The full text on this page is automatically extracted from the file linked above and may contain errors and inconsistencies.
Minutes of the Financial Stability Oversight Council October 3, 2022 PRESENT: Janet L. Yellen, Secretary of the Treasury and Chairperson of the Financial Stability Oversight Council (Council) Jerome H. Powell, Chair, Board of Governors of the Federal Reserve System (Federal Reserve) Martin Gruenberg, Acting Chairman, Federal Deposit Insurance Corporation (FDIC) (via videoconference) Gary Gensler, Chair, Securities and Exchange Commission (SEC) Rostin Behnam, Chairman, Commodity Futures Trading Commission (CFTC) Rohit Chopra, Director, Consumer Financial Protection Bureau (CFPB) Sandra L. Thompson, Director, Federal Housing Finance Agency (FHFA) Michael J. Hsu, Acting Comptroller of the Currency, Office of the Comptroller of the Currency (OCC) Todd M. Harper, Chairman, National Credit Union Administration (NCUA) Thomas E. Workman, Independent Member with Insurance Expertise (via videoconference) Steven Seitz, Director, Federal Insurance Office (FIO), Department of the Treasury (non-voting member) Charles G. Cooper, Commissioner, Texas Department of Banking (non-voting member) Elizabeth K. Dwyer, Superintendent of Financial Services, Rhode Island Department of Business Regulation (non-voting member) Melanie Lubin, Securities Commissioner, Maryland Office of the Attorney General, Securities Division (non-voting member) GUESTS: Department of the Treasury (Treasury) Nellie Liang, Under Secretary for Domestic Finance Sandra Lee, Deputy Assistant Secretary for the Council Laurie Schaffer, Principal Deputy General Counsel Eric Froman, Assistant General Counsel (Banking and Finance) Sean Hoskins, Director of Policy, Office of the Financial Stability Oversight Council Board of Governors of the Federal Reserve System Michael Barr, Vice Chair for Supervision Andreas Lehnert, Director, Division of Financial Stability Federal Deposit Insurance Corporation James McGraw, Senior Deputy Director, Division of Complex Institution Supervision and Resolution Securities and Exchange Commission Amanda Fischer, Senior Counselor Commodity Futures Trading Commission Rahul Varma, Associate Director, Division of Market Oversight Consumer Financial Protection Bureau Gregg Gelzinis, Advisor to the Director Federal Housing Finance Agency Christopher Dickerson, Senior Advisor Comptroller of the Currency Jay Gallagher, Acting Senior Deputy Comptroller for Supervision Risk and Analysis National Credit Union Administration Catherine Galicia, Chief of Staff Office of the Independent Member with Insurance Expertise Charles Klingman, Senior Policy Advisor (via videoconference) Federal Reserve Bank of New York Richard Crump, Financial Research Advisor, Capital Markets Function Office of Financial Research (OFR) James Martin, Deputy Director, Operations Sriram Rajan, Associate Director, Research Analysis Center Federal Insurance Office Philip Goodman, Senior Insurance Regulatory Policy Analyst (via videoconference) Texas Department of Banking Karen Lawson, Senior Vice President for Policy, Conference of State Bank Supervisors Rhode Island Department of Business Regulation Ethan Sonnichsen, Managing Director, National Association of Insurance Commissioners Maryland Office of the Attorney General, Securities Division Vincente Martinez, General Counsel, North American Securities Administrators Association PRESENTERS: Financial Stability, Energy Market, and International Market Developments • Patricia Zobel, System Open Market Account Manager pro tem, Markets Group, Federal Reserve Bank of New York • William Bassett, Senior Associate Director, Division of Financial Stability, Federal Reserve • Lisa Ryu, Senior Associate Director, Division of Supervision and Regulation, Federal Reserve 2 • • Rahul Varma, Associate Director, Division of Market Oversight, CFTC Jeff Gerlach, Vice President, Quantitative Supervision and Research Unit, Federal Reserve Bank of Richmond (available for questions) Digital Assets Report • Sandra Lee, Deputy Assistant Secretary for the Council, Treasury • Jonathan Rose, Senior Economist, Federal Reserve Bank of Chicago Cloud Services Adoption in the Financial Sector • Todd Conklin, Deputy Assistant Secretary for Cybersecurity and Critical Infrastructure Protection, Treasury Executive Session The Chairperson called the executive session of the meeting of the Council to order at approximately 2:04 P.M. She began by noting that this was the first in-person meeting of the Council since she had become Chairperson. She outlined the meeting agenda, which had previously been distributed to the members together with other materials. The agenda for the executive session was a presentation by staff of the Federal Reserve and CFTC on financial stability, energy market, and international market developments. 