ALBANY, N.Y.–In a move that is likely to be followed by other state regulators, the New York State Department of Financial Services (NYDFS) has issued new guidance requiring banks to integrate blockchain analytics into their compliance programs as it looks to improve its oversight of digital assets.
In the order, Superintendent Adrienne Harris directed all New York banking organizations, including branches of foreign banks, to adopt blockchain monitoring tools to address emerging risks tied to virtual currency activities.
According to the DFS, the decision follows an uptick in digital asset exposure across the banking sector and builds on earlier guidance issued to licensed crypto businesses in 2022.
Organizations Must ‘Adapt’
“As traditional banking institutions expand into virtual currency activities, their compliance functions must adapt, onboarding new tools and technologies to mitigate new and different risks,” Harris said in s statement.
According to the department blockchain analytics can provide actionable insights similar to what is already being used by licensed virtual currency companies.
Under the directive, the state’s banks will be expected to use the tools to screen customer wallets, verify the source of funds from virtual asset service providers, and monitor exposure to potential money laundering, sanctions violations, or other illicit activity.
The directive further orders Fis to compare customers’ expected activity with their actual transactions and assess risks tied to new crypto services or products.
The NYDFS said banks must tailor their risk-management frameworks to their business models and reassess them regularly.
The department said adoption of blockchain analytics is critical as institutions increasingly engage with virtual assets through customer activity or their own operations.
Enhanced Rules
The new directive comes at the same time the NYDFS is phasing in enhanced cybersecurity rules.
By Nov. 1, banks and other covered entities must comply with updated provisions of New York’s cybersecurity regulation, which mandates multi-factor authentication (MFA) for anyone accessing internal systems.
The MFA rule, first amended in 2023, is designed to reduce the risk of credential-based attacks and data breaches in the financial sector, according to the department.
The NYDFS said it is working to modernize oversight of both traditional and digital financial services.
