivatives and decentralized finance, as well as payment innovation and advanced artificial intelligence/ machine learning.
Duties and Responsibilities of Regulated Entities
- OSFI expects regulated entities to review its guidance on an interim arrangement for the regulatory capital and liquidity treatment of crypto asset exposures, which goes into effect in Q2 of 2023.
- Whenever regulated entities plan to develop or offer crypto assets, FCAC expects to be notified and provided with any requested information. The requirements of the Financial Consumer Protection Framework should also be considered when developing new crypto-related offerings. As a regulator, FCAC monitors and supervises the compliance of financial institutions, external complaints bodies (ECBs) and payment card network operators with consumer protection measures set out in legislation, public commitments and codes of conduct.
- Crypto assets are not eligible for deposit insurance under the Canada Deposit Insurance Corporation Act. The CDIC recently reinforced the importance of clear, accurate, and accessible disclosure of deposit insurance protection for depositors of CDIC member institutions.
- Regulated entities must also ensure any crypto asset activities comply with existing federal financial laws including the Bank Act, Insurance Companies Act, Trust and Loan Companies Act, and Proceeds of Crime (Money Laundering) and Terrorist Financing Act, as well as any regulations or guidance issued by federal and provincial regulators.