In the USA, there are overlapping programmes for financial services regulation. The federal government and each of the 50 states, as well as Puerto Rico, the District of Columbia and Guam, charter and regulate banks, non-bank lenders, money services businesses (MSBs) and securities firms, and may regulate digital currencies and crypto firms. Regulation of insurance is done almost exclusively by the states and territories. Regulation of commodity futures is exclusively a federal area.

Where there is a conflict between federal and state law, federal law prevails over state law. As regards conflicts within federal law, the US Constitution has priority, followed by federal statutes, agency regulations, and agency interpretations and guidance.

At the federal level, there is a mix of regulation and supervision by many different federal financial regulatory agencies based on:

• the nature of the entity and the type of charter and licence; and
• the type of functions and activities conducted.

Federally chartered banks and trust companies are regulated by the Office of the Comptroller of the Currency (OCC) and the National Credit Union Administration (NCUA). State-chartered banks regulated by the relevant state banking commissioners and either the Federal Deposit Insurance Corporation (FDIC) or the Board of Governors of the Federal Reserve System (the “Federal Reserve”). The FDIC also acts as deposit insurer and receiver for federally and state-chartered banks.

The Federal Reserve regulates and supervises bank holding companies, savings and loan holding companies and their subsidiaries, as well as international banking activities. Through its Reserve Banks, the Federal Reserve operates as the de facto central bank of the USA; it issues currency, operates payment systems, operates the discount window for lending to banks, conducts other lending functions with financial institution counterparties, holds cash reserve balances for banks, and manages aspects of interest rates and the money supply.

The Consumer Financial Protection Bureau (CFPB) regulates and enforces federal consumer compliance laws for non-bank financial services firms, other than certain categories of securities firms regulated by the Securities and Exchange Commission (SEC), and banks with over USD10 billion in assets.

Securities laws are administered, and securities products and firms are regulated, by the SEC and the Financial Industry Regulatory Authority (FINRA). Insurance companies, insurance agencies and insurance products are regulated and supervised by state insurance commissions. Swap dealers, futures commission merchants, introducing brokers, commodity trading advisers and commodity pool operators, as well as futures exchanges and regulated commodities products, are regulated by the Commodity Futures Trading Commission (CFTC) and the National Futures Association (NFA) under the Commodity Exchange Act (CEA).

The federal banking and related laws are codified in Title 12 of the US Code. Securities laws are codified in Title 15, and commodities laws are codified in Title 7. Key federal legislation governing financial services firms in the USA includes the following.

• The National Bank Act.
• The Federal Reserve Act.
• The Bank Holding Company Act.
• The Federal Deposit Insurance Act (the “FDI Act”).
• The Homeowners Loan Act (HOLA).
• Consumer protection statutes:
1. the Alternative Mortgage Transaction Parity Act of 1982;
2. the Consumer Leasing Act of 1976;
3. the Electronic Fund Transfer Act (the “EFT Act”);
4. the Equal Credit Opportunity Act (ECOA);
5. the Fair Credit Billing Act;
6. the Fair Credit Reporting Act (FCRA);
7. the Home Owners Protection Act of 1998;
8. the Fair Debt Collection Practices Act;
9. Section 43 of the Federal Deposit Insurance Act;
10. Sections 502 through 509 of the Gramm-Leach-Bliley Act (GLBA);
11. the Home Mortgage Disclosure Act of 1975 (HMDA);
12. the Home Ownership and Equity Protection Act of 1994 (HOEPA);
13. the Real Estate Settlement Procedures Act of 1974 (RESPA);
14. the S.A.F.E. Mortgage Licensing Act of 2008;
15. the Truth in Lending Act (TILA); and
16. the Truth in Savings Act (TISA).
• The International Banking Act.
• The Federal Credit Union Act.
• The Dodd-Frank Wall Street Reform and Consumer Protection Act of 2010 (the “Dodd-Frank Act”).
• The Bank Secrecy Act (BSA) and the Trading with the Enemy Act.
• Federal securities statutes:
1. the Securities Act of 1933 (the “1933 Act”);
2. the Securities Exchange Act of 1934 (the “1934 Act”);
3. the Investment Company Act of 1940 (the “1940 Act”); and
4. the Investment Advisers Act (the “Advisers Act”).
• The Commodity Exchange Act.

Federally Regulated Financial Entities

Traditional banks and bank holding companies

Commercial banks that provide loans or extend other forms of credit and accept deposits that are insured by the FDIC are regulated and supervised at either the federal or state level. State-chartered banks that are members of the Federal Reserve System are regulated and supervised by the Federal Reserve under the Federal Reserve Act and the FDI Act, along with any applicable state regulators. State-chartered banks that are not members of the Federal Reserve System are regulated by the FDIC at the federal level and state banking regulators under applicable state law. National banks are regulated and supervised by the OCC, and benefit from federal pre-emption of state laws that “prevent or significantly interfere with the exercise by the national bank of its powers” (see Barnett Bank of Marion Cty, NA v Nelson, 517 US 25 (1996)). The FDI Act generally allows a state-chartered bank to engage in any activities that a national bank may engage in, subject to applicable state law. Some states allow for banks chartered in their states to engage in the same activities that national banks are authorised to engage in under the National Banking Act, regulations adopted by the OCC, or interpretations and guidance thereunder.

The Federal Reserve Act sets forth the authority of the Federal Reserve in terms of monetary policy and banking regulation. The Federal Reserve Act also sets forth the restrictions and prohibitions on loans and extensions of credit by banks to their directors, executive officers, principal shareholders and their related interests, as well as restrictions and prohibitions on transactions between a bank and its affiliated persons.

