US Regulators Seek Bank-Style KYC for Stablecoin Issuers

US financial regulators have proposed customer identification rules for stablecoin issuers, aiming to align identity verification practices with requirements applied to banks and other covered financial institutions under federal law. The initiative, issued by multiple agencies, is part of the broader implementation framework for the GENIUS Act, a stablecoin-focused statute enacted in July 2025.

The proposal would require stablecoin issuers to perform “customer identification” in connection with onboarding and account access, alongside related recordkeeping and screening obligations tied to the Bank Secrecy Act (BSA). For regulated firms, the move signals an expectation that stablecoin-related activities will be treated within established AML/CFT compliance structures—raising practical questions around supervision, data handling, and how identity requirements apply across different stablecoin business models.

Key takeaways

• US agencies have issued a proposed rule that would require stablecoin issuers to implement customer identification procedures comparable to those used by banks under the BSA.
• The proposal is positioned as part of the GENIUS Act implementation process and is intended to address AML/CFT obligations for stablecoin providers.
• The notice will be open for public comment for 60 days after formal filing in the Federal Register.
• Regulators cite baseline BSA standards including identity verification, retention of identity information, and screening for potential terrorist affiliations.
• Treasury has already issued related GENIUS proposals on illicit-finance requirements, indicating a multi-agency rulemaking path for stablecoin compliance.

Proposed customer identification requirements under GENIUS

According to the agencies’ notice, the Federal Deposit Insurance Corporation (FDIC), the Federal Reserve, the Office of the Comptroller of the Currency (OCC), the National Credit Union Administration (NCUA), and the US Treasury’s Financial Crimes Enforcement Network (FinCEN) jointly proposed that stablecoin issuers be treated as regulated financial institutions for purposes of verifying customer identity.

The action is linked to the GENIUS Act’s implementation timeline. The law is expected to enter effect 18 months after enactment or 120 days after federal authorities finalize implementing regulations, depending on the administrative schedule for the rulemaking process. In practical terms, the proposal represents regulators translating statutory obligations into operational compliance expectations for stablecoin issuers.

The agencies stated the proposal is designed to meet AML and Countering the Financing of Terrorism (CFT) requirements through GENIUS. In the BSA framework, covered financial institutions are generally expected to verify the identity of a person seeking to open an account, maintain records of identity information, and apply risk-based determinations that include whether the person may be associated with terrorism or terrorist organizations.

For institutional stakeholders, the significance lies in how customer identity and onboarding procedures can affect both compliance operations and product design. Identity verification requirements may necessitate enhanced onboarding controls, clearer definitions of “customer” and “account” for stablecoin use, and more robust governance over identity data retention, access controls, and audit trails.

How the Bank Secrecy Act baseline is likely to map onto stablecoin issuers

The BSA standards cited in the notice provide a concrete benchmark: verifying customer identity, keeping records, and determining potential terrorist connections. While those obligations are familiar for banks, applying comparable expectations to stablecoin issuers introduces implementation questions—particularly where stablecoins are issued or distributed via programs, intermediaries, or digital-asset rails rather than through conventional deposit account structures.

Institutions will likely need to assess how customer identification obligations interact with existing compliance programs. Many stablecoin providers and partners already run onboarding and transaction monitoring processes, but the proposed rule would more explicitly anchor identity verification in the same legal and supervisory logic used for covered financial institutions.

That alignment may also affect compliance risk assessments and regulator expectations regarding accountability. Firms may face increased scrutiny over who performs the verification (issuer versus downstream counterparties), what information is considered sufficient for “verification,” and how firms document and retain records to support investigations and examinations.

Broader GENIUS implementation: AML/CFT rulemaking and related deposit coverage issues

The customer identification proposal is not occurring in isolation. Treasury has previously proposed GENIUS-related AML and CFT requirements targeting illicit finance involving stablecoins. In addition, other GENIUS-linked implementation activity has already touched on the contours of insurance coverage for stablecoin issuers.

Earlier, the FDIC suggested that rules allowing deposit insurance for certain corporate deposits of stablecoin issuers would not automatically extend to holders. That distinction matters because it signals regulators are attempting to define regulatory treatment not only for issuers’ activities but also for how stablecoin users and balances fit into existing consumer protection and prudential frameworks.

While the identification proposal focuses on onboarding and screening obligations, the broader GENIUS implementation path suggests a phased approach: first establishing AML/CFT compliance structure and supervision expectations, then refining other areas such as how stablecoin balances interact with deposit-like protections.

From a compliance monitoring perspective, these parallel threads increase the likelihood that stablecoin programs will be evaluated through multiple regulatory lenses—identity verification, transaction monitoring, illicit finance risk controls, and potentially prudential or insurance-related requirements—depending on how each firm’s activities are classified.

Regulatory landscape beyond GENIUS: CLARITY Act timing remains uncertain

Even as stablecoin-specific rules progress under GENIUS, broader US crypto regulatory clarity remains unresolved. The Digital Asset Market Clarity (CLARITY) Act—intended to reshape roles and enforcement mechanisms across financial agencies—has not yet established a defined timeline.

Coverage of the legislative environment indicates that while many stakeholders expect progress by the August recess, there are unresolved concerns raised within Congress, including Democratic objections related to potential conflicts of interest by lawmakers and elected officials. That political uncertainty can influence how quickly the government can harmonize crypto oversight across agencies, even when stablecoin rules move forward.

For regulated entities, this matters because GENIUS addresses stablecoins specifically, but firms operating in the broader digital asset ecosystem may still need to contend with overlapping or inconsistent regulatory treatment depending on the asset category, the structure of the offering, and the designated regulator under any future CLARITY framework.

As a result, institutions should treat the GENIUS customer identification proposal as part of a longer regulatory process rather than a final endpoint. Compliance programs may need to be designed for iterative updates as implementing rules expand, agencies issue additional guidance, and Congress potentially advances wider statutory frameworks for digital asset regulation.

Closing perspective

With the proposed customer identification rule now open for a 60-day comment period after Federal Register filing, stablecoin issuers and their compliance teams will need to prepare for changes that bring identity verification expectations closer to bank-style BSA requirements. The next key step will be how agencies finalize the rule after public feedback and whether broader crypto oversight legislation—such as CLARITY—clarifies agency roles and enforcement priorities alongside GENIUS implementation.