top of page
Search

Regulation & stablecoin — current legal landscape, risks, and compliance

  • Writer: Christian Amezcua
    Christian Amezcua
  • Oct 28
  • 9 min read
ree

1) Executive Summary


Stablecoins have matured from experimental crypto assets into a systemically relevant bridge between traditional finance and digital value transfer. Their rapid growth—more than $160 billion in circulating supply globally by mid-2025—has drawn sustained attention from lawmakers and central banks.


The core promise of a stablecoin is simple: a digitally transferable token whose value remains pegged 1:1 to a reference asset, typically the U.S. dollar or euro. But that apparent simplicity masks significant risks around reserve composition, liquidity management, operational integrity, and market conduct. After years of fragmented oversight, major jurisdictions are now installing formal frameworks to govern issuance, backing, disclosure, and redemption.


The United States’ GENIUS Act (2025) and the European Union’s Markets in Crypto-Assets (MiCA) regime together mark a turning point: stablecoins are being treated less as speculative crypto instruments and more as regulated payment instruments subject to prudential-style supervision. Other jurisdictions—from the U.K. and Hong Kong to Singapore—are rapidly following.


This article surveys the evolving legal landscape, identifies the principal risk categories regulators are targeting, and outlines emerging compliance practices for issuers, intermediaries, and financial institutions that now interact with stablecoins in payments, trading, and settlement.


2) Legal and Regulatory Landscape by Region

United States — The GENIUS Act of 2025


The Guiding and Establishing National Innovation for U.S. Stablecoins (GENIUS) Act, signed into law on July 18 2025, established the first comprehensive federal regime for payment stablecoins — assets designed for value storage and transactional use rather than speculation【skadden.com 2025】【gibsondunn.com 2025】.

Key elements:


  • Creation of a new licence class: Permitted Payment Stablecoin Issuer, administered jointly by the Federal Reserve and Office of the Comptroller of the Currency (OCC).

  • Mandatory 100 percent reserves in cash and short-term U.S. Treasuries; issuers must segregate these reserves from operational funds.

  • Par-value redemption rights for holders and a ban on paying interest or marketing tokens as government-backed.

  • Application of the Bank Secrecy Act for AML/CFT compliance and obligatory wallet blacklist/freeze capability.

  • Extraterritorial reach: foreign issuers serving U.S. residents must operate through a licensed U.S. entity or prove “comparable oversight” in their home jurisdiction.


The Act reflects U.S. lawmakers’ desire to channel stablecoins into the regulated payments sector without folding them into securities or commodity law. Implementation will continue through 2026 as the Treasury defines reporting and supervision standards.


European Union — MiCA Framework (2023–2025)


The Markets in Crypto-Assets (MiCA) Regulation entered into force in June 2023, with stablecoin-specific titles becoming fully applicable in 2024. MiCA distinguishes two stablecoin categories:


  • E-money Tokens (EMTs) — single-fiat stablecoins backed one-for-one by currency reserves; and

  • Asset-Referenced Tokens (ARTs) — tokens referencing baskets of currencies or commodities.


Issuer obligations include authorisation by an EU regulator, a published white paper and reserve audit, governance and capital requirements, and continuous disclosure of reserve composition and custodianship【esma.europa.eu 2025】【innreg.com 2025】.

MiCA also has extraterritorial effect: any stablecoin offered to EU residents must comply with EU standards even if issued abroad【morganlewis.com 2025】. As of July 2025, 14 stablecoin issuers and 53 crypto firms had been authorised under MiCA titles【ainvest.com 2025】. The European Central Bank (ECB) has warned of potential “run risk” from foreign USD-linked tokens trading in euro markets, urging caps and reserve-location rules for non-EU issuers【reuters.com 2025】.