1. Financial Stability, Energy Market, and International Market Developments The Chairperson introduced the meeting agenda item, a presentation from staff of the Federal Reserve and CFTC on financial stability, energy market, and international market developments. She introduced Patricia Zobel, System Open Market Account Manager pro tem in the Markets Group at the Federal Reserve Bank of New York. Ms. Zobel stated that she would discuss recent financial developments in the United Kingdom (U.K.) and the impact of these events on U.S. financial markets. She discussed how the recent announcement of the U.K. fiscal package had affected U.K. markets, including changes in the yields of U.K. government debt denominated in British pounds, or Gilts. She discussed reports of deleveraging among liability-driven investors (LDI) to meet margin calls associated with rising yields. She said that the Bank of England had undertaken purchases of Gilts to address the associated market dysfunction, which stabilized markets and led to Gilt yields declining. Ms. Zobel said that the financial volatility in the U.K. had contributed to asset price swings in U.S. markets and a modest tightening of financial conditions. She described the impact on asset prices and spreads, including Treasury yields and spreads of investment-grade mortgage-backed securities to Treasury securities. She noted that while liquidity in certain fixed-income markets had deteriorated, markets continued to function. She said that dollar funding conditions and commercial paper spreads both remained stable. She stated that it would be necessary to continue monitoring for any potential spillovers from U.K. developments. Council members then asked questions and had a discussion, including regarding potential risks to defined-benefit pension funds in the U.K., risks related to LDI, continued monitoring of 3 financial markets and financial institutions, and coordination with U.K. regulators. The Chairperson then introduced William Bassett, Senior Associate Director of the Division of Financial Stability at the Federal Reserve; Lisa Ryu, Senior Associate Director of the Division of Supervision and Regulation at the Federal Reserve; and Rahul Varma, Associate Director of the Division of Market Oversight at the CFTC. Mr. Bassett stated that asset valuation pressures had lessened but remained high in housing and commercial real estate markets. He noted that households and the nonfinancial sector appeared resilient, and that bank capital remained in the post-2010 range. He said that short-term funding markets had also remained resilient but should continue to be monitored. Ms. Ryu then described the impact of higher interest rates amid a slowing economy. She noted the impact of higher interest rates on banks’ net interest income, fair values of certain securities, and deposit flows, and discussed potential liquidity concerns and credit risks. She also described the recent volatility in European energy and commodity markets and potential exposures of counterparties and banks. Mr. Varma then stated that he would present on energy market risks, particularly in Europe. He noted that European gas and electricity prices were high and described recent policy responses in the European Union and U.K., including gas and power rationing in the U.K. He described the effects on the natural gas market from Russia leaving the system as a supplier, and he noted that U.S. natural gas production had recovered and was expected to continue to grow. Mr. Varma described the impact of energy market developments on the financial system, including the significant increase in initial margin at central counterparties in Europe and the impact on margins in over-the-counter derivatives markets. The Chairperson adjourned the executive session of the meeting at approximately 2:46 P.M. Open Session The Chairperson called the open session of the meeting of the Council to order at approximately 2:52 P.M. The Chairperson outlined the agenda for the open session, which included (1) a presentation and vote on the Council’s digital assets report, (2) votes on the charter of the Council’s Climate-related Financial Risk Advisory Committee and on its initial membership, (3) a presentation on cloud services adoption in the financial sector, and (4) a vote on the minutes of the Council’s meeting on September 23, 2022. 1. Digital Assets Report The Chairperson turned to the first agenda item, a presentation on the Council’s digital assets report in response to the Executive Order on Ensuring Responsible Development of Digital Assets, which was issued on March 9, 2022. She introduced Sandra Lee, Deputy Assistant Secretary for the Council at Treasury, and Jonathan Rose, Senior Economist at the Federal Reserve Bank of Chicago. 4 Ms. Lee stated that staff from all the Council member agencies had collaborated to evaluate digital asset activities, with a focus on identifying potential risks to U.S. financial stability, evaluating the existing regulatory structure, and developing recommendations to address these risks. She said that the report that would be voted on at the meeting represented the outcome of these efforts. She stated that the report presented the views of the full range of federal and state regulators represented on the Council and highlighted key risks that policymakers should seek to address. Mr. Rose stated that the Council’s digital assets report addressed risks to U.S. financial stability, regulatory gaps, and recommendations for action. Mr. Rose stated that the report concluded that crypto-asset activities could pose risks to U.S. financial stability under certain conditions. He noted that those conditions are: first, if interconnections of crypto-asset activities with the traditional financial system or their overall scale were to grow; and second, if that growth were to occur without adherence to or being paired with appropriate regulation, including enforcement of the existing regulatory structure. He stated that the report