On 16 December 2022, the Basel Committee on Banking Supervision (the “BCBS“) published its much-anticipated standard on the prudential treatment of cryptoasset exposures (the “Standard“), which will be incorporated into the consolidated Basel Framework in due course. Publication of the Standard follows two related consultations published by the BCBS in June 2021 and June 2022.
The Standard provides much needed clarity and the potential for international harmonisation. The implementation deadline is 1 January 2025. It remains to be seen how national competent authorities will integrate the Standard into their supervisory approaches, especially prior to implementation through relevant legislative frameworks such as the Capital Requirements Regulation (“CRR“).
The Standard will significantly influence the activities of banks in the cryptoassets landscape:
- Punitive capital treatment of unbacked cryptoassets and stablecoins with ineffective stabilisation mechanisms will discourage banks’ activities in respect of such assets, eg lending backed by such assets or entering into derivatives.
- On the other hand, the capital treatment of tokenised securities (these are traditional securities issued or held on blockchain) as effectively conventional securities, albeit with possible infrastructure risk adjustments, is likely to drive further activities in this space, eg holding such assets on banks’ balance sheets and entering into derivatives.
- The BCBS’s clarification that credit, market and liquidity risk requirements will not apply to custodial assets will likely encourage crypto custody activities by banks.
Banks with cryptoasset exposures or cryptoasset-related activities should begin to consider how they may be impacted by the implementation of the Standard in their jurisdiction.
State of play: Current prudential treatment of cryptoasset exposures
To understand the change and uplift that the Standard will bring about, it is useful to understand the current prudential treatment of cryptoasset exposures in the UK and the EU.
Neither the EU or the UK currently have a specific, granular, harmonised approach to the prudential treatment of cryptoasset exposures, and in the interim, until standards are developed, firms and regulators need to rely on existing capital frameworks.
In the UK
The PRA’s Dear CEO Letter – Existing or planned exposure to cryptoassets published on 24 March 2022 (the “PRA Letter“) indicates that, while no one part of the current framework fully captures crypto risks, a combination of strong risk controls, operational risk assessments, robust new product approval processes, Pillar 1, Pillar 2, and ongoing monitoring arrangements should provide appropriate interim treatment.
In the EU
- the European Banking Authority’s (“EBA“) Report with advice for the European Commission on crypto-assets, published on 9 January 2019, indicates that, much as with the UK, firms and regulators need to rely on first principles and the wider prudential framework. The EBA cautions that, pending developments on the international front, firms and regulators should adopt a conservative approach to the treatment of cryptoasset exposures in Pillar 1, supplemented by Pillar 2 requirements if necessary;
- the EU’s CRR 3 proposal published on 27 October 2021 (the “CRR 3 Proposal“) does not specifically address the prudential treatment of cryptoassets for now (whilst noting the BCBS efforts with the Standard). However, there have been new developments following the recent vote on CRR 3 by the European Parliament’s Committee on Economic and Monetary Affairs (“ECON“) on 24 January 2023. Proposed amendments reportedly include an interim treatment to apply a 1,250% risk weight to cryptoassets until 31 December 2024 (immediately before the implementation deadline for the Standard). Given that the CRR does not define ‘cryptoassets’, the scope of this proposal should be clarified during the trilogue process, as it is currently unclear whether this treatment would apply to tokenised traditional assets. The ECON also proposed that banks should disclose their exposure to cryptoassets and cryptoassets services as well as a specific description of their risk management policies related to cryptoassets. ECON has also invited the European Commission to submit a legislative proposal by June 2023 on a dedicated prudential treatment for exposures to crypto-assets; and
- the Markets in Cryptoassets Regulation (“MiCA“), which is expected to come into force in 2023, sets its own prudential requirements on ‘crypto-asset service providers’ in relation to certain ‘crypto-asset services’ (rather than asset exposures). In respect of such services, crypto-asset service providers must generally have in place prudential safeguards – either own funds in the form of CET 1 items as defined in the EU CRR or insurance – equal to an amount of at least the higher of either: (i) certain minimum capital requirements prescribed in MiCA; or (ii) one quarter of the fixed overheads of the preceding year.
The Standard: Proposed treatment of cryptoasset exposures
The Standard defines “cryptoassets“ as “private digital assets that depend primarily on cryptography and distributed ledger technologies or similar technologies”. “Digital assets” are defined as “digital representation in value which can be used for payment or investment purposes or to access a good or service”.
