Federal regulators are increasingly adopting a more crypto-friendly, and more formal approach to bank supervision, one that may have important implications for D&O liability.  Following the President’s August 2025 “Guaranteeing Fair Banking” Executive Order (EO), the Office of the Comptroller of Currency (OCC) issued bulletins in September 2025 to curb “debanking”.  This guidance forces banks to base service decisions on objective risk, rather than social or political motives. Guidance that is further reinforced by the February 26, 2026 Federal Register release and proposal to restrict banking officials from forcing banks to cut ties with clients engaging in controversial but lawful activities.

This shift comes at a pivotal moment for digital assets. As we recently discussed, the SEC has issued detailed guidance distinguishing between digital assets that are subject to the federal securities laws and those that are not, while also clarifying how and when assets may transition into securities status. Taken together, these developments suggest a broader regulatory effort to normalize the treatment of crypto-related activities within existing financial frameworks.

The End of “Reputation Risk”

Notable, an October 2025 Notice of Proposed Rulemaking by the Federal Deposit Insurance Company (FDIC) and OCC asserted that, for years, “reputation risk” has functioned as a catch-all concept within bank supervision. While often framed as a legitimate concern, i.e., the risk that negative public perception could harm a bank’s financial condition, it has also been criticized as inherently subjective and difficult to apply consistently.

The recent regulatory developments, immediately following the President’s EO, reflect a clear effort to eliminate that subjectivity. By directing examiners to focus on measurable risks, like credit, liquidity, operational, and legal risks, regulators appear ready to sideline instances of supervisory discretion and prevent informal pressure on banks to disengage from certain industries.  This may mean that banks may no longer rely on regulatory expectations tied to reputational concerns when deciding whether to serve customers in controversial sectors. Nor may regulators encourage or compel such decisions.

Crypto and Access to the Banking System

The implications for the digital asset sector could be immediate. As has been widely observed, one of the most persistent challenges facing crypto companies has been access to traditional banking services. Even where activities were lawful, financial institutions may decline relationships due to perceived regulatory scrutiny and reputational concerns.

The removal of “reputation risk” from the supervisory framework may ease those constraints. Banks that previously avoided crypto-related clients, whether exchanges, custodians, or stablecoin issuers, may now reassess those decisions in light of clearer regulatory expectations.

At the same time, this shift does not eliminate underlying risks. As we have also previously discussed, crypto-related businesses continue to face significant governance, fraud, and disclosure challenges. These underlying risks are amplified by escalating geopolitical threats, such as reports that Iran is actively using cryptocurrency to circumvent Western sanctions and finance operations during the current conflict with the United States.

Reframing Risk Oversight

There may also be broader D&O underwriting takeaways, aside from the impact to the cryptocurrency, from the federal government’s clear signal to stop institutional “debanking.” Reputational risk has often been treated as a core component of enterprise risk management. The federal government’s regulatory retreat from that concept, with respect to banking, may prompt boards of companies that are in the business of or invest in digital assets and other “morale hazards” to reconsider how such risks are categorized and monitored.

There may be D&O exposure risk, however, if boards fail to appropriately oversee emerging risks particularly in fast-moving areas such as digital assets.  Taking a more laze fare approach could result in shareholder scrutiny claims that a board breached its oversight obligations, even if those risks were not framed in traditional “reputational” terms.

Disclosure Challenges and Securities Litigation Risk

The divergence between regulatory policy and securities law obligations presents another area of potential D&O exposure. Public companies may disclose reputational risk as a material factor in their filings. The question now is whether those disclosures should evolve considering the regulatory shift of what could be considered “reputational harm.”

As our readers may recall, failure to sufficiently disclose material reputational risks may expose a company to potential securities litigation. This tension could become pronounced in the crypto sector and for companies that have created crypto treasures. Market volatility may heighten the importance of accurate and complete disclosure. Statements about regulatory compliance, banking relationships, and business continuity may all become focal points in subsequent litigation.

“Debanking” and Emerging Liability Theories

Furthermore, the effort to curb debanking could introduce new potential avenues of liability. Financial institutions that terminate customer relationships may now face increased scrutiny, particularly if those decisions cannot be tied to objective, documented risk factors.

Without the ability to point to regulatory pressure grounded in reputational concerns, banks may be more vulnerable to claims that account closures or service denials were arbitrary, discriminatory, or inconsistent with stated policies. These disputes could broaden governance and oversight issues.

From a D&O perspective, this may raise the prospect of being drawn into litigation involving customer selection, risk management practices, and internal decision-making processes.

Conclusion

Federal regulators’ retreat from “reputation risk” could reflects an effort to bring greater objectivity and consistency to bank supervision, while addressing concerns about debanking and access to financial services. At the same time, it coincides with a broader shift towards normalization of digital asset activities within the regulatory framework. For D&O underwriters, the implications could be more complex.

Reputational considerations remain highly relevant. Regulatory change does not eliminate exposure but could reshape it. And in this instance, the retreat from “reputation risk” may ultimately heighten the importance of how companies identify, manage, and disclose the risks that regulators are no longer explicitly naming.