Federal Reserve Clarifies Rules for Banks Holding Crypto Assets

The Federal Reserve, the Federal Deposit Insurance Corporation (FDIC), and the Office of the Comptroller of the Currency (OCC) have issued a joint statement clarifying the rules for banks that wish to hold cryptocurrency assets for their customers. The statement emphasizes the need for banks to implement robust systems to manage the risks associated with crypto custody, including hacking, system failures, and the loss of private keys. The regulators have not introduced new regulations but have highlighted the importance of strong risk management frameworks.

The agencies confirmed that banks can hold crypto assets in either a fiduciary or non-fiduciary capacity. In fiduciary safekeeping, banks act on behalf of the customer with legal authority, similar to a trustee or investment advisor. In this scenario, banks must adhere to specific federal rules under 12 CFR 9 or 150, as well as any applicable state laws or agreements. For non-fiduciary safekeeping, banks must still protect the assets with strong systems to guard against various risks. The agencies stressed that any bank offering this service must build a solid risk-management framework and update it as the crypto market evolves.

The statement also noted that the crypto world is rapidly changing, and banks need to keep up with these changes. Any bank offering crypto storage must follow the law and ensure that all activities are conducted in a safe and sound manner, similar to other banking services. The regulators have been issuing several updates to guide banks in the crypto space. In May, the OCC confirmed that banks are now allowed to buy and sell crypto for themselves. The FDIC also changed its approach, stating that banks do not need to get permission before starting crypto activities.

The joint guidance aims to standardize crypto custodial practices across banks, ensuring safe execution and compliance. The agencies reminded banks that such activities must be conducted in a safe and sound manner and in compliance with applicable laws. The statement also emphasized the need for banks to plan ahead, check their safety measures, and be ready to fix problems quickly. The evolving nature of the crypto-asset market requires banks to consider the risks involved and implement strong systems to manage these risks effectively.

Banks are permitted to hold crypto assets for their customers, either in a fiduciary or non-fiduciary capacity. However, banking organizations must consider several key rules when offering such services. The agencies confirmed that banks are permitted to hold crypto assets for their customers, either in a fiduciary or non-fiduciary capacity. However, banking organizations must consider several key rules when offering such services. The agencies confirmed that banks are permitted to hold crypto assets for their customers, either in a fiduciary or non-fiduciary capacity. However, banking organizations must consider several key rules when offering such services. The agencies confirmed that banks are permitted to hold crypto assets for their customers, either in a fiduciary or non-fiduciary capacity. However, banking organizations must consider several key rules when offering such services.

While a bank can hold crypto assets on behalf of a client, the agencies reaffirmed that the liability for safekeeping rests with the bank. As such, banks have to assume full control of the assets, in this case, the keys. Per the guidance, a banking organization has to “reasonably demonstrate” that no other party, including the customer, can access the assets while still under the safekeeping of the bank. Banks are also allowed to use third-party custody vendors. However, the bank in question is the one responsible and will be liable for the third party’s actions.

The Federal Reserve, FDIC and OCC’s statement comes amid an observable shift in the regulatory approach to bank and crypto in the U.S. The FDIC, for instance, released documents related to crypto debanking in February 2025, and in March, clarified that banks can engage in crypto-related activities without having to seek prior approval from the agency. The Federal Reserve also issued a similar guidance in April.