The new EU banking package (CRR3/CRD6) amending the Capital Requirements Regulation and Directive (CRR/CRD) includes a transitional regime for the risk-weighting of EU banks' exposures to crypto-assets that will apply until new legislation implements the Basel Committee's standard on crypto-assets, as well as new provisions on the reporting, disclosure, governance and supervisory review of crypto-asset exposures.
CRR3 and CRD6 have now been published in the Official Journal and enter into force on 9 July 2024. The transitional regime for the risk-weighting of crypto-asset exposures applies from entry into force but other new requirements will apply later.
New definitions
CRR3 adds new definitions of 'crypto-asset' and 'crypto asset service' to CRR based on the corresponding definitions in the Markets in Crypto-Assets Regulation (MiCA) but excluding central bank digital currencies from the definition of a crypto-asset. It also defines a 'crypto-asset exposure' as an asset or an off-balance-sheet item related to a crypto-asset that gives rise to credit risk, counterparty credit risk, market risk, operational risk or liquidity risk.
Risk-weighting of crypto-asset exposures
The Basel Committee on Banking Supervision published its standard for the prudential treatment of crypto-assets in 2022 but this is still subject to possible further technical revision and its implementation deadline has now been deferred until 1 January 2026.
CRR3 envisages that the European Commission will, by 30 June 2025, submit a new legislative proposal for a dedicated prudential treatment for crypto-asset exposures, taking into account MICA and international standards. It envisages that the eventual legislative proposal should include provisions on categorisation of crypto-assets, own funds requirements for crypto-asset risks, limits on crypto-asset exposures, and specific leverage, liquidity, disclosure and reporting requirements and supervisory powers in relation to crypto-asset exposures.
However, CRR3 also creates a transitional regime for crypto-asset exposures which applies from 9 July 2024 (the date of entry into force of CRR3) until the application of the new dedicated prudential treatment. The transitional regime categorises crypto-assets differently from the Basel standard and imposes some requirements that are more burdensome than the Basel standard:
- crypto-asset exposures to tokenised traditional assets, including e-money tokens as defined in MiCA, will be treated as exposures to the traditional assets that they represent, unless their value depends on other crypto-assets (under the Basel standard, this treatment applies to a potentially wider group of tokenised traditional assets and stablecoins, including stablecoins that may be assigned a 250% risk-weighting under the CRR3 transitional regime, but only if they meet specified classification conditions);
- exposures to stablecoins that qualify as asset-referenced tokens as defined in MiCA, whose issuers comply with MICA and that reference one or more traditional assets will be assigned a risk weight of 250 % (as mentioned above, the Basel standard envisages that stablecoins meeting the specified classification conditions will be treated in the same way as tokenised traditional assets); and
- other crypto-asset exposures will be assigned a risk weight of 1,250 % and must be limited to 1% of the bank's Tier 1 capital (under the Basel standard, other crypto-assets will also be assigned a risk weight of 1,250% weight but the Basel standard sets a 2% upper limit and explicitly envisages the application of adapted market risk rules with netting and a 100% capital charge where hedge recognition conditions are satisfied, unless exposures to other crypto-asset exceed 1% of Tier 1 capital).
For these purposes, traditional assets are assets other than crypto-assets, including financial instruments, deposits and insurance products. In line with the Basel standard, CRR3 also specifies that exposures to crypto-assets are not to be treated as intangible assets deducted from core equity Tier 1 capital.
The European Banking Authority (EBA) will be required to draft regulatory technical standards (RTS) on the calculation of the new requirements, taking into account international prudential standards and existing authorisations under MiCA, including the calculation of the value of exposures and how to aggregate short and long exposures. The EBA is required to send its draft RTS to the Commission for adoption by 10 July 2025. However, CRR3 envisages that banks will be required to comply with the transitional regime from 9 July 2024 (the date of entry into force of CRR3) even though the RTS are not yet available.
