FinCEN and OFAC Propose Rule for Payment Stablecoin Issuers to Implement GENIUS Act

9 minute read | April.30.2026

Payment stablecoin issuers would face comprehensive new AML/CFT and sanctions compliance obligations under a joint proposed rule issued April 8, 2026, by the Department of the Treasury’s Financial Crimes Enforcement Network (FinCEN) and Office of Foreign Assets Control (OFAC). The rule, issued under the Guiding and Establishing National Innovation for U.S. Stablecoins (GENIUS) Act, would require permitted payment stablecoin issuers (PPSIs) to build out compliance programs comparable to those of traditional financial institutions — covering the full lifecycle of a stablecoin from issuance through secondary market activity.

The proposed rule has significant operational implications for current and prospective stablecoin issuers, insured depository institutions with PPSI subsidiaries, and digital asset market participants evaluating their regulatory status. As we noted previously, the GENIUS Act provides for a framework for the regulation of PPSIs, amends the Bank Secrecy Act (BSA) to provide that PPSIs are “covered financial institutions,” mandates that PPSIs maintain effective sanctions compliance programs, and tasks FinCEN, OFAC and several other agencies with related rulemaking.

Key Takeaways

Treasury seeks to mitigate illicit finance risks by imposing AML/CFT and sanctions compliance program requirements on PPSIs. Consistent with recent efforts to modernize BSA compliance regimes, Treasury seeks to tailor the regime to risks specific to PPSIs and minimize unnecessary regulatory burden.
PPSIs would be a distinct type of financial institution under the BSA. Existing stablecoin issuers have generally been regulated as money services businesses (MSBs). PPSIs would be carved out from the definition of MSB and treated as a distinct category of BSA-covered financial institution. Other types of digital asset market participants, such as administrators and exchangers of convertible virtual currency, would continue to be regulated under the BSA as MSBs.
PPSIs would be responsible for both primary market activities and certain secondary market activities relating to payment stablecoins. The proposed rule distinguishes between primary market activities, in which the PPSI is a counterparty, and secondary market activity in the PPSI’s stablecoin, in which the PPSI is not involved, other than via a smart contract. The proposed rule would impose AML/CFT compliance obligations largely tracking FinCEN’s recently proposed rule to overhaul AML compliance program requirements for other types of financial institutions (the BSA Program Proposed Rule) for primary market activity. In addition, PPSIs would be required to have the technical capabilities to block, freeze and reject certain transactions in stablecoins they issue in both the primary and secondary markets.
PPSIs would be required to adopt effective sanctions compliance programs. OFAC would, for the first time, impose prescriptive sanctions compliance program requirements, based on its 2019 Framework for OFAC Compliance Commitments. OFAC also appears to suggest that it expects PPSIs to be able to identify instances of sanctions targets holding or trading their stablecoins on the secondary market and address them as appropriate.
PPSIs would need to establish and maintain AML/CFT programs. The programs would be required to be risk-based, with resources focused on high-risk customers, and include reasonable internal policies, procedures and controls to ensure compliance with the BSA and its implementing regulations. As with the BSA Program Proposed Rule, an AML and CFT risk assessment would be a required component of a PPSI’s program.
Effective date. The final rule would become effective 12 months after issuance.

Overview

Scope and Covered Entities

The proposed rule would apply to all PPSIs, including subsidiaries of insured depository institutions and insured credit unions approved to issue payment stablecoins; federal-qualified payment stablecoin issuers (FQPSIs); nonbank entities, uninsured national banks and federal branches approved by the Office of the Comptroller of the Currency (OCC); and state-qualified payment stablecoin issuers (SQPSIs).

Under the GENIUS Act, an SQPSI with consolidated outstanding issuance exceeding $10 billion must transition to federal supervision unless it obtains a waiver. FinCEN noted that it expects PPSIs that are subsidiaries of insured depository institutions covered by their own BSA compliance program requirements to be able to leverage the parent institution’s program for BSA compliance.

Primary and Secondary Market Obligations

The proposed rule draws a distinction between the primary and secondary market and imposes obligations on PPSIs regarding both.

