| | | Nic Carter delivers a good primer on debanking. The US government is developing its own version of China's social credit system.
x.com
Everyone is familiar with 'debanking' but many are curious as to the precise mechanism through which bank regulation causes debanking. it's obscure and complex which is why we don't have a ton of "evidence". this is be design. I will explain here the specific regulatory developments that led us to this current moment.
1) incorporation of reputational risk into supervisory bank ratings
if you follow bank regulation, you are probably familiar with CAMELS. that's the rubric bank regulators like the FDIC use to evaluate banks. it refers to Capital Adequacy, Asset Quality, Management Quality, Earnings, Liquidity, and Sensitivity to market risk.
however, in 2009, a new letter, R, was added. call it, CRAMELS. the R stands for Reputational risk. Reputational risk is particularly insidious because it can refer to anything. regulators can assign the reputational risk tag to any aspect of a bank's operations. if a regulator doesn't like something a bank is doing, they can call it risky. and of course, facing an enforcement action or consent order adds actual risk to the bank, as clients might desert it. so the regulators can actually create risk by calling a bank's activities risky. this is a literal catch-22!
in 2011, the FDIC put out a circular listing 30 different industries as "high risk". this wasn't explicit regulation or law, just a list of industries they felt were risky for banks to serve. this was the foundation for what became known as Operation Choke Point.
around 2013, the DoJ found a new creative strategy to crack down on non-illegal but distasteful industries, starting with payday lending, then moving on to gun shops, coin dealers, and many others. the way this was actually imposed was through bank regulators like the FDIC calling banks and telling them that certain industries, you guessed it, posed a reputational risk to the banks supporting them. this was totally arbitrary. but it worked. the banks didn't want to fall afoul of the FDIC, so they largely dropped support for the industries deemed "risky".
there's a good paper on why reputational risk is a bad addition to CAMELS courtesy of @ProfJulieHill
: scholarship.law.ua.edu
this is why the FDIC's bank oversight model is so insidious – it's indirect. bank regulators don't go to banks and say "debank this specific client". instead, they say "industry x is high risk". high risk means you have to incur much higher compliance costs to support firms in that industry. for many banks, the high risk tag means that it's often simply not economical to support that industry. (and this is also why the biggest firms are still able to be banked. they can stomach the higher costs and compliance demands of banks. debanking mostly hurts the little guy - early stage startups).
2) elimination / effective prohibition of specialist banks
in response to the reputational risk framework, some banks developed a boutique practice devoted to serving "high risk" industries. in the crypto space, infamously, Signature and Silvergate built their practices around serving crypto firms. in my opinion, both banks were taken out by regulators in spring 2023. Signature was being sent into receivership while solvent (and stripped of their crypto practice during the sale). Silvergate was stripped of their entire business, via the imposition of the 15% effective threshold on crypto deposits, making it impossible for them to continue.
other banks cropped up to serve crypto, like Customers and Cross River, but they ended up facing consent orders from regulators. the message was clear: serve crypto, and be executed, or subject to lawfare.
some new banks, like Caitlin Long's Custodia, also emerged to try and serve crypto directly. Custodia was denied access to a Federal Reserve master account and left largely unable to operate.
it makes sense, given the risk framework, that specialists would emerge. an ordinary bank with a small crypto practice (or any other "risky" sector) may not deem it worth it to incur the high fixed compliance costs and likely would choose to offboard those clients. it might be an unnecessary headache to risk regulator scrutiny if crypto is only 5% of your business. so naturally, some banks would come along that would craft their businesses around this "risky" sector and make it clear up front what they were doing. and build a compliance function entirely around supporting that industry. but post march 2023, this became a prohibited activity, as banks were told to keep their crypto practice to only "ancillary" levels (i.e. around 15% of their total deposits). so no specialists could exist.
Since Dodd Frank, new bank charters are vanishingly rare and hard to get. thus, the market cannot clear: there's clearly an opportunity to serve an industry that other banks won't touch, but new banks are effectively prohibited from entering the business.
