Here is the connection that matters: a dollar-pegged stablecoin is a payments instrument, and payments instruments are exactly where money laundering and sanctions evasion try to hide. On June 5, 2026, the Federal Deposit Insurance Corporation published a notice of proposed rulemaking that confronts that reality directly. The proposal would issue regulations under the Guiding and Establishing National Innovation for U.S. Stablecoins Act — the GENIUS Act — implementing Bank Secrecy Act and sanctions compliance standards for the stablecoin issuers the FDIC supervises.
It is important to separate this rule from the one most coverage fixates on. The reserve-backing, deposit-insurance, and tokenized-deposit questions live in a different FDIC proposal. This document is narrower and, for the financial-crime community, arguably more consequential: it is about whether a permitted payment stablecoin issuer must run the same anti-money-laundering and Office of Foreign Assets Control sanctions program that a bank runs. The FDIC's answer, as framed in the proposal, is yes — and the rulemaking exists to spell out what "appropriate" looks like for a token issuer rather than a deposit-taking bank.
"The Federal Deposit Insurance Corporation (FDIC) proposes to issue regulations pursuant to the Guiding and Establishing National Innovation for U.S. Stablecoins Act (GENIUS Act) that would implement appropriate Bank Secrecy Act (BSA) and sanctions compliance standards applicable to FDIC-supervised permitted payment stablecoin issuers."— FDIC Notice of Proposed Rulemaking, 91 FR 34171, source
To see why this is a real fight and not boilerplate, follow the custody and the flow rather than the hype. The Bank Secrecy Act framework — built over decades for banks — assumes a chokepoint: a regulated institution that knows its customers, monitors transactions, files suspicious activity reports, and screens against OFAC lists before money moves. A stablecoin breaks several of those assumptions. Tokens move on public blockchains between addresses, often through intermediaries the issuer never onboarded. The hard regulatory question the FDIC is implicitly posing is how far an issuer's compliance obligation extends past the moment it mints or redeems a token. The agency is not inventing new financial-crime law here; it is mapping an existing, bank-shaped framework onto an instrument that was designed to circulate freely.
Why the GENIUS Act made this inevitable
The GENIUS Act is the statutory hinge. By creating a category of "permitted payment stablecoin issuer" and assigning supervision of some of them to the FDIC, Congress pulled stablecoins inside the federal financial-regulatory perimeter. Once an issuer is a supervised entity, the BSA and sanctions apparatus follows almost automatically — the only open questions are calibration and scope, which is precisely what a notice of proposed rulemaking exists to work out through comment. This is why 2026 has produced a cluster of GENIUS Act proposals from the FDIC, the OCC, the NCUA, and the Federal Reserve: each regulator is implementing its slice of the same statute for the issuers under its jurisdiction.
For an issuer, the practical implications are heavy and concrete. A full BSA program means a designated compliance officer, written policies, ongoing employee training, independent testing, and a customer-identification regime. A sanctions program means real-time screening against OFAC's lists and the ability to block or reject prohibited transactions — and, critically, the ability to do so on assets that may already be circulating on-chain. None of that is free, and none of it is optional once the rule is final. It is the cost of being treated as a regulated financial institution rather than a software project.
What the proposal settles, and what it leaves open
A notice of proposed rulemaking is a beginning, not an end. It establishes the FDIC's intent and its statutory basis, and it invites comment on the specifics. What it does not do is finalize the standards or resolve the genuinely hard line-drawing: how an issuer should treat transactions among third-party wallets it never onboarded, how sanctions screening interacts with the irreversibility of on-chain settlement, and how the BSA's bank-centric machinery should be scaled for an entity whose product is a freely transferable token. Those are the questions comment letters from issuers, banks, and compliance vendors will press.
The connective point — the reason this belongs on a crypto-policy beat and not just a banking one — is that stablecoins are now sitting inside other crypto products. An actively managed crypto ETF can hold a stablecoin sleeve; settlement rails increasingly clear in dollar-pegged tokens. Every one of those uses inherits whatever AML and sanctions regime the FDIC, OCC, and their peers finalize. So a rule that reads like dry compliance plumbing is in fact upstream of a large and growing share of the crypto economy. Follow the compliance obligation, not the marketing, and this proposal is one of the more important documents in the 2026 stablecoin file.
There is also a structural tension in this proposal worth naming plainly. Bank Secrecy Act compliance was built around the idea that a regulated institution sits at a chokepoint and can stop a transaction before it settles. On a public blockchain, settlement is often fast and irreversible, and the issuer frequently is not in the path of a given transfer at all — two wallets can transact a stablecoin without the issuer's involvement once the tokens are in circulation. That means the FDIC's framework will have to grapple with where, realistically, an issuer can intervene: at mint, at redemption, through the ability to freeze or burn tokens at flagged addresses, and through monitoring it can actually perform. The strongest version of this rule will be specific about those control points rather than importing bank-style expectations wholesale; the weakest version would demand monitoring the issuer has no technical means to deliver. Which way the final rule leans is the single most important thing for issuers to watch, because it determines whether compliance is achievable or merely aspirational.
The discipline, as always, is to report what the record says. The FDIC has proposed BSA and sanctions compliance standards for the stablecoin issuers it supervises under the GENIUS Act. It has not yet finalized them. The substance to watch is the calibration — and the comment period is where that gets decided.