Key Takeaways
The global banking system is in the middle of one of its most consequential regulatory updates in decades: the implementation of the Basel III “endgame” reforms. These rules aim to standardize how banks calculate risk, hold capital, and manage exposures across jurisdictions.
Yet amid this sweeping overhaul, one of the fastest-growing asset classes, Bitcoin, has been conspicuously absent from explicit treatment in key U.S. proposals.
This omission is not merely academic. It raises fundamental questions about how banks should treat Bitcoin-related activities, from direct holdings to custody and lending, and whether regulatory ambiguity could slow institutional adoption.
A recent comment letter submitted by The Bitcoin Bond Company highlights this issue, arguing that regulators have failed to clearly define how Bitcoin exposures fit into the capital framework. The result is a growing disconnect between evolving financial reality and regulatory clarity.
At the heart of the issue is a simple but critical observation: the March 2026 Notices of Proposed Rulemaking (NPRMs) issued by U.S. banking agencies do not explicitly address Bitcoin or broader crypto exposures in a meaningful way.
This silence does not necessarily mean that Bitcoin-related exposures fall outside the regulatory framework. In fact, existing capital rules already include broad “residual” or “other assets” categories that could theoretically capture such exposures.
However, as the comment letter emphasizes, relying on generic categories is not the same as providing clear regulatory guidance.

The distinction matters. Banks need to know not just whether Bitcoin exposures are permitted, but how they are treated, what risk weights apply, how capital must be held, and which risk frameworks govern different types of activity.
Without that clarity, institutions are left to interpret the rules themselves, often conservatively. That creates friction for adoption and discourages innovation.
Complicating matters further is the existence of Basel’s cryptoasset standard, known as SCO60. Introduced by the Basel Committee on Banking Supervision, SCO60 establishes a framework for classifying cryptoassets and assigning capital requirements based on their risk characteristics.
Importantly, SCO60 distinguishes between different types of exposures, such as tokenized traditional assets versus unbacked cryptoassets like Bitcoin, and assigns significantly higher capital charges to the latter. It also separates risk into distinct channels, including credit risk, market risk, operational risk, and counterparty risk.

However, SCO60 is not automatically binding in the U.S. American regulators can choose to adopt it fully, partially, or not at all. The problem, as highlighted in the letter, is that the current NPRMs do not clearly state which path they intend to take.
This creates a form of regulatory limbo. Banks do not know whether to prepare for SCO60-style treatment, rely on existing domestic categories, or expect some hybrid approach.
U.S. regulators have often emphasized that capital rules are “technology neutral,” meaning they apply equally regardless of whether an asset is tokenized or traditional. In theory, this principle should allow Bitcoin-related activities to fit within existing frameworks.
In practice, however, technology neutrality has limits.
Bitcoin exposures are not monolithic. They span a wide range of activities, each with distinct risk profiles:
Treating all of these under a single “other assets” bucket obscures these differences and risks miscalibrating capital requirements.
As the comment letter argues, regulators should identify the specific “exposure channel” for each type of activity rather than treating “Bitcoin-related exposures” as a single undifferentiated category.
Beyond technical considerations, the issue also has legal implications under the Administrative Procedure Act (APA).
U.S. rulemaking requires agencies to provide a clear explanation of the rules they propose, including the rationale and evidentiary basis for their decisions. Courts have consistently held that agencies cannot rely on post hoc justifications or leave key elements unspecified.

The comment letter points to landmark cases such as State Farm and Chenery, which establish that agencies must connect their policy choices to the administrative record. If regulators intend to change or clarify how Bitcoin exposures are treated, they must explicitly say so and explain why.
Failure to do so could expose final rules to legal challenges, particularly if banks argue that they were not given adequate notice of how the framework would apply.
One of the most important insights from the letter is that this is not fundamentally a debate about Bitcoin itself. Rather, it is a “notice-and-framework” problem.
The question is not whether Bitcoin exposures are permissible or whether they belong inside or outside the capital framework. Instead, the issue is whether regulators have clearly identified:
Without this information, stakeholders cannot meaningfully evaluate the proposal or provide informed feedback. This undermines the purpose of the notice-and-comment process.
Another concern raised in the letter is the lack of clear data underpinning the proposed calibrations.
The NPRMs rely on various datasets, including special data collections and FR Y-14Q operational risk data, to determine capital requirements. However, it is unclear whether these datasets actually include meaningful crypto-related exposures.

If they do not, then applying those calibrations to Bitcoin activities could be inappropriate. For example:
In short, without explicit evidence that the data includes crypto-related activity, regulators risk applying generic calibrations to a fundamentally different asset class.
Recent supervisory actions suggest that regulators are aware of the need for clarity, but have not yet gone far enough.
For instance:
While these steps provide some direction, they stop short of addressing the core issue: how Bitcoin exposures should be treated within the capital framework.
Supervisory materials can inform interpretation, but they cannot substitute for explicit rulemaking. As the letter notes, they do not “silently create Pillar 1 capital categories.”
The lack of clarity has real-world consequences for banks considering Bitcoin-related activities.
In the absence of clear rules, banks are likely to assume the most conservative interpretation. This could mean assigning high risk weights or avoiding certain activities altogether.
Different institutions may interpret the rules differently, leading to inconsistent treatment across the industry. This undermines the goal of standardized capital requirements.
Uncertainty discourages investment in infrastructure such as custody platforms, trading desks, and lending products. Banks are unlikely to commit resources without regulatory certainty.
Non-bank entities, which are not subject to the same capital rules, may gain an advantage in offering Bitcoin-related services.
The comment letter offers a pragmatic path forward. Rather than overhauling the entire framework, regulators can address the issue through targeted clarifications.
Specifically, they should:
These steps would not require a new regulatory regime. Instead, they would ensure that existing rules are applied transparently and consistently.
The Basel III endgame represents a pivotal moment for global banking regulation. As digital assets continue to gain traction, integrating them into the capital framework is no longer optional: it is essential.
Bitcoin’s omission from explicit treatment in the current U.S. proposals does not mean it has been excluded from the system. But it does mean that banks are left navigating uncertainty at a time when clarity is most needed.
Regulators have an opportunity to fix this, not by rewriting the rules, but by clearly stating how they apply. Doing so would strengthen the integrity of the regulatory process, support informed decision-making, and pave the way for responsible adoption of Bitcoin within the banking system.
Until then, the question is not whether Bitcoin belongs in the capital framework. It is whether the framework is ready to accommodate it with the clarity and precision that modern finance demands.
FAQs
Basel III is a global regulatory framework that sets rules for how banks manage risk and how much capital they must hold. It was developed after the 2008 financial crisis to make banks safer and more resilient. The current “Basel III endgame” updates how risks are calculated, making it highly relevant for any new asset class, including Bitcoin. The problem is not that Bitcoin is banned or excluded; it’s that regulators have not clearly explained how Bitcoin-related activities should be treated under the new capital rules. This lack of clarity creates uncertainty for banks. No. Banks can still engage in Bitcoin-related activities where permitted. However, unclear capital treatment means banks may be cautious, since they don’t know how much capital they’ll need to hold against those activities. “Technology neutral” means regulators aim to apply the same rules regardless of whether an asset is digital or traditional. But critics argue this approach doesn’t fully work for Bitcoin because its risk profile differs significantly across use cases.