highlighted stablecoin activities as a notable source of potential interconnections with the traditional financial system. Mr. Rose said that the report also detailed sources of acute instability arising from speculation-driven cryptoasset prices; interconnections within the crypto-asset ecosystem; operational vulnerabilities; funding mismatches and run risk; and leverage. Turning to the regulation of digital assets, Mr. Rose stated that the report placed particular emphasis on compliance with and enforcement of the existing regulatory structure as a key step in addressing financial stability risks. He said that the report also noted that many nonbank firms in the crypto-asset ecosystem had advertised themselves as regulated. He noted that many firms, for example, emphasize their registration as money services businesses, although such regulation does not provide a comprehensive framework for mitigating financial stability vulnerabilities. He stated that while some firms in the crypto-asset ecosystem had attempted to avoid regulation, other firms had engaged with the existing regulatory system by obtaining trust charters or special state-level crypto-asset-specific charters or licenses. Mr. Rose stated that although the existing regulatory system covers large parts of the cryptoasset ecosystem, the report identified three gaps in the regulation of crypto-asset activities in the United States. He said the first gap is that the spot market for crypto assets that are not securities is subject to limited direct federal regulation. He noted that, as a result, this market may not be subject to a regulatory framework designed to ensure orderly and transparent trading, prevent conflicts of interest and market manipulation, and protect investors and the financial system more broadly. He said that the report recommended that Congress enact legislation providing rulemaking authority for federal financial regulators over this market. Mr. Rose said that the second gap is that businesses in the crypto-asset market do not have a consistent or comprehensive regulatory framework and can engage in regulatory arbitrage. He said that some crypto-asset businesses may have affiliates or subsidiaries operating under different regulatory frameworks, with no single regulator having visibility into the risks across the entire business. He noted that, to address the risk of regulatory arbitrage, the report recommended continued coordination; legislation addressing the risks posed by stablecoins; legislation relating to regulators’ authorities to have visibility into and supervise the activities of 5 all the affiliates and subsidiaries of crypto-asset entities; and appropriate service provider regulation. Mr. Rose said that the third gap is that a number of crypto-asset trading platforms had proposed offering retail customers direct access to markets by vertically integrating the services provided by intermediaries such as broker-dealers or futures commission merchants. He said that financial stability and investor protection risks may arise from retail investors’ exposure to some practices frequently proposed by vertically integrated trading platforms, such as automatically and rapidly closing out customer positions. He stated that the report therefore recommended study of potential vertical integration by crypto-asset firms. Following the presentation, the Chairperson noted that the Council works to identify, address and foster resilience to vulnerabilities in the U.S. financial system. She said that these vulnerabilities include those arising from new and emerging technologies and sectors. She stated that in a speech in April 2022, she had argued that the government should promote responsible innovation that works for all Americans, protects U.S. national security interests and the planet, and contributes to economic competitiveness and growth. She said that innovation is one of the hallmarks of a vibrant financial system and economy, but history had demonstrated that innovation without adequate regulation can result in significant disruptions and harm to the financial system and to individuals. She stated that digital assets had grown significantly in scale and scope over recent years, attracting a large amount of capital and interest from both retail and institutional investors. She stated that, at the same time, significant shocks in volatility had occurred within the crypto-asset system, particularly over the last year. The Chairperson stated that, given this potential for instability, the Council in February 2022 identified digital assets as one of its key priorities for the year. She said that the Council’s digital assets report found that the current regulatory framework had helped largely insulate traditional financial institutions from crypto-asset-related financial stability risks, but the report noted that crypto-asset activities could pose risks to U.S. financial stability if their interconnections with the traditional financial system or their overall scale were to grow without adherence to or being paired with appropriate regulation, including enforcement of the existing regulatory structure. She stated that the report also identified a number of material gaps in current regulation and recommendations to address these gaps. The Chairperson stated that some of the report recommendations were focused on actions that Council member agencies can take with existing authorities and noted that other actions would require Congress to provide new authorities. She said that the report contributed to the analysis of digital asset issues that appeared in other recent reports prepared in response to the President’s Executive Order on Ensuring Responsible Development of Digital Assets, including reports on the future of money and payments, consumer and investor protection, illicit finance, and a framework for international engagement. She said that each of these reports was intended to provide guidance to policymakers in mitigating the risks of digital assets, while realizing their potential benefits. She said that the reports also enabled the public to better understand digital assets. The Chairperson then called on other Council members to comment on the Council’s digital assets report. 