Customer Identification Requirements Proposed for Payment Stablecoin Issuers

Jun 25 2026
Browse archives for June 25, 2026
Posted in

Blockchain & Smart Contracts

Tagged with ,
Share

By: John ReVeal and Jeremy M. McLaughlin

On 22 June 2026, the Financial Crimes Enforcement Network (FinCEN) and the federal bank regulators issued a proposed rule to impose customer identification procedures (CIP) requirements on permitted payment stablecoin issuers (PPSI) (the Proposal). Prospective PPSIs and their partners will want to review the proposed scope of the CIP obligations and consider whether to submit comments to FinCEN. Comments on the Proposal must be submitted by 21 August 2026.

The proposed CIP requirements for PPSIs are generally comparable to the CIP requirements for banks and certain other financial institutions, requiring the collection of the same minimum information about each customer. However, FinCEN attempted to take into consideration the unique circumstances of PPSIs, including the types of accounts PPSIs may maintain, their various methods of opening accounts, and the types of customer identifying information available to PPSIs. Under the Proposal, a PPSI’s CIP obligations would apply only when a PPSI interacts directly with a user or holder of a payment stablecoin, such as when a PPSI engages in issuing or redeeming payment stablecoins, managing related reserves, providing custodial services, or providing services of a digital asset service provider.

A PPSI would have no CIP obligations with respect to a person whose only interaction with the PPSI is through a smart contract, such as when an individual purchases stablecoin from intermediaries or engages in person-to-person transactions in stablecoins. (A “smart contract” is, generally speaking, a blockchain program that automatically controls how digital assets are minted and transferred, among other things.)

The Proposal also raises an interesting issue regarding the ability of a PPSI to rely on another financial institution for performance of CIP. Under the Proposal, the ability of a PPSI to rely on another financial institution is the same as the existing rule for banks: the reliance must be reasonable, the other financial institution must itself be subject to a requirement to maintain an AML/CFT program and must be regulated by a Federal functional regulator, and the relied-upon institution must enter into a contract with the PPSI to certify annually to the PPSI that it has implemented its AMF/CFT program and that it will perform (or its agent will perform) the specified requirements of the PPSI’s CIP.

When FinCEN issued the final CIP rule for banks in 2003, they said that a bank “will not be held responsible for the failure of the other financial institution to adequately fulfill the bank’s CIP responsibilities, provided the bank can establish that its reliance was reasonable and that it has obtained the requisite contracts and certifications.”

In contrast, the Proposal states with respect to a PPSI’s obligations: “Critically, this proposed provision would not change a PPSI’s CIP obligation, and the PPSI would remain responsible for its compliance.” It is not clear if FinCEN is limiting a PPSI’s ability to rely on another financial institution or if FinCEN is quietly raising the stakes for all financial institutions. This might be another issue for which the industry should seek clarification.

Copyright © 2026, K&L Gates LLP. All Rights Reserved.