US banking regulators move to reshape how sensitive examination data gets shared
The FDIC's proposed rule on confidential supervisory information could open new doors for banks navigating crypto compliance.
The three most powerful banking regulators in the US are rethinking the rules around one of finance’s best-kept secrets: confidential supervisory information, the sensitive data generated when regulators examine banks. The Federal Reserve, FDIC, and OCC have been actively coordinating on how banks handle sensitive materials tied to examinations and oversight. The latest concrete development: the FDIC proposed a rule on June 25, 2026, that would significantly loosen the restrictions on sharing confidential supervisory information, or CSI, among insured depository institutions.
What confidential supervisory information actually is
CSI includes examination reports, risk ratings, internal supervisory correspondence, and the granular data regulators collect when they assess whether a bank is healthy or heading toward trouble. Since 2005, historical guidelines have required that these materials be tightly guarded, with most disclosures requiring explicit agency approval before a bank could share them with anyone.
The FDIC’s proposed rule would change this dynamic by permitting certain disclosures without prior approval under specific conditions. The comment period runs until August 31, 2026, giving industry participants a window to weigh in on how these changes should be structured.
Why crypto firms should be paying attention
The intersection of bank examinations and digital assets has been a source of tension for years. When regulators examine a bank’s crypto-related activities, whether that’s custodying Bitcoin for institutional clients or holding reserves backing a stablecoin, the resulting supervisory information falls under the same CSI umbrella as everything else.
The three agencies haven’t been silent on crypto-specific concerns either. On July 14, 2025, the Fed, FDIC, and OCC released a joint statement outlining risk-management principles for banks dealing with crypto-assets. That statement specifically flagged dangers associated with cryptographic keys and other sensitive data.
The regulatory landscape is shifting, slowly
Since 2005, the default posture has been that exam materials are essentially locked down unless a regulator explicitly unlocks them. The FDIC is now proposing to ease sharing restrictions rather than tighten them, signaling a recognition that the current rules may be creating unnecessary friction for legitimate business operations.
No specific crypto tokens or digital assets were mentioned in the regulatory proposals or related statements. Regulators are approaching this as a systemic issue about how banks handle sensitive data broadly, not as a crypto-specific carve-out.
For institutional investors watching the crypto space, the comment period ending August 31, 2026, is worth marking on the calendar. Banks that want more flexibility to share supervisory information in the context of their crypto operations have a direct channel to advocate for it during this window.