86 FR 141 pgs. 40213-40216 - Request for Information and Comment on Digital Assets and Related Technologies
Type: NOTICEVolume: 86Number: 141Pages: 40213 - 40216
Pages: 40213, 40214, 40215, 40216Docket number: [NCUA 2021-0102]
FR document: [FR Doc. 2021-15948 Filed 7-26-21; 8:45 am]
Agency: National Credit Union Administration
Official PDF Version: PDF Version
[top]
NATIONAL CREDIT UNION ADMINISTRATION
[NCUA 2021-0102]
Request for Information and Comment on Digital Assets and Related Technologies
AGENCY:
National Credit Union Administration (NCUA).
ACTION:
Notice; request for information and comment.
SUMMARY:
[top] The NCUA Board (Board) is gathering information and soliciting comments from interested parties
DATES:
Comments must be received on or before September 27, 2021 to ensure consideration.
ADDRESSES:
You may submit comments by any one of the following methods (Please send comments by one method only):
• Federal eRulemaking Portal: http://www.regulations.gov. Follow the instructions for submitting comments for NCUA Docket 2021-0102.
• Fax: (703) 518-6319. Include "[Your name] Comments on "Request for Information and Comment on Digital Assets and Related Technologies."
• Mail: Address to Melane Conyers-Ausbrooks, Secretary of the Board, National Credit Union Administration, 1775 Duke Street, Alexandria, Virginia 22314-3428.
• Hand Delivery/Courier: Same as mailing address.
Public Inspection: You may view all public comments on the Federal eRulemaking Portal at http://www.regulations.gov as submitted, except for those we cannot post for technical reasons. NCUA will not edit or remove any identifying or contact information from the public comments submitted. Due to social distancing measures in effect, the usual opportunity to inspect paper copies of comments in the NCUA's law library is not currently available. After social distancing measures are relaxed, visitors may make an appointment to review paper copies by calling (703) 518-6540 or emailing OGCMail@ncua.gov.
FOR FURTHER INFORMATION CONTACT:
Policy and Analysis: Scott Borger, Senior Financial Modeler and Todd Sims, National Payment Systems Officer, Office of National Examinations and Supervision, (703) 518-6640; Legal: Thomas Zells, Senior Staff Attorney, Office of General Counsel, (703) 518-6540; or by mail at National Credit Union Administration, 1775 Duke Street, Alexandria, VA 22314.
SUPPLEMENTARY INFORMATION:
I. Background
NCUA Overview
The NCUA is an independent federal agency that insures shares at FICUs, protects the members who own credit unions, and charters and regulates federal credit unions (FCUs). The NCUA is charged with protecting the safety and soundness of credit unions and, in turn, the National Credit Union Share Insurance Fund (NCUSIF) through regulation and supervision. The NCUA's mission is to "provide, through regulation and supervision, a safe and sound credit union system, which promotes confidence in the national system of cooperative credit."? 1 The NCUA also works to protect credit union members and consumers. Consistent with these aims, the NCUA has statutory responsibility for a wide variety of regulations that protect the credit union system, members, and the NCUSIF.
Footnotes:
1 ? https://www.ncua.gov/about-ncua/mission-values.
Decentralized Finance, Digital Assets, and Related Technologies
Decentralized Finance (DeFi) is the broad category of applications adopting peer-to-peer networks, Distributed Ledger Technology (DLT), and related uses, such as smart contracts, to create digital assets like cryptocurrency and crypto-assets, clearing and settlement systems, identity management systems, and record retention systems. 2 As noted, DLT is the digital process to record transactions that are behind many of these innovations. DLT consists of a shared electronic database where copies of the same information are stored on a distributed network of computers. This shared immutable digital ledger both ensures the data cannot be altered and serves to add new information to the database. Information is only added to the distributed ledger when consensus is reached that the information is valid. As a result, any attempt to modify the information on one computer will not impact the information on other computers. "Blockchains" are one type of distributed ledger. In a blockchain, a chronological record of all transactions is created and stored on the ledger by sequentially grouping all transactions together in blocks.
