New York Regulators Require Crypto Firms to Submit Coronavirus Plans
The NYDFS has sent a letter to all regulated institutions engaged in crypto-related activities, asking them to submit detailed plans for weathering the coronavirus crisis.
New York City’s mayor Bill de Blasio declared a state of emergency in response to the coronavirus outbreak yesterday. “The only analogy is war,” he said — and the consequences for the crypto industry, as for all others, are sobering.
Even ahead of de Blasio’s action, the New York Department of Financial Services (NYDFS) sent a letter to all regulated institutions engaged in crypto-related activities on March 10, asking them to submit detailed “preparedness plans” to address the historic risk:
“COVID-19 has already had adverse economic effects domestically and globally. It is critical that each regulated entity establish plans to address how it will manage the effects of the outbreak and assess disruptions and other risks to its services and operations.”
Multi-pronged and detailed planning
The NYFDS has asked for crypto businesses to respond as soon as possible, and “in no event later than 30 days” of its letter.
The regulator stated that each firm must draft a plan for all possible COVID-19 operational risks, which addresses, as a minimum, nine key areas of focus, as well as a separate 3-point plan — again, as a minimum — to tackle financial risks.
Operational contingency planning should include “preventative measures tailored to the institution’s specific profile and operations” to reduce disruption by identifying risks to customers and their counterparts.
Second, firms are required to draft a strategy that tackles the impact of the pandemic in stages, to ensure that their responses can be appropriately scaled at each juncture.
They must assess all facilities, systems, policies and procedures that would be necessary to continue critical operations in the absence of staff members, and evaluate the security of remote-access work.
Further operational planning must include employee health protection strategies, reviewing the preparedness of critical third-party service providers and suppliers, and developing an effective communication strategy for customers, counterparties and the public.
Lastly, regulated businesses must test whether their plan is effective and establish efficient governance and ongoing monitoring of the plan, keeping a close tab on relevant information from government sources.
Financial plan B
Due to coronavirus, NYFDS notes that regulated crypto businesses:
“May be exposed, as a result of the virus’s impact on consumers, counterparties, and vendors, to declining revenues, stock market declines and interest rate changes, supply chain and service disruptions, and decreases in the value of assets and investments.”
The minimal 3-point plan required by the department consists of an assessment of the valuation of all assets and investments that may, or have already been, impacted by the outbreak.
It must also include an analysis of the pandemic’s effect on earnings, profits, capital, and liquidity for the business and its institutions.
COVID-19 security risks for the crypto sector
In addition to requesting both plans, NYDFS used its letter to emphasize the key risks to cryptocurrency businesses, notably:
“Increased instances of hacking, cybersecurity threats, and similar events, as bad actors attempt to take advantage of a COVID-19 outbreak, and the possible resulting need for heightened security measures, such as enhanced triggers for fraudulent trading or withdrawal behavior.”
Should businesses hit dire straits, the regulator emphasized they are obliged to notify NYDFS if their positive net worth “falls below a certain threshold above the minimum required capitalization.”