Risk Management and Crisis Response Blog

New crypto guidance for federally regulated entities

Nov 18, 2022 5 MIN READ

Alternative Crypto Coins

On November 16, 2022, a joint statement was released to federally regulated entities engaging in crypto-asset activities or crypto-related services by the Office of the Superintendent of Financial Institutions (OSFI), the Financial Consumer Agency of Canada (FCAC), and the Canada Deposit Insurance Corporation (CDIC). OSFI, FCAC and CDIC are core members of Canada’s Financial Institutions Supervisory Committee.

The joint statement explicitly reinforces “the expectation that […] federally regulated entities adhere to all applicable current regulatory requirements and any guidance when carrying out any crypto-related services or engaging in crypto-asset activities”. This includes a requirement that federally regulated entities “clearly understand the risks of any planned crypto-asset activities and ensure that these risks have been properly addressed” and that such entities comply with existing federal financial laws including the Bank Act, Insurance Companies Act, Trust and Loan Companies Act, and Proceeds of Crime (Money Laundering) and Terrorist Financing Act, as well as any regulations or guidance issued by federal and provincial regulatory agencies.

In addition, the joint statement addresses the core competencies of each of OSFI, FCAC and CDIC as follows:

  • Prudential Regulation (OSFI): The joint statement refers to OSFI’s proposed Digital Innovation Roadmap, also published on November 16. The proposed roadmap lays out OSFI’s digital priorities in the evolving digital finance ecosystem. This includes the creation of a Digital Innovation Impact Hub whose workplan is currently focused on four key pillars: advancing policy work, creating a regulatory sandbox, developing supervisory practices and tools, and furthering stakeholder engagement. As part of its policy work, OSFI is working with domestic and international partners to consider approaches to the prudential regulation of stablecoin arrangements, and OSFI plans on providing additional clarity and/or consulting on areas of risk management and governance for digital assets in Canada, beginning with stablecoin arrangements, followed by other related activities, including crypto custody, crypto lending, crypto staking, and other DeFI applications, and finally a review of other technologies, such as payment innovation, open banking, artificial intelligence and machine learning.

    In connection with the roadmap, OSFI is seeking public consultation on two questions:

    • The first is whether, in addition to providing additional clarity on areas of risk management and governance that are specific to stablecoin arrangements and crypto-asset custody, there are any other priority areas or digital innovation topics OSFI should focus on, in the short and medium term.
    • The second is with respect to the proposed regulatory sandbox, and seeks to understand whether respondents have an interest in learning more or participating in the sandbox and, if yes, for which type of products and services.

    Feedback is being sought from both regulated and non-regulated entities on these questions; the deadline for responses is January 19, 2023. It is encouraging that OSFI is considering a sandbox approach in this space which may further sector engagement and balance thoughtful, prudential regulation with innovation.

    The joint statement also references the recently published Interim Arrangements for the regulatory capital and liquidity treatment of crypto-asset exposures, which provides a capital and liquidity framework contemplating two categories of crypto assets. First, “Group 1” assets, being digital representations of traditional assets (e.g., a tokenized corporate bond or a tokenized bank deposit), which can be treated comparatively to the underlying traditional assets (the corporate bond or bank deposit), provided all  criteria set out in the framework are met. Second, “Group 2” assets, a residual category that comprises all other crypto assets that fail to meet the Group 1 criteria. This category includes cryptocurrencies like Bitcoin and Ethereum, which are subject to more conservative prudential treatment.

  • Consumer Protection (FCAC): The joint statement provides that “FCAC expects regulated entities planning on developing or offering crypto-assets to notify the Agency and provide any information requested by FCAC.” The term “crypto-assets” is defined broadly in the joint statement as “any digital asset implemented using cryptographic techniques”. The phrase “developing or offering” is not defined, but suggests (along with the definition of “crypto-assets”) a wide ambit.

    The joint statement also references the recently published Financial Consumer Protection Framework: enhanced protection for bank customers, which is a general (not crypto-specific) framework designed to strengthen the consumer protection measures applicable to all federally-regulated entities.

  • Deposit Insurance (CDIC): The joint statement reiterates that crypto-assets are not eligible for deposit insurance under the CDIC Act, and reinforces that CDIC member institutions must provide clear, accurate and accessible disclosure about deposit insurance protection to consumers.

These measures are particularly notable in context of the ongoing ‘crypto winter’. As we wrote in an Update published on August 5, 2022, the intermingling of rights and interests that is typical in crypto-related entities (e.g., where owners of a company’s equity shares are also owners of the crypto-assets that are issued, sold or traded by the company) can create significant risks to consumer protection, as well as the stability, integrity, privacy and security of the financial system. The joint statement is designed to address these risks.

Moving towards a holistic national approach

The joint statement is notable in that it signals a level of collaboration amongst federal regulators, underscoring the magnitude of the potential impact of crypto-assets and crypto-related activities on Canada’s financial system.

As crypto markets grapple with complex jurisdictional and characterization questions, regulators across Canada and the world have been trying to get their collective heads around the most effective way to regulate the digital asset sector, and many have lamented the pace of progress in that regard, including capital markets regulators (as we discussed here, here and here) . The form of coordination in the joint statement is particularly novel and welcomed.

That said, the joint statement applies only to federally-regulated entities. The integration of other market players will require coordination and cooperation amongst the 13 provincial and territorial jurisdictions, as well as the Investment Industry Regulatory Organization of Canada (IIROC), and its soon-to-be established successor (as we discussed here), for a truly holistic national approach.

For questions regarding these trends or any inquiries relating to Canada’s digital asset ecosystem, please contact the members of Osler’s Digital Assets and Blockchain Group. For questions regarding the federal regulation of financial entities generally, please contact the members of Osler’s Financial Services Regulatory Group.