Footnotes:
2 ?There are a number of terms used to describe DLT-based tokens, including virtual currencies, cryptocurrencies, crypto-assets, utility tokens, and digital assets. There are a variety of reasons these terms have evolved including the fact that these digital tokens fail to exhibit the qualities of a currency, and therefore, should not be confused by a term like cryptocurrencies. The term DeFi recognizes that because DLT has been used to develop a broader set of financial products beyond value transfer mechanisms, DeFi encompasses a broader range of different digital and financial products including settlement systems, security-like and equity-like financial instruments, non-fungible tokens, and discount tokens.
Digital assets can be transferred between two people without an intermediary. However, as a practical matter, most members of the public do not have a means of converting dollars into digital assets on their own. Software developers and entrepreneurs have created exchanges to facilitate the exchange of dollars for digital assets and digital wallets to provide customers a convenient way to store their encryption keys required to verify ownership of their digital assets. These entities serve as intermediaries in the new digital ledger payment systems.
Since the introduction of DLT, thousands of projects have used the technology to lower the cost of verifying ownership, storing distributed data, or tracking information. The projects have covered everything from tracking ownership in national land registries to tracking the history of a product in the food supply chain. While DeFi offers a number of potential benefits and opportunities for the credit union system, it also presents several risks, for example: (1) The permanent nature of the transactions necessitates questions about consumer recourse for fraudulent financial activities; (2) the ability to source funds for new projects has the downside of individuals or groups manipulating the price of tokens; (3) the storage of digital assets poses risks of lost or stolen cryptographic keys; and (4) the ability to transfer value through peer-to-peer networks creates unregulated money transmitters that could provide liquidity to those who want to launder money or participate in tax-avoidance schemes.
The NCUA is publishing this request for information with the aim of engaging the broad credit union industry and other stakeholders and learning how emerging DLT and DeFi applications are viewed and used. The NCUA hopes to learn how the credit union community is using these emerging technologies and gain additional feedback as to the role the NCUA can play in safeguarding the financial system and consumers in the context of these emerging technologies. The accelerating pace of change information technology brings, coupled with the widespread diffusion of computing power and the growing importance of networks, is raising new opportunities and challenges. In order to continue to fulfill its mandate to maintain a safe and sound credit union system and protect credit union members, the NCUA is working to better understand the implications of these changes and the associated benefits or challenges that may exist.
II. Request for Comment
[top] The Board seeks comments on the current and potential impact of
Questions Regarding Usage and the Marketplace
1. How are those in the credit union system currently using or planning to use DLT and DeFi applications?
2. What, if any, DLT or DeFi applications are those in the credit union system currently engaging in or considering? Please explain, including the nature and scope of the activity. More specifically:
a. What, if any, types of specific products or services related to these technologies are those in the credit union system currently offering or considering offering to members? Are credit union members asking for specific products or services related to these technologies?
b. To what extent are those in the credit union system engaging in or considering DeFi applications or providing services related to digital assets that have direct balance sheet impacts?
c. To what extent are those in the credit union system engaging in or considering DLT for other purposes, such as to facilitate internal operations?
d. To what extent, if any, are those in the credit union system aware of cross-jurisdiction or cross-border transactions related to DLT and digital assets.
3. In terms of the marketplace, where do those in the credit union system see the greatest demand for DeFi application services, and who are the largest drivers for such services?
4. Are there new developments that might affect use of DeFi applications by those in the credit union system in the future?
5. Are DeFi applications a competitive threat for those in the credit union system?
6. What concerns, if any, do those in the credit union system have related to current statutory or regulatory limitations on their ability to utilize DeFi applications? Are there any changes that would influence the credit union system's ability to utilize DeFi applications?
7. Apart from anything listed in this Request for Information, what other actions should the NCUA take? Please be as precise as possible, including, but not limited to, necessary regulatory changes, additional guidance, and legal opinions.
Operational Questions
8. What are the advantages and disadvantages of FICUs developing DLT and DeFi projects through third-party relationships versus through a credit union service organization (CUSO)?
