Basel Committee Finalizes Prudential Standard for Treatment of Banks' Exposures to Cryptoassets

On 16 December 2022, the Basel Committee on Banking Supervision finalized its global prudential standard for banks' exposures to cryptoassets (the "Final Standard"). The Final Standard takes into account stakeholder feedback provided in connection with two consultation rounds held in June 2021 and June 2022. We covered the first consultation round in our article here. The Basel Committee has marked 1 January 2025 as the date by which members should implement the Final Standard into local law. The Final Standard will be incorporated as a new chapter (SCO60) into the Basel Framework. The following diagram illustrates the structure of the Final Standard:

Overview of the Final Standard

The structure of the Final Standard is the same as proposed in the second consultation. The Final Standard classifies cryptoassets into two groups (each having two subgroups) based on their characteristics; sets out minimum risk-based capital requirements based on the type of cryptoasset and the corresponding risk (e.g., credit risk, market risk, etc.); leverage ratio and large exposure requirements; Group 2 exposure limits; bank risk management and supervisory review; and disclosure requirements.

Classification of cryptoassets

The prudential treatment of a bank's cryptoasset exposures varies according to the classification of the cryptoassets. Under the Final Standard cryptoassets are classified into two broad groups:

• Group 1 cryptoassets. Those that meet certain classification conditions (described below). Group 1 cryptoassets include tokenised traditional assets (Group 1a) and cryptoassets with effective stabilisation mechanisms (Group 1b).
• Group 2 cryptoassets. Those that fail to meet any of the classification conditions. Group 2 cryptoassets are divided into cryptoassets that meet certain hedging recognition criteria (Group 2a) and those that do not (Group 2b).

Classification conditions

To qualify for Group 1, a cryptoasset must fulfill all four classification conditions:

1. The cryptoasset is either: a tokenised traditional asset; or has a stabilisation mechanism that is effective at all times in linking its value to a traditional asset or a pool of traditional assets (i.e., reference asset(s)).
2. All rights, obligations and interests arising from the cryptoasset arrangement are clearly defined and legally enforceable in all the jurisdictions where the asset is issued and In addition, the applicable legal framework(s) ensure(s) settlement finality. Banks are required to conduct a legal review of the cryptoasset arrangement to ensure this condition is met, and make the review available to their supervisors upon request.
3. The functions of the cryptoasset and the network on which it operates, including the distributed ledger or similar technology on which it is based, are designed and operated to sufficiently mitigate and manage any material risks.
4. Entities that execute redemptions, transfers, storage or settlement finality of the cryptoasset, or manage or invest reserve assets, must: (i) be regulated and supervised, or subject to appropriate risk management standards; (ii) and have in place and disclose a comprehensive governance framework. The new chapter of the Basel Framework (SCO60) provides further detail on the contours of the classification conditions. For example, to qualify as a tokenised traditional asset under classification condition 1, the asset must pose the same level of credit and market risk as the traditional (non-tokenised) form of the asset. The new chapter provides practical guidance with regard to bonds and other financial instruments, commodities and cash held in custody. Further details are provided under each classification condition. A cryptoasset that fails to meet any of the four classification conditions qualifies in Group 2.

Minimum capital requirements

Group 1a cryptoassets (i.e., tokenised traditional assets) are generally subject to the same rules to determine credit risk-weighted assets (RWA) as non-tokenised traditional assets. For example, a tokenised corporate bond would be subject to the same risk weight as a non-tokenised corporate bond. Because Group 1b cryptoassets (i.e., cryptoassets with effective stabilisation mechanisms) can be structured in a variety of different ways, banks must analyse their specific structures and identify all risks that could result in a loss. Each credit risk must be separately capitalised by banks using the credit risk standards set out in the CRE chapter of the Basel Standards (Calculation of RWA for credit risk). In our prior article on the topic we provided two illustrative examples of how banks may calculate RWA based on the structure of the stablecoin. In addition, all Group 1 cryptoassets are subject to an infrastructure risk add-on. The add-on will initially be set at zero but will be increased by authorities based on any observed weakness in the infrastructure used by Group 1 cryptoassets. The capital requirements for Group 2a cryptoassets (that meet the hedging recognition criteria) may be calculated according to modified versions of the Simplified Standardised Approach (SSA) or the Standardised Approach (SA) as set out in MAR40 and MAR20, respectively. For Group 2b cryptoassets a risk weight of 1250 % must be applied to the greater of the absolute value of the aggregate long positions and the absolute value of the aggregate short positions in the cryptoasset. This can be expressed as a formula: RWA = RW x max The 1250 % risk weight is meant to ensure that banks hold minimum risk-based capital at least equal in value to their Group 2b cryptoasset exposures. Group 2 cryptoassets are also subject to an exposure limit. A bank's total exposure to Group 2 cryptoassets should not generally be higher than 1 % of the bank's Tier 1 capital and must not exceed 2 % of the bank's Tier 1 capital.