Bank holding companies are required to serve as a source of strength for their subsidiary banks. While bank holding companies are able to engage in broader activities than banks, their activities are limited to those that are “closely related to banking” unless they elect and meet the requirements to be treated as a financial holding company, in which case they are able to also engage in activities that are “financial in nature” and “complementary to financial activities”. Savings and loan holding companies (SLHCs) are generally regulated and supervised similar to bank holding companies, except as otherwise required. SLHCs that are considered grandfathered unitary SLHCs (as defined in the GLBA) can engage in commercial activities such as insurance, securities and manufacturing that are not otherwise permissible for bank holding companies or traditional SLHCs, provided that they continue to meet certain requirements.

The Federal Reserve Act also imposes restrictions and limitations on a bank’s loans, extensions of credit and other transactions with companies that are under common control with the bank, along with companies that are considered “affiliates” under the Federal Reserve Act and Regulation W. The Federal Reserve Act also places restrictions and limits on a bank’s loans and extensions of credit with insiders of the bank. These requirements are applied to state-chartered member banks, state-chartered non-member banks, and national banks alike. Federal and state-chartered savings associations are also subject to these requirements, except as otherwise required.

Under the BHC Act, any “company” that seeks to “control” a bank or bank holding company is required to seek prior approval and register as a bank holding company. The term “control” is defined under the BHC Act as:

• owning or controlling, directly or indirectly or in concert with others, 25% or more of any “class” of voting securities of a bank or bank holding company;
• having the ability to elect or control the election of the majority of the board of directors of a bank or bank holding company; or
• otherwise having the ability to exercise a controlling influence over a bank or bank holding company.

The same applies for SLHCs and savings associations.

Individuals, personal trusts, and any entity that is not considered a “company” under the BHC Act are required to seek supervisory non-objection under the Change in Bank Control Act (the “CIBC Act”) prior to acquiring “control” of a bank. The term “control” under the CIBC Act is defined similar to that of the BHC Act, and includes the concept of “acting in concert” with others.

For international banking activities and investments, a US bank or bank holding company can engage in such by establishing a foreign branch or office, or by forming an Edge corporation under Section 25A of the Federal Reserve Act, which is a corporation chartered by the Federal Reserve and authorised to engage in international or foreign banking or other operations; activities in the USA must be incidental to its foreign operations.

SLHCs and savings associations

An SLHC is defined to include any company that controls, directly or indirectly, a savings association or another SLHC. The term “control” is interpreted to have virtually the same meaning as it does under the BHC Act. Like bank holding companies, SHLCs are required to serve as a source of strength for their subsidiary savings associations. In addition, SHLCs may engage in activities enumerated under HOLA, including loan programmes, job training programmes, multi-family low-income housing property management, real estate acquisition and development, certain equity investments, and activities that are permissible for BHCs under Section 4(k) of the BHC Act.

A savings association is a state- or federally chartered financial institution that specialises in accepting savings deposits and providing mortgage and other consumer loans. In addition, a savings association may generally engage in commercial lending, but its commercial lending activity may not exceed 20% of its total loan volume. Savings associations differ from traditional banks in their specialised focus but offer similar products and services.

ILCs, industrial banks, credit card banks and national trust companies

In addition to commercial banks, certain special purpose banks are able to engage in limited banking activities. Industrial loan companies (ILCs) and industrial banks are state-chartered banks that are able to make loans and accept limited types of deposits that are FDIC-insured. ILCs and industrial banks may not accept or maintain demand deposits, but may accept deposits for placement in a savings account or Negotiable Order of Withdrawal (NOW) account.

Credit card banks have the primary business line of issuance of credit cards, the generation of credit card receivables, and activities incidental thereto. Credit card banks are able to offer other services, but their business plans are normally focused on credit cards and related products and services. National trust companies and national trust banks have business lines that primarily involve providing fiduciary services.

Non-bank systemically important financial institutions (“non-bank SIFIs”)

A non-bank SIFI is a non-bank financial company that is predominantly engaged in financial activities. To be “predominantly engaged” means that:

• 85% or more of its consolidated annual gross revenues are financial in nature; or
• 85% or more of its consolidated assets are financial in nature.

A non-bank financial company may be designated as “systemically important” when:

• material financial distress at the company “could pose a threat to the financial stability of the USA; or
• the “nature, scope, size, scale, concentration, interconnectedness, or mix of the company’s activities” could pose the same threat.

Under Section 113 of the Dodd-Frank Act, the FSOC is empowered to make such determination. Non-bank SIFIs are supervised by the Federal Reserve.

Credit unions

A credit union is a member-owned, not-for-profit financial institution that accepts deposits, makes loans and provides a wide array of other financial services and products. Credit unions may be state- or federally chartered. Profits made by credit unions are returned back to their members in the form of reduced fees, lower interest rates on loans, higher interest rates on deposits, and through the payment of dividends to their members. Historically, membership in a credit union was limited to people who share a “common bond”, such as working in the same industry or company, or living in the same community. The NCUA regulates federally chartered credit unions and provides share insurance to depositors, similar to the FDIC’s Deposit Insurance Fund.

Credit unions offer common financial services and products, including checking and savings accounts, credit and debit cards, and various loan products. In addition, credit unions offer other, specialised services to members, such as financial counselling and special loan programmes. Similar to a savings association, a credit union is limited in the amount of commercial lending in which it is permitted to engage.

Foreign banking organisations

Foreign banking organisations (FBOs) operate in the USA through state or federal branches, agencies and representative offices. FBOs may also maintain non-banking offices and subsidiaries, such as SEC-registered broker-dealers and registered asset management and adviser firms. The banking operations of an FBO in the USA are subject to supervision and regulation of the Federal Reserve as the umbrella supervisor, and any branch, agency or other subsidiary is subject to the regulation and supervision of the chartering authority of the entity as well as any applicable state regulators.