6 Jerome Powell, Chair of the Federal Reserve, stated that he supported the report and its recommendations. He stated that it is important to establish a federal prudential framework to address the risks presented by digital assets. He said that acting now would allow Council members to support responsible innovation while preserving financial stability. Gary Gensler, Chair of the SEC, stated that he supported the report. He noted that Bitcoin, the first significant crypto token, was proposed 14 years ago this month, in the midst of the financial crisis. He said that its creator wrote about a new way to transmit value on the Internet without a central intermediary. Addressing the current crypto market, Chair Gensler first stated that this market is a highly volatile, speculative investment class. Second, he said that the market is not decentralized. He noted that the industry is populated by large, concentrated intermediaries, which are often an amalgam of services that are typically separate from each other in the rest of the securities markets. Third, he stated that the crypto industry cannot exist outside of a public policy framework. He stated that this framework includes protecting investors and consumers, addressing illicit activity, and supporting financial stability. He said that regardless of terminology such as crypto token, stablecoin, or decentralized finance platform, the public policy goals remain the same: treat like cases alike. Chair Gensler said that in his view the vast majority of the nearly 10,000 tokens in the crypto market are securities, although some are not. He noted that offers and sales of crypto tokens are covered by the securities laws if they are securities, and said that since most crypto tokens are securities, many crypto intermediaries are transacting in securities and must register with the SEC in some capacity. He stated that as the Council’s digital assets report noted, there is a difference between regulatory arbitrage and non-compliance. He said that there was a significant amount of non-compliance with applicable laws and regulations in the crypto market, and noted that all market participants benefit from compliance with these requirements, which also increases investor confidence in the market. He said that he had therefore asked SEC staff to work with market participants to help ensure that investors in the crypto market receive established protections that exist in other securities markets. He stated that he also looked forward to working with Congress to achieve the public policy goals set forth in the digital assets report, consistent with maintaining the regulation of crypto security tokens and related intermediaries at the SEC. Chair Gensler said that a framework currently exists in the event that crypto intermediaries may need to register with both the SEC and CFTC in the future, since the two agencies maintain dual registrants in the broker-dealer space and in the fund advisory space. He said that if bank regulators receive authority related to the safety and soundness of stablecoins, as recommended by the report on stablecoins issued by the President’s Working Group on Financial Markets (PWG), market regulators should maintain conduct authority over stablecoins available through intermediaries overseen by these regulators. He concluded by stating that the SEC would continue to focus on investor protection and resiliency in the crypto market. Michael Hsu, Acting Comptroller of the Currency, stated that he supported the report and wanted to draw attention to the recommendations focused on minimizing regulatory arbitrage. He said that the 2008 financial crisis illustrated that when regulators do not coordinate effectively on risks that cut across jurisdictional lines, an un-level playing field emerges and financial stability 7 risks grow in the shadows. He said that for the Council to work as intended, each member must consider financial stability from a systemwide perspective. He stated that this is particularly important in emerging areas like crypto. He said that it was critical for the Council and for Congress to prioritize the fourth recommendation in the report, regarding interagency coordination; the fifth recommendation, regarding the federal prudential framework for stablecoin issuers; and the sixth recommendation, regarding regulatory visibility and authorities over all of the activities of crypto-asset entities. He said that properly implemented, these recommendations would help mitigate regulatory arbitrage and reduce risks to financial stability. He stated that in the meantime, the OCC was committed to ensuring