FinReg Round-Up Vol. 6, No. 2

As we enter the fourth quarter of 2025—the first year of the second Trump administration—regulation of financial services continues to evolve rapidly, with new guidance being issued as old procedures are scrapped. We are highlighting some of the more notable developments.

One federal agency is broadening the parameters of risk tolerance in the federal banking system, is issuing clarification for financial institutions on politicized or unlawful debanking, and has discontinued the requirement that bank examiners address matters related to a bank’s “disparate impact” risk. At the same time, the federal government is seeking public comment on detecting illicit activities involving digital assets.

Meanwhile, three federal bank regulatory agencies have outlined key risk-management considerations for banks related to holding crypto-assets for their customers. The Conference of State Bank Supervisors has issued guidance on the treatment of virtual currency when calculating tangible net worth under the Money Transmission Modernization Act.

In addition to these important news items, be sure to check out our In Case You Missed It section for more news and insights.

OCC to ‘Reset’ Federal Banking System’s Risk Tolerance in Sweeping Review

The Office of the Comptroller of the Currency (OCC) will be “resetting the risk tolerance for the federal banking system and, by extension, the banking system as a whole,” said Comptroller of the Currency Jonathan V. Gould in brief remarks to the Financial Stability Oversight Council on Sept. 10. Risk-intolerant policies implemented after the 2008 financial crisis have weakened the banking sector while failing to mitigate risk, he said.

The OCC is reviewing its post-2008 chartering, regulatory and supervisory framework and will make adjustments where Congress has granted the agency discretion to do so. To that end, the OCC has elevated the stature of its chartering and licensing function within the agency to reflect its strategic importance as gatekeeper of the federal banking system, said Gould. The OCC will also be focusing on capital and liquidity reforms with the other banking agencies and tailoring bank supervision to reflect the OCC’s realigned regulatory focus, placing priority on reforms aimed at community banks.

The OCC will address the regulatory framework for national banks specifically, including reassessing the need for recovery planning and heightened standards. It will tailor regulations consistent with the letter and spirit of the 2018 Economic Growth Act, where possible, Gould said. More generally, the OCC is reviewing supervisory strategies across banks of all sizes to eliminate examination activities that are not related to material financial risks, in order to reduce the burden on banks posed by the agency’s exam activities and document information requests, among other things.

Clarifications on Politicized or Unlawful Debanking and Release of Customer Records Issued by OCC

Consistent with President Donald Trump’s Executive Order (EO) 14331, “Guaranteeing Fair Banking for All Americans,” the Office of the Comptroller of the Currency (OCC) announced clarifications it has sent financial institutions on politicized or unlawful debanking and the limited circumstances in which they can release customer financial records.

In a Sept. 8 bulletin to banks, the OCC explained how it considers politicized or unlawful debanking in certain licensing filings and in assessing banks’ records of performance under the Community Reinvestment Act (CRA). When the agency evaluates the applicable statutory and regulatory factors for licensing activities, it considers a bank’s past record and current policies and procedures in place to avoid engaging in politicized or unlawful debanking. Debanking considerations are also assessed in determining a bank’s CRA rating. The OCC also announced that it updated its online customer complaint website to assist consumer reporting and agency identification of any unlawful debanking by its regulated institutions.

The OCC issued a separate bulletin on Sept. 8 reminding financial institutions of the limited circumstances that allow the release of customer financial records and the proper use of suspicious activity reports (SARs). The bulletin outlines banks’ legal obligations to protect customers’ financial information, even if that information is requested by government agencies. It also reminds banks to ensure compliance with the Right to Financial Privacy Act before disclosing a customer’s financial records, ensure the proper use of voluntary SAR filings, and review EO 14331 and adjust their policies and procedures as needed.

Treasury Department Seeks Public Comment on GENIUS Act To Regulate Digital Assets

The U.S. Department of the Treasury is seeking comments on the Guiding and Establishing National Innovation for U.S. Stablecoins Act (GENIUS Act), which creates a comprehensive regulatory framework for stablecoin issuers in the United States. Together, the GENIUS Act and Executive Order 14178, “Strengthening American Leadership in Digital Financial Technology,” are aimed at promoting U.S. leadership in digital assets and boosting U.S. national security.

Feedback is sought on innovative or novel methods, techniques or strategies that regulated financial institutions use, or could potentially use, to detect illicit activity involving digital assets, according to an Aug. 18 Treasury Department announcement. In particular, the department asks commenters to weigh in on application program interfaces, artificial intelligence, digital identity verification, and use of blockchain technology and monitoring. As required by the GENIUS Act, the Treasury Department will use the public comments to inform research on the effectiveness, costs, privacy and cybersecurity risks, and other considerations.

Oct. 17 is the deadline for comments, which can be submitted online here.

Agencies Issue Risk Management Review for Crypto-Asset Safekeeping

The Federal Deposit Insurance Corporation, the Federal Reserve Board and the Office of the Comptroller of the Currency issued a statement on July 14 outlining for banks the potential risk-management considerations related to holding crypto-assets on their customers’ behalf. The agencies’ joint statement discusses existing risk-management principles that apply to crypto-asset safekeeping but does not create any new supervisory expectations, they said in a press release.

