With the enactment of the GENIUS Act (Guiding and Establishing National Innovation for U.S. Stablecoins of 2025), the federal government has, for the first time, created a comprehensive legal and regulatory framework governing the issuance and operation of payment stablecoins.
GENIUS introduces a national regulatory floor for licensing stablecoin issuers and sets standards for both domestic and foreign participants. For banks and other regulated financial institutions, this opens the door to new business and operations using stablecoins for cross-border payments, digital asset settlement, crypto treasury innovation, and more.
At the same time, the Act enables the emergence of new entrants through novel charters via the Office of the Comptroller of the Currency (OCC), introducing potential competitive dynamics from outside the existing traditional financial sector and state regulatory system (whose stablecoin issuers are now also codified at the federal level).
While the law offers foundational regulatory clarity, much of the real work lies ahead. Regulators will now develop implementing rules, standards, and guidance—and financial institutions have an opportunity to engage early. Those planning to integrate stablecoins into their operations should begin assessing compliance frameworks, design decisions, and operational implications now.
Implementation and Rulemaking: The Next 12–24 Months
By recognizing stablecoins as a legitimate financial instrument, the Act removes key legal ambiguities that previously hindered institutional adoption. Yet while GENIUS establishes landmark regulatory clarity, critical implementation details remain—particularly around how core risk areas will be addressed.
As the Administration continues to shape its regulatory agenda, and in particular with Jonathan Gould’s confirmation to lead the OCC now complete and Michelle Bowman’s ascension to the Vice Chair for Supervision of the Board of Governors of the Federal Reserve System, we should anticipate a coordinated effort between the bank regulators to build on these statutory provisions, tailored to the unique nuances of crypto-related activities.
Rulemaking by the Treasury Department, the OCC, the Federal Reserve Board, and state regulators will be necessary to interpret and implement key provisions even as some stablecoin issuers may move ahead in the interim. Such standards include defining technical requirements for custody and attestations, the certification process for state regimes, and pathways for foreign issuer participation.
We should also anticipate further rule-making on cryptocurrency activities related to stablecoins, such as seen recently via a joint statement on crypto-asset safekeeping. More detailed requirements will likely spell out requirements related to wallet architecture, blockchain interoperability, risk-based compliance controls, and vendor risk management. Financial institutions should also align future product roadmaps against additional cryptocurrency-related use cases, such as collateral for lending, and ancillary activities such as staking, and tokenization.
We have already seen steps to that end, for example through a recent OCC interpretive letter related to bank permissibility for cryptocurrency activities. Those not plugged in may be caught off guard by the pace of such developments, with the now-completed report on cryptocurrency innovation by the President’s Working Group on Digital Assets (to be published by July 30, 2025) serving as a potential roadmap for further prescriptive actions.
The enactment of GENIUS is, then, is the beginning— not the end—of stablecoin-related policy and regulatory work in the United States.
Where Regulatory Clarity Meets Operational Complexity
For banks and other regulated institutions considering stablecoin issuance or adoption, the time to start thinking about operations is now. GENIUS establishes a statutory floor — and the supervisory scaffolding is on its way. And with pre-approval requirements from the prior Administration now removed by prudential regulators, we should expect institutions to start building in production environments subject to supervisory reviews even before formal rules are in place. Certain prescriptive analogues already exist, such as within the New York Department of Financial Services, but advances in technology will require thoughtful updates to national standards.
Several risk domains are likely to be central:
- Illicit Finance and Sanctions Controls
How a stablecoin issuer monitors activity for permissionless tokens across multiple chains may differ substantially from traditional banking controls. Issuers will need to adopt blockchain intelligence tooling, conduct counterparty due diligence for minting and redemptions, and manage features unique to stablecoins.
For example, GENIUS requires issuers to be able to “seize, freeze, burn, or prevent the transfer of payment stablecoins” in response to lawful orders—a provision that carries serious design and operational implications.