that the nexus between crypto and the federal banking system does not become a channel for cross-contagion, while also supporting responsible innovation and progress. Martin Gruenberg, Acting Chairman of the FDIC, stated that he supported the report, and said that it provided a valuable overview and analysis of the financial stability risks of digital assets and a useful set of recommendations. He said that the report also provided an important overview of the existing regulatory and enforcement authorities and how they might be effectively applied to digital assets, and highlighted the significant existing coordination efforts among the member agencies regarding digital assets and how they might be strengthened. He said that the report represented a valuable addition to the Council’s understanding of this issue and how Council members might approach it. Rostin Behnam, Chairman of the CFTC, stated that he supported the report, and expressed his agreement with Chair Gensler’s comments. He noted the CFTC’s enforcement efforts in the area of digital assets. He stated that the report identified gaps in the authority of the CFTC and SEC, and said that the CFTC and SEC would need to collaborate to ensure that they leverage their existing authorities until new authority is provided. He said that he looked forward to working with the Council and Congress to ensure these gaps are filled as soon as possible. Charles Cooper, Commissioner of the Texas Department of Banking, stated that he supported the report. He said that the report and its recommendations should inform the work that Council member agencies undertake as individual agencies and on an interagency basis to balance responsible innovation with safeguarding financial markets and consumers. He noted that, as in other points in history, states had been laboratories of innovation regarding digital assets, the risks involved, and how to best protect citizens. He said that state bank regulators intended to share what they had learned and would work with other agencies and Congress to protect the U.S. financial system, while allowing for prudent innovation and acknowledging the roles of various regulators in supervision and consumer protection. He said that the report highlighted the importance of cooperative federalism. He stated that state bank regulators would welcome a digital asset regulatory framework that stresses the importance of coordination between the states and the federal government, as well as interagency coordination, in developing policy and supervising digital asset activity. Rohit Chopra, Director of the CFPB, expressed his support for the report and said that he wanted to comment on the connections between stablecoins and the payment system. He noted that both the private and public sectors were offering new ways to transfers funds using digital assets. He said that stablecoins pose opportunities and risks. He stated that stablecoins are overwhelmingly 8 used in speculative crypto-asset trading, and are not yet ready for consumer payments. He said that stablecoins could quickly scale if powered by a major platform or other network with significant market penetration, which would have implications for the larger financial system. He stated that, as discussed in the report, the crypto ecosystem’s leverage, opacity, liquidity transformation and associated risks could disrupt the broader financial system. He said that Council members should be on alert, given that stablecoin arrangements pose more imminent concerns than other parts of the crypto-asset ecosystem, especially as banks, large technology companies, and peer-to-peer providers explore launching their own stablecoins. Director Chopra stated that certain Council member agencies had already taken steps to address discrete issues, such as deposit insurance misrepresentation, and were making efforts to address concerns related to fraud, hacks, and scams in the payment system. He said that member agencies should leverage their existing authorities and seek to obtain additional authorities through legislation. He noted that in November 2021, the PWG recommended that the Council consider using its existing authorities to enhance the regulation of stablecoins, absent comprehensive legislation. He said that the Council could evaluate its authorities under Title VIII of the Dodd-Frank Wall Street Reform and Consumer Protection Act as one potential way for federal regulators to seek greater visibility into the stablecoin ecosystem and heighten safeguards where appropriate. He said that the digital assets report would help member agencies coordinate between federal and state agencies, evaluate their existing authorities, and ultimately mitigate risks to the payment system and the U.S. financial system. The Chairperson then presented to the Council the following resolution approving the Council’s digital assets report: WHEREAS, the duties of the Financial Stability Oversight Council (Council) under section 112 of the Dodd-Frank Wall Street Reform and Consumer Protection Act include monitoring the financial services marketplace in order to identify potential threats to U.S. financial stability; monitoring financial regulatory proposals and developments, and making recommendations in such areas that will enhance the integrity, efficiency, competitiveness, and stability of the U.S. financial markets; facilitating information sharing and coordination among Council