The Wolfsberg Group ¦ Guidance on the Provision of Banking Services to Fiat-backed Stablecoin Issuers

Why stablecoins change — and don’t change — how banks manage AML/CFT, sanctions and operational risk

The growth of fiat‑backed stablecoins creates important opportunities and distinct financial crime challenges for financial institutions providing banking services to issuers. Although stablecoins offer price stability, rapid settlement and broad reach that benefit legitimate users, those same attributes — together with pseudonymous blockchain transactions — can be misused by criminals and sanctions‑evaders to obtain currency‑denominated value outside traditional rails. Banks must therefore treat relationships with stablecoin issuers like other higher‑risk correspondent or PSP relationships while adapting controls to the technical and operational features specific to stablecoins and distributed ledger activity. A clear, shared set of terms and an issuer’s demonstrable control framework are foundational. The Wolfsberg guidance focuses on corporate, fiat‑pegged stablecoins fully backed by high‑quality liquid reserves and issued by regulated entities. For banks, the typical services to such issuers — operating accounts, reserve accounts and settlement accounts — mirror standard commercial relationships, yet each account type creates different monitoring priorities. Operating accounts should remain strictly segregated and subject to conventional AML monitoring. Reserve accounts must preserve asset segregation, be subject to attestations and audits, and be monitored to ensure reserve claims are accurate. Settlement accounts, which interact with the issuer’s clients (often DASPs, PSPs, corporates and institutional counterparties), represent the greatest financial crime exposure because they reflect minting and redemption flows and the downstream uses of the stablecoin.

Bastian Schwind-Wagner_Follow "Banks can serve fiat‑backed stablecoin issuers safely by applying established AML/CFT and sanctions principles tailored to stablecoin mechanics — segregated reserve controls, clear settlement account oversight, and proportionate on‑chain monitoring tied to the issuer’s risk appetite. The required intensity of oversight should match the issuer’s client base, jurisdictions and demonstrated controls."

Onboarding must go beyond basic KYC: banks should obtain a robust picture of the issuer’s enterprise‑wide AML/CFT, sanctions and anti‑corruption frameworks, board and senior management oversight, resourcing and third‑party reliance, and processes for law enforcement cooperation (including freeze, burn and re‑issue mechanics). Banks should assess the jurisdictions of incorporation and operation, licensing and prudential supervision, and how the issuer evaluates and manages its own clients and distribution channels. Particular focus is needed on whether the issuer conducts proportionate due diligence on DASPs and downstream intermediaries, how it implements payment transparency expectations, the degree and quality of on‑chain monitoring and analytics it uses, and whether technological measures (allow‑lists, deny‑lists, pre‑transaction screening or reversible transaction mechanisms) are applied to reduce illicit flows.

The appropriate level of on‑chain oversight by the bank should be risk‑based and calibrated to the issuer’s business model and customer base. Because public blockchains can generate an overwhelming amount of data, banks should not default to indiscriminate blockchain tracing but instead focus on whether the issuer operates inside the risk appetite agreed at onboarding. For low‑risk, well‑regulated issuers minting primarily for regulated counterparties in low‑risk jurisdictions, banks may rely mainly on fiat‑based transaction monitoring, periodic reconciliations and public reporting. For higher‑risk issuers or those serving smaller or unregulated DASPs, banks should require stronger on‑chain transparency from the issuer — including wallet disclosures when justified — and implement their own tailored on‑chain account activity reviews that leverage vendor analytics or in‑house tools. Regardless of arrangement, banks must maintain qualified staff able to engage technically with issuers, process information requests, and assess analytics outputs; vendor tools cannot replace the judgment needed to escalate concerns and execute corrective measures.

A proportionate monitoring program should include documented account activity reviews, periodic validation of reserve backing and segregation, scrutiny of large or atypical minting/redemption patterns and the ability to compare issuer‑reported on‑chain monitoring to independent observations. Where deviations from agreed behavior are detected, banks should promptly seek explanations, require remediation, impose restrictions or, if necessary, terminate relationships. Ultimately, responsibility for detecting, preventing and reporting illicit activity tied to the stablecoin rests with the issuer, but banks must ensure they understand the issuer’s controls and retain sufficient oversight to manage their own exposure. A well‑constructed, risk‑based framework lets banks offer valuable services to fiat‑backed stablecoin issuers while limiting money laundering, terrorist financing and sanctions‑evasion risks.

Dive deeper

• The Wolfsberg Group ¦ Wolfsberg Group Guidance on the Provision of Banking Services to Fiat-backed Stablecoin issuers ¦ Link