Comparison of CRR3 transitional regime and Basel standard
|
|
CRR3 transitional regime*
|
Basel standard
|
Group 1 assets
|
Capital treatment generally based on existing framework
|
Tokenised traditional assets, including e-money tokens (unless their value depends on other crypto-assets).
|
- Tokenised traditional assets
- Stablecoins
(meeting specified classification conditions).†
|
250% risk-weight
|
Asset-referenced tokens whose issuers comply with MiCA and that reference one or more traditional assets.
|
N/A
|
Group 2 assets
|
1,250% risk-weight
|
Other crypto-assets.
|
- Tokenised traditional assets
- Stablecoins
- Unbacked crypto-assets
(not meeting specified classification conditions).‡
|
Exposure limit for group 2 assets
|
1% of Tier 1 capital.
|
2% of Tier 1 capital (but should generally be below 1%).
|
Other
|
Additional requirements
|
Reporting, disclosure, governance and supervisory review requirements.
|
Operational risk, adapted liquidity requirements, leverage ratio, large exposures, disclosure, risk management and supervisory review requirements.
|
Timing
|
Regime applies from 9 July 2025 but:
- ITS reporting and disclosure requirements apply from entry into force of the ITS and
- governance and supervisory review requirements apply from 11 January 2026.
|
Implementation by 1 January 2026.
|
* RTS will specify calculation of the new requirements, including the calculation of the exposures and how to aggregate short and long exposures.
† Supervisors may apply an add-on for perceived infrastructure weakness.
‡ Adapted market risk rules apply with netting and 100% capital charge where hedge recognition conditions are satisfied (unless group 2 assets exceed 1% of Tier 1 capital).
The CRR3 transitional regime and the Basel standard do not apply to central bank digital currencies.
|
New reporting and disclosure rules
EU banks will also be subject to new requirements to report to supervisors on their crypto-asset exposures. The EBA will be required to draft implementing technical standards (ITS) for these requirements (and to develop IT solutions for this reporting). The new requirements apply from 9 July 2024 (the date of entry into force of CRR3) but any new reporting requirements set out in the ITS will not apply earlier than six months from the date of their entry into force.
CRR3 will also require banks categorised as large institutions to include information related to crypto-assets in their annual 'Pillar 3' disclosures. These disclosures will have to cover:
- the direct and indirect exposure amounts in relation to crypto-assets, including the gross long and short components of net exposures;
- the total risk exposure amount for operational risk;
- the accounting classification for crypto-asset exposures;
- a description of the business activities related to crypto-assets and their impact on the bank's risk profile; and
- a specific description of their risk management policies related to crypto-asset exposures and crypto-asset services.
Banks will have to provide more detailed information for material business activities, including the issuance of 'significant asset-referenced tokens' and 'significant e-money tokens' within the meaning of MiCA. When complying with these requirements, banks will not be permitted to rely on the general exemption allowing the non-disclosure of immaterial, confidential or proprietary information. The new requirements also apply from 9 July 2024 but the EBA will be required to draft ITS specifying uniform formats for these disclosures by 10 July 2025 (and to develop related IT solutions for reporting).
New governance and supervisory review requirements
CRD6 also includes new rules on bank governance and supervisory review specifically covering crypto-asset exposures. Member States will be required to adopt national implementing measures for these rules by 10 January 2026 and to apply those rules from 11 January 2026.
Supervisors will be required to ensure that:
- banks conduct and report on ex-ante assessments of any proposed crypto-asset exposures and the adequacy of existing processes and procedures to manage counterparty risks;
- banks' monitoring of concentration risks considers, for crypto-assets without an identifiable issuer, concentration risk in terms of exposure to crypto-assets with similar features;
- banks' policies and processes for evaluating and managing exposures to operational risk cover direct and indirect exposures to crypto-assets and crypto-asset service providers; and
- their supervisory review and evaluation process includes an assessment of banks' governance and risk management processes for exposures to crypto-assets and the provision of services related to crypto-assets including banks' policies and procedures for identifying risks.
Member States will be obliged to ensure that supervisors have powers to require banks to undertake stress testing or scenario analysis to assess risks arising from crypto-asset exposures and from the provision of crypto-assets related services.
Authors: Diego Ballon Ossio, Marian Scheele and Chris Bates.