member agencies and other federal and state agencies; recommending to the Council member agencies general supervisory priorities and principles reflecting the outcome of discussions among the member agencies; and identifying gaps in regulation that could pose risks to U.S. financial stability; and WHEREAS, on March 9, 2022, the President issued Executive Order 14067, “Ensuring Responsible Development of Digital Assets” (the Digital Assets EO), which sets forth the principal policy objectives of the United States with respect to digital assets: protecting consumers, investors and businesses in the United States; protecting U.S. and global financial stability and mitigating systemic risk; mitigating the illicit finance and national security risks posed by misuse of digital assets; reinforcing U.S. leadership in the global financial system and in technological and economic competitiveness, including through the responsible development of payment innovations and digital assets; promoting access to safe and affordable financial services; and supporting technological advances that promote responsible development and use of digital assets; and 9 WHEREAS, the Digital Assets EO states that, within 210 days of the date of the Digital Assets EO, the Secretary of the Treasury should convene the Council and produce a report outlining the specific financial stability risks and regulatory gaps posed by various types of digital assets and providing recommendations to address such risks; and WHEREAS, the Digital Assets EO further states that, as the Secretary of the Treasury and the Council deem appropriate, the report should consider the particular features of various types of digital assets and include recommendations that address the identified financial stability risks posed by these digital assets, including any proposals for additional or adjusted regulation and supervision as well as for new legislation, and that the report should take account of the prior analyses and assessments of the Council, agencies, and the President’s Working Group on Financial Markets, including the ongoing work of the Federal banking agencies, as appropriate; and WHEREAS, the members of the Council have consulted extensively and have drawn on the expertise of the staffs of their agencies to formulate the Council’s assessment of financial stability risks and regulatory gaps posed by various types of digital assets, and recommendations to address such risks; and WHEREAS, the staffs of Council members and their agencies have prepared the draft “Report on Digital Asset Financial Stability Risks and Regulation” attached hereto (the Digital Assets Report). NOW, THEREFORE, BE IT RESOLVED, that the Council hereby approves the Digital Assets Report and authorizes the Chairperson, or her designee, to cause the Digital Assets Report to be published on the Council’s website, in a form and manner acceptable to the Chairperson, or her designee, and to otherwise make it available to the public as the Chairperson, or her designee, deems appropriate; and BE IT FURTHER RESOLVED, that the Council hereby delegates authority to the Chairperson, or her designee, to make technical, nonsubstantive, or conforming changes to the text of the Digital Assets Report, and to take such other actions and issue such other documents incidental and related to the foregoing as the Chairperson, or her designee, deems necessary or appropriate to fulfill the Council’s objectives in connection with its publication. The Chairperson asked for a motion to approve the resolution, which was made and seconded. The Council approved the resolution by unanimous vote. 2. Climate-related Financial Risk Advisory Committee The Chairperson turned to the next agenda item, the establishment of the Climate-related Financial Risk Advisory Committee (CFRAC). She noted that this would be the Council’s first external advisory committee. She stated that climate-related financial risk is complex to evaluate, reflecting the complicated transmission channels linking transition and physical risks to the economy and financial sector. She said that Council member agencies had made progress in 10 improving the Council’s understanding of these risks, but that the Council could benefit from the expertise of individuals appointed to the CFRAC. She said that the CFRAC would be a crucial resource to help the Council gather information and analysis from a broad array of stakeholders and advance its understanding of climate-related financial risks. The Chairperson said that the CFRAC’s initial class of members would bring diverse and expert perspectives to the Council’s climate-related work. She noted that its members were drawn from academia, non-governmental consumer and environmental organizations, and small and large financial institutions. The Chairperson stated that the CFRAC would help the Council receive and analyze information on climate-related financial risks. She said that addressing climate-related financial risks is an urgent priority that would require the collective efforts of both the public and private sectors. The Chairperson then presented to the Council the following resolution adopting the CFRAC charter: WHEREAS, section 111(e)(2) of the Dodd-Frank Wall Street Reform and Consumer Protection Act (Dodd-Frank Act) provides that the Financial Stability Oversight Council (Council) shall adopt such rules as may be necessary for the conduct of the business of the