While some PPSIs’ obligations would extend only to primary market activities, including customer due diligence and suspicious activity reporting requirements, other obligations would extend to secondary market activities. Specifically, a PPSI would be required to have the technical capabilities to block, freeze and reject specific or impermissible transactions that violate federal or state law. PPSIs would also be required to have the technological capability to comply with the terms of any “lawful order,” including orders to seize, freeze, burn or prevent the transfer of payment stablecoins. Such orders would include, for example, a seizure warrant.

Sanctions Compliance Program

The GENIUS Act requires that PPSIs be formed in the United States, subjecting them to the same OFAC sanctions obligations as all other U.S. persons. However, the proposed rule would codify the first explicit federal requirement that a specific category of U.S. persons, PPSIs, maintain an effective sanctions compliance program covering “all payment stablecoin-related activity,” defined to include the full lifecycle of a payment stablecoin from issuance through removal from circulation, whether on the primary or secondary market. The proposal draws heavily from OFAC’s Framework for OFAC Compliance Commitments and its 2021 Virtual Currency Industry Guidance, requiring:

Senior management approval and support
Sanctions-related risk assessments
Risk-based internal controls
Independent testing and auditing with sufficient resources to identify U.S. sanctions compliance-related weaknesses
A risk-based sanctions compliance training program performed at least annually

The GENIUS Act authorizes civil monetary penalties of up to $100,000 per day for material violations of the sanctions program requirement, with an additional $100,000 per day for knowing violations, in addition to penalties otherwise available under U.S. sanctions laws.

OFAC also clarified that a PPSI would engage in prohibited dealings with a blocked person if it allowed the blocked person to engage the PPSI’s smart contract that facilitates stablecoin transactions on the secondary market, and that a PPSI is deemed to control stablecoins it issues that are transferred via its smart contract. This is why, as noted above, the PPSI would have to be able to block, freeze or reject such secondary market transactions to comply with OFAC sanctions. The proposed rule suggests that OFAC expects PPSIs to take action to identify and address instances in which sanctions targets hold or trade the PPSIs’ stablecoins on the secondary market.

AML/CFT Program Requirements

The proposed rule would require PPSIs to implement and maintain a written AML/CFT program that is approved by the PPSI’s board of directors or a similar body. It would also impose on PPSIs an AML/CFT program requirement consistent with those set out in the BSA Program Proposed Rule for other types of financial institutions, with the intent of providing PPSIs flexibility to allocate resources to high-risk areas and away from areas of lower risk.

The AML/CFT program for PPSIs would generally mirror the AML/CFT program for banks and other “covered” financial institutions that are subject to customer identification program (CIP) and customer due diligence (CDD) requirements, including requirements to identify and verify beneficial owners of “legal entity customers.” The proposal addresses CDD and beneficial ownership; FinCEN has indicated that CIP requirements for PPSIs will be addressed in a separate forthcoming rulemaking.

CDD and beneficial ownership requirements would generally be limited to primary market activities, although FinCEN noted that consideration of secondary market transactions may be appropriate when considering a PPSI customer’s risk profile for purposes of CDD requirements.

BSA reporting and recordkeeping requirements for PPSIs would also generally align with those applicable to covered financial institutions. They would include a requirement to report suspicious primary market transactions that involve or aggregate at least $5,000 in funds or other assets. FinCEN clarified that a secondary market transfer is not subject to suspicious activity reporting requirements if the PPSI’s role is limited to interacting with a smart contract.

The proposed rule would also require PPSIs to comply with funds transfer-related recordkeeping and travel rules. Under these rules, PPSIs would be required to retain certain records and information for funds transfers and transmittals of $3,000 and to transmit certain of this information to other financial institutions participating in the transfer. PPSIs would also be subject to USA PATRIOT Act special measures under Section 311, the Section 313/319 correspondent and private banking due diligence rules, and Section 314(a) and (b) information sharing.

Supervision and Enforcement

Similar to the BSA Program Proposed Rule, FinCEN proposed a policy for supervision and enforcement in which it would generally limit enforcement actions to instances in which a PPSI failed to establish a compliant AML/CFT program or, once established, there is a significant or systemic failure to maintain the program. FinCEN would delegate its authority to examine federally qualified PPSIs to the OCC, Federal Reserve Board of Governors, Federal Deposit Insurance Corporation or National Credit Union Administration, as applicable. FinCEN would delegate its authority to examine state-qualified PPSIs not supervised by these agencies to the Internal Revenue Service. The proposed rule would require each of these agencies to notify and consult with FinCEN before taking any significant AML/CFT supervisory action against a PPSI.