Generally, FBOs are treated as bank holding companies in terms of regulation, supervision and permissibility of non-banking activities in the USA. FBOs that control a branch, agency, commercial lending subsidiary, Edge corporation, or US bank or bank holding company are required to register as bank holding companies with the Federal Reserve, and must evidence that worldwide banking business exceeds banking business in the USA to avoid restrictions. This is referred to as meeting the requirements as a Qualified FBO.

Broker-dealers, investment advisers, investment funds, exchanges, clearinghouses, trading systems and rating agencies

A broker-dealer is a firm engaged in the business of effecting transactions in securities for the accounts of others or buying and selling securities for the firm’s own account or otherwise. Broker-dealers and their personnel are subject to a comprehensive legal and regulatory framework administered by the SEC, FINRA and state securities commissioners. In general, the 1934 Act requires broker-dealers to register as such with the SEC and with the state securities commissioners in the jurisdictions in which a firm conducts a securities business. Broker-dealer firms are also required to become members of FINRA.

Investment advisers are persons or firms that are engaged in the business of providing advice to others about securities for compensation. The activities of investment advisers are regulated under the Advisers Act and SEC regulations thereunder. Investment advisers with more than USD100 million in assets under management (AUM) must register with the SEC, whereas small and mid-sized advisers with lower AUMs must generally register with state securities commissioners.

Investment companies – which generally are companies whose balance sheets consist substantially of “investment securities” – are required to register as such with the SEC under the 1940 Act, unless an exemption or exclusion applies. Mutual funds, closed-end funds and exchange-traded funds are common forms of registered investment companies. Certain privately offered funds, including private equity and hedge funds, may qualify for an exemption from registration under the 1940 Act.

A securities exchange is an organisation, association or group of persons that constitutes, maintains or provides a marketplace or facilities to bring together purchasers and sellers of securities or that otherwise performs the functions of a stock exchange. National securities exchanges must register as such with the SEC. Additionally, certain securities trading systems known as “alternative trading systems” are overseen by the SEC despite not being required to register as national securities exchanges.

Clearing agencies act as intermediaries in making payments or other deliveries in connection with transactions in securities or derivatives. In effect, clearing agencies interpose themselves between counterparties to a transaction to ensure performance and settlement, and to perform various incidental functions. Clearing agencies that act as central securities depositories must register with the SEC under the Exchange Act, whereas derivatives clearing organisations (DCOs) are generally required to register with the CFTC under the CEA.

Credit rating agencies provide assessments of creditworthiness of a company or debt security. Certain credit rating agencies that issue credit ratings with respect to various financial institutions, corporate issuers of securities, or issuers of asset-backed securities may elect to register with the SEC as nationally recognised statistical rating organisations.

Issuers of securities

Companies that engage in public offerings of their securities must generally register the securities with the SEC under the 1933 Act and file periodic reports with the SEC. Reports filed with the SEC must describe the issuing company’s business, management, properties and assets, the nature of its securities offering(s) and its financial conditions. Certain securities offered to a limited number of investors, in a limited size, or an intrastate offering (among other securities offered in varying forms), are not required to be registered with the SEC provided that applicable requirements for such offerings are followed. Securities offered to the public may also be required to be registered under state “blue sky” securities laws.

Commodities, swaps and derivatives

Commodities and derivatives products, including swaps, futures and options on futures, are generally subject to the CEA. The CFTC exercises jurisdiction over these products and product markets, as well as relevant market actors, including brokers, swap dealers and other intermediaries, DCOs, trading organisations or exchanges, and data repositories. In general, firms and individuals providing these functions must register with the CFTC and the NFA, the self-regulatory organisation for the US derivatives industry. More specifically, persons that act as swap dealers or major swap participants must register as such with the CFTC and NFA. Additionally, commodity trading advisers, commodity pool operators (CPOs), futures commission merchants (FCMs), introducing brokers and floor brokers and traders, as well as the associated persons of such firms, must also register with the CFTC and NFA.

At the product level, the CFTC enforces statutory and regulatory requirements regarding the size of speculative positions in futures markets, swap data reporting, clearing, margining, record-keeping and disclosure, while also enforcing the CEA’s prohibitions on anti-fraud and manipulation.

State Regulated Entities

State-chartered banks and trust companies

State-chartered banks are subject to supervision and regulation at the federal and state level. At the state level, a state-chartered bank is subject to the state laws of its chartering state as well as any other state in which the bank has a presence. At the federal level, state-chartered banks that are members of the Federal Reserve System are subject to the supervision and regulation of the Federal Reserve, and state-chartered non-member banks are subject to the supervision and regulation of the FDIC.

Insurance

Insurance companies and agents, or producers, are licensed and regulated at the state level. Each state insurance department imposes licensing obligations on insurance companies and producers operating within the relevant jurisdiction, and establishes and enforces rules and regulations governing insurance contracts issued and sold by such entities and persons. Licensing and qualification requirements also apply to individual insurance salespersons who act on behalf of an insurance producer firm and/or insurer. Banks and bank holding companies are authorised under federal banking laws and regulations to engage in certain insurance agency and underwriting activities.

The National Association of Insurance Commissioners (NAIC) acts as a standard-setting and regulatory support organisation for state insurance departments.

