FinCEN & OFAC: Stablecoin Issuers Are Now Banks for AML Purposes

The GENIUS Act created the first federal framework for US payment stablecoins. This week, FinCEN and OFAC published the proposed rules that give it teeth — and the obligations are bank-grade.

Permitted Payment Stablecoin Issuers (PPSIs) must now implement full AML/CFT programs, file Suspicious Activity Reports with a $5,000 threshold (the same as banks, not the $2,000 MSB threshold), maintain a Customer Identification Program, and — critically — build the technical capability to block, freeze, and reject transactions involving sanctioned persons at both the primary and secondary market level.

That last point is the most operationally demanding. A stablecoin issuer must be able to prevent a blocked person from interacting with its smart contract to trade on the secondary market. This is not a policy requirement. It is an engineering requirement.

FinCEN explicitly chose not to impose secondary market SAR reporting obligations, reasoning that blanket defensive SARs would flood law enforcement with low-value filings. The focus is on where issuers have real control: issuance, redemption, and direct customer relationships.

For any operator considering a US-facing stablecoin product, the compliance architecture must be designed from day one around these obligations. Comments are due June 9, 2026.

**Source:** Holland & Knight, April 22, 2026 — https://www.hklaw.com/en/insights/publications/2026/04/fincen-and-ofac-propose-aml-sanctions-rules-for-stablecoin-issuers