Crypto Regulatory Strategy & Support

Risk and compliance considerations and resources

Regulatory and industry focus

Innovative new financial services offerings are already in consumers' hands and adoption is increasing. Six segments of digital assets are expected to draw the majority of consumer and investment interest.

Capital Markets

Securities regulators continue to monitor crypto markets for products and activities that run afoul of registration requirements and other securities regulations.


Many U.S. and global regulatory authorities have stated that stablecoin issuers should be regulated similar to banks.


The scope of NFT’s on the market is increasingly incorporating more traditional financial products such as real estate.

Custody and Exchange

Custody and exchange activities trigger money transmission requirements of U.S. and foreign jurisdictions.

DeFi and Liquidity

Lending/ borrowing of digital assets is enticing for traditional financial institutions, but large concerns loom for the safety of retail investors.


Rapid evolution in blockchain technologies will prompt continued regulation and analysis of web product governance.

A multidisciplinary approach

Current KPMG Financial Services Regulatory and Compliance Risk (FSRCR) activity in the cryptocurrency space acts as a first line of approach for companies, drawing in a multitude of KPMG service lines.






Accounting Advisory Services


Tech Risk Management

As cryptocurrency becomes more widely adopted, there is a growing need for various KPMG services, including license application and compliance assessment, risk and control assessments for banks engaging in cryptocurrency activity, BSA/ AML program development, cybersecurity consultations, audit support, and tax services.

U.S. Regulatory Developments

Since the fall of 2021, regulatory authorities have been announcing their intent to solidify regulatory authority and create clearer expectations for cryptoassets and the entities interested in participating in related activities. An example of regulatory clarity provided, on November 18, 2021, the Office of the Comptroller of the Currency (OCC) released interpretive letter #1179, stating it is permissible for a bank to engage in cryptocurrency activities if the bank can justify to the OCC that they have controls in place to conduct the activity in a safe and sound manner.

Crypto and digital asset considerations

KPMG is actively working with crypto-native and traditional FSIs to establish and adapt compliance and risk management programs to integrate additional risk considerations into existing enterprise frameworks.


  • Strategy Development
  • Vendor Selection & Third Party Risk Assessment
  • Commercial & Operational Due Diligence
  • Licensing Assistance

Capability Development

  • Crypto Risk Framework Alignment
  • Risk and Control Self Assessment (RCSA) Process
  • Compliance Program Development
  • Custody Operations Control Assessment
  • Custody Operations & Security Design
  • Information Security Program Development


  • Disaster Recovery Design & Testing
  • AML Transactions Monitoring
  • Third Party Risk Management Uplift
  • Wallet Key Generation Ceremonies

KPMG has extensive experience assisting institutions in the development and implementation of wide-ranging, business-as-usual compliance programs for their digital asset-related activities.

Representative Client

  • Stablecoin Issuer
  • International Payments Provider
  • Online Travel Services Company and Global Quantitative Trading Firm
  • FinTech Lending
  • Digital Asset Bank

Key Risk Areas Addressed

  • Technology
  • Regulatory and AML/KYC
  • Operations
  • Tax and Financial Reporting
  • Information and Cyber Security

Accelerators Used

  • State-by-State Requirements Filing Inventory and Application Roadmap
  • Regulatory Reporting Operating Model and Data Inventory
  • Operational Policies and Procedures (Including AML and Cyber)
  • Regulatory Change Management Program
  • Digital Asset Risk Taxonomy

Contact us

Todd Semanco

Todd Semanco

Partner, Advisory, FS Regulatory & Compliance Risk, KPMG US

+1 412-232-1601
Damian Plioplys

Damian Plioplys

Principal, Advisory, FS Risk, Regulatory & Compl, KPMG US

+1 212-872-7959
Michael Sullivan

Michael Sullivan

Principal, Advisory, FS Regulatory & Compliance Risk, KPMG US

+1 703-286-8000
John Caruso

John Caruso

Principal, Forensic, KPMG US

+1 212-954-6831
Matthew P. Miller

Matthew P. Miller

Principal, Advisory, Cyber Security Services, KPMG US

Reza Van Roosmalen

Reza Van Roosmalen

Principal, Advisory, Accounting Advisory Services, KPMG US

+1 212-954-6996