Money transmitters

Money transmitters are primarily licensed and regulated at the state level. State regulatory agencies impose licensing, net-worth, bonding, permissible-investment, reporting, examination and other requirements on companies engaging in the business of money transmission in their jurisdiction. At the federal level, money transmitters that meet the definition of money services businesses must register with the Financial Crimes Enforcement Network (FinCEN) and comply with the BSA’s anti-money laundering (AML) requirements. All money transmitters must also comply with US sanctions administered by the Office of Foreign Assets Control (OFAC).

The Conference of State Bank Supervisors (CSBS) serves as a co-ordinating and standard-setting organisation for state money transmitter supervision.

Mortgage lenders and brokers

Mortgage lenders and brokers are subject to federal and state regulatory regimes, depending on charter and activity. Generally, mortgage lenders and brokers must:

• obtain state licences, specific to lending, brokering and servicing activities;
• satisfy financial responsibility and surety-bond requirements; and
• submit to periodic examinations.

Mortgage loan originators (MLOs) must meet qualification, testing and continuing education standards. In contrast, federal law pre-empts state lender licensing requirements with respect to federally regulated depository institutions, and MLOs employed by federally regulated depository institutions are subject to less burdensome requirements via the Nationwide Multistate Licensing System (NMLS).

With respect to regulated products and conduct, mortgage lenders and brokers must comply with an array of federal consumer protection laws. States may further regulate high-cost and predatory lending restrictions, points-and-fees thresholds, usury limits and advertising rules, as well as broker conduct standards.

CFPB authority

The CFPB, which was established as an independent agency within the Federal Reserve under the Dodd-Frank Act, is the primary federal regulatory agency responsible for regulating the offering and provision of consumer financial products or services in accordance with federal consumer financial laws. The CFPB is responsible for issuing rule-makings, interpretations and guidance implementing federal consumer financial laws. The CFPB has exclusive authority to enforce federal consumer laws against non-depository covered entities, and exclusive federal consumer law supervisory authority and primary enforcement authority over insured depository institutions with over USD10 billion in assets.

The BHC Act/SLHC Coverage

Any “company” that “controls” a bank or bank holding company, with each term as defined under the BHC Act, is required to register with the Federal Reserve as a bank holding company. Additionally, any “company” that “controls” a savings bank or savings association, each as defined under HOLA, is required to register with the Federal Reserve under HOLA as an SLHC. The BHC Act, HOLA and implementing regulations set forth additional requirements and guidance as to the companies that are required to register, and those that are excluded or exempted as not meeting the definition of “company” or “control”.

ILCs, Credit Card Banks and Non-Depository Trust Companies

Certain entities have been excluded from the definition of the term “bank” under the BHC Act, which has resulted in the ability of corporate parents – including commercial enterprises – having ownership and control over limited-purpose institutions without qualifying as a “bank holding company”, provided that the institution satisfies the specific statutory conditions.

ILCs

ILCs are FDIC-insured, state-chartered institutions that are excluded from the BHC Act’s definition of “bank”. Generally, this exclusion applies to a depository institution that:

• does not accept demand deposits;
• has total assets under USD100 million; or
• was not acquired by any company after 10 August 1987.

Alternatively, the ILC exclusion applies to an institution grandfathered to engage only in activities in which it lawfully engaged as of 5 March 1987.

Credit card banks

The Competitive Equality Banking Act of 1987 (CEBA) amended the BHC Act to exclude from the term “bank” certain credit card banks – limited-purpose institutions principally engaged in issuing and administering credit cards and related receivables. To qualify, an institution must:

• engage only in credit card operations;
• not accept demand deposits;
• not accept any savings or time deposit of less than USD100,000;
• maintain only one deposit-accepting office; and
• not engage in commercial lending, except under limited circumstances.

Non-depository trust companies

Institutions that function solely in a trust or fiduciary capacity are excluded from the BHC’s definition of “bank” if they satisfy all of the following:

• all or substantially all deposits are trust funds received in a bona fide fiduciary capacity;
• no insured deposits are offered or marketed by or through an affiliate;
• the institution does not accept demand deposits and does not make commercial loans; and
• the institution does not obtain Federal Reserve payment services or discount or borrowing privileges.

Credit Unions

Federal and state-chartered credit unions operate under a separate statutory framework governed primarily by the Federal Credit Union Act, and are supervised by the NCUA or the relevant state authority. As not-for-profit, member-owner co-operatives, credit unions are exempt from federal income tax under the Federal Credit Union Act, subject to certain limitations. Credit unions are also excluded from the definition of “bank” under the BHC Act. Consequently, the parent companies or sponsoring organisations of credit unions are not subject to the BHC Act or Federal Reserve supervision. This notwithstanding, credit unions remain subject to prudential oversight by the NCUA and applicable state banking regulators.

Non-Bank Financial Services Firms

In the USA, a broad range of non-bank financial services firms – such as money transmitters, payment processors, consumer and small business lenders, and digital finance platforms – benefit from exemptions concerning payments and lending activities. With respect to payments, providers commonly structure activities within FinCEN’s recognised “payment-processor” exclusion from money transmitter status so that – when operating under a bona fide merchant agreement – providers need not register with FinCEN as MSBs. In addition, entities already registered with and functionally regulated or examined by the SEC or CFTC are excluded from MSB status for certain regulated activities. On the lending side, non-bank providers commonly choose not to lend to consumers and instead rely on the business- or commercial-purpose carve-out under Regulation Z, which excludes credit primarily for business, commercial, agricultural or organisational purposes from the TILA’s scope.

Form BD/IA/Investment Company Status

Depository institutions are exempt by statute and rules – to varying extents – from the requirements to register and be regulated as a broker-dealer, investment adviser or investment company.

