NCUA writes letter to credit unions about third-party digital asset services

by Justin White, NAFCU Compliance Blog
NCUA

On December 16, 2021, the National Credit Union Administration (NCUA) issued Letter to Credit Unions 21-CU-16 (letter) to provide guidance regarding the authority of federal credit unions to connect digital asset service providers with federal credit union members. The letter outlines federal credit unions’ authority to establish relationships with third-party digital asset services and how federal credit unions may monitor and evaluate these relationships.

NCUA maintains the Federal Credit Union Act authorizes federal credit unions to “act as a finder to bring together their members and providers of third-party services, including services related to digital assets.” This authority is granted within the incidental powers of federal credit unions. NCUA cautions federal credit unions that while the guidance permits a federal credit union, under its incidental powers, to provide “administrative functions in connection with finder activities…these functions do not create an agency or brokerage relationship.” NCUA stresses a federal credit union is also required to comply with other applicable laws and regulations such as the Bank Secrecy Act, cyber security requirements, and other safety and soundness practices. For one, a federal credit union acting within its finder capacity must also ensure compliance with §721.7 of NCUA’s own regulations.

This new guidance does not create exceptions to the existing regulatory framework. NCUA emphasizes the original framework, which exists to oversee how federal credit unions connect its members with third-party services, still applies to third-party digital asset service providers. As a result, the guidelines are written within the existing framework to assist federal credit unions in establishing practices to manage third party-member relationships in relation to digital assets and products. One concern emphasized throughout the letter is the rapidly changing technological environment and its effects on available digital asset products and services. With the fluid situation and the potential risks, NCUA maintains a federal credit union’s written policies and procedures should be written to “ensure appropriate internal controls and ongoing compliance with applicable law.”

 

continue reading »