US Regulators Warn Banks About Cryptocurrency Security Risks

Written by

US Financial regulators have warned banks about the security risks posed by the crypto market.

In a joint statement issued on January 3, 2022, the Board of Governors of the Federal Reserve, the Federal Deposit Insurance Corporation (FDIC) and the Office of the Comptroller of the Currency (OCC) warned banking organizations of the “key risks associated with crypto-assets and crypto-asset sector participants.”

These include a number of security threats prevalent in the crypto market:

  • Risk of fraud and scams among crypto-asset sector participants
  • Risk management and governance practices in the crypto-asset sector exhibiting a lack of maturity and robustness
  • Vulnerabilities related to cyber-attacks, outages, lost or trapped assets and illicit finance due to open

The statement also highlighted a number of financial concerns with the crypto market, such as its volatility, contagion risk and the susceptibility of stablecoins to run risk.

While the agencies emphasized that banks are not discouraged from providing services to crypto-asset customers, they said it is vital the risks related to this sector “that cannot be mitigated or controlled do not migrate to the banking systems.”

Therefore, they are continuing to assess whether or how current and proposed crypto-asset-related activities by banks can be conducted safely and soundly.

The agencies also urged banking organizations to develop appropriate risk management strategies for crypto-assets, “including board oversight, policies, procedures, risk assessments, controls, gates and guardrails, and monitoring, to effectively identify and manage risks.”

There has been a surge in crypto-related cyber-attacks and scams as digital currencies have become more popular. In July 2022, Santander warned of an 87% surge in celebrity crypto scams compared with the previous year.

In a particularly significant cryptocurrency heist, cyber-criminals reportedly stole an estimated two million Binance coins from crypto exchange Binance in October 2022, worth more than $570m.

Commenting on the story, Daniel Mcloughlin, field CTO, OneSpan, said: “Security will be a pressing issue across the broader realm of Web3 and for technologies such as crypto in 2023. We are increasingly seeing more sophisticated scams and targeted data attacks rushing to fill this latest frontier of the internet.”

He urged the industry to develop similar security regulations for cryptocurrency transactions as it has with traditional currencies.

“The main thing halting the future of crypto in 2023 is the regulatory uncertainty and security concerns that surround it. The industry must address these issues that are leading to such frequent hacks and data breaches. Upgrading the Cryptocurrency Security Standard (CCSS) so that it offers a similar level of protection as the Payment Card Industry Data Security Standard (PCI DSS) should be priority number one. The CCSS should offer the same level of comprehensive cover for those trading and transacting with crypto as the PCI DSS does for people making card payments.”

What’s hot on Infosecurity Magazine?