A change in the regulatory environment – from fragmented enforcement to structured oversight
In 2025, a step change has occurred in the regulatory environment, moving from fragmented enforcement to structured oversight. Changes in regulatory leadership aimed at promoting a safe, strong and resilient banking system have contributed to this change. Notably, the appointment of Travis Hill as Acting Chairman of the Federal Deposit Insurance Corporation (FDIC) in January 2025 was particularly significant.
Acting Chairman Hill said the FDIC’s new direction includes taking a more open-minded approach to innovation and technology adoption, with a focus on fintech partnerships and cryptocurrencies. This shift in mindset from regulators at the FDIC, OCC, and SEC has opened up the opportunity for regulated institutions to explore digital assets without fear of regulatory harm.
What are stablecoins?
With the US administration’s new stance on cryptocurrencies, stablecoins have gained popularity. Stablecoins are designed to maintain a stable value, typically by being pegged to a reserve asset, such as a fiat currency (e.g. US dollar), commodity (e.g. gold) or via algorithmic mechanisms.
The main goal of Stablecoins is to combine the speed and transparency of digital assets with the price stability of traditional currencies. This contrasts with other cryptocurrencies, like bitcoin, which can experience large price fluctuations.
Stablecoins allow individuals to use cryptocurrency with greater confidence that digital assets will retain their value. The benefits of stablecoins include:
- Faster, cheaper transactions
- Decentralized Finance Facilitates Trading, Lending, and Yield Farming
- Cross-border transfers to reduce dependence on banks and expensive money transfer services
- Hedging provides a way to exit volatile cryptocurrency positions without converting them to fiat currency
Although stablecoin is considered a more “stable” option for cryptocurrency, it comes with risks, such as:
- Reserve transparency to answer questions about whether reserves are fully guaranteed and accessible
- Regulatory uncertainty and variable treatment from global regulators
- Operational risk, including cvulnerabilities in custody, governance and smart contracts
- Systemic risk, especially if widely adopted in payments or integrated into traditional finance
What is the GENIUS Act and how has it shaped the regulation of stablecoins?
The Directing and Establishing Domestic Innovation for Stablecoins in the United States Act of 2025 (GENIUS Act) represents a critical legislative milestone, signaling the United States’ intent to modernize digital payments infrastructure through regulated stablecoins. While this is a huge step forward, it also raises a debate about the adequacy of safeguards and policy ethics in the context of current evolving digital asset policy.
The GENIUS Act is expected to have a significant impact on the stablecoin market and the broader cryptocurrency landscape, particularly in these key areas:
- Establish a regulatory framework. The law aims to provide clear guidelines and rules for the issuance and management of stablecoins.
- Protect consumers. By requiring issuers to hold reserves and prioritizing stablecoin holders in bankruptcy, the bill protects consumers from potential losses.
- Promoting responsible innovation. The law encourages the responsible development and adoption of stablecoins while mitigating risks.
- Strengthening national security. The legislation includes provisions aimed at preventing money laundering and other illicit activities associated with stablecoins.
- Maintaining the dominance of the US dollar. By providing a clear regulatory pathway, the law ensures that the U.S. dollar remains a dominant force in the digital economy.
With new regulatory clarity, banks are viewing stablecoin as a competitive and strategic necessity. As more people use stablecoins to send money home, send remittances abroad, or conduct business, banks feel pressured to stay relevant in the digital money sector. The gap between non-bank issuers and regulated banks is seen as a growth opportunity.
While this is an exciting opportunity, it also carries enormous risk potential. With new regulatory requirements, organizations may not have mature controls in place. This provides an opportunity for internal audit, risk management and compliance professionals to step up their efforts and ensure that stablecoins and other cryptocurrencies are well managed within your organization.
The SEC Crypto Working Group and Other Regulatory Guidance
The SEC’s Crypto Working Group is a dedicated initiative aimed at establishing clearer boundaries on when a digital asset constitutes a “security” or not, designing tailored disclosure and registration pathways for crypto issuers and intermediaries, and ensuring that investor protections are appropriately applied to digital asset markets.
Audit and compliance teams will need to treat investor protection not as an afterthought, but as a design principle, ensuring that systems, disclosures, safeguards and controls are structured with transparency, accountability and recovery in mind. Additionally, risk assessments should focus on counterparty risk, smart contract failures, key compromises, and intermediary insolvency, as these are areas where investor damage tends to materialize in the crypto space. Assurance scopes can expand to include code review, retention architecture, completeness of disclosure, and fallback or recovery mechanisms.
In the July 2025 Joint Interagency Statement, the OCC, FDIC, and Federal Reserve outlined guidance on custody of crypto assets, stating that custody of cryptocurrencies differs from custody of securities or cash, and that these particular risks should be addressed explicitly. Some banks are expressing interest in outsourcing the custody of their cryptocurrencies because they do not have the necessary in-house skills. While this may be a good option, it is important to note that while banks can outsource these activities, they cannot outsource risk.
Even if banking regulators relax procedural barriers, risk management expectations will remain rigorous because a poor risk management decision could significantly harm your company’s brand.
