This week, the FSB (Financial Stability Board) published its final set of recommendations for regulating cryptoassets and related services. The recommendations follow on from the FSB’s previous public consultation.
The guidelines are designed to provide a common base for international regulatory coverage of an otherwise borderless technology and product in respect of which regulatory development has been inconsistent and open to arbitrage. The FSB has therefore provided a series of high-level recommendations which domestic regulators can use as a basic framework for developing their own regulatory regimes.
The recommendations, although voluntary, create a useful benchmark to add much needed regulatory consistency. The recommendations cover two key areas:
We have set out a short overview of the recommendations (some of which are paraphrased) in the tables below.
The recommendations are likely to influence the UK’s upcoming proposals for the regulation of cryptoassets, which are expected to be detailed soon following the government’s February 2023 consultation and the recent passage of the Financial Services and Markets Act 2023 (see our overview of the FSMA 2023 here). Over in Europe, given the wide remit of the recommendations, the guidelines could also impact the future development of certain areas not currently covered by the EU’s regulatory framework under MiCA – such as NFTs and decentralised finance.
The FSB’s shared workplan shows that it expects to remain busy in this area. The FSB will deliver to the G20 a joint report with the International Monetary Fund (IMF) later this year, covering their work on the monetary issues with cryptoassets. This follows on from the IMF’s previous note to the G20 on this topic.
(1) Recommendations on crypto-asset activities and markets:
|Final Recommendation||Summary of recommendations for authorities|
|Recommendation 1: Regulatory powers and tools||Have and utilise appropriate powers and tools, and have adequate resources to regulate, supervise, and oversee crypto-asset activities and markets, and enforce relevant laws and regulations effectively.|
|Recommendation 2: General regulatory framework||Apply comprehensive and effective regulation, supervision, and oversight to crypto-asset activities and markets on a functional and proportionate basis to the financial stability risk they pose and ensure that they are consistent with authorities’ respective mandates in line with the principle “same activity, same risk, same regulation”.|
|Recommendation 3: Cross-border cooperation, coordination and information sharing||Cooperate and coordinate with other authorities, both domestically and internationally, to foster efficient and effective communication, information sharing and consultation in order to support each other and to encourage consistency of regulatory and supervisory outcomes.|
|Recommendation 4: Governance||Require that crypto-asset issuers and service providers have in place and disclose a comprehensive governance framework with clear and direct lines of responsibility and accountability for all functions and activities that they are conducting.
The governance framework should be proportionate to their risk, size, complexity and systemic importance, and to the financial stability risk that may be posed by activity or market in which the crypto-asset issuers and service providers are participating.
|Recommendation 5: Risk management||Require crypto-asset service providers to have an effective risk management framework in place that comprehensively addresses all material risks associated with their activities.
The framework should be proportionate to the risk, size, complexity, and systemic importance, and to the financial stability risk that may be posed by the activity or market in which they are participating. Authorities should require crypto-asset issuers to address the financial stability risk that may be posed by the activity or market in which they are participating.
|Recommendation 6: Data collection, recording and reporting||Require that crypto-asset issuers and service providers have in place robust frameworks, including systems and processes for collecting, storing, safeguarding, and accurately reporting data (including relevant policies, procedures and infrastructures needed) which is proportionate to their risk, size, complexity and systemic importance.
Authorities should have access to the data, as necessary and appropriate, to fulfil their regulatory and supervisory oversight.
|Recommendation 7: Disclosures||Require that crypto-asset issuers and service providers disclose to users and relevant stakeholders comprehensive, clear and transparent information regarding their governance framework, operations, risk profiles and financial conditions, as well as the products they provide and activities they conduct.|
|Recommendation 8: Addressing financial stability risks arising from interconnections and interdependencies||Identify and monitor the relevant interconnections within the crypto-asset ecosystem and its interactions with the wider financial system. Authorities should address financial stability risks that arise from these interconnections and interdependencies.|
|Recommendation 9: Comprehensive regulation of crypto-asset service providers with multiple functions||Ensure that crypto-asset service providers and their affiliates that combine multiple functions and activities are subject to appropriate regulation, supervision and oversight that comprehensively addresses the risks associated with individual functions and the risks arising from the combination of functions – such as rules on conflicts of interest and the separation of certain functions, activities, or incorporation, as appropriate.|
(2) Revised recommendations on ‘global stablecoin’ (“GSC”) arrangements:
|Final Recommendation||Summary of recommendations for authorities|
|Recommendation 1: Authorities’ readiness to regulate and supervise global stablecoin arrangements||Have and utilise the appropriate powers, tools and adequate resources, to comprehensively regulate, supervise, and oversee a GSC arrangement and its associated functions and activities, and be able to enforce relevant laws and regulations effectively.|
|Recommendation 2: Comprehensive oversight of GSC activities and functions||Apply comprehensive and effective regulatory, supervisory and oversight requirements consistent with international standards to GSC arrangements on a functional and proportionate basis to their risks.|
|Recommendation 3: Cross-border cooperation, coordination and information sharing||Cooperate and coordinate with each other, both domestically and internationally, to foster efficient and effective communication, information sharing and consultation in order to support each other and to ensure comprehensive regulation, supervision, and oversight of a GSC arrangement across borders and sectors, and to encourage consistency of regulatory and supervisory outcomes.|
|Recommendation 4: Governance structures and decentralised operations||Require that GSC arrangements have in place and disclose a comprehensive governance framework with clear and direct lines of responsibility and accountability for all functions and activities within the GSC arrangement.|
|Recommendation 5: Risk management||Require that GSC arrangements have effective risk management frameworks in place that comprehensively address all material risks associated with their functions and activities, especially with regard to operational resilience, cyber security and AML/CFT measures, as well as “fit and proper” requirements.|
|Recommendation 6: Data storage and access to data||Authorities should require that GSC arrangements have in place robust frameworks, including systems and processes for the collecting, storing, safeguarding and timely and accurate reporting of data. Authorities should have access to the data as necessary and appropriate to fulfil their regulatory and supervisory oversight.|
|Recommendation 7: Recovery and resolution of the GSC||Require that GSC arrangements have appropriate recovery and resolution plans.|
|Recommendation 8: Disclosures||Require that GSC issuers and, where applicable, other participants in the GSC arrangements provide all users and relevant stakeholders with comprehensive and transparent information to understand the functioning of the GSC arrangement – including with respect to the governance framework, any conflicts of interest, redemption rights, stabilisation mechanism, operations, risk management frameworks and financial conditions.|
|Recommendation 9: Redemption rights, stabilisation, and prudential requirements||Require that GSC arrangements provide a robust legal claim to all users against the issuer and/or underlying reserve assets and guarantee timely redemption.
For GSCs referenced to a single fiat currency, redemption should be at par into fiat. To maintain a stable value at all times and mitigate the risks of runs, authorities should require GSC arrangements to have an effective stabilisation mechanism, clear redemption rights and meet prudential requirements.