Regulators rewrite AML and stablecoin rules

# Regulators rewrite AML and stablecoin rules U.S. financial regulators opened two rulemakings on April 7, 2026 that point in the same direction. One would change how banks are judged on anti-money laundering controls, and the other would spell out how Federal Deposit Insurance Corporation supervised institutions can issue stablecoins under the Guiding and Establishing National Innovation for U.S. Stablecoins Act. Together they push compliance away from binders and checklists and toward systems that can show, in real time, what a firm saw, what it decided, and what it did. (fdic.gov) The anti-money laundering side starts with a simple complaint: banks have spent years proving they have programs, but regulators now want stronger evidence that those programs actually reduce illicit finance risk. In a joint proposal released by the Federal Deposit Insurance Corporation, the Office of the Comptroller of the Currency, and the National Credit Union Administration, supervised institutions would have to maintain “effective risk-based” anti-money laundering and countering the financing of terrorism programs designed to identify, assess, and mitigate illicit finance risks. (fdic.gov) That wording matters because it shifts the center of gravity from process completion to program performance. The Office of the Comptroller of the Currency said the proposal aligns with concurrent changes being proposed by the Financial Crimes Enforcement Network under the Anti-Money Laundering Act of 2020, which directed regulators to modernize the framework and encourage more effective outcomes for banks, law enforcement, and national security agencies. (occ.gov) In practice, an outcome-based approach asks a different question from the one many compliance teams are used to. Instead of mainly asking whether a bank completed required reviews and kept the right documents, examiners would focus more on whether the bank’s controls are reasonably designed for its actual risk profile and whether those controls work when suspicious activity appears. That interpretation is an inference from the proposal’s emphasis on effective, risk-based programs and the stated goal of identifying, assessing, and mitigating illicit finance risk. (fdic.gov) The proposal also tries to reduce one long-running source of friction between banks and examiners: second-guessing risk judgments after the fact. Reporting on the Treasury proposal described it as a “fundamental” reset of anti-money laundering rules, while coverage focused on the idea that banks should be judged less on paperwork volume and more on whether their controls are producing useful results. (wsj.com) The stablecoin proposal lands at the same moment, but in a different part of the financial system. On April 7, 2026, the Federal Deposit Insurance Corporation approved a notice of proposed rulemaking to implement requirements and standards under the Guiding and Establishing National Innovation for U.S. Stablecoins Act for Federal Deposit Insurance Corporation supervised permitted payment stablecoin issuers and insured depository institutions engaged in payment stablecoin activities. (fdic.gov) A stablecoin is a digital token designed to hold a fixed value, usually one U.S. dollar per token. The regulatory problem is not the slogan of “one token equals one dollar,” but the plumbing behind it: what assets back the token, where those reserves sit, how quickly holders can redeem, what happens if the issuer fails, and whether bank deposits connected to the structure are actually insured. The Federal Deposit Insurance Corporation proposal directly addresses reserves, redemptions, permissible activities, capital, deposit insurance treatment for reserve deposits, and tokenized deposits. (fdic.gov) That last point is especially important because stablecoins and tokenized deposits can look similar to users while being treated differently in law. The Federal Deposit Insurance Corporation said its proposal would clarify that deposits held at an insured depository institution as payment stablecoin reserves would not be insured to stablecoin holders on a pass-through basis, while also reaffirming how tokenized deposits are treated under the Federal Deposit Insurance Act. (fdic.gov) The rulemaking is not final. The Federal Deposit Insurance Corporation said comments on the stablecoin proposal will be accepted for 60 days after publication in the Federal Register, and the anti-money laundering proposal has the same 60-day comment window after Federal Register publication. That means banks, crypto firms, trade groups, and compliance vendors now have a short period to argue over definitions, reporting expectations, reserve operations, and examination standards before final rules are written. (fdic.gov) The timing also shows that the stablecoin effort is moving in stages rather than all at once. In December 2025, the Federal Deposit Insurance Corporation approved a separate proposed rule on application procedures for Federal Deposit Insurance Corporation supervised institutions seeking approval to issue payment stablecoins through a subsidiary. The April 2026 proposal goes further by setting substantive operating standards, including reserve, redemption, and capital expectations. (fdic.gov) For banks, the two proposals meet in the same operational layer. If anti-money laundering supervision becomes more explicitly effectiveness-based, and if stablecoin issuers face detailed federal requirements on reserves, redemptions, and deposit treatment, then firms will need better internal evidence trails: who approved a customer, what alerts fired, how reserve balances moved, when redemption queues changed, and which policy controlled each step. That conclusion is an inference from the content of both proposals, not a quoted regulatory phrase. (fdic.gov) That is why traceability and telemetry move from technical nice-to-haves to supervisory necessities. Traceability means being able to reconstruct an event after the fact, like following a package through every scan point in a delivery network. Telemetry means the live stream of system signals that shows what is happening now, like a dashboard in an aircraft cockpit. A static compliance manual can describe the intended procedure, but it cannot by itself prove which rule fired on a given transaction at 2:14 p.m. or whether a redemption control failed at scale. This explanation is conceptual, but it follows directly from regulators asking for effective programs and detailed operational standards. (fdic.gov) There is also a competitive angle. Large institutions already spend heavily on monitoring systems, model governance, audit logs, and data retention. If the final rules preserve the direction of these proposals, smaller banks and new stablecoin entrants may find that the real barrier is not writing a policy document but building systems that can enforce policy consistently and prove that enforcement to examiners. That is an inference, but it is consistent with the proposals’ focus on risk-based anti-money laundering controls and prudential standards for payment stablecoin issuers. (occ.gov) The bigger rewrite is cultural. For years, regulated finance often treated compliance as a library problem: maintain the right manuals, forms, and committee records. These proposals treat it more like an operations problem: maintain controls that work under stress, generate evidence as they run, and produce outcomes that supervisors can test. If that approach survives the comment process, the winners will not just be firms with the best legal drafting teams. They will be the ones with the cleanest data, the clearest control maps, and the fastest ability to show regulators how a decision moved from policy to action. (occ.treas.gov)