7
Treasury’s new compliance rules for stablecoin issuers carry the same obligations as a bank charter. Most issuers can’t afford that. Which is the point.
On April 8, Treasury’s Financial Crimes Enforcement Network and the Office of Foreign Assets Control published a joint proposed rule that most of the crypto industry either missed or misread. The rule implements the $GENIUS Act’s requirement that permitted payment stablecoin issuers — PPSIs, in the new regulatory shorthand — be treated as financial institutions under the Bank Secrecy Act. Full AML/CFT programs. Suspicious activity reports filed with FinCEN. Customer due diligence at bank-grade standards. Technical capability to block, freeze, and reject on-chain transactions. OFAC sanctions compliance programs. Comments are due June 9. Final regulations by July 18. Enforcement begins no later than January 2027.
When the $GENIUS Act passed in July 2025, the reaction across digital assets was almost uniformly positive. Regulatory clarity, at last. A framework. Legitimacy. What received less attention was the specific mechanism by which that clarity arrives: stablecoin issuers are now, for compliance purposes, banks. Not bank-like. Not subject to “similar” standards. Banks. And the cost of being a bank is something most stablecoin issuers have never had to think about.
What being a bank actually costs
To understand what’s coming, look at what BSA compliance costs the institutions already subject to it. Community banks — the smallest players in traditional finance — spend between 11% and 15.5% of their total payroll on compliance tasks, according to a decade of data from the Conference of State Bank Supervisors. Data processing costs for compliance eat 16% to 22% of small banks’ budgets. Across US financial institutions, compliance expenses have risen by roughly $50 billion annually since 2008. These are not optional line items. They represent the standing cost of being allowed to operate within the US financial system.
Now map those obligations onto a stablecoin issuer. The FinCEN/OFAC proposed rule requires PPSIs to build and maintain a risk-based AML/CFT program — not a policy document, but an operational infrastructure. Trained compliance officers. Transaction monitoring systems calibrated to crypto-native payment flows. SAR filing procedures. Enhanced due diligence for high-risk customers. Ongoing regulatory examination. And a new requirement with no real parallel in traditional banking: the technical capability to block, freeze, and reject specific transactions on a blockchain. That last one alone demands engineering investment that most issuers haven’t scoped.
The $GENIUS Act also specifies what PPSIs must hold in reserve: physical US currency, demand deposits at insured institutions, Treasury bills with maturities under 93 days, repos backed by those same Treasuries, money market funds invested in those assets, or central bank reserve deposits. Nothing exotic. The reserve requirements aren’t the expensive part as most serious issuers already hold comparable assets. But the Act mandates monthly attestations of reserve composition, with CEO and CFO certifications on each report. That’s audit infrastructure. That’s personal liability. That’s the kind of obligation that requires in-house counsel and dedicated finance staff, not a quarterly report from an offshore accounting firm.
The secondary-market trap
The proposed rule draws a distinction between primary-market activity — where the issuer mints or redeems stablecoins directly with a customer — and secondary-market activity, where tokens change hands on exchanges or in DeFi protocols. SAR filing and customer due diligence apply to primary-market transactions. Secondary-market transfers through smart contracts don’t trigger the same issuer-level reporting obligations.
The rule still requires PPSIs to maintain the technical ability to block and freeze transactions across their network — including secondary-market activity. If OFAC designates a wallet address, the issuer needs to be able to prevent that address from transacting with its stablecoin. In practice, this means issuers need on-chain compliance infrastructure that monitors activity they have no direct commercial relationship with. The boundary between “you don’t have to file SARs on secondary transactions” and “you do have to be able to freeze them” is where the real compliance cost lives.
Regulation as consolidation
Here’s the argument the industry hasn’t absorbed yet: the $GENIUS Act doesn’t ban small stablecoin issuers. It prices them out.