Under Section 3(a) of the 1934 Act, a bank is not considered to be a broker or a dealer if it engages in certain enumerated activities involving or relating to securities transactions, including, but not limited to:

• facilitating certain bank-permissible securities transactions or private securities offerings;
• providing trust and fiduciary services;
• providing securities custody and safekeeping services; and
• participating in certain securities brokerage networking arrangements.

This statutory exemption is further implemented by the Federal Reserve’s Regulation R.

Under Section 202 of the Advisers Act, banks and bank holding companies are excluded from the definition of “investment adviser”. This exclusion is not available to a bank that acts as an investment adviser to a registered investment company. Additionally, foreign banks, credit unions, and investment adviser subsidiaries of banks or bank holding companies do not qualify for the exclusion.

Under Section 3(c)(3) of the 1940 Act, banks and savings associations, among other financial institutions, are excepted from the definition of “investment company”. Additionally, Section 3(c)(4) of the 1940 Act provides that any person whose business is confined to making small loans, industrial banking or engaging in a similar business is also excepted from “investment company” status.

Securities Registration: Public Company Reporting Status

Section 3(a)(2) of the 1933 Act exempts from registration (among other forms of securities) any securities issued or guaranteed by US banks. Banks that issue securities pursuant to this exemption are not subject to the requirements of the 1934 Act that apply to reporting companies; however, banks must comply with applicable banking agency regulations in respect of such issuances.

Commodities Laws and Swap Dealer Status

A “swap dealer” is, generally, a person that:

• holds itself out as a dealer in swaps;
• makes a market in swaps;
• regularly enters into swaps with counterparties as an ordinary course of business for its own account; or
• engages in any activity causing the person to be commonly known as a dealer or market maker in swaps.

Any person meeting this definition must register with the CFTC as a swap dealer and comply with applicable regulatory requirements. There are numerous exceptions to this definition. Of note, any person that engages in a de minimis quantity of swap dealing activities is not required to register as a swap dealer. This de minimis exception is implemented through a complex regulatory framework.

A person who performs the functions of a swap dealer in respect of “security-based swaps” is deemed to be a “security-based swap dealer” and must register as such with the SEC. The SEC has, by rule, implemented its own de minimis exception to security-based swap dealer status that generally aligns with the CFTC’s corresponding exception from swap dealer status.

Banks’ cryptocurrency and digital asset activities are regulated under federal and state banking and financial services laws and regulations, as interpreted and enforced by federal and state banking agencies. At the federal level, banks are authorised to engage in certain specified digital asset-related activities, including:

• providing digital asset custody services;
• holding on deposit reserve assets backing stablecoins;
• facilitating and verifying digital asset payments;
• utilising distributed ledger technology in the provision of banking services; and
• issuing digital assets that represent deposits (so-called “tokenised deposits”).

At the state level, state banks and trust companies are generally permitted to engage in the same activities and are generally exempt from licensing and regulatory requirements that apply to non-banks that perform the same functions and activities (eg, money transmitters).

Under the Guiding and Establishing National Innovation for US Stablecoins Act (the “GENIUS Act”), which was enacted by the US Congress in July 2025 but will not take effect until 2027, banks are authorised to issue “payment stablecoins” through non-bank subsidiaries and provide custody, settlement and other administrative services in support of such stablecoins and their reserve assets.

Digital asset instruments themselves may also be subject to regulation as securities, commodities or derivatives. The classification for regulatory purposes of a particular digital asset instrument is highly fact-specific, and the legal framework governing these assets is emerging and subject to rapid change.

OCC

The OCC is an independent agency within the Treasury Department. National banks are chartered, regulated and supervised by the OCC under the National Banking Act, the FDI Act, and other federal banking laws or regulations that apply to national banks and for which the primary federal regulator of the bank is responsible for enforcement. The operating subsidiaries of national banks and federal savings banks are also subject to the supervision and regulation of the OCC. Subsidiaries of a national bank that engage in activities that are also federally regulated, such as broker-dealers and registered investment advisers, are subject to the regulation and supervision of FINRA.

The OCC is also responsible for the supervision and regulation of federal savings associations, federally licensed branches of FBOs, national trust banks and special purpose national banks.

Federal Reserve

The Federal Reserve is a federal agency comprised of seven governors tasked with monetary policy and regulation and supervision of bank holding companies, SLHCs, FBOs with operations in the USA, and state-chartered member banks. The Board of Governors serves as the policy-setting function of the system. Reserve Banks, located throughout the USA, are responsible for executing, facilitating and supporting the policy-making functions of the Federal Reserve. The Federal Reserve co-ordinates its supervision of state-chartered banks with the applicable state regulators.

Holding companies of banks and savings associations are subject to the regulation and supervision of the Federal Reserve under the BHC Act and HOLA, respectively. Financial holding companies that are banking holding companies and SLHCs are required to maintain well-capitalised and well-managed standards, and the same is expected of their subsidiary insured depository institutions, to be able to engage in “financial in nature” activities such as including securities underwriting, insurance underwriting, and merchant banking investments; these are also supervised and regulated by the Federal Reserve.

Under the International Banking Act, the Federal Reserve is responsible for the approval and supervision of FBOs in the USA.

Under the Dodd-Frank Act, the Federal Reserve is also the regulator and supervisor of any non-banks that are designated as SIFIs.

FDIC

The FDIC serves as the primary federal regulator of state-chartered non-member banks, including state-chartered ILCs. The FDIC normally co-ordinates supervision of state-chartered banks with applicable state regulators. The FDIC is also responsible for maintaining the Deposit Insurance Fund, and is the agency responsible for approving federal deposit insurance applications by de novo banks and non-insured institutions seeking to accept FDIC-insured deposits. As the protector of the Deposit Insurance Fund, the FDIC has the responsibility of resolving failed insured depository institutions. In connection with its resolution responsibilities, the FDIC requires insured depository institutions with USD50 billion or more in total consolidated assets to submit resolution plans, and, together with the Federal Reserve, requires large holding companies to submit resolution plans as mandated under the Dodd-Frank Act.

