Crypto-related services and crypto-asset activities, as well as the technology upon which they are based, may present opportunities for the financial system, but they could also present significant risks to consumer protection as well as the stability, integrity, privacy, and security of the financial system.
To better understand risks posed by crypto-related services and crypto-asset activities, the Office of the Superintendent of Financial Institutions (OSFI), the Financial Consumer Agency of Canada (FCAC), the Canada Deposit Insurance Corporation (CDIC), and other federal agencies have been proactively monitoring how risks posed by crypto-asset activities are managed by entities. This work complements the Department of Finance's ongoing work on the digitalization of money as part of the financial sector legislative review announced in Budget 2022.
Today, OSFI, FCAC, and CDIC are issuing this statement to all regulated entities that carry out crypto-related services or engage in crypto-asset activities1. It reinforces the expectation that those federally regulated entities adhere to all applicable current regulatory requirements and any guidance when carrying out any crypto-related services or engaging in crypto-asset activities.
Digital assets such as cryptocurrencies and stablecoin arrangements as well as decentralized finance applications require prudent and thoughtful oversight and regulatory approaches, since innovations occur both within and outside of the mainstream financial system, sometimes both simultaneously. We support the principle endorsed by the Financial Stability Board, "same activity, same risk, same regulation".
Duties and Responsibilities
Regulated entities are expected to clearly understand the risks of any planned crypto-asset activities and ensure that these risks have been properly addressed. Regulated entities must also ensure any crypto-asset activities comply with existing federal financial laws including the Bank Act, Insurance Companies Act, Trust and Loan Companies Act, and Proceeds of Crime (Money Laundering) and Terrorist Financing Act, as well as any regulations or guidance issued by federal and provincial regulatory agencies.
We will continue to closely monitor the risks crypto-assets may pose and will continue to engage with industry with the Department of Finance, the Bank of Canada, and other federal and provincial regulators as this sector evolves.
Prudential Regulation
- Entities should consult the recently published Interim Arrangements for the regulatory capital and liquidity treatment of crypto-asset exposures.
- To provide further clarity, OSFI has published its Digital Innovation Roadmap, which lays out OSFI's digital priorities in an evolving digital finance ecosystem.
Consumer Protection
- FCAC expects regulated entities planning on developing or offering crypto-assets to notify the Agency and provide any information requested by FCAC. This will allow FCAC to assess the applicability of market conduct obligations as outlined in relevant legislation and associated regulations.
- On June 30, 2022, the new and enhanced requirements came into force under the Financial Consumer Protection Framework. This framework significantly strengthened the consumer protection measures and regulated entities are expected to ensure compliance with all the applicable provisions when developing any new offerings.
Deposit Insurance
- Crypto-assets are not eligible for deposit insurance under the CDIC Act.
- CDIC recently reinforced with its member institutions that clear, accurate, and accessible disclosure about deposit insurance protection to consumers is critical to ensure they have the information they need to make informed financial decisions.
- Under the CDIC Deposit Insurance Information By-law, each CDIC member institution is required to provide depositors with specific information about deposit protection and is expected to take reasonable and prudent steps to ensure that neither the member institution nor its business partners provide false, misleading, or deceptive information regarding deposit insurance protection or CDIC membership.
Footnote
1"Crypto-asset" refers generally to any digital asset implemented using cryptographic techniques. The term "crypto-related activities" for the purposes of this letter includes, but is not limited to, acting as crypto-asset custodians; maintaining stablecoin reserves; issuing crypto and other digital assets; sub-custodial arrangements for crypto as well as dealing in any derivatives/securities financing transactions (SFTs), or other assets referencing crypto; acting as market makers or exchange or redemption agents in regards to crypto-assets; participating in blockchain and distributed ledger-based settlement or payment systems, including performing node functions; as well as related activities such as finder activities and lending in regards to crypto-assets. This listing is based on known existing or proposed crypto-related activities engaged in by federally regulated financial Institutions (FRFI) / federally regulated pension plans (FRPP), but given the changing nature of this area, other activities may emerge that fall within the scope of this. The inclusion of an activity within this listing should not be interpreted to necessarily mean that the activity is permissible for a FRFI/FRPP.