The statement notes that effective risk assessments consider a banking organization’s core financial risks; ability to understand a complex, evolving and potentially unfamiliar asset class; ability to ensure a strong control environment; and contingency plans to address any unanticipated challenges in effectively providing services. It also addresses cryptographic key management practices and risk of the compromise or loss of cryptographic keys or other sensitive information, which may result in the banking organization facing the possibility of being held liable for its customers’ losses.

The agencies review legal and compliance requirements as well as third-party risk management involving sub-custodians or other service providers. The statement further discusses crypto-asset safekeeping audit requirements, including an assessment of cryptographic key generation, storage and deletion; controls related to transfer and settlement of customer assets; and the sufficiency of relevant information technology systems.

OCC Ends ‘Disparate Impact’ Inquiry for Banks

The Office of the Comptroller of the Currency (OCC) has discontinued the requirement that bank examiners request, review, conclude or follow up on matters related to a bank’s “disparate impact” risk.

In accordance with President Donald Trump’s Executive Order 14281, which directed federal agencies to eliminate the use of disparate impact liability in all contexts, the OCC announced in a quite brief July 14 bulletin that its supervisory process for fair lending compliance will no longer include a bank’s disparate impact risk, internal disparate impact risk analysis, or disparate impact risk assessment processes or procedures. The OCC has also removed references to supervising banks for disparate impact liability from the “Fair Lending” booklet of the Comptroller’s Handbook and is removing references in other issuances.

The OCC noted that its supervisory processes will continue to include regular fair lending risk assessments, analysis of Home Mortgage Disclosure Act data for possible evidence of disparate treatment, risk-based fair lending examinations and appropriate actions if evidence of disparate treatment is found. The OCC concluded its bulletin with a reminder that it expects banks to provide fair access to financial services, treat customers fairly and comply with all applicable laws and regulations.

Money Transmission Guidance Issued for Virtual Currency Calculations

The Conference of State Bank Supervisors (CSBS) issued guidance clarifying the treatment of virtual currency when calculating a licensee’s tangible net worth under the Money Transmission Modernization Act (MTMA). Twenty-seven states have adopted the MTMA to date. However, because a money transmitter licensed in any one of these states must meet all MTMA standards at the company level, the MTMA requirements apply to 99% of the nation’s money transmission activity licensed under the Nationwide Multistate Licensing System.

According to the guidance, when calculating the amount of tangible net worth required under MTMA Section 10.01, money transmitters with virtual currency assets on their balance sheets must include all such virtual currency assets in total assets. In the calculation of a licensee’s tangible net worth, a virtual currency asset need not be subtracted from total assets where the virtual currency asset has a corresponding customer liability denominated in the same virtual currency. Finally, the guidance notes that recognizing virtual currency as acceptable capital for the limited purpose of satisfying customer obligations contributes to the safe and sound operation of money transmitters.

The guidance is advisory and designed to encourage transparency and consistency in MTMA implementation, the CSBS said in a June 26 statement. It’s the first guidance to be issued under a new process the CSBS Board of Directors established in December for issuing nonbinding, advisory guidance on the MTMA.

In Case You Missed It

• Reflections on “Crypto Week” and What Comes Next, Melissa Hall | The House of Representatives’ “Crypto Week” in mid-July saw lawmakers vote in favor of three notable cryptocurrency-related bills—(1) the GENIUS Act, which regulates stablecoins; (2) the CLARITY Act, which establishes a digital asset market framework; and (3) the Anti CBDC Surveillance State Act, which bars a U.S. central bank digital currency (CBDC).
• Trends in Crypto Policy and Compliance, Melissa Hall | Senior counsel Melissa Hall discusses in this Q&A the evolving regulatory landscape of cryptocurrency and its intersection with traditional finance and provides insight into how the industry has shifted from resisting oversight to actively shaping it.
• Banking Agencies Propose Long-Sought Changes to Capital Rules for the Largest U.S. Banks, Melissa Hall | The Federal Reserve, the Office of the Comptroller of the Currency and the Federal Deposit Insurance Corp. released their highly anticipated Notice of Proposed Rulemaking to overhaul the Enhanced Supplementary Leverage Ratio (eSLR) for the eight largest U.S. banks and their depositary subsidiaries.
• Navigating the GENIUS Act’s Framework for Digital Asset Regulation, Gian Pastore | The Guiding and Establishing National Innovation for U.S. Stablecoins Act (the GENIUS Act) is the first comprehensive federal statute to regulate payment stablecoins in the United States.
• The CLARITY Act: Key Developments for Digital Assets, Gian Pastore | During the recent “Crypto Week” on Capitol Hill, the U.S. House of Representatives passed the CLARITY Act as part of a suite of three bills for the benefit of the cryptocurrency industry. Officially known as the Digital Asset Market Structure Clarity Act of 2025, the CLARITY Act sets up a clear framework for federal agency oversight of digital assets.
• GENIUS Act: Payment Stablecoins Coming to a Retailer Near You (Maybe), Sarah Rubenstein Polak | The GENIUS Act, establishing the first U.S. framework specifically regulating “payment stablecoins,” presents a groundbreaking opportunity for nonfinancial companies to legally issue their own branded stablecoins, provided they meet the law’s stringent requirements. By adhering to stringent regulatory requirements, companies can unlock new payment capabilities and enhance customer engagement, marking a significant shift in the digital asset landscape.