United Kingdom, Hong Kong and Other Jurisdictions


Both the U.K. Treasury and the Hong Kong Monetary Authority (HKMA) have published consultations in 2024–25 for bespoke stablecoin regulation. The U.K. framework will bring fiat-backed tokens under the Financial Services and Markets Act, requiring authorisation and reserve segregation; Hong Kong is introducing a licensing regime through its Stablecoin Bill and payment-systems law amendments (expected 2026). Across Asia and the Middle East, countries such as Singapore, Japan, and the UAE are launching pilot frameworks with similar pillars: backing, redemption, and governance oversight【morganlewis.com 2025】【legalnodes.com 2025】.


Despite common principles, divergence persists: the U.S. bans interest-bearing stablecoins, whereas several Asian jurisdictions are experimenting with tokenised money-market models; reserve composition rules and reporting templates also differ significantly.


Overall, a global convergence is emerging around four core requirements: (1) fully backed reserves, (2) transparent disclosures, (3) par redemption rights, and (4) robust AML/CFT compliance.


3) Major Risk Categories in Stablecoins


1. Reserve, Liquidity & Redemption Risk


Stablecoins promise instant convertibility but depend on the quality and liquidity of their backing assets. Illiquid or risky reserves can trigger a classic bank-run dynamic if redemptions surge. The ECB estimates that if current growth trends persist, global stablecoin supply could reach $2 trillion by 2028, magnifying liquidity pressure risks【ecb.europa.eu 2025】.


2. Operational & Technical Risk


Smart-contract vulnerabilities, bridge exploits, and custody failures can disrupt convertibility or enable unauthorised minting. Regulators now treat technical resilience as a prudential issue rather than a technology choice, requiring audited code and incident-response plans.


3. Compliance, AML & Sanctions Risk


Because stablecoins move value globally and instantly, they pose unique AML/CFT challenges. The GENIUS Act explicitly subjects issuers to the Bank Secrecy Act, mandating customer due diligence, suspicious-activity reporting, and travel-rule data exchange【whitehouse.gov 2025】. The EU and U.K. have embedded similar requirements through MiCA and the FATF recommendations on virtual assets.


4. Systemic & Financial-Stability Risk


Stablecoin reserves are increasingly intertwined with money markets through large holdings of Treasuries and commercial paper. The BIS (2025) finds that stablecoin inflows correlate with 2–2.5 basis-point changes in 3-month U.S. Treasury yields, evidence of linkages to core funding markets. A major run could therefore amplify liquidity stress across financial systems.


5. Legal / Regulatory Risk & Fragmentation


Divergent national regimes raise regulatory-arbitrage risk. An issuer compliant in one jurisdiction may be non-compliant elsewhere, creating cross-border legal exposure. The U.S. explicitly forbids non-permitted issuers from marketing stablecoins as cash equivalents or settlement assets【gibsondunn.com 2025】.


6. Governance & Market-Structure Risk


A handful of issuers control most of the market. Concentration in custodians and redemption venues creates single-points-of-failure and potential conflicts of interest. Transparent governance and independent oversight remain weak spots even in otherwise regulated models.


7. Product Complexity and Interest-Bearing Tokens


Some projects experiment with yield-generating stablecoins that invest reserves in money-market funds. Regulators warn that these “deposit-like” instruments blur the line between banking and tokenisation; the U.S. outright prohibits interest-paying stablecoins to avoid run risk and deposit substitution【lw.com 2025】.

In summary: The regulatory thrust worldwide is to transform stablecoins into a safe, fully-collateralised, transparent payment instrument with the same discipline expected of banks. Sections 4–6 will detail how market participants are adapting and how supervision is shaping their future compliance obligations.


4) Compliance Best Practices & What Market Participants Should Do


For Issuers


The new generation of regulation demands that issuers act more like prudentially regulated financial institutions than crypto start-ups.Under the GENIUS Act (U.S., 2025), any entity issuing a “payment stablecoin” must obtain a federal or state licence as a Permitted Payment Stablecoin Issuer, maintain 100 percent reserves in cash or short-dated U.S. Treasuries, publish monthly reserve attestations, and guarantee par-value redemption on demand【skadden.com 2025】【gibsondunn.com 2025】.Issuers are explicitly prohibited from paying interest to holders or implying government backing. Foreign issuers marketing to U.S. residents must either register through a U.S. subsidiary or demonstrate comparable supervision under a recognized foreign regime.

