Governor Tim Walz signed House File 3709 into law on May 14, 2026, giving Minnesota's state-chartered banks and credit unions explicit authority to hold virtual currencies on behalf of customers. The law takes effect August 1 and makes Minnesota one of the first states in the Midwest to create a unified statutory framework for digital-asset custody at regulated depository institutions.

The operative grant is nonfiduciary custody. Under HF 3709 — now codified at Minnesota Statutes §§ 48.741 and 52.25 — a bank or credit union may hold virtual currency, or the cryptographic private keys that access it, purely as a safekeeping agent: it stores the asset but does not take on the obligations of a trustee or investment manager. In legal terms, nonfiduciary means the institution owes no duty of loyalty, no duty to invest prudently, and no duty to act in the client's best financial interest with respect to the asset. It holds what the customer deposits. It does not manage it. That distinction determines liability: if the market moves, the institution is not responsible. What it is responsible for — and what the law mandates — is that customer assets remain legally and operationally segregated from the institution's own balance sheet and are never treated as the institution's property.

The law also opens a narrower fiduciary track (Subdivision 5 of both sections), permitting custody in a fiduciary or custodial capacity — including as agent, bailee, or trustee — "for the limited purpose of safekeeping or administration" of virtual currency. That capacity mirrors what banks already do for traditional assets. The commissioner retains authority to limit or condition fiduciary-capacity custody if it is conducted in an unsafe or unsound manner. For the vast majority of community banks and credit unions moving into this space, the nonfiduciary path is the practical entry point: it carries lighter obligations and fits the plain safekeeping model their customers want.

To go live, institutions must file written notice to the Department of Commerce at least 60 days before commencing services. The notice must describe both the nature of the services and the institution's risk management framework. From that point on, virtual-currency custody activity is subject to examination by the commissioner as part of the regular supervisory cycle. Banks may bring in qualified third-party service providers or subcustodians to facilitate the technical infrastructure — key management, cold storage, and the like — but the institution retains oversight responsibility and is on the hook for compliance.

Rep. Bernie Perryman (St. Cloud), the bill's House author, framed the legislation as a consumer protection measure as much as a business authorization. "House File 3709 is about ensuring that Minnesota-based financial institutions are allowed to evolve alongside their customers and members rather than forcing Minnesotans to rely on unregulated, out-of-state or offshore providers for services that are already in use today," Perryman said at the committee hearing in March. The vote reflected that framing: the House passed the bill 130–4 on April 30, then repassed it as amended by the Senate 119–6 on May 11. The Senate approved it 51–16 on May 6. Bipartisan margins that wide are uncommon for financial legislation touching digital assets.

The Minnesota law arrives alongside a parallel federal push in the same direction. On May 8, Payward Inc. — the parent company of crypto exchange Kraken — filed an application with the Office of the Comptroller of the Currency for a national trust company charter. If granted, the proposed Payward National Trust Company would provide federally regulated, fiduciary-grade digital-asset custody and trust services to institutional clients nationwide. Where Minnesota's law works through existing depository relationships, Kraken's application would create a purpose-built federal trust entity — a different structural model, but converging on the same conclusion: that regulated custody for digital assets belongs inside the banking system, not outside it.

The practical question facing Minnesota institutions now is readiness. August 1 is ten weeks out. Any bank or credit union that wants to launch custody services on that date must file its 60-day notice no later than early June. The written policies the law requires — covering risk management, internal controls, cybersecurity, business continuity, and compliance — must exist before the commissioner receives that notice. Institutions that have not yet begun that work are effectively looking at a Q4 launch at the earliest.