On February 20, 2025, the Office of the Superintendent of Financial Institutions (OSFI) published the Capital and Liquidity Treatment of Crypto-asset Exposures (Banking) - Guideline1 (the Banking Guideline), and the Capital Treatment of Crypto-asset Exposures (Insurance) - Guideline2 (the Insurance Guideline, and together with the Banking Guideline, the Guidelines). The Guidelines set out how certain federally regulated financial institutions (FRFIs) must treat exposures to crypto-assets when evaluating compliance with regulatory capital and liquidity requirements and provide for exposure limits and notice obligations.
In doing so, the Guidelines take into account the high volatility of crypto-assets’ value and its impact on regulatory capital. The impact of the Guidelines is to exclude most crypto-assets’ direct exposure from the regulatory capital calculation.
This publication provides an overview of key aspects of the Guidelines on crypto-asset exposures. It also highlights considerations for FRFIs with regard to having appropriate compliance measures and systems in place for continuing to meet their capital and liquidity requirements.
Scope of the guidelines
The Guidelines define crypto-assets as private digital assets – a digital representation of value that can be used for payment or investment purposes or to access a good or service – that depend on cryptography and distributed ledger technology or similar technologies.
Exposures include any on- or off-balance sheet amounts that lead to credit, market, operational and/or liquidity risks. During OSFI's Quarterly Release Industry Day on March 6, 2025, OSFI noted that it may occur that FRFIs, which hold crypto-assets, do not have a relevant exposure under the Guidelines, if they are not exposed to such risks. For example, this could be the case for FRFIs acting as custodians for crypto-assets, without being exposed to such risks. OSFI also clarified that in case of such a non-exposure, FRFIs would report “zero” in the relevant disclosure return, which OSFI will make available during 2025.
A two-tiered approach to the treatment of crypto-assets
The Guidelines provide two approaches on how FRFIs can treat crypto-asset exposures. A simplified approach is available to FRFIs with limited crypto-asset exposures in which all crypto-asset exposures must be deducted from the FRFIs' common equity tier 1 capital. By contrast, FRFIs with more sizeable crypto-asset exposures are required to take a comprehensive approach that provides for a more risk-sensitive, less punitive approach that differentiates between four categories of crypto-assets based on their characteristics and risk profiles, as set out in greater detail below. Of note, regardless of the approach chosen, all FRFIs must consider certain credit valuation adjustment risk, counterparty credit risk, operational risk, leverage and large exposure risk.
The following table provides a description of the four categories of crypto-assets set out in the Guidelines and a high-level summary of how each category should be treated for the purposes of evaluating compliance with regulatory requirements under the comprehensive approach:
Group |
Description |
Qualification |
Group 1a – Tokenized Traditional Assets |
Group 1a crypto-assets are tokenized traditional assets that meet the conditions in Annex 1 of the Guidelines, for example, a blockchain bond. |
OSFI's general approach is to treat such crypto-assets similar to the traditional asset because they pose the same level of credit and market risk. Therefore, tokenized traditional assets must essentially have the same level of legal rights as a traditional asset without having to be redeemed or converted beforehand.
|
Group 1b – Value-referenced Crypto-assets |
Group 1b crypto-assets are value-referenced based on a stabilization and redemption mechanism with a reference asset that meet the conditions in Annex 1 of the Guidelines, for example a stablecoin.
|
OSFI's general approach is to treat such crypto-assets similar to the reference asset, provided the requirements for the stabilization and redemption mechanism set out in the Guidelines are met. OSFI noted that, as of March 6, 2025, the only stablecoin that meets these conditions is USDC. For more information about USDC, please refer to our previous publication.3 |
Group 2a – Hedging-eligible Crypto-assets |
Group 2a crypto-assets do not meet the conditions in Annex 1 of the Guidelines but meet hedging recognition criteria in Annex 3 of the Guidelines. An example could potentially be Bitcoin.
|
If the hedging recognition criteria are met, certain positions can be offset. This extends to certain holding of spot Group 2 crypto-assets as well as derivatives, exchange-traded funds (ETFs) and exchange-traded notes (ETNs), subject to conditions regarding regulated exchanges, qualifying central counterparties, market capitalization and daily trading volume as well as sufficient data. Therefore, this would apply to crypto-assets with a sizeable market cap.
|
Group 2b – Other Crypto-assets |
Group 2b crypto-assets are any other crypto-assets as well as unhedged derivatives, ETFs and ETNs.
|
Such crypto-assets must be deducted from tier 1 capital. Note that under the simplified approach, all crypto-asset exposures are deemed to be Group 2b. |
In addition to the above, for a crypto-asset to be classified as Group 1a or 1b under Annex 1 of the Guideline, additional conditions must be fulfilled, such as legally enforceable rights and obligations, settlement finality, functions as a crypto-asset and the network on which it operates. In determining these criteria, the FRFIs shall conduct a legal review of the crypto-asset arrangement, which must be made available to OSFI upon request.