Beyond issuers, other actors within the stablecoin lifecycle—such as ‘off-ramp’ providers converting to fiat—must also address crypto-native controls like wallet address whitelisting, transaction filtering, and wallet freezing while aligning with their overall risk appetites - Cybersecurity and Protocol Risk
While federal agencies like the OCC have introduced crypto-relevant cybersecurity frameworks such as the Cybersecurity Supervision Work Program, these remain largely untested beyond New York. Institutions must assess risks tied to key management, smart contract audits, and launching on newer, less proven blockchains.
And as issuers expand across multiple blockchains, cross-chain bridges present a growing attack surface. The Act calls for further regulatory study on interoperability, but day-to-day risk remains with issuers and infrastructure providers. Security policies must extend to custody, incident response, and business continuity. - Insolvency and Resolution Planning
The statute’s prioritization of stablecoin holders in insolvency makes resolution planning critical. Issuers must be prepared with robust wind-down plans and subject themselves to capital requirements aligned with potential firm-specific risk exposures.
Notably, the Act calls for a study to be produced in the next 36 months on potential gaps related to bankruptcy laws and rules for permitted payment stablecoin issuers, dispersals of payment stablecoins in such scenarios, and the utility of insolvency administration regimes. Given the rise of new charter applicants not subject to the Federal Deposit Insurance Corporation (FDIC) and corresponding FDIC insurance coverage, addressing such potential risks will be critical to have in place before 2028. - Third-Party Risk and Composability
Crypto-native developers often celebrate the composability of smart contracts, or the ability to stack and build functionality like Legos. But for risk managers and auditors, this introduces layers of control complexity. Institutions will need clear oversight across a stablecoin’s lifecycle based on their business models from custody, treasury management, and execution services to exposure to DeFi protocols—both on- and off-chain. These service providers will need to be mapped carefully in vendor management and audit frameworks. - Fraud Risk
GENIUS does not explicitly address fraud, yet payment fraud remains a top concern for traditional payments businesses. As stablecoins enter the mainstream, regulators and issuers will need to ensure these new rails do not simply replicate old vulnerabilities. Meanwhile, new threats like AI-generated fraud demand smarter, adaptive defenses. - Governance and Conflicts of Interest
As stablecoin issuance becomes more integrated into broader institutional ecosystems, governance models must anticipate and mitigate conflicts, particularly those tied to treasury management and ecosystem incentives. The statute’s licensing framework gives regulators leverage to scrutinize governance issues during application reviews and ongoing oversight, although certain proposed language during negotiations did not make the final cut.
All told then, GENIUS does not serve as an automatic greenlight for the industry. Institutions contemplating participation must understand that compliance will be a process, requiring attention not only to the statute’s terms but also to future regulatory implementation.
Looking Ahead
GENIUS is now law. Regulated institutions must remain engaged in the rulemaking process, assess their stablecoin infrastructure readiness, and align operations with evolving compliance expectations.
Use cases like stablecoin-powered cross-border payments will benefit first—and we expect a race to capture this market will unfold quickly. Other use cases—like tokenized collateral in capital markets—will follow, while passage of the CLARITY Act would provide additional rules of the road around token classification, trading venues, and systemic oversight.
At Fireblocks, our infrastructure is purpose-built to meet the GENIUS Act’s technical and operational requirements. Our platform provides MPC-secured wallets, segregation of customer assets, policy-based transaction controls, multi-chain orchestration, and integrations for automated reporting, helping regulated entities build and maintain compliant, scalable digital asset programs.
As this regulatory framework evolves, institutions that take a proactive approach about their stablecoin infrastructure, grounded in strong controls and operational preparedness, will be best positioned to lead as stablecoins become increasingly integrated within core parts of the U.S. regulated financial system. Now is the time for institutions to evaluate whether their infrastructure is aligned with the road ahead. To learn how Fireblocks can support your compliance and operational readiness under GENIUS, get in touch with our team.