CFPB

The CFPB is a bureau within the Federal Reserve formed by the Dodd-Frank Act. The CFPB is responsible for rule-makings to implement federal consumer financial protection laws, and has primary supervisory authority over banking organisations with assets over USD10 billion in total consolidated assets, as well as their affiliates. The CFPB also has supervisory authority over non-depository mortgage originators and servicers, payday lenders, and private student lenders and other non-bank entities that provide consumer financial products or services.

OFAC

OFAC is an office within the Treasury Department that administers and enforces economic and trade sanctions targeting foreign countries and governmental regimes, terrorist organisations, international drug traffickers, and other persons involved in activities deemed to be detrimental to the national security, foreign policy or economy of the USA.

FinCEN

FinCEN is a bureau of the Treasury Department. Its mission is to safeguard the financial system from illicit activity, counter money laundering and the financing of terrorism (CFT), and promote national security through the strategic use of financial authorities and the collection, analysis and dissemination of financial intelligence.

FinCEN exercises regulatory functions primarily under the Currency and Financial Transactions Reporting Act of 1970, as amended by Title III of the USA PATRIOT Act of 2001 and other legislation, commonly referred to as the BSA. The BSA is the nation’s first and most comprehensive Federal AML and CFT statute, authorising the Secretary of the Treasury to issue regulations against financial crime. The Secretary of the Treasury has delegated this authority to the Director of FinCEN.

FSOC

FSOC is responsible for identifying risks to the financial stability of the USA that could arise from the distress or failure of large, interconnected bank holding companies and non-bank SIFIs, or that could otherwise arise outside the financial services marketplace, and for responding to emerging threats to the stability of the US financial system in the interest of promoting market discipline and eliminating the expectations that the government will bail out large institutions in the event of failure. In addition to monitoring potential risks to the financial stability of the USA, FSOC is responsible for designating non-bank financial companies that are SIFIs and are subject to supervision and regulation of the Federal Reserve System as bank holding companies.

NCUA

The NCUA is an independent federal agency that insures deposits at federally insured credit unions, protects the members who own credit unions, and charters and regulates federal credit unions.

The NCUA protects the safety and soundness of the credit union system by identifying, monitoring and reducing risks to the National Credit Union Share Insurance Fund. Backed by the full faith and credit of the USA, the Share Insurance Fund provides federal share insurance to millions of account holders in all federal credit unions and the overwhelming majority of state-chartered credit unions.

The Federal Credit Union Act authorises the NCUA board to oversee the US credit union system and administer and manage the National Credit Union Share Insurance Fund. The NCUA also has statutory responsibility for supervising compliance with and enforcing laws and regulations that protect all credit union members.

State Banking Commissioners

State banking commissioners charter, supervise and examine state-chartered banks and trust companies, along with an array of state-regulated non-bank financial services firms. For state-chartered banks, commissioners often co-ordinate supervision with the bank’s federal prudential regulators.

SEC/FINRA

The SEC implements and enforces the federal securities laws, and oversees firms and persons that buy and sell securities, provide advice about securities, and offer platforms on which securities can be traded, among others. The SEC monitors the securities markets to ensure their fair and efficient functioning, seeks to facilitate capital formation, and educates investors and the public about the US equity markets and investing in securities. The SEC also oversees and requires periodic reporting of public companies whose securities are registered under the 1933 Act.

FINRA is a private, non-profit self-regulatory organisation that supervises broker-dealer firms and personnel under the oversight of the SEC. Broker-dealers registered with the SEC must become member firms of FINRA and comply with applicable FINRA rules. Among other functions, FINRA also monitors market events, educates investors, and administers qualification programmes for securities salespersons associated with FINRA member firms.

CFTC/NFA

The CFTC enforces and implements the CEA and oversees the US commodities and derivatives markets and market actors, including swap dealers, FCMs, brokers and other intermediaries, derivatives exchanges and DCOs, CPOs and commodity trading advisers (CTAs), and data repositories. The CFTC also regulates specific products within its jurisdiction, including commodities, swaps, futures contracts, options and event contracts.

The NFA is a private self-regulatory organisation designated by the CFTC as a registered futures association. The NFA licenses and oversees various derivatives market actors, including swap dealers, CPOs, CTAs, FCMs, introducing brokers and associated persons of such entities.

State Insurance Commissioners

Insurance products and sales are primarily regulated at the state level. Each US state legislature enacts insurance laws and each jurisdiction maintains an insurance department (or insurance-focused unit within a broader regulatory agency) to implement, administer and enforce those laws. The NAIC acts as a standard-setting body for state legislatures and insurance departments. The NAIC adopts best practices, conducts peer reviews, and seeks to co-ordinate regulatory oversight of insurance companies, producers and markets in conjunction with state insurance departments.

Banking

The rules of the federal bank regulators are codified in Title 12 of the Code of Federal Regulations and, together with the published guidance, are available online on the agencies’ websites here and here. State banking statutes and regulations are generally available on the state banking agency websites.

Securities

Rules of the SEC are codified in Title 17 of the Code of Federal Regulations, and are available along with published guidance on the SEC website. FINRA rules and published guidance are available on the FINRA website. State securities statutes, regulations and published guidance are generally available on the state securities commissioners’ websites.

Commodities

The CFTC’s regulations are codified under Title 17 of the Code of Federal Regulations. Additional regulatory resources, including CFTC staff letters, are available here.