What’s Next?

Comments are due June 9, 2026. FinCEN and OFAC have posed nearly 60 questions across a wide range of topics, including the relationship of PPSIs’ obligations to those of parent banks and MSBs; the appropriate scope of secondary market obligations; whether the suspicious activity reporting threshold and secondary market carve-out are appropriate; whether the sanctions compliance program elements are sufficiently clear and flexible; and whether AML/CFT obligations should be extended to foreign payment stablecoin issuers (FPSIs), which the current proposal does not cover.

We will continue to track developments under the GENIUS Act. If you are evaluating your compliance readiness or considering submitting a comment, please contact a member of our team.

Authors

Benjamin Hutten Partner, Anti‐Money Laundering and Bank Secrecy Act, Financial & Fintech Advisory

New York

See my bio

D:+1 212 600 2333
E: [email protected]

Practice:

Anti‐Money Laundering and Bank Secrecy Act
Financial & Fintech Advisory
Strategic Advisory & Government Enforcement (SAGE)
White Collar, Investigations, Securities Litigation & Compliance
Fintech

vCard

See full bio

Benjamin Hutten Partner

New York

Ben has a deep understanding of sanctions and AML regulation and enforcement. In addition to his client work, he has participated in numerous financial industry group regulatory initiatives related to sanctions and AML issues, including The Clearing House Guiding Principles for Anti-Money Laundering Policies and Procedures in Correspondent Banking, initiatives to address “de-risking” and related to BSA information sharing. Ben also conducts international trainings in AML and sanctions issues for the Financial Services Volunteer Corps.

He has been recognized by Best Lawyers in America as "One to Watch" and by Super Lawyers as a "Rising Star." Prior to joining Orrick, Ben was counsel at Buckley LLP and an associate at Sullivan & Cromwell LLP.

Jeanine P. McGuinness Partner, International Trade and Investment, FCPA & Anti–Corruption

Washington, D.C.

See my bio

D:+1 202 339 8543
E: [email protected]

Practice:

International Trade and Investment
FCPA & Anti–Corruption
Anti‐Money Laundering and Bank Secrecy Act
Mergers & Acquisitions
Responsible Business
Strategic Advisory & Government Enforcement (SAGE)

vCard

See full bio

Jeanine P. McGuinness Partner

Washington, D.C.

Jeanine’s clients include major U.S. and foreign financial institutions, and pharmaceutical, technology, defense, space, telecommunications, energy, and infrastructure companies, among others.

Examples of Jeanine’s experience include:

Represents clients in preparing voluntary self-disclosures, administrative subpoena responses and license applications, and represents companies in connection with enforcement actions by the Treasury Department’s Office of Foreign Assets Control (OFAC)
Provides policy and compliance advice to clients affected by frequent changes in U.S. sanctions, including sanctions targeting Iran, Cuba, and Russia/Ukraine
Assists foreign purchasers of U.S. companies in national security reviews, including navigating the CFIUS process, through preparation of notices, meetings with CFIUS member agencies, advising on follow-on investigations, and negotiating and implementing mitigation agreements
Assists clients in developing and updating economic sanctions, anti-money laundering, and anti-corruption compliance policies and procedures
Represents financial institutions in connection with U.S. federal and state enforcement actions regarding compliance with U.S. anti-money laundering laws and regulations
Represents lenders, underwriters, borrowers, and issuers in international lending and capital markets transactions regarding sanctions, anti-corruption, and anti-money laundering issues
Advises a U.S. trade association and its member banks regarding U.S. sanctions, anti-corruption, and anti-money laundering issues in lending transactions, and prepares guidance for the industry on these matters
Advises financial institutions on the application of U.S. anti-money laundering regulations, with specific emphasis on customer identification program (CIP)/know your customer (KYC)/customer due diligence (CDD) requirements and suspicious activity reporting requirements
Regularly advises private equity and hedge funds regarding compliance with U.S. anti-money laundering and sanctions laws and regulations, including with respect to appropriate provisions in subscription materials and enhanced due diligence on high-risk investors
Advises clients regarding sanctions-related inquiries from the Securities and Exchange Commission (SEC) and state agencies implementing divestment laws and assists clients in preparing sanctions-related disclosure for inclusion in annual reports to the SEC

Jeanine is ranked in both the CFIUS Experts and Export Controls & Economic Sanctions categories by Chambers USA in 2019, 2020, 2021, and 2022. An interviewee had this to say of their experience working with Jeanine, “I am continuously impressed by her extensive knowledge, excellent communication skills and her ability to wrap her subject matter expertise around the details of the matter and then drive conclusions or recommendations for next steps."

