Why banks´ compliance focus should be on….crypto.

By Eric Groothedde

May 2, 2024

For the last couple of years, it has been rather easy for most banks to ‘deal’ with crypto. Or perhaps I should say ‘ignore’ or ‘neglect’ crypto, which is quite understandable, to be honest. At that time, crypto was an unregulated industry, with a high risk of all kinds of criminal activity, more polluting than nation states, a threat to traditional banking, and the cherry on the cake: no regulator or supervisor applauded the idea of a bank legitimizing this Wild West industry, exposing the regulators’ challenges in expertise, mandate, and regulatory clarity, and pushing clients towards risky investment behavior.

Even though banks have become more active in offering crypto services, obtaining licensing, and developing strategies, the vast majority of them are still very conservative about moving in that direction. Their restrictive policies and risk appetites on crypto seem harder to change than a validated block on a blockchain.

From a business point of view, this is not a risk per se. Banks can stay away as long as they want if that is in their perceived best interest. However, it has one possible yet impactful side effect that has grown in significance: Banks underestimated the impact of crypto on their organization when they don’t conduct any business, yet their clients, counterparties, and partners do. Because the bank wasn’t active in developing any business and didn’t onboard crypto customers (factually de-risking a whole industry), the focus of business, compliance, risk, and legal was elsewhere. All the while, they forgot to properly assess the risk they do face with crypto, the challenge it brings in mitigating them, and how to be in control of this exciting, complex, and versatile industry. Making sure to provide the right support for prudent business development, instead of unnecessarily paralyzing the opportunity. Attracting talent and acquiring the right expertise. Protecting their organization in terms of liability, reputation, and regulatory compliance. Building a clear strategy and updated risk appetite.

So why should banks’ compliance focus be on crypto?

1. It remains a very high-risk industry (e.g., crypto is a top money laundering risk according to several recently published national threat assessments, including those of the Netherlands and the UK).
2. Its versatility makes it complex to manage from a bank perspective: it touches almost all key risk areas for banks, including AML/CFT, fraud, customer due diligence, tax and sanctions evasion, market abuse, ESG, cyber, regulatory compliance, legal, and financial risk – this needs coordination.
3. The industry matures rapidly from a regulatory point of view (e.g., the Markets in Crypto-Assets Regulation in the EU), legitimizing businesses that need access to banking services, putting more pressure on ‘out of appetite’ (or de-risking) practices of banks.
4. Expertise in this area is scarce and becomes more expensive over time due to the undeniable dynamic of supply and demand.
5. Because you need to protect your organization, clients, and leadership. Assure your organization is ready to meet legal and regulatory obligations, can operationalize a risk-based approach, can keep and attract the right clients, and prevent increased compliance and legal costs.

Feel free to reach out to me on eric@crysk.eu to discuss your organization’s situation. Looking forward to engage.