In the European Union, MiCA’s titles on E-money tokens (EMTs) and Asset-Referenced Tokens (ARTs) already require authorisation by an EU regulator, white-paper disclosure, capital and governance standards, and ongoing reserve-asset audits【esma.europa.eu 2025】. Early MiCA authorisations—14 stablecoin issuers and 53 crypto firms as of mid-2025—show that regulators expect institutional-grade compliance.


To meet these requirements everywhere, issuers should:


  1. Obtain the correct licence in each jurisdiction of operation.

  2. Hold reserves in permitted, highly liquid assets, segregated from operational funds.

  3. Provide independent monthly attestations or full audits.

  4. Implement real-time monitoring of issuance vs reserves and a documented redemption process.

  5. Publish a clear governance charter covering board oversight, conflicts management, and incident reporting.


For Intermediaries (Custodians, Exchanges, PSPs)


Stablecoins sit at the junction of crypto and finance, exposing intermediaries to both AML/CTF and operational risk.


  • Integrate stablecoins into AML programs: full KYC on fiat entry/exit, travel-rule data exchange, sanctions screening, and wallet-risk scoring.

  • Assess issuer quality: verify licensing status, reserve disclosures, redemption rights, and any blacklist/freeze powers.

  • Apply technical due diligence: review smart-contract audits, custody segregation, chain dependencies, and multi-sig governance.

  • Maintain clear records for regulators; many frameworks now impose reporting obligations on exchanges and PSPs that facilitate stablecoin transactions.


For Banks and Traditional FIs


Banks exploring stablecoin use for settlement or tokenised deposits must extend existing compliance architecture:


  • Embed stablecoin exposures in liquidity, operational, and credit-risk frameworks.

  • Run stress tests for redemption spikes or counterparty failures.

  • Integrate smart-contract and vendor-risk controls.

  • Engage early with supervisors; U.S. bank regulators and the ECB now expect pre-notification of any tokenised-deposit or stablecoin pilot.


Cross-Border and Foreign-Issuer Controls


Because stablecoins flow globally, firms must map regulatory equivalence. Under the GENIUS Act, foreign issuers can serve U.S. users only if their home regime enforces “comparable standards.” Contracts should include jurisdictional enforcement clauses, emergency freeze rights, and custodial back-ups. Transitional timelines under both GENIUS (three-year secondary-market phase-in) and MiCA (2024–25 roll-out) make early compliance planning essential.


Governance & Transparency


Transparency has become the central test of legitimacy. Monthly public reports on reserve composition, custodians, and outstanding supply are now standard. Boards should include independent directors overseeing reserve management and audit committees reviewing attestations. Institutions integrating stablecoins should disclose aggregate exposures and contingency plans.


Operational Resilience & Technical Controls


  • Maintain independently audited smart-contracts with upgradable but traceable logic.

  • Operate incident-response plans for chain outages or bridge attacks.

  • Implement blacklist/freeze functionality consistent with AML obligations; U.S. law now presumes issuers must be able to block illicit wallets【gibsondunn.com 2025】.

  • Back-up settlement systems and custodial ledgers to mitigate single-chain dependency.


Audit & Assurance


Regulators expect monthly attestations comparing reserves vs tokens outstanding, accompanied by annual audits covering custody controls, redemption logs, and liquidity stress-testing. The FSB’s 2023 global recommendations remain the benchmark for cross-border oversight【fsb.org 2023】.


Regulatory Monitoring


Compliance is not static. The U.S. Treasury’s 2025 public-comment process under GENIUS and ESMA’s ongoing MiCA Level-2 technical standards will continue refining disclosure templates. Firms should track both and prepare for incremental updates to audit and reporting obligations.