This definition is relatively broad and will cover most digital assets, including, it appears, non-fungible tokens (“NFTs“). Dematerialised securities issued through distributed ledger technology (“DLT“) or similar technologies, as opposed to electronic versions of traditional registers, are also caught. Central bank digital currencies (“CBDCs“), on the other hand, are currently out-of-scope but BCBS has said that it will review this position.
The Standard classifies cryptoassets into the following two groups:
Group 1 cryptoassets
- Group 1 cryptoassets must meet, in full, a set of classification conditions. This category generally captures:
- tokenised traditional assets, i.e. dematerialised securities issued through DLT or similar technologies (“Group 1a cryptoassets“); and
- stablecoins (“Group 1b cryptoassets“).
- Group 1 cryptoassets are subject to capital requirements based on the risk weights of underlying exposures, as set out in the existing Basel framework.
- Stablecoins would need to meet a redemption risk test and a supervision/regulation requirement in order to be included in Group 1, the purpose of which is to ensure that only stablecoins issued by supervised and regulated entities that have robust redemption rights and governance are eligible for inclusion. Algorithm-based stablecoins or those stablecoins that use protocols to maintain their value are not eligible for Group 1 In respect of Group 1 cryptoassets generally, authorities would be able to activate an infrastructure risk add-on where weaknesses are observed in the digital infrastructure. This more flexible approach is in contrast to the original proposal for a fixed add-on.
Group 2 cryptoassets
- Group 2 cryptoassets are cryptoassets that fail to meet any of the classification conditions. This category captures all unbacked cryptoassets – including household names such as Bitcoin and Ethereum – in addition to any tokenised traditional assets and stablecoins that fail the classification conditions.
- Group 2 cryptoassets would be subject to more conservative capital treatment.
- A set of hedging recognition criteria is used to identify Group 2 cryptoassets:
- where a limited degree of hedging is permitted to be recognised (“Group 2a cryptoassets“); and
- where hedging is not recognised (“Group 2b cryptoassets“).
- A bank’s Group 2 cryptoassets would also be subject to an exposure limit whereby a bank’s total exposure to Group 2 cryptoassets should generally not be higher than 1% of the bank’s Tier 1 capital and must not exceed 2% of the bank’s Tier 1 capital. To the extent a bank breaches the 1% limit, it will need to apply the more conservative Group 2b capital treatment to the excess amount. Breaching the 2% limit would result in the whole Group 2 exposures being subject to the Group 2b capital treatment.
- The Standard also provides descriptions of how the operational risk, liquidity, leverage ratio and large exposures requirements should be applied in the context of cryptoasset exposures.
- EU: The Standard will likely be implemented into the EU’s CRD/CRR framework, although the timeframe is currently unclear. The explanatory notes for the CRR 3 Proposal note that, given the BCBS’s ongoing work at the time of publication, the proposal at that time would not specifically address the prudential treatment of cryptoassets. However, the CRR 3 Proposal does provide for: (i) a review to be conducted by the European Commission on whether a dedicated prudential treatment for cryptoassets would be needed; and, if appropriate, (ii) adoption of a legislative proposal, taking into account the work undertaken by the BCBS. In the meantime, it remains to be seen how national regulators in the EU will incorporate the Standard in their supervisory approaches. Impacted banks will need to have regard to MiCA prudential requirements in addition to CRR and the Standard.
- UK: We expect the PRA to consult on new rules based on the Standard, as contemplated in the PRA Letter, although there is currently no clear timeframe.
- Other jurisdictions: Beyond the EU and the UK, it is worth noting that, shortly after publication of the Standard, the Hong Kong Monetary Authority (“HKMA“) announced that it intends to implement the Standard locally by 1 January 2025. It remains to be seen whether other regulators will follow suit.
- Future review of the Standard: The BCBS has indicated that it will closely monitor implementation of the Standard and banks should expect BCBS to collect data in this area as part of its regular Basel III monitoring exercise. Banks should also expect the Standard to be fine-tuned over time to take account of emerging risks and trends, as well as the results of future BCBS reviews. Areas that the BCBS has already earmarked for review include, among others, inclusion of cryptoassets that use permissionless blockchain in Group 1 and allowing the treatment of some Group 1b assets as eligible collateral.