Navigating Stablecoin Regulations with FailSafe: EU, Japan, Singapore, Switzerland, and US

As the popularity of stablecoins grows, so does the scrutiny from regulators worldwide. This blog post examines the regulatory landscape for stablecoins in five key jurisdictions: Singapore, the United States, the European Union, Japan, and Switzerland.

FailSafe’s Position in the Stablecoin Landscape

In today’s rapidly evolving financial ecosystem, proactive risk protection is crucial. FailSafe is a key player in the stablecoin space, offering robust security measures that ensure the integrity and stability of token issuers’ operations. Here’s how FailSafe provides defense-in-depth security tooling for stablecoin projects through various mechanisms:

FailSafe Guard™

FailSafe Guard protects stablecoin smart contracts even if private keys are exposed through phishing or internal collusion. Cybercriminals often exploit exposed keys to mint large amounts of tokens and sell them to exchanges, which can destabilize the token. A recent incident involving Gala Games saw an attacker mint 5 billion $GALA tokens worth an estimated $200 million by obtaining the contract key. FailSafe Guard would have prevented this by blocking smart contract operations that exhibit malicious signals, such as transactions from unknown devices, out-of-range IP addresses, and unexpected time windows. Additionally, FailSafe Guard alerts administrators when anomalous behaviors from the contract’s private keys are detected, indicating potential key theft.

FailSafe Interceptor™

FailSafe Interceptor protects treasuries from being drained. If an unauthorized transaction attempts to move minted tokens, FailSafe Interceptor swiftly neutralizes the threat by firing a counter-transaction, moving targeted assets to safety.

FailSafe Radar™

FailSafe Radar detects signs of payment fraud. By monitoring transaction patterns, FailSafe Radar identifies signs of fraud among stablecoin holders. Analyzing behaviors and detecting suspicious activities helps prevent payment fraud and ensures the integrity of transactions.

FailSafe stands at the forefront of proactive risk protection in the stablecoin market, making it an indispensable partner for compliance and security.

Singapore

Singapore has positioned itself as a fintech hub, offering a supportive regulatory environment for blockchain and cryptocurrency innovations. The Monetary Authority of Singapore (MAS) regulates stablecoins under the Payment Services Act (PSA). Stablecoin issuers must obtain a license if they meet specific thresholds and adhere to anti-money laundering (AML) and counter-terrorism financing (CTF) requirements. MAS also emphasizes technological risk management and consumer protection, ensuring a balanced approach to fostering innovation while safeguarding financial stability. 

Singapore has taken a proactive approach to stablecoin regulation, recognizing their potential while implementing a comprehensive framework. The Monetary Authority of Singapore (MAS) has classified stablecoins as a subset of digital payment tokens, subject to the Payment Services Act. Additionally, MAS has issued guidelines to ensure the stability and transparency of stablecoin reserves.

• The Payment Services Act (PSA) in Singapore: The Payment Services Act was enacted in 2019 and provides the regulatory framework for digital payment tokens, including stablecoins, in Singapore. Under the PSA, stablecoin issuers must obtain a license from the Monetary Authority of Singapore (MAS) if they meet specific thresholds, such as a significant user base or transaction volume.
  
• MAS’s regulations on AML/CTF requirements for stablecoin issuers: The PSA requires stablecoin issuers to comply with anti-money laundering (AML) and counter-terrorism financing (CTF) requirements, which are overseen by MAS. Stablecoin issuers must implement appropriate measures to identify and mitigate these risks.
  
• MAS’s emphasis on technological risk management and consumer protection: In addition to licensing and AML/CTF requirements, MAS has also issued guidelines to ensure the stability and transparency of stablecoin reserves. These guidelines focus on areas such as reserve management, custody arrangements, and disclosures to consumers. 

FailSafe Protocol’s Alignment with MAS Notice PSN02

By integrating FailSafe’s suite of modular tools, digital payment token service providers can ensure robust security measures, ongoing risk management, and rapid response to threats, thereby enhancing their overall compliance posture.

Here is the content organized and presented in the context of Singapore’s stablecoin regulations as outlined in MAS Notice PSN02:

Aligning FailSafe Protocol with MAS Notice PSN02

MAS Notice PSN02 outlines the requirements for digital payment token (DPT) service providers regarding AML/CFT compliance. FailSafe Protocol’s tools are designed to meet these requirements effectively.

FailSafe Radar: Supporting AML/CFT Efforts

The primary focus of FailSafe Radar is on compliance and risk management. It provides a risk score for any given wallet address, supporting AML/CFT efforts by identifying high-risk activities. Key areas where Radar aligns with MAS guidelines include:

• Risk Assessments and Policies (Notice Section 4): Radar helps identify potential risks associated with wallet addresses by assigning risk scores based on transaction history and other relevant factors.
  
