The FDIC filed its third proposed rule under the GENIUS Act on May 22, targeting Bank Secrecy Act and sanctions compliance for permitted payment stablecoin issuers (PPSIs) the agency supervises. The board voted 3-0.
The rule would require FDIC-supervised PPSIs, which operate as subsidiaries of insured state nonmember banks and state savings associations, to build AML/CFT programs aligned with FinCEN and Office of Foreign Assets Control standards. It also aligns supervision and enforcement provisions for those programs with existing FinCEN requirements.
This BSA/AML proposed rule is the third NPRM the FDIC has issued in roughly six months of GENIUS Act implementation. The December 2025 NPRM set application procedures for stablecoin issuance. April’s prudential framework rule layered on reserve asset requirements, capital and risk management standards, and redemption rules. BSA/AML was the missing compliance layer. Now it’s not.
Here’s the structural read: stablecoins issued through FDIC-supervised subsidiaries won’t just need adequate reserves. They’ll face the same AML/CFT regime applied to federally supervised banks. For fintech firms eyeing the PPSI charter, that’s a real compliance lift, one that favors issuers who already maintain compliance infrastructure over crypto-native startups building it from scratch. The GENIUS Act may have created the market, but the FDIC’s rule stack is defining who can realistically play in it.
The 60-day public comment window opens after the rule publishes in the Federal Register.
— James Okafor