The NFA Rulebook is available here.

Insurance

Insurance regulations are codified under the state administrative codes of each US state. Additional regulatory resources are available at the websites of each state insurance department.

The NAIC also publishes a variety of information regarding state insurance regulation, including model laws and contact information for state insurance departments. This information is available here.

The federal banking regulators have proposed but not yet adopted capital and liquidity rules to implement all aspects of the final Basel III reforms, commonly referred to as the Basel III endgame. The last proposed rules were published in 2023 and were expected to be implemented by July 2025, but the proposal was withdrawn due to industry criticism and political pushback. The 2024 US elections resulted in a change in the administration that also prompted changes to the leadership at the federal banking agencies.

The federal banking agencies are expected to publish a new proposed rule, though a date has not yet been announced for when the re-proposal should be expected.

As of 28 May 2024, a “T+1” settlement cycle applies to most US securities transactions. This requirement applies to transactions involving “securities” as defined under the 1934 Act. The requirement does not apply to certain exempted securities, government securities, municipal securities, commercial paper, contracts for the purchase or sale of unlisted limited partnership interests, security-based swaps, and other contracts that the SEC elects to exempt.

ESG represents a component of corporate strategy and investor decision-making. The purpose of ESG regulations in the USA is to promote investor awareness of ESG impacts, and businesses must also comply with evolving sustainability reporting regulations to ensure transparency and consistency in their disclosures. There is currently no co-ordination between the federal government and the states, with many states moving in opposite directions. Moreover, many of the ESG regulations and/or requirements promulgated at the federal level have been rescinded or will not be enforced by the current administration.

The financial services regulators at the federal and state level are generally supportive of the responsible use of AI and AI-related innovation. The regulators are exploring ways to use AI in their work, and views are constantly evolving. The regulators are generally at the educational and testing stage of understanding the foundational aspects of AI and ways that the agencies can responsibly incorporate AI into their work. Some agencies have published requests for information on AI from their regulated entities and the public in general, to better understand the use cases and the risk management frameworks that are being implemented by early adopters of generative AI.

The financial services regulators are generally supportive of regulated institutions’ use of AI, provided that the institutions have robust governance and strong risk management practices to mitigate risks associated with AI, and ensure that the use of AI complies with all applicable federal and state law requirements. While the regulators are supportive of AI innovation, the use of AI does not alleviate regulated institutions from complying and demonstrating compliance with applicable laws and regulations, including those related to consumer financial protection laws, data security, data privacy and fraud. Efforts are advancing on AI ethics to ensure the responsible use of AI by institutions, as well as a push for a pragmatic approach to monitoring the unique risks posed by AI, especially with respect to combating fraud and cybersecurity and data breaches.

Fintech is primarily regulated in the USA at the product and activity level. Fintech products and services – which may include loans, payment instruments and services, and investment products and platforms – are generally subject to federal and state financial services and banking, consumer financial protection, and securities laws and regulations, as applicable. Fintech firms may be required to obtain licences to carry out their business activities. At the federal level, fintech firms may seek specialised bank charters, including a national trust bank charter or special purpose fintech charter, or may face registration requirements under the federal securities or derivatives laws.

State regulatory agencies and, to a lesser extent, the CFPB have used “regulatory sandboxes” or “no-action” processes to encourage innovation and allow firms to use emerging technologies in the design, delivery and administration of financial products and services on time-limited or other restricted bases. The use of these tools varies by jurisdiction, with many US regulatory agencies opting against their use.

The Federal Reserve Board has not formally proposed the implementation of a central bank digital currency (CBDC) for use in the US domestic payments system. Under an Executive Order issued by the Trump administration in January 2025, except as may be required by law, federal agencies are prohibited from taking any action to establish, issue or promote CBDCs within the USA or abroad. A bill proposing to ban the offering of a CBDC in the USA is currently being debated by the US Congress.

The CFPB provides a single point of accountability for enforcing federal consumer financial laws and protecting consumers in the financial marketplace. The CFPB is the primary federal regulator for financial institutions with total assets of USD10 billion or more for the purposes of federal consumer financial laws. The CFPB’s activities include:

• rooting out unfair, deceptive or abusive acts or practices by writing rules, supervising companies and enforcing the law;
• enforcing laws that outlaw discrimination in consumer finance;
• taking consumer complaints;
• enhancing financial education;
• researching the consumer experience of using financial products; and
• monitoring financial markets for new risks to consumers.

“Shadow banking” is not a term defined in US laws but is used to denote financial services companies that are not banks and not regulated under the banking laws, and that engage in activities analogous to or in competition with banks in their core banking functions (such as lending, holding short-term redeemable cash balances, and money transmission).

While the USA does not regulate “shadow banks” as such, there is a set of processes under Title I, Section 113 of the Dodd-Frank Act by which large, interconnected companies can be designated by FSOC as non-bank SIFIs and subject to supervision and regulation by the Federal Reserve. The statute contains specific criteria that must be followed to make this determination, including size, leverage, short-term debt funding and interconnectedness to the financial system. FSOC and the Federal Reserve have adopted rules and guidance implementing the statute.

In addition, Section 120 of the Dodd-Frank Act authorises FSOC to recommend (but not to require) that the primary regulator of a category of financial firms adopt new or heightened standards and safeguards to mitigate the risks associated with a financial activity or practice.

On several occasions, FSOC has used its authority under Section 120, and has threatened use of its Section 113 designation authority, to persuade the SEC to increase its already comprehensive regulation of money market mutual funds and other open-end investment companies. On those occasions, FSOC, the Federal Reserve and various proponents of those changes likened the funds to “shadow banks”.