Council; and WHEREAS, on October 21, 2021, the Council approved a Report on Climate-related Financial Risk (Climate Report), which stated that the Council would form a Climate-related Financial Risk Advisory Committee (CFRAC); and WHEREAS, the staffs of the Council members and their agencies have prepared the attached charter for the CFRAC (CFRAC Charter); and WHEREAS, the staffs of the Council members and their agencies recommend that the Council approve and adopt the CFRAC Charter. NOW, THEREFORE, BE IT RESOLVED, that the Council hereby approves and adopts the CFRAC Charter; and BE IT FURTHER RESOLVED, that the Council hereby authorizes the CFRAC Charter to be published on the Council’s website, in a form and manner acceptable to the Chairperson or her designee; and BE IT FURTHER RESOLVED, that the Council hereby delegates authority to the Chairperson, or her designee, to make technical, nonsubstantive, or conforming changes to the text of the CFRAC Charter, and to take such other actions as they may deem necessary or appropriate to fulfill the Council’s objectives in connection with its publication. The Chairperson asked for a motion to approve the resolution, which was made and seconded. The Council approved the resolution by unanimous vote. The Chairperson then presented to the Council the following resolution approving the initial membership of the CFRAC: 11 WHEREAS, on October 3, 2022, the Financial Stability Oversight Council (Council) approved and adopted the charter (Charter) of the Climate-Related Financial Risk Advisory Committee (CFRAC); and WHEREAS, the Charter provides that Council members and staffs of Council members and Council member agencies may propose candidates for CFRAC membership, from which group the Office of the Financial Stability Oversight Council (Council Secretariat) at the Department of the Treasury will select a slate of proposed members, and the Council’s Deputies Committee will consider the proposed slate, make any revisions (subject to Council Secretariat approval), and submit a recommended slate of members to be approved by vote of the Council; and WHEREAS, in accordance with the Charter, the Deputies Committee has submitted the attached slate of members (the Member Slate) to the Council and recommends that the Council approve the Member Slate. NOW, THEREFORE, BE IT RESOLVED, that the Council hereby approves the Member Slate; and BE IT FURTHER RESOLVED, that the Council hereby authorizes the Member Slate to be published on the Council’s website, in a form and manner acceptable to the Chairperson or her designee; and BE IT FURTHER RESOLVED, that the Council hereby delegates authority to the Chairperson, or her designee, to take such actions as they may deem necessary or appropriate to fulfill the Council’s objectives in connection with the foregoing. The Chairperson asked for a motion to approve the resolution, which was made and seconded. The Council approved the resolution by unanimous vote. 3. Cloud Services Adoption in the Financial Sector The Chairperson then turned to the next agenda item, a presentation on the upcoming Treasury report on the financial sector’s use of cloud services and related cybersecurity implications. She introduced Todd Conklin, Deputy Assistant Secretary for Cybersecurity and Critical Infrastructure Protection at Treasury. Mr. Conklin stated that he would update the Council on work that Treasury and its partners in the Financial and Banking Information Infrastructure Committee (FBIIC) were engaged in regarding cybersecurity and critical infrastructure. He said that earlier in 2022, Treasury, in coordination with the FBIIC, had begun working on a report on cloud services and potential implications for operational resilience. He stated that Treasury intended to publish a report on this effort by the end of 2022. He stated that Treasury was supported in this effort by a group of experts from FBIIC member agencies. He stated that this was an important effort for Treasury and the FBIIC not just because of the subject matter, but also as a learning exercise for the FBIIC to gather and share information on a proactive basis and generate a common sector-wide operating picture on an emerging issue. 12 Mr. Conklin stated that the report would focus on public cloud services and the use by the financial sector of three major cloud models. He said that the first model was software-as-aservice, which involves the use of cloud-based applications over the Internet on a subscription basis, like video conferencing or productivity software. He said that the second model was platform-as-a-service, which allows customers to build custom cloud applications without having to manage the underlying servers or application environment. He said that the third model was infrastructure-as-a-service, which offers nearly full control of computing, storage and networking resources on demand. Mr. Conklin said that Treasury and the FBIIC initially focused on concentration and critical infrastructure. He stated that in the preceding few months, they had also considered cloud adoption at small and medium-sized financial institutions like community banks and credit unions. He stated that the report would assess how cloud services are currently being used, how they may evolve, and what gaps may exist that could impact the sector’s operational resilience. He noted that third‑party services can introduce new risks when used inappropriately but