3) incorporation of "stakeholder capitalism" into bank supervision
following the GFC, bank regulators started to think more about "stakeholder capitalism" in bank regulation. banks aren't just banks, they're instruments of economic policy, and that should stretch to encompass virtually everyone.
in 2023, the FDIC decided to expand the set of entities that banks have to consider in their actions beyond just clients and shareholders, to ... potentially everyone. anyone is potentially a "stakeholder" in a bank's activities, even if they aren't a bank client or shareholder.
the proposed guidelines asked banks to consider "the interests of all its stakeholders, including shareholders, depositors, creditors, customers, regulators, and the public." as the WSJ said, "progressives apparently believe bank directors have a fiduciary duty to government regulators." banks have to care about the effect of their actions on anyone and everyone. this is a massive expansion of the FDIC's mandate.
ironically, if the FDIC itself were subject to this framework, Chair Gruenberg would have resigned long ago, because he presided over a long scandal pertaining to pervasive misconduct at the agency (see: archive.li
4) veil of secrecy via Confidential Supervisory Information
conversations between bank regulators and banks are considered "confidential supervisory information" or CSI. this is actually meant to protect the banks. if a bank is having a private conversation with a regulator over some issue they're encountering, it makes sense to give them some privacy until they can figure it out. however, perversely, CSI has now been weaponized to protect regulators. banks are prohibited from publicly sharing the kind of guidance they are getting from bank supervisors. this is why you didn't hear much about the FDIC's pressure campaign against crypto (aside from a few pieces from myself and others sourced from bank execs). CSI is the legal mechanism keeping a lid on this whole scandal. many of the most affected bankers were also embroiled in enforcement actions, which in my view, was also an attempt to cover up the summary executions of Silvergate and Signature. naturally, executives couldn't say much while they were still litigating or negotiating settlements.
the CSI designation is how the FDIC and other bank regulators in their 2023 joint statement on crypto could claim that banks were "neither prohibited nor discouraged from providing banking services to customers of any specific class or type", while secretly informing banks that crypto was "high risk". they knew that their off-the-record conversations with bankers wouldn't come out.
notably, the one thing that has pierced this veil is Coinbase's lawsuit against the FDIC, which revealed a spate of "pause letters" the FDIC sent out to dozens of banks in 2022 and 2023 to ask them to pause their crypto-related initiatives. it directly contradicts their public stance on "not discouraging" banks from dealing with crypto.
5) usage of verbal guidance in regulation
in bank regulation circles, verbal guidance given by regulators to banks is referred to as "jawboning" or "moral suasion". this means trying to persuade the private sector to follow a government objective, not through specific mandates, laws, or written rules, but instead by trying to persuade them.
jawboning is how the government attempts to deputize private platforms for matters like control of speech. see this article: knightcolumbia.org
(of course, banks are arguably not "private", since they are highly, highly regulated, and getting a bank charter is virtually impossible. in my mind, banks are arms of the government, and so there should be an even stronger constitutional protection for bank clients. financial access should be treated as a neutral, public utility, like water or power, since banks are de facto arms of the state.)
the bank executives i've talked to tell me that most, if not all, guidance regarding the crypto space is handed down verbally. conversations between regulators and banks are veiled via CSI. bank executives cannot share details of these conversations without risking civil or criminal liability. as such, very few details have come out so far.
how to deal with debanking
now that we understand how debanking actually works, we can figure out how to deal with it. my proposed solutions would be the following:
- formally eliminate "reputational risk" from the bank supervision rubric. bank regulation should focus on root causes and actual risk factors, rather than the extremely vague and manipulable reputation risk designation
- end the post dodd-frank de facto prohibition on new bank charters. new banks should be allowed to emerge to fill the gap left by banks deserting a specific industry. boutiques should be allowed to craft their entire practice around a specific sector
- insist that all regulatory guidance to banks be handed down in writing. this would force regulators to omit unconstitutional requests to banks in their conversations with them. this would make guidance FOIA-able. these communications should become public after some blackout period, perhaps one year
- loosen the prohibition on sharing confidential supervisory information. this should be used as intended – to protect banks, not regulators. banks that are affected by unconstitutional regulatory mandates should be able to appeal to the public, the press, or some oversight body
the practice of debanking crypto will likely end in january 2025, but we need to go further. this isn't really about crypto, it's about the very bad status quo in bank supervision, which ultimately traces to the bank secrecy act and dodd frank.
Tom |
|
