Rules Navigator

OCC clarifies crypto custody rules and eases bank merger

Cash dollar bills and stock market indicators
Photo: Javier Ghersi/Getty Images

Vlada Gurvich

 Click to share on Facebook (Opens in new window/tab) Click to share on Twitter (Opens in new window/tab) Click to share on LinkedIn (Opens in new window/tab) Click to share on WhatsApp (Opens in new window/tab)

In two decisive moves, the OCC reaffirms its commitment to regulatory clarity.

In an era where the architecture of finance is being redrawn by both code and consolidation, the Office of the Comptroller of the Currency (OCC) has issued two critical updates that signal a return to regulatory first principles: clarity, continuity, and proportionality.

Through its interpretive letter on cryptocurrency custody, the OCC underscores the digital innovation that can be housed within the vaults of traditional banking, provided that risk is managed with discipline and purpose.

Simultaneously, by restoring streamlined procedures for low-risk bank mergers, the agency affirms that not all growth is suspect – some is structural, necessary, and beneficial when rooted in sound oversight.

Together, these actions reflect a philosophical recalibration: that effective regulation is not about resisting change but about shaping it with wisdom drawn from institutional memory.

Crypto-asset custody and execution services

On May 8, the OCC released Interpretive Letter 1184, reaffirming the authority of national banks and federal savings associations to provide crypto-asset custody and execution services.

This statement builds upon and clarifies previous letters, most notably Interpretive Letter 1170 from July 2020 and the more recent Letter 1183, underscoring the OCC’s consistent view that safeguarding digital assets can be considered a modern expression of traditional custodial banking functions.

Notably, while the letters assert regulatory continuity, they stop short of addressing whether cryptocurrencies qualify as “exchange” under 12 USC § 24(Seventh), leaving that legal interpretation to future deliberations.

The OCC’s position reflects a broader regulatory strategy: integrating innovative technologies within the traditional banking framework without undermining long-standing fiduciary standards and risk controls.

By recognizing the need for banks to offer safekeeping services for cryptographic keys, integral to digital asset control, the OCC emphasizes that such services are not radical departures but rather evolutions of safekeeping practices.

This continuity allows institutions to meet increasing demand for secure storage solutions amid rising concerns about key loss and custodial reliability, particularly among investment managers who seek compliant digital asset solutions.

However, the interpretive letters also signal a careful balancing act between innovation and restraint. While banks may expand their digital offerings, the OCC insists that these services be developed and executed in line with existing risk management expectations, business strategies, and compliance with applicable law.

Banks must ensure their systems can identify, monitor, and control risks associated with crypto custody, including implementing dual controls, segregation of duties, and internal audit systems. These standards, already codified in OCC supervisory guidance, emphasize that digital custody must meet the same rigor as any other custodial service.

This nuanced approach allows traditional institutions to support digital markets without abandoning the foundational legal and operational principles that underpin safe and sound banking services.

Importantly, the OCC distinguishes between crypto services that mirror traditional banking and those that are wholly novel. Services such as key safekeeping and digital escrow align with historical precedents and thus fall under the banks’ permissible activities.

However, the OCC recognizes that some crypto-specific functions, particularly those involving sub-custodians and fiduciary duties, require heightened oversight, especially given the rapidly evolving nature of the sector.

This nuanced approach allows traditional institutions to support digital markets without abandoning the foundational legal and operational principles that underpin safe and sound banking services.

The OCC’s interpretive letters offer a stabilizing counterpoint to the SEC crypto roundtables’ more fragmented approach to crypto regulation, particularly in the realm of custody.

While the SEC’s third roundtable surfaced foundational disagreements over definitions, fiduciary structures, and the very architecture of custody, the OCC has maintained a methodical trajectory over several years.

Its guidance not only affirms that cryptocurrency custody fits within the historical scope of bank safekeeping services, but also anchors that authority in statutory clarity and consistent risk management expectations. This contrast is particularly salient given the SEC’s recent struggles to define core custodial principles amidst industry fragmentation.

If the SEC’s roundtables revealed fault lines in policy coherence, they also spotlighted an opportunity: the Commission could greatly benefit from the OCC’s measured, legally grounded framework, an approach that builds on precedent rather than scrambling to reinvent it.

In a regulatory climate hungry for certainty, the OCC’s steady hand serves as a blueprint for how financial oversight can evolve without sacrificing coherence.

Interim final rule on bank mergers

The OCC has taken a decisive step to recalibrate its approach to bank merger reviews by issuing an interim final rule that restores expedited procedures and streamlined application forms previously rescinded in 2024.

This reversal underscores the agency’s recognition that the prior policy changes, although well-intentioned, introduced undue burden and uncertainty for institutions pursuing low-risk mergers.

By reintroducing §5.33(i) and (j), the OCC allows well-managed, well-capitalized banks, particularly those with modest targets or intra-group reorganizations, to proceed under more predictable and less onerous regulatory pathways.

The significance of this development lies not merely in administrative efficiency, but in regulatory balance. In a sector where both consolidation and systemic resilience are in delicate tension, the OCC’s updated stance affirms that speed and safety need not be mutually exclusive.

The reinstated rules preserve public notice and comment requirements, while allowing for expedited approvals in scenarios with historically low supervisory risk.

This interim rule reestablishes a clear framework that allows banks to self-assess eligibility and prepare accordingly.

In contrast to the 2024 Final Rule, which introduced a dense policy statement with little operational clarity, this interim rule reestablishes a clear framework that allows banks to self-assess eligibility and prepare accordingly.

As the OCC noted, many applications are submitted by “healthy banks whose applications should entail low levels of risk”, an insight that now has structural footing in the restored review mechanism.

This action also resonates with prior efforts by the OCC to bring greater transparency to its merger processes. As former Acting Comptroller Michael Hsu remarked in 2024: “You have two risks with mergers. One risk is that we approve too many mergers and therefore we’re approving bad mergers. The other risk is we approve too few mergers and therefore there are good mergers that should happen that aren’t.”

In that spirit, the interim rule functions as a corrective tool, not only restoring a mechanism for good mergers to proceed efficiently, but also removing the ambiguity created by the 2024 overhaul.

It reflects a broader institutional commitment to codifying reasoned, risk-based expectations. In a volatile environment where consolidation is inevitable and scrutiny is essential, the OCC’s return to calibrated flexibility offers a model of regulatory clarity grounded in prudence.

, , , ,

You may also like