can also reduce risks when used appropriately. He stated that the private sector, not the government, has responsibility for design, implementation and risk management of cloud and other third-party services. He noted that, at the same time, transparency from the government, including Treasury and the financial regulators, is crucial to promoting effective resilience in the sector. He said that Treasury and the FBIIC intended that the report would help inform the financial sector and promote constructive cooperation among financial institutions and cloud service providers. Mr. Conklin said that Treasury and the FBIIC, in developing their analysis, were considering a wide range of input in an effort to ensure that the report conclusions are data driven and technically sound. He said that they were relying on four primary sources for the report. He stated that the first source was input from FBIIC members through a stock-take of their own experiences and observations in each area of the sector. He said that the second source was information contributed by Treasury, including lessons learned from Treasury’s own cloud adoption experience, as well as from interagency and international engagement. He said that the third source was relevant literature published since Treasury last examined cloud services in 2018. He stated that the fourth source was discussions with chief information officers and chief information security officers from both cloud service providers and financial institutions, as well as independent experts and industry trade associations. Mr. Conklin stated that Treasury and the FBIIC had spoken with dozens of organizations as part of this process. He said that one of the questions they had been evaluating is the extent to which the financial sector has started using cloud services. He said that they do not have firm statistics on adoption of cloud services by the financial sector, but that information they had received from stakeholders and FBIIC members confirmed that the levels of adoption still vary widely across the sector. He stated that since the onset of the COVID-19 pandemic, many software-as-aservice applications had become commonplace, but the use of more complex services like infrastructure-as-a-service to run core processing for regulated financial services is still rare across the industry. He stated that while some large financial institutions are pursuing strategies to dramatically reduce their on-site data center footprints, most are pursuing an iterative, hybrid strategy that relies on public, private, and on-site infrastructure. He stated that large banks and financial market infrastructures are interested in continuing to explore cloud services and many 13 have developed long‑term plans to do so. He stated that Treasury and the FBIIC expected continued growth in cloud adoption as it becomes more of a mainstream technology. He said that this trend underscores the importance of understanding the benefits and risks of financial institutions’ reliance on these services. Mr. Conklin stated that Treasury and the FBIIC were also examining issues relating to the use of cloud services by smaller financial institutions. He said that key issues for these institutions include securing the right balance of transparency from the cloud service provider to its clients on due diligence and incidents, difficulties for smaller firms in negotiating service contracts, and how the overall cybersecurity talent gap leads to challenges in the cloud services context. He stated in conclusion that as Treasury and the FBIIC develop the report and continue to work on these issues, they would collaborate with the private sector and organizations like the Cyber Risk Institute, FBIIC members, and their international partners, many of which are also considering increasing their oversight of cloud service providers. Following the presentation, the Chairperson stated that the COVID‑19 pandemic had accelerated the adoption of cloud services by financial institutions. She noted that cloud services, when configured appropriately, can benefit operational resilience at the individual firm level. She said that the interdependency of these networks can, however, magnify cyber risks, threatening the operations not just of individual institutions but of the larger financial sector. She said that it was therefore critical that the Council review how these services may affect the financial sector’s operational resilience and develop a common understanding of the potential opportunities and risks of cloud adoption. The Chairperson then called on other Council members to comment on the presentation. Director Chopra stated that cloud services are growing in importance across every international jurisdiction. He noted the widespread transition to the cloud across the U.S. economy, and said it is important for the Council to understand how these developments are specifically affecting the financial sector. 4. Resolution Approving the Minutes of the Meeting Held on September 23, 2022 BE IT RESOLVED, by the Financial Stability Oversight Council (the “Council”), that the minutes attached hereto of the meeting held on September 23, 2022 of the Council are hereby approved. The Chairperson asked for a motion to approve the resolution, which was made and seconded. The Council approved the resolution by unanimous vote. The Chairperson adjourned the meeting at approximately 3:27 P.M. 14
@FedFRASER