OSFI expects that, under the Banking Guideline, the approach to treating crypto-assets in connection with liquidity requirements should reflect the relative lack of historical data compared to traditional assets. Under certain circumstances, Group 1a crypto-assets may be treated as high-quality liquid assets as under OSFI's Liquidity Adequacy Requirements Guideline4. In addition, Group 1a tokenized claims on a bank can under certain circumstances be treated as an unsecured funding instrument, while Group 1b value-referenced crypto-assets and other stablecoins (even under Group 2) may be treated similarly to securities if certain conditions are fulfilled.
Assessment and notice requirements
If FRFIs opt for the comprehensive approach, or subsequently change approaches, they must notify OSFI. FRFIs that opt for the comprehensive approach must assess the categorization for their crypto-asset exposures on an ongoing basis. The underlying information must be documented and must be made available to OSFI upon request. Certain crypto-assets require additional assessments, for example Group 1b crypto-assets, which require a quarterly analysis of their stabilization mechanism, including statistical or other tests.
In addition, FRFIs must have appropriate policies, procedures and resources in place to perform such assessments. Annex 4 of the Guidelines sets out additional risk management guidance and requires FRFIs to establish relevant policies and procedures for risk assessment and mitigation. Before engaging in crypto-asset exposure, OSFI expects FRFIs to conduct an ex-ante assessment and inform OSFI of their exposures, policies and procedures, and assessment results in a timely manner. As part of the assessment, FRFIs should take technology risk into account, which includes network and design risk as well as service accessibility and operator diversity and trustworthiness, and general cyber risk.
In addition, legal risks arising from the relative novelty of crypto-asset activities should be considered, such as a lack of adequate accounting standards, challenges to taking control of such assets held as collateral, disclosure and consumer protection requirements and AML requirements.
Crypto-asset exposure limits
The Guidelines set two limits for crypto-asset exposures, which take into account any direct and indirect holdings of crypto-assets. Generally, an FRFI's total gross exposure to Group 2a and Group 2b crypto-assets should generally not be higher than 1% of its net tier 1 capital and must not exceed 2% of the net tier 1 capital.
OSFI expects FRFIs to have arrangements in place to ensure they respect the exposure limits set out in the Guidelines. Any breach of the exposure limits must be communicated immediately to OSFI. FRFIs must also notify OSFI if the net short positions of such crypto-assets approach 1% of net tier 1 capital.
Until compliance with the 1% exposure limit is restored, all Group 2a and Group 2b exposure in excess of 1% will be treated as Group 2b crypto-asset exposure. In case of a breach of the 2% exposure limit, all Group 2a and Group 2b exposure will be treated as Group 2b crypto-asset exposure.
Of note, the above exposure limits must also be respected if an FRFI uses the simplified approach, since all crypto-asset exposures are treated as Group 2b under the simplified approach.
Timeline
With the issuance of the Guidelines, OSFI aims to align the Canadian regulatory framework with the revised prudential framework on crypto-assets of the Basel Committee on Banking Supervision (BCBS) from 2024. The Guidelines will take effect in Q1 2026 and replace OSFI’s Advisory Interim arrangements for the regulatory capital and liquidity treatment of cryptoasset exposures5 from 2022.
Conclusion
The Guidelines provide a comprehensive framework for FRFIs to engage in crypto-asset activities that takes differences between the various kinds of crypto-assets into account.
By contrast, the federal banking regulator in the US, the Office of the Comptroller of the Currency, recently took a technology-neutral approach to crypto-asset activities and treats such activities the same as any other banking activity, irrespective of the technology used6. Therefore, while crypto-asset activities are becoming mainstream finance activities, the global playing field is not entirely level. As FRFIs may want to diversify their assets and offer services in new markets, they will need to adopt a prudent approach, in line with evolving regulatory requirements in the jurisdictions in which they operate.
FRFIs will need to assess their crypto-asset activities and governance frameworks to ensure they meet the new requirements for crypto-asset exposures. This may involve adjusting their risk management strategies, compliance policies and procedures and IT and human resources.
For more detailed information and further assistance with understanding the new guidelines, feel free to reach out to our team of experienced lawyers.