9. How dependent will FICUs be on third-party software and open-source libraries for their own DLT projects?
Questions Regarding Risk and Compliance Management
10. To what extent are existing risk and compliance management frameworks designed to identify, measure, monitor, and control risks associated with various DLT and DeFi applications? Do some DLT and DeFi applications more easily align with existing risk and compliance management frameworks compared to others? Do, or would, some DLT and DeFi applications result in FICUs developing entirely new or materially different risk and compliance management frameworks?
11. What unique or specific risks are challenging to measure, monitor, and control for various DLT and DeFi applications? What unique controls or processes are or could be implemented to address such risks?
12. What unique benefits or risks to operations do FICUs consider as they analyze various DLT and DeFi applications?
13. How are FICUs integrating, or how would FICUs integrate, operations related to DLT and DeFi applications with legacy FICU systems?
14. Please identify any potential benefits, and any unique risks, of particular DLT and DeFi applications to FICUs and their members.
15. What impact will DLT and DeFi applications have on FICUs' earnings? How will FICUs ensure they account for any negative impact, such as potential lost interchange income as peer-to-peer transactions grow?
16. How are those in the credit union system integrating these new technologies into their existing Information Technology environment securely, including existing cybersecurity functions and data privacy/data protection policies? How are the risks in this area being evaluated?
17. What considerations have commenters given to how to maintain continued compliance with State and Federal laws and regulations that may be applicable to various DLT and DeFi applications, including, but not limited to, those governing securities, Bank Secrecy Act (BSA) and anti-money laundering, and consumer protection? Have those obligations, or uncertainty related to potential obligations, impacted commenters DLT and DeFi activities? How do commenters' DLT and DeFi activities address requirements in these areas?
18. How specifically do DLT and DeFi projects in the credit union system address BSA and Know Your Customer (KYC) requirements?
19. How can FICUs address fraud and other consumer protections with an immutable digital ledger? How can FICUs ensure continued compliance with any applicable consumer protection requirements that may arise with various DLT and DeFi applications, such as obligations related to fair lending, electronic funds transfers, and funds availability?
20. If utilizing, or planning to utilize, any of these or related technologies, what steps have been taken in providing the services and what has been done to ensure the services are being utilized safely and in compliance with all applicable laws and regulations? Please describe:
a. The process for developing a sound business case and presenting it to the board of directors for approval;
b. The process for ensuring the consideration of all of the risks and risk categories;
c. The level of due diligence performed on any vendors or third parties and whether the vendors were a new entry in the market or an established technology provider;
d. The process for assessing the quality and level of internal information systems and technology staff to support systems and applications; and
e. The process for developing internal oversight of the program.
Questions Regarding Supervision and Activities
21. Are there any unique aspects the NCUA should consider from a supervisory perspective?
22. Are there any areas in which the NCUA should clarify or expand existing supervisory guidance to address these activities?
[top] 23. The NCUA's Part 721 application procedures may be applicable to certain DLT activities. 3 Is additional clarity
Footnotes:
3 ?12 CFR part 721.
Questions Regarding Share Insurance and Resolution
24. Are there any steps the NCUA should consider to ensure FICU members can distinguish between uninsured digital asset products and insured shares?
25. Are there distinctions or similarities between stablecoins (cryptocurrencies that are backed by a currency like the U.S. Dollar and are designed to have a stable value compared to other cryptocurrencies) and stored value products where the underlying funds are held at FICUs and, for which pass-through share insurance may be available to members in limited scenarios?
26. If the NCUA were to encounter any of the digital assets use cases in the resolution process or in a conservatorship capacity, what complexities might be encountered in valuing, marketing, transferring, operating, or resolving the DeFi activity? What actions should be considered to overcome the complexities?
Additional Considerations
Commenters are invited to address any other DLT and DeFi applications or related information they seek to bring to the NCUA's attention. Commenters are encouraged to provide the specific basis for their comments and, to the extent feasible, documentation to support any comments.
Authority: 12 U.S.C. 1756 and 1784.
By the National Credit Union Administration Board on July 22, 2021.
Melane Conyers-Ausbrooks,
Secretary of the Board.
[FR Doc. 2021-15948 Filed 7-26-21; 8:45 am]
BILLING CODE 7535-01-P