The compliance infrastructure Treasury is requiring: AML teams, monitoring technology, legal counsel, audit functions, sanctions programs, on-chain transaction controls, costs millions per year to build and operate. For Tether, with roughly $187 billion in circulation, or Circle, with $75 billion, that cost is fractional. For an issuer with $500 million in stablecoins outstanding, it can be existential. The math is simple: compliance costs are largely fixed, and they don’t scale with issuance. A $500 million issuer bears roughly the same compliance burden as a $50 billion one, on a fraction of the revenue.
The Act does offer a carve-out: issuers with less than $10 billion in outstanding stablecoins can opt for state-level regulation, provided the state regime is “substantially similar” to the federal framework. States must recertify annually. But “substantially similar” is doing a lot of work in that sentence. The state regimes still need to meet BSA standards. The compliance cost floor doesn’t drop meaningfully just because the regulator’s office is in Sacramento instead of Washington. What the state option really provides is a different supervisory relationship which isn’t necessarily a cheaper one.
This pattern has a precedent. The United States had more than 14,000 banks in the early 1980s. Today there are around 4,000. Successive waves of regulation, post-S&L crisis, post-Dodd-Frank, post-2008, raised the cost floor for operating a bank. Institutions that couldn’t absorb those costs merged or closed. The compliance burden didn’t merely affect small banks; it structurally selected against them. The stablecoin market, currently fragmented across dozens of issuers, is about to go through the same compression. Treasury knows this. The proposed rule reads less like consumer protection and more like market architecture.
How the incumbents are playing it
Tether’s response to the $GENIUS Act is instructive. Rather than force $USDT into the US regulatory framework, Tether launched a separate product: USAT (USA₮), issued through Anchorage Digital Bank, an OCC-regulated, federally chartered digital asset bank. USAT is designed from the ground up to be $GENIUS Act-compliant — full reserve backing, monthly audits, AML/KYC protocols, the works. $USDT, meanwhile, continues to circulate globally, with Tether stating it will pursue $GENIUS Act compliance as a foreign stablecoin issuer seeking reciprocity.
This is a two-product strategy that only the largest issuer in the market can execute. Tether can afford to maintain both a US-regulated stablecoin and a global unregulated one because it has the scale to absorb the overhead of dual compliance regimes. A mid-tier issuer trying the same approach would be splitting already-thin margins across two regulatory environments. Tether’s response to the $GENIUS Act is itself a competitive weapon — one that only works at $187 billion in scale.
Circle, for its part, has been building toward this moment for years. Forty-six state money transmitter licenses. BitLicense from New York. First stablecoin issuer approved under the EU’s MiCA regulation. Major Payment Institution license from Singapore. DFSA recognition in Dubai. Circle went public in June 2025, generating $1.7 billion in revenue that year. The $GENIUS Act’s compliance requirements aren’t a burden for Circle. They’re a barrier to entry that validates the regulatory moat Circle spent years constructing.
A template for everything else
The $GENIUS Act’s BSA provisions are a template. If treating stablecoin issuers as financial institutions works — if compliance rates go up, illicit flows go down, and the regulated market grows — expect the same logic applied elsewhere. DeFi lending protocols that function like banks. Tokenized deposit platforms. Cross-border payment networks settling in digital assets. The regulatory principle is clean: if you perform the economic function of a financial institution, you carry the obligations of one. The $GENIUS Act just proved that principle can be legislated and implemented with specific, enforceable rules.
The crypto industry spent years arguing that digital assets needed regulatory clarity to attract institutional capital. That argument was correct. But clarity has a price. The $GENIUS Act’s reserve requirements, disclosure mandates, and BSA designation aren’t hostile regulation. They’re exactly the kind of framework that pension funds, banks, and corporate treasuries need before they’ll hold stablecoins on their balance sheets. The cost of compliance is also the cost of institutional legitimacy. The issuers who can pay it get access to the largest pools of capital in the world. The ones who can’t will serve an increasingly marginal market.
The stablecoin industry asked for rules. Treasury gave them bank rules — with a January 2027 deadline and a comment period that closes in less than two months. The issuers celebrating that framework should read the fine print on what it costs to operate inside it. The $GENIUS Act is a filter. The market that comes out the other side will look very different from the one that went in.
news.bitcoin.com
cryptoslate.com
crypto.news
