Last week the PRA published a 'Dear CEO' letter to banks and PRA-regulated investment firms on exposure to cryptoassets. In light of the increasing growth of cryptoasset businesses, the letter is intended to ensure that firms understand the PRA's expectations around risk management and measurement against the existing prudential framework.


The letter acknowledges that no one part of the current framework fully captures crypto risks and that firms should be using a combination of strong risk controls, operational risk assessments, robust new product approval processes, Pillar 1, Pillar 2, and ongoing monitoring arrangements as "interim" measures when addressing the risks posed by cryptoasset exposure. The PRA are clear that a long-term framework will be developed and that it is likely that long-term treatment will differ from that under the current framework.

The letter also sheds some light on the question of the prudential treatment of cryptoassets and the PRA's view is that for the vast majority of cryptoassets, particularly unbacked crypto, an appropriate capital requirement would be 100% of the current value of the firm’s position.