U.S. regulators are moving to bring stablecoin issuers under bank-style customer ID rules, pushing dollar-backed crypto deeper into the traditional compliance machine.
- KYC for direct stablecoin accounts
- Bank Secrecy Act treatment for permitted issuers
- Secondary market transfers mostly left alone
- GENIUS Act framework drives the proposal
- State and federal oversight still in a tug-of-war
Federal Reserve Board, FinCEN, the FDIC, the OCC, and the NCUA have proposed a rule that would require certain payment stablecoin issuers to maintain Customer Identification Programs, or CIPs. That is the standard bank-style process of collecting and verifying who a customer is before opening an account relationship.
For a stablecoin issuer, that would generally mean gathering a customer’s name, address, date of birth or formation, and an identification number. In plain English: if you open a direct account with the issuer, expect KYC. If you simply move tokens around on secondary markets or between wallets, the issuer usually is not expected to chase every transaction like a lost debit card with a blockchain addiction.
The proposal is tied to the GENIUS Act framework, which is shaping how the U.S. intends to regulate payment stablecoins. Under that framework, permitted payment stablecoin issuers would be treated as financial institutions under the Bank Secrecy Act, the main U.S. anti-money-laundering law. That means the compliance bar goes up fast.
The agencies are not pretending this is optional. As one official put it:
“This is the next step to ensure that permitted payment stablecoin issuers are fully integrated into Bank Secrecy Act regulations,”
That is the regulatory message in one sentence: stablecoins may be modern, but if they are used as money-like instruments, regulators want them operating inside a well-worn AML framework instead of lurking in a gray zone where criminals, sanctions evaders, and opportunists can treat compliance as a suggestion.
To be fair, the agencies are not trying to kill the technology. They are trying to make it fit into the system without giving bad actors a fresh loophole. That is the balancing act here: stablecoins are useful precisely because they move fast and settle cheaply, but those same qualities make them attractive for abuse if there is no identity check at the entry point.
The proposal uses a risk-based approach, which is bureaucratic language for “not every issuer looks the same, so we’re not going to pretend they do.” Regulators said they would consider issuer size, business model, customer base, account types, and account-opening methods when applying the rule. That matters because a niche issuer serving a limited set of customers is not the same beast as a giant payments rail moving serious volume across multiple channels.
Still, the core requirement is clear: if a permitted stablecoin issuer has a direct relationship with a customer, the issuer would need to identify and verify that customer before opening the account. The rule applies to direct services such as issuance, redemption, custody, reserve management, and other authorized functions.
What the proposal does not do is turn every stablecoin transfer into a compliance panic attack. Regulators said secondary market transactions generally would not trigger KYC requirements for the issuer. That distinction is crucial because stablecoins are designed to circulate. Once a token is out in the wild, issuers usually do not know who holds it, how many times it has changed hands, or whether it has passed through a handful of wallets, an exchange, and a bot farm on its way to your address.
So the rule targets the point where the issuer actually has control: the front door. That is where identity verification is practical. Trying to force perfect visibility on every downstream transfer would be absurd, expensive, and largely unworkable. Even regulators appear to understand that reality, which is refreshing for a change.
The bigger picture is that stablecoins are being pulled closer to the regulated financial mainstream. That has real upsides. It can make it easier for serious businesses to work with issuers, improve trust with banks and institutions, and reduce the likelihood that stablecoin rails become a haven for outright nonsense. It also gives the U.S. a more coherent legal footing for dollar-backed digital money, which has been badly needed.
But there is a price. More KYC means more friction, more compliance cost, and less room for the permissionless ideal that drew many people to crypto in the first place. Privacy advocates will see this as another step toward a surveilled digital dollar system. Builders will see added overhead. Smaller issuers may see a heavy burden that favors large, well-capitalized firms with full compliance teams and legal budgets that do not cry in the shower.
That trade-off is not going away. Stablecoins can be open rails or tightly regulated financial instruments, but they are increasingly being pushed toward the latter. And once you choose that path, you get all the lovely baggage that comes with it: forms, audits, identity checks, and the occasional joyless regulator with a spreadsheet and a mission.