5) Case Studies & Enforcement Trends


United States – GENIUS Act ImplementationThe signing of the GENIUS Act (July 18 2025) created the first federal licensing system for stablecoins. It mandates 100 percent backing, real-time reserve audits, and prohibits interest-bearing tokens. The Federal Reserve and OCC may intervene during “unusual and exigent circumstances,” temporarily restricting redemptions to maintain market stability【reuters.com 2025】【gibsondunn.com 2025】. Treasury opened a public-comment period in September 2025 to define supervisory reporting and cross-border conditions.


European Union – MiCA Authorisations & ECB OversightSince June 2024, EU regulators have approved the first wave of MiCA-compliant issuers. In September 2025 the ECB warned that large foreign stablecoins could pose run and liquidity risks within the Eurozone, urging safeguards and potential caps on non-EU tokens. This reflects the EU’s intent to enforce a domestic-first stablecoin ecosystem.


Global Standards – Financial Stability Board (2023)The FSB’s final report on global stablecoin arrangements requires jurisdictions to ensure that authorities possess adequate powers, coordinate cross-border supervision, and apply risk-proportionate requirements — principles that underpin both MiCA and GENIUS.


Asia – Emerging FrameworksThe Monetary Authority of Singapore (MAS) introduced an opt-in regime in 2025 allowing issuers meeting reserve, redemption, and governance standards to operate ahead of formal legislation. The approach provides regulatory clarity without stifling innovation.


Practical LessonEnforcement actions and pilot frameworks worldwide reveal the same message: reserves, redemption, and transparency are non-negotiable. Non-compliant or opaque issuers risk delisting, loss of banking access, and jurisdictional bans.


6) Outlook & Key Open Questions


1. Harmonisation vs Fragmentation


The GENIUS Act and MiCA mark a shift from laissez-faire to statutory regulation. Whether other regions converge on similar standards remains open. Without harmonisation, global issuers will face overlapping audits, inconsistent disclosure templates, and legal uncertainty.


2. Bank-Issued Stablecoins and Tokenised Deposits


Traditional banks are testing tokenised deposit models that replicate stablecoin utility within the banking perimeter. Regulators must decide whether such instruments fall under deposit insurance or stablecoin regimes, and how interoperability with public blockchains should be handled.


3. Interest-Bearing Tokens and Yield Mechanisms


The U.S. ban on interest-paying stablecoins distinguishes them from deposits, but other jurisdictions may allow limited yield. Policymakers must balance consumer protection with innovation in programmable finance.


4. Redemption Stress & Liquidity Risk


Stablecoins are only as robust as their redemption mechanisms. A mass redemption—whether due to regulatory action or loss of confidence—would test both MiCA and GENIUS standards. Stress testing and disclosure of liquidity buffers will be central to supervisory reviews.


5. Cross-Border Interoperability


Foreign-issuer equivalence remains unsettled. Will the U.S. recognize MiCA-licensed EMTs, or the EU recognize U.S.-licensed payment stablecoins? Global recognition will determine whether stablecoins function seamlessly across borders or fragment into regional silos.


6. Technological and Cyber Risks


Smart-contract exploits, bridge failures, and custody breaches remain top operational threats. Expect regulators to demand ISO-level cyber-resilience standards and incident-reporting timelines akin to those in banking regulation.


7. Private Stablecoins vs CBDCs


Central-bank digital-currency pilots (e.g., Digital Euro, FedNow) will coexist with private stablecoins. Regulatory parity—ensuring private issuers meet equivalent transparency and security standards—will define competition dynamics.


8. Market Concentration and Innovation


Higher compliance costs may entrench a few large issuers, reducing diversity. Policymakers must monitor for anti-competitive outcomes and ensure smaller compliant issuers can access banking and custodial services.



 
 
 

Comments

bottom of page