• Ongoing Monitoring (Notice Paras 6.25 to 6.33): By continuously evaluating wallet addresses and their activities, Radar assists in detecting suspicious transactions and flagging potential AML/CFT concerns.
  
• Internal Compliance Support (Notice Section 13): Radar provides data and insights necessary for audits and training on AML/CFT best practices, supporting internal compliance teams.

FailSafe Guard: Ensuring Robust AML/CFT Protection

FailSafe Guard is designed to protect smart contracts and blockchain-native tokens, meeting several MAS requirements for securing customer assets:

• Configurable Policies: Firms can set and enforce specific rules such as time-based constraints, whitelists, and transaction policies, aligning with MAS’s requirements for identifying and periodically reviewing suspicious transaction patterns.
  
• Geofencing and Device Intelligence: Guard’s geofencing and device intelligence enhance monitoring for high-risk scenarios.
  
• Smart Contract Access Control: Guard protects smart contracts from unauthorized access, ensuring transaction security and compliance with MAS’s risk management tools.

FailSafe Interceptor: Automated Threat Response

FailSafe Interceptor provides real-time threat responses, ensuring rapid action against suspicious activities, thus fulfilling several MAS requirements:

• Automated Threat Response: Interceptor monitors transaction feeds and counters malicious transactions, meeting MAS requirements for rapid response to suspicious activities.
  
• Visibility and Dedicated Contracts: Interceptor ensures thorough oversight and clear audit trails, complying with value transfer requirements.
  
• Self-Custody Security: Interceptor secures funds through approvals to self-custody smart contracts and enterprise-level encryption, addressing risks associated with unhosted or unregulated wallets.

FailSafe Radar: Fraud and Internal Risk Scoring

FailSafe Radar helps to monitor and address the risk of on-chain fraud—a red flag for AML/CFT systems. It can be further developed to enhance its compliance capabilities:

• Customer Due Diligence (CDD) (Notice Section 6): It can perform CDD on a wider range of transactions and integrate with other tools to verify user identities associated with wallet addresses.
  
• Simplified CDD (Notice Section 7): Implementing features to streamline the CDD process for lower-risk scenarios, making it easier for compliance teams to manage.

Enhancing AML/CFT Compliance with MAS Guidelines

FailSafe Protocol’s tools align with specific sections of MAS Notice PSN02, such as:

• Notice Section 3.4.5 to 3.4.7: Require risk management tools to safeguard customer assets, which FailSafe’s multi-party computation and key management processes address.
  
• Notice Section 3.4.5: Specifically mentions controls to secure the storage and transmission of customer assets, which FailSafe’s tools provide. 

United States

The United States has a complex regulatory framework for stablecoins, influenced by various federal and state agencies. The Securities and Exchange Commission (SEC) and the Commodity Futures Trading Commission (CFTC) assess whether stablecoins qualify as securities or commodities, respectively. The Financial Crimes Enforcement Network (FinCEN) enforces AML and CTF regulations, requiring stablecoin issuers to register as money services businesses (MSBs). 

Moreover, the Office of the Comptroller of the Currency (OCC) has provided guidance allowing national banks to engage with stablecoin issuers, underlining the importance of regulatory compliance and financial stability. This multifaceted approach aims to mitigate the risks associated with stablecoins while fostering innovation within the United States’ financial ecosystem. 

European Union

The European Union is advancing towards a comprehensive regulatory framework for stablecoins through the proposed Markets in Crypto-assets (MiCA) regulation. MiCA aims to provide legal clarity and consumer protection while fostering innovation. Stablecoin issuers will need authorization and will be subject to stringent capital, liquidity, and transparency requirements. 

The European Central Bank (ECB) and the European Banking Authority (EBA) play pivotal roles in overseeing these regulations, ensuring that stablecoins do not pose a threat to monetary policy and financial stability within the EU. This comprehensive regulatory approach reflects the EU’s commitment to managing the risks associated with stablecoins while promoting a harmonized and well-regulated market for crypto-assets.

The key elements of the MiCA regulation regarding stablecoins include:

1. Authorization requirements: Issuers of stablecoins will need to obtain authorization from national competent authorities to operate within the EU. This authorization process will ensure stablecoin issuers meet stringent requirements. 

2. Capital and liquidity requirements: Stablecoin issuers will be subject to strict capital and liquidity requirements to enhance the stability and safeguarding of user funds. 

3. Transparency obligations: Stablecoin issuers will be required to provide detailed and transparent information about their reserves, investment policies, and redemption processes to protect consumers.

4. Oversight by the ECB and EBA: The European Central Bank (ECB) and European Banking Authority (EBA) will play pivotal roles in overseeing the regulation of stablecoins. They will ensure that stablecoins do not pose risks to monetary policy or financial stability within the EU.

