Existing or planned exposure to cryptoassets
24 May 2022
Crypto risks should be considered fully by the board and the highest levels of executive management. In particular, an individual approved by the PRA to perform an appropriate Senior Management Function (SMF) should be actively involved in reviewing and signing off on the risk assessment framework for any planned business direct exposure to cryptoassets and/or entities heavily exposed to cryptoassets. Given the expansion in crypto activities being contemplated by firms, we are also undertaking a survey of firms’ current and plannedexposures over 2022.
Firms will likely need to adapt existing risk management strategies and risk management systems to suit the different risk profile of many crypto activities. In particular, financial, prudential, operational, and reputational frameworks may need adjustment to reflect crypto activity risks. For instance, some activities may require more frequent monitoring, greater uncertainty factored into modelling or valuation, or lower risk tolerance levels than might typically be applied. Firms may also need to rely to a greater extent on proxies, and make more material assumptions about relationships between differing exposures. Given these uncertainties, firms should also consider the use of stress tests to provide greater confidence that risks are being captured.
Firms should consider whether the standardised approach captures the full counterparty credit risks associated with many cryptoassets. For instance, volatility is reflected in the supervisory factor, set at a regulatory minimum of 8% for the ‘other risks’ category. We would expect firms to consider the appropriateness of specific components of the standardised approach, and where necessary, ensure the risk is captured in an appropriate part of the framework.
Reporting of SA-CCR exposures, including breakdown by ‘other risks’ category, will commence in March 2022. Firm supervisors will be monitoring the drivers of these exposures.