Payments and Crypto: 2023 Regulatory Challenges

Regulatory authority and guardrails

Agencies will continue to warn on the risks and look to establish more codified authority and guardrails within the payments and digital asset space. Topics will range from payment stablecoins and central bank digital currencies (CBDCs) to regulatory authorities and frameworks and financial stability risks.

Congress will likely be asked to consider legislation in several areas around digital assets based on agency recommendations, including legislation that would:

• Grant clear regulatory authorities, including rulemaking, examination, and enforcement for crypto assets to financial regulators (including CFTC and SEC), and in particular around spot markets for “non-security” crypto assets.

• Authorize the issuance of a U.S. CBDC.

• Establish a federal prudential framework for payment stablecoin issuers, addressing market integrity, investor and consumer protection, and payment system risks.

• Establish federal oversight over custodial wallet providers and other affiliates or subsidiaries of crypto-asset entities.

Congressional and agency inquiries and investigations will also increase in the payment space, as innovation continues and more non-traditional and retail players enter the market.

Regulators will use existing regulatory and supervisory authorities to address current and emerging risks related to digital assets, and regardless of whether additional authority is granted by Congressional action:

• Banking regulators (FRB, FDIC, and OCC) will permit banks to engage in certain crypto asset, stablecoin, and distributed ledger activities upon review of their safety and soundness, financial stability risks, and consumer protections, and receipt of a non-objection from their primary regulator.

• SEC will work to register and regulate crypto assets that are securities, related issuers, platforms and exchanges, and offers and sales, as well as ensuring compliance with disclosure requirements.

• CFTC will work towards similar registration and regulation for crypto-asset derivatives and associated entities.

• Registration and regulation will require a framework to address key risk areas, including consumer and investor protections (e.g., fraud, theft, privacy, access, disclosures, custody), financial crimes (e.g., AML/CFT, sanctions), and payments activities (including stability of stablecoin structure).

Instant payments and controls

Given the expanded regulatory attention to real-time payments and to the use of digital assets, regulators will be particularly focused on:

• Data security

• Network and service reliability

• Liquidity sufficiency

• User experience (ease of interface and payment processes)

• Dispute and resolution attainability

• Consumer protection, including account holds/freezes and access to payments/funds

• Fraud and financial crime mitigation, including due diligence (KYC), BSA/AML/CFT, and reporting

Similarly, regulators have indicated a sharpening focus on payments-related areas, such as:

• Peer-to-peer (P2P) payments

• Non-bank platforms and services (e.g., fintechs and retailers)

• New digital products

• Distributed ledger (or “blockchain”) technology as a potential replacement to traditional payments clearing

• Access to the Federal Reserve Bank accounts and payments services (e.g., novel charters)

FedNow Service. The FedNow Service, the FRB’s real-time payment system, is expected to launch in mid-2023, and will be accessible to financial institutions of any size that are members of Federal Reserve System. It will serve as an alternative to the existing private-sector real-time payments system (i.e., The Clearing House RTP (Real-Time Payments) network) and is intended to address concerns about economic security should the single service become unavailable.

The Department of the Treasury has recommended that the U.S. government consider the following actions with regard to instant payments:

• Promote development and use of innovative access technologies to facilitate greater consumer access and use (including standards for interoperability, public-private partnerships, and expanded eligibility).

• Support government use of instant payment systems, especially in areas such as distribution of disaster, emergency, or other government-to-consumer payments that could potentially provide more rapid support for underserved communities.

• Establish a federal payment framework for nonbank payment providers that would complement existing federal requirements, including consumer protection and AML/CFT, providing a potential pathway for nonbank payment providers to participate directly in instant payment systems. 

Disputes, complaints and claims

Regulators, state AGs and Congressional members are paying close attention to how companies’ handle consumer and investor disputes, complaints, and claims related to payments.

Key areas of ongoing regulatory interest include:

• Procedures and governance, including processes around account holds and freezes.
• Customer communication protocols (outreach, follow-up, and resolution).
• The application of account credits.
• Analytics and reporting, including root cause and disparity analyses.
• Timeliness to remediation and resolution.
• Evidence of analyses informing changes to processes, procedures, or controls.

Regulators and enforcement agencies will utilize disputes, complaints and claims data to help guide examinations and investigations, as well as support enforcement allegations.  Financial institutions will be expected to have robust programs in these areas that both mitigate fraud risks and are demonstrably favorable to consumer protections.