Japan

Japan has been proactive in regulating cryptocurrencies and stablecoins, ensuring a secure environment for users and investors. The Financial Services Agency (FSA) regulates stablecoins under the Payment Services Act and the Fund Settlement Law. Issuers must register and comply with AML/CTF requirements, maintain detailed records, and submit regular reports. Japan’s regulatory framework also emphasizes cybersecurity measures and consumer protection, reflecting a comprehensive approach to managing the risks associated with stablecoins while promoting technological advancement.

Issuer Requirements

Under the regulations, entities wishing to issue stablecoins in Japan must register as a “Virtual Currency Exchange Service Provider” with the FSA. Issuers are required to maintain adequate reserves to back the stablecoins on a 1:1 basis, typically in the form of Japanese yen or other major fiat currencies. Regular reporting on the reserve status and composition is mandated to ensure transparency.

Permissible Assets and Redemption

The regulations restrict the types of assets that can be used to back stablecoins. Issuers are only allowed to peg their tokens to the Japanese yen, other major fiat currencies, or a basket of these low-volatility assets. Stablecoin holders must be able to redeem their tokens for the underlying assets on demand at a 1:1 ratio, and issuers are required to maintain sufficient liquidity to facilitate these redemptions.

Risk Management and Custody

Stablecoin issuers must implement robust risk management practices, including measures to mitigate operational, cyber, and other risks. The regulations also mandate the use of licensed custodians to hold the reserve assets, ensuring the safety and security of the backing funds.

Disclosures and Reporting

Issuers are required to provide clear and transparent disclosures to users about the stablecoin’s characteristics, risks, and reserve status. Regular reporting to the FSA on reserve levels, transaction volumes, and other key metrics is also mandatory.

Restrictions on Use

The regulations prohibit the use of stablecoins for speculative investment purposes, limiting their use to payments for goods and services or remittance purposes.

Oversight and Enforcement

The FSA closely monitors the stablecoin market and has the authority to impose sanctions, suspend operations, or revoke licenses in case of non-compliance with the regulations.

Switzerland

Switzerland is renowned for its progressive stance on blockchain and cryptocurrency regulations. The Swiss Financial Market Supervisory Authority (FINMA) categorizes stablecoins based on their underlying assets (e.g., fiat currency, commodities). Issuers must adhere to existing financial market regulations, including AML/CTF laws, securities regulations, and banking laws if applicable. Switzerland’s regulatory clarity and its commitment to fostering innovation have made it an attractive destination for stablecoin projects, balancing the need for oversight with the promotion of technological growth.

According to FINMA’s guidelines, the Swiss regulator categorizes stablecoins based on the nature of their underlying assets. This can include fiat currencies, commodities, or other reserve assets that are used to back the value of the stablecoin. FINMA’s classification system helps determine the appropriate regulatory requirements and oversight that will apply to stablecoin issuers operating in Switzerland. This nuanced approach allows FINMA to tailor its regulations to the specific characteristics and risks associated with different types of stablecoins.

Regardless of the underlying asset type, stablecoin issuers in Switzerland must comply with a range of existing financial market regulations. This includes adhering to anti-money laundering (AML) and counter-terrorist financing (CTF) laws, which require issuers to implement robust know-your-customer (KYC) and transaction monitoring procedures. Additionally, stablecoin projects may be subject to relevant securities regulations and banking laws, depending on the nature of their activities and the specific characteristics of the stablecoin being offered. This comprehensive regulatory oversight aims to mitigate the risks associated with stablecoins and protect consumers.

Switzerland’s regulatory clarity and supportive stance towards blockchain and cryptocurrency innovation have made the country an attractive destination for stablecoin projects. In a report published by the Swiss State Secretariat for International Finance (SIF), the government highlighted its commitment to fostering an environment that balances the need for oversight and risk management with the promotion of technological growth in the financial sector. This approach, combined with FINMA’s well-defined regulatory framework for stablecoins, has positioned Switzerland as a hub for the development and adoption of these digital assets, attracting both domestic and international projects. 

Download our free mini-guidebook to navigating the new regulations for Singapore payment service providers.

Disclaimer Notice:  Any details provided in our articles published are for educational and informational purposes only.

This article is authored by Jesslyn Zeng, Head of Growth and Compliance. Jesslyn has a diverse background in law, finance, and blockchain, holding double honors degrees in Law and Economics from NUS. Admitted to the Singapore Bar as an Advocate & Solicitor, she is currently pursuing her Chartered Financial Analyst (CFA) and Chartered Alternative Investment Analyst (CAIA) qualifications. Jesslyn has also completed the Chief Compliance Officer Qualifying Examination administered by the Canadian Securities Institute. She has been recognised with numerous awards, including the Fintech Young Leader Award, Student of the Year Award, and All Round Excellence Award. With extensive experience in investment banking, legal, and compliance roles across various industries and jurisdictions, Jesslyn is dedicated to developing solutions that navigate the regulatory landscape at the intersection of technology, finance, law, and economics.