The Private Key Control Standard
The Proposed Rules would require a Covered Custodian to maintain possession or control of covered assets of a covered customer that are held directly, including assets held in a digital wallet for which the Covered Custodian controls the associated private keys. A Covered Custodian or sub-custodian “maintains control” of a payment stablecoin or stablecoin reserve in tokenized form if it can reasonably demonstrate, consistent with the applicable standard of care, that no other party, including the covered customer, can transfer the payment stablecoin or tokenized asset using a distributed ledger without the custodian or sub-custodian’s consent. This proposed standard of control would be a higher bar to meet than that contained in the SEC Division of Trading and Markets’ December 2025 statement on broker-dealer custody of crypto asset securities, which required that broker-dealers only maintain policies, procedures, and controls reasonably designed to ensure that no other person, including a customer or third-party, has access to the relevant private keys or the ability to transfer the asset without authorization—a procedural standard rather than a technical-capability requirement. 24 This private key control standard would amount to the first formalized federal rulemaking with a technical control test and would have significant architectural implications for how digital asset custody structures are designed and operated. It is unclear what form this “reasonable demonstration” of exclusive control would take, and the Proposing Release provides no examples.
The Self-Custody Hardware and Software Exclusion
In line with the GENIUS Act, the Proposed Rules provide that the custody requirements do not apply to entities solely because they provide hardware or software to facilitate customer self- custody of payment stablecoins or private keys. Conversely, the OCC notes in the Proposing Release that the requirements could apply if an entity controls or holds itself out as controlling the assets or provides or holds itself out as providing safekeeping or custodial services. This includes ancillary or incidental custodial services (such as facilitating the customer's crypto-asset and fiat currency exchange transactions, transaction settlement, trade execution, recordkeeping, valuation, tax services, reporting, or other similar services).
Additional Operational Requirements
Capital Requirements
The Proposed Rules set out a proposed capital structure for Stablecoin Issuers with two tiers, including Common Equity Tier 1 (common stock, retained earnings, and accumulated other comprehensive income (“AOCI”)) and Additional Tier 1 (noncumulative perpetual preferred stock issuances classified as equity under GAAP). There would be no standardized established ratios between the tiers and no mandatory deductions under the Proposed Rules. Rather, the OCC would determine the capital requirements for each Stablecoin Issuer individually on a case-by-case basis. This would be consistent with the approach the OCC takes when determining minimum capital requirements for national banks at their chartering and would include an analysis of factors like financial projections, fixed and variable expenses, the nature of fiduciary products and services
24 See Statement on the Custody of Crypto Asset Securities by Broker-Dealers, SEC Division of Trading and Markets, (Dec. 17, 2025).
March 2026 / Page 13
Powered by FlippingBook