In the USA, authorisation depends on a firm’s business activities. Because US regulatory regimes are activity-based, authorisation will require a firm to define its products, client types and geographic footprint, mapping each to the required charter, licence, registration and SRO membership, if applicable. As a starting point, firms seeking authorisation will need to take the following initial steps:

• form legal entities;
• identify control persons;
• assemble audited or pro forma financials; and
• meet minimum capital or surety requirements.

Firms seeking authorisation will also need to adopt policies and procedures for risk assessments that will drive further compliance policies and procedures, including, but not limited to:

• BSA/AML and OFAC sanctions;
• know-your-customer (KYC), privacy and GLBA safeguards;
• cybersecurity and incident response;
• third-party risk management;
• business continuity and disaster recovery;
• handling of consumer complaints;
• books and records; and
• marketing.

Once in place, a firm must then prepare and submit written applications, such as the following:

• charter and supervisory applications for banking organisations, as well as a separate FDIC application for deposit insurance;
• Form BD for broker-dealers and Form ADV for advisers, for securities businesses;
• CFTC registration and NFA membership for derivatives intermediaries; and
• FinCEN MSB registration and state money-transmitter or lending licences for payments businesses, often through the NMLS.

Regulators and SROs will test “operational readiness” by:

• reviewing policies and procedures, internal controls and manuals;
• facilitating interviews with control persons; and
• conducting on-site or virtual examinations.

Approvals may impose conditions on authorisation, including phased product roll-outs, heightened reporting or independent testing. Once a firm has obtained authorisation, it may be subject to continued reporting, supervisory or examination obligations.

Timelines and fees associated with authorisation will turn on a firm’s business model, complexity and exposure to federal, state and self-regulatory approvals. While the specific facts and circumstances will affect the timing for authorisation, typical timeframes are set forth as follows:

• bank charters and deposit insurance – estimate 12 to 24 months for federal or state regulatory review, in addition to a separate process to obtain FDIC deposit insurance;
• investment advisers – estimate 45 days to approve or institute proceedings;
• broker-dealers – estimate four to nine months, driven largely by FINRA’s review and operational-readiness requirements;
• state-registered advisers and broker-dealers – estimate 30 to 90 days, depending on the state regulator and any comments received;
• derivatives intermediaries – estimate two to six months, depending on the principal’s background; and
• state-licensed money transmission and consumer lenders – estimate anywhere from three to 12 months per state.

Firms will encounter a variety of fees when seeking authorisation, including:

• regulatory notice/application filing fees and membership fees;
• fingerprinting and criminal background check fees associated with control persons;
• bonding or capital obligations; and
• fees associated with professional consultants and infrastructure, including for legal counsel, compliance consultants, independent testing and audit, and training and licence support.

Individuals working in regulated financial services industries are subject to a wide array of federal and state registration requirements, ongoing regulatory obligations, and supervisory oversight.

Securities Firms

Individuals working in securities firms are subject to comprehensive federal licensing and supervision requirements administered through the SEC, FINRA and various state regulators. Generally, investment advisers managing USD100 million or more in assets must register with the SEC and comply with all applicable SEC regulations, while investment advisers with fewer assets under management are subject to state regulatory oversight. Broker-dealers must register with the SEC, FINRA and applicable state regulators, and are subject to ongoing regulation and oversight.

Commodities Firms

Individuals working in commodities firms are subject to regulation and licensing by the CFTC and the NFA. CTAs, who provide individualised advice about commodity trading, and CPOs, who solicit and pool funds to trade in commodity futures or options, must comply with applicable CFTC and NFA registration requirements. All registered individuals are subject to ongoing CFTC and NFA oversight.

MLOs

Individuals who originate mortgage loans are subject to state licensing requirements under various state laws consistent with the federal S.A.F.E. Act, which imposes certain minimum licensing standards. Mortgage loan originators are subject to ongoing supervision and must comply with various federal and state consumer financial protection laws, including TILA, ECOA and the Fair Housing Act.

Bank and Bank Holding Company Personnel

Although federal and state laws do not, in general, impose direct regulation or licensing requirements on the personnel of banks and bank holding companies, these individuals are subject to various legal and regulatory restrictions. These restrictions include, for example:

• limits on insider lending to bank officers and directors;
• prohibitions on bank directors serving on the boards of competing banks; and
• requirements that banks obtain regulatory approval before hiring or retaining individuals with certain criminal convictions.

Senior bank personnel are also subject to the ongoing regulatory oversight and enforcement authority of federal and state banking agencies.

A number of significant regulatory changes are expected in the coming year.

Implementing the Trump Administration’s “Debanking” Executive Order

Implementing the Trump administration’s directive to curb “politicised or unlawful debanking”, the OCC and the FDIC have proposed codifying a prohibition on using reputation risk in examinations. Federal regulators have also begun investigating allegations of “politicised or unlawful debanking”, and further supervisory and enforcement actions are expected to enforce the Executive Order.

Uncertain Future for Independent Agency Heads

Leadership among certain independent agencies, such as the Federal Reserve Board, are in flux, as President Trump seeks to remove independent agency heads and board members. Executive Orders asserting closer White House oversight of historically independent regulators also point to increasing executive oversight of these key agencies.

Easing Up on Antitrust Review

Antitrust review of bank combinations is expected to ease at the prudential banking agencies. The OCC has already restored expedited review and rescinded its 2024 policy statement, and the FDIC has moved to roll back its 2024 merger policy, signalling increased openness for deals involving well-capitalised, well-managed institutions. The Department of Justice continues to apply the 2023 Merger Guidelines across industries.