The political fight under this proposal is not just about compliance. It is also about who gets to oversee stablecoin issuance in the U.S. The GENIUS Act allows issuers with no more than $10 billion in outstanding stablecoins to operate under certified state regulatory regimes. That means state regulators still have a role, at least for smaller issuers that meet the law’s conditions.
The proposal would apply to both federally supervised issuers and eligible state-regulated issuers, which makes sense if the goal is consistency. But the state-federal balance is still a live issue. In a June 16 letter, a bipartisan group of senators led by Cynthia Lummis urged Treasury Secretary Scott Bessent to preserve the state role under the GENIUS Act rather than letting Washington steamroll it into irrelevance.
That matters because stablecoin regulation is not just about one product category. It is about who controls the rails for digital dollar infrastructure in the U.S. If federal regulators centralize everything, the market may get one set of rules and less room for local experimentation. If states retain meaningful authority, issuers may have more options, but the framework could also become more fragmented. Pick your poison.
NCUA Chairman Kyle Hauptman backed the proposal and framed it in the familiar language of financial integrity:
“It sets clear standards for identifying and verifying account holders and safeguards the interests of credit unions and their members. By establishing robust customer identification requirements, we are reinforcing our commitment to preventing money laundering and terrorist financing in our financial system.”
Credit unions and banks have lived under these rules for years, so regulators are arguing that stablecoin issuers should not get a free ride just because their product sits on a blockchain. That argument has teeth. If a token functions like money and is used like money, then regulators will eventually treat it like money, paperwork and all.
Public comments on the proposal will be accepted for 60 days after publication in the Federal Register. That opens the door for banks, issuers, privacy groups, crypto users, and the usual army of policy lobbyists to weigh in. Expect the arguments to be familiar: supporters will say the rule is necessary to stop abuse and legitimize stablecoins, while critics will warn that the U.S. is building a compliance-first digital dollar system that could squeeze out innovation and privacy.
Both sides have a point.
Stablecoins have become one of crypto’s most practical inventions, especially for payments, trading, and cross-border settlement. They are not a toy. They are real financial plumbing. That is exactly why regulators are circling them. Once a crypto asset becomes useful enough to matter, it gets pulled into the same regulatory gravity that eventually hits every serious financial instrument.
There is also a broader lesson here for the crypto sector: the age of pretending that dollar tokens can live forever outside the reach of anti-money-laundering rules is over. Whether that is good or bad depends on your priorities. If you want adoption at scale, regulatory clarity is a feature. If you want maximum privacy and permissionless movement, this is one more reminder that regulated stablecoins are not the same thing as hard digital cash.
- What does the proposal change for stablecoin issuers?
It would require permitted payment stablecoin issuers to run Customer Identification Programs and verify customers before opening direct account relationships, much like banks and credit unions do. - Do all stablecoin transfers require KYC?
No. Regulators said secondary market transactions generally would not trigger issuer KYC requirements. The rule mainly applies to direct relationships with the issuer. - Why are U.S. regulators doing this?
They want stablecoin issuers brought under Bank Secrecy Act rules to reduce money laundering and terrorist financing risks and to make the market more compliant and defensible. - What information would issuers collect?
Typically name, address, date of birth or formation, and an identification number. - How does the GENIUS Act fit in?
The proposal is meant to implement parts of the GENIUS Act, which sets the framework for payment stablecoin oversight in the U.S. and preserves a role for state regulators under certain conditions. - Who is affected by the rule?
Permitted payment stablecoin issuers, including federally supervised firms and eligible state-regulated issuers operating under certified state regimes. - Why does the secondary market exemption matter?
Because issuers usually cannot track every wallet once tokens circulate. Exempting most secondary transfers keeps the rule practical instead of absurdly overreaching. - What is the biggest implication?
Stablecoins are moving deeper into the regulated financial system. That boosts legitimacy and adoption, but it also makes the open, permissionless dream a lot harder to sustain.
The direction of travel is clear: stablecoins are becoming part of the financial establishment whether crypto purists like it or not. That may help the market mature, but it also means the industry will have to live with the same ugly reality every serious financial system has: if you want the rails, you also get the rules.