Ignacio Sandoval Partner, Financial & Fintech Advisory, Technology Companies Group

Washington, D.C.

See my bio

D:+1 202 349 8053
E: [email protected]

Practice:

Financial & Fintech Advisory
Technology Companies Group
Strategic Advisory & Government Enforcement (SAGE)

vCard

See full bio

Ignacio Sandoval Partner

Washington, D.C.

Clients turn to Ignacio when they are engaging with regulators and self-regulatory organizations, structuring new products or platforms or developing business models across areas such as digital assets, blockchain, tokenization and artificial intelligence. He advises broker-dealers, investment advisers, fintech and wealthtech companies, digital asset platforms, securities exchanges, alternative trading systems, banks and other domestic and foreign market participants.

Drawing on his experience as a special counsel in the SEC’s Division of Trading and Markets, Ignacio brings a regulator’s perspective to high-stakes regulatory and market structure questions. He regularly represents clients before the SEC, CFTC, FINRA, NFA and MSRB in seeking no-action relief, interpretive guidance and exemptions, and advises on enforcement matters and regulatory examinations. He also partners with business, legal and product teams to design platform architecture, operational frameworks and compliance programs that align with applicable securities and commodities laws while supporting commercial objectives.

Ignacio’s practice spans the full lifecycle of financial products and platforms, from initial structuring and regulatory strategy through launch and ongoing operations. He works with both established financial institutions and emerging companies to navigate registration, licensing and compliance considerations, and to develop scalable, regulatorily sound business models. His work includes advising on the design and operation of robo-advisers, neobrokers, fractional share platforms and other technology-driven financial services, as well as drafting and negotiating clearing, custody, trading and platform agreements.

He is particularly active at the intersection of traditional financial regulation and emerging technologies, advising clients on the regulatory treatment of digital assets, tokenized securities and real-world assets, stablecoins and crypto custody arrangements, as well as the use of AI in trading, portfolio management and compliance functions. His work often involves bridging existing securities and commodities frameworks with novel product structures, market infrastructure and cross-border strategies.

Ignacio also advises investment advisers, fund managers and other market participants on regulatory status, compliance and structuring considerations, including SEC registration, advisory agreements and Form ADV disclosures. He counsels clients on the regulatory treatment of futures, perpetual contracts and other instruments that may implicate both securities and commodities regimes, and advises on issues affecting structured products and municipal securities, including Volcker Rule compliance and municipal advisor considerations.

Nathaniel Reisenburg Senior Associate, Financial & Fintech Advisory, Strategic Advisory & Government Enforcement (SAGE)

New York

See my bio

D:+1 212 506 3503
E: [email protected]

Practice:

Financial & Fintech Advisory
Strategic Advisory & Government Enforcement (SAGE)
Fintech
Cyber, Privacy & Data Innovation
Mergers & Acquisitions
Blockchain & Digital Assets
Japan
China

vCard

See full bio

Nathaniel Reisenburg Senior Associate

New York

Nathaniel counsels banks, blockchain exchanges, cryptocurrency issuers, financial institutions, technology companies, money transmitters, online gaming platforms, payment processors, and private equity firms. His practice includes services related to anti-money laundering, data collection and processing, internal investigations and risks assessments, money transmitter licensing, blockchain token offerings, mergers and acquisitions, money transmitter licensing, venture capital financing activities, and general corporate matters.

Following law school, Nathaniel co-founded a legaltech company in Japan, and developed the initial machine learning models and a front end used for an initial product offering. Nathaniel has since leveraged his development experience to communicate with and advise blockchain and machine learning ventures. In addition, Nathaniel has also lectured at Peking University in China, teaching constitutional law and an introductory class on U.S. legal principles, giving Nathaniel a unique perspective into the Chinese market.

Prior to joining Orrick’s New York office, he was an associate at the firm's Tokyo office. In addition, prior to law school, Nathaniel served for four years in the Canadian Army as an enlisted soldier tasked to conduct armored reconnaissance.