Changes from the second consultation

The Basel Committee considered feedback received on the last published proposal in June 2022 and made some changes to the proposal that were set out in the second consultation. Overall, these changes are intended to allow a more flexible approach by banks with respect to their cryptoasset exposure.

1. Infrastructure risk add-on. The second consultation originally included a fixed add-on to risk-weighted assets which was set at 2.5 % of the exposure value for all Group 1 cryptoassets. This fixed add-on was replaced with a more flexible system: Authorities shall have the option of increasing add-on based on any observed weaknesses in the infrastructure that underlies specific cryptoassets. To start, the infrastructure risk add-on will be set at zero.
2. Basis risk test, redemption risk test and the supervision/regulation requirement. In the previous proposal it was required that banks pass a basis risk test and a redemption risk test. The objective of the redemption risk test is to make sure that the reserve assets are sufficient for the specific cryptoasset to be redeemable at all times, including during periods of extreme stress, for the amount to which the cryptoasset is pegged. The basis risk test was a quantitative test based on the market value of the cryptoasset and aimed at ensuring that the holder of a cryptoasset could sell it in the market for an amount that closely tracks the peg value. In the Final Standard the Committee now has stated that it does not intend to implement the basis risk test at this time. Rather, the Committee will evaluate if there are alternatives to the basis risk test, which serve as an additional requirement to be included in Group 1b. Regarding the redemption risk test, the Committee concluded that the reserve assets must be comprised of assets with minimal market risk and credit risk.
3. Group 2 exposure limit. The proposal retains the requirement that banks keep their aggregate exposures to Group 2 cryptoassets below a threshold of 1 % of their Tier 1 capital. The Final Standard modifies this requirement in two ways: First, cryptoasset exposures are being measured as the higher of the gross long and gross short position in each cryptoasset rather than the aggregate absolute values of long and short exposures. Second, in order to reduce cliff effects, the consequence of breaching the limit will be for the Group 2b capital treatment to apply to only the amount by which the limit is exceeded, rather than to all Group 2 exposures.
4. Responsibility for assessing the classification conditions. Banks were required to seek prior supervisory approval to finalize their classification of their cryptoassets. To simplify this burdensome process, banks are now not required to seek prior supervisory approval. However, banks are required to notify their regulators of classification decisions, and national regulators will have the power to override these decisions if they disagree with a bank’s assessment.
5. Custodial assets. Because of concerns on the application of the standard in relation to customer assets where the bank is acting as custodian, the Final Standard was revised. It has now been clarified which elements are applicable to custodial services provided by banks.

Implementation in the European Union

Like all standards adopted by the Basel Committee, the Final Standard is not legally binding on its member jurisdictions; responsibility lies with the members to implement the Final Standard into domestic law. In the European Union, that responsibility lies with the European Parliament and the Council of the European Union. The first step toward implementation of the Final Standard took place on 24 January 2023, when the Committee on Economic and Monetary Affairs of the European Parliament approved draft legislation implementing the remaining parts of the Basel III framework. The draft legislation includes a provision inviting the European Commission to submit a legislative proposal by June 2023 on a dedicated prudential treatment of cryptoasset exposures. We expect that the Final Standard will be implemented alongside the finalization of the Basel III reform by 1 January 2025.