The UK Prudential Regulation Authority on Friday issued a letter to CEOs of banks, insurance companies, and investment firms to advise them about the risks associated with “crypto-assets.” The PRA’s letter has provided the financial operators with guidelines to improve their oversight, increase scrutiny and enhance due diligence checks.
The regulatory arm of Britain’s central bank acknowledged that to date “firms may have taken limited exposure to crypto-assets,” and that the Blockchain technology has “significant potential to benefit the efficiency and resilience of the financial system over time.”
However, the PRA said that the anonymity feature of the virtual asset also raises concerns related to misconduct and market integrity and can be abused. In this regard, the regulator asked CEOs to take reasonable measures to lessen the risk of their firm facilitating fraud, money-laundering, terrorist financing and similar crypto-linked financial crimes.
Appropriate steps to curb such dangers include developing staff knowledge and expertise on Cryptocurrencies . The letter also recommends CEOs and senior executives to carry out due diligence and engage with experts to understand the nature of their businesses.
Specifically, the PRA said: “an individual approved by the PRA to perform an appropriate Senior (Insurance) Management Function (S(I)MF) should be involved actively in reviewing and signing off on the risk assessment framework for any planned business direct exposure to crypto-assets and/or entities heavily exposed to crypto-assets. Firms should make their usual supervisory contacts aware of the responsible individual.”
Furthermore, the regulator urged relevant departments to enhance their scrutiny of clients who derive significant business activities or revenues from crypto-related activities.
The detailed warning also covers the risks of using cryptocurrencies as high-risk speculative investments. “Firms’ remuneration policies and practices should ensure that the incentives provided for engaging in this activity do not encourage excessive risk-taking,” said the regulator.
Finally, the PRA said that following a risk-based approach requires ensuring that existing frameworks adequately reflect the nature and technical complexity of crypto-related activities.