FDIC Proposal: Requirements for Permitted Payment Stablecoin Issuers

From Legislative Framework to Supervisory Model

The FDIC proposal is the first real attempt to translate the GENIUS Act from a legislative framework into a bank-supervisory operating model for state nonmember bank groups. FDIC is using the NPRM to make several policy choices the GENIUS Act leaves open, especially around indirect yield, reserve segregation, concentration limits, reporting cadence, and how tokenised deposits are treated versus payment stablecoins.

What is also clear from the proposal itself is that the FDIC is not simply implementing the statute. It is doing so under an explicit policy objective: to establish a “tailored, principles-based regulatory regime” that supports digital asset activity within the banking system, but only in a way that is consistent with safety and soundness. That framing matters, because it explains why so many of the choices in the rule lean toward constraint rather than flexibility.

Operationalising GENIUS in Four Layers

What the FDIC is doing here is operationalising GENIUS in four layers.

Defining the Regulated Perimeter

First, it defines the regulated perimeter for the FDIC’s slice of the market. It is a sectoral prudential rule for the entities falling under FDIC supervision. The rule applies to FDIC-supervised permitted payment stablecoin issuers, meaning subsidiaries of insured state non-member banks and state savings associations that are approved to issue payment stablecoins. It also applies to FDIC-supervised custodians that hold payment stablecoin reserves, payment stablecoins used as collateral, or private keys.

The FDIC also explicitly says it is trying to align, where relevant, with the OCC’s earlier GENIUS proposal, while recognising that the OCC’s rule is broader because it also covers federal qualified nonbank issuers.

One subtle but important element in the definitions section reinforces this perimeter logic: the FDIC draws a distinction between a “customer” of the issuer and a downstream holder of the stablecoin. A person who acquires a stablecoin on the secondary market is not necessarily treated as a direct customer of the PPSI. That distinction becomes important later, especially when thinking about redemption rights, disclosures, and ultimately how far the issuer’s obligations extend into the ecosystem.

Translating Statutory Obligations into Prudential Constraints

Second, the FDIC turns the GENIUS Act’s high-level issuer obligations into concrete prudential constraints. This is where the real supervisory substance sits.

The proposal limits PPSI activities to a narrow core: issuing and redeeming payment stablecoins, managing reserves, and offering limited custody/safekeeping tied to those activities. It also allows activities that “directly support” those core functions, and potentially some additional incidental or digital-asset-service-provider activities if specifically authorised by the FDIC and if they do not jeopardise the statutory priority of payment stablecoin holders in insolvency.

What is notable, and becomes clearer when you read the detailed activity section, is how tightly the FDIC interprets “directly supporting.” It explicitly frames these as activities that are necessary or fundamental to the operation of issuance, such as wallet infrastructure or key management, not broader ecosystem participation.

Policy Choices Beyond the Statute

Third, the proposal makes several important policy choices that go beyond merely restating GENIUS. This is the real significance of the rulemaking.

Yield and Anti-Circumvention

The clearest example is the treatment of yield. The statute prohibits paying interest or yield solely for holding or using a payment stablecoin, but the FDIC proposes to police this more aggressively by creating a rebuttable presumption that an issuer violates the rule when yield is routed through affiliates or related third parties, including white-label or branded arrangements.

What the text makes clear is how broadly the FDIC is willing to define “related third party,” including cases where the issuer is effectively issuing stablecoins on behalf of another brand or partner.

That is a major anti-circumvention move. It shows the FDIC is worried not just about formal issuer behavior, but about economic equivalence and structuring risk. In practical terms, it is trying to prevent the emergence of synthetic “yield-bearing stablecoins” inside the banking perimeter through partner or affiliate channels.

The FDIC is effectively anticipating how the market will try to arbitrage the rule and closing those paths in advance.

Reserve Management and Asset Composition

Another major policy choice is reserve management. The proposal requires reserves at all times to meet or exceed outstanding issuance value on a one-to-one basis, using identifiable reserves, valued largely at fair value, and held either directly or with an eligible financial institution.

The document adds an important operational layer here: issuers must continuously monitor reserves throughout the day, and only notify the FDIC if they fall short at close of business.

That signals something quite specific: the FDIC expects real-time operational control, but supervises against end-of-day compliance thresholds. That is very much a banking model applied to a digital asset.

Eligible reserve assets are tightly limited to cash, Federal Reserve balances, withdrawable deposits, very short-dated Treasuries, overnight repo/reverse repo structures, and government money market funds invested solely in those same kinds of instruments. This reflects a classic prudential logic: the stablecoin promise is only credible if the reserve stack is narrow, liquid, and monetisable on demand.

Concentration Limits

But the FDIC does not stop there. It proposes an explicit concentration cap: total counterparty exposure to any one eligible financial institution would be limited to 40 percent of reserve assets.

The text makes clear that this applies across all stablecoin brands issued by the PPSI, not just per product. That is important because it prevents issuers from circumventing diversification requirements by fragmenting issuance across multiple tokens while concentrating risk at the balance sheet level.

Reserve Segregation Across Stablecoin Brands

The reserve framework also includes a subtle but highly consequential segregation issue for issuers that want to issue more than one stablecoin brand. The FDIC’s proposed default is separate, identifiable reserve pools for each stablecoin, unless the FDIC approves commingling.

The document goes further than your original framing: it explicitly contemplates how excess reserves might be reallocated across brands, but only above the 1:1 threshold and only in a controlled way.

That is a structural choice designed to contain contagion across brands and make insolvency and redemption waterfalls more legible. It suggests the agency is thinking not only about solvency, but also about resolution optics and run dynamics. A multi-product issuer would not be allowed to rely on an amorphous pooled balance sheet without clear reserve mapping.

Supervisory Infrastructure: Reporting, Audit, and Intervention

Fourth, the rule operationalises supervision through reporting, audit, and intervention tools. This is one of the most important practical aspects of the proposal.

The FDIC does not just want compliance at issuance; it wants continuous visibility. The proposal contemplates monthly public reserve composition reporting, independent accountant examination, confidential weekly reporting to the FDIC, quarterly financial-condition reporting in a call-report-like format, and additional reports on request regarding financial condition, operational systems, and compliance.

The document reinforces that reserve assets are expected to sit on the balance sheet under GAAP and feed into existing bank reporting frameworks, including Call Reports.

That tells you the supervisory model here is closer to ongoing bank examination than to a one-time fintech licensing review.

Liquidity and Run Risk

On liquidity and run risk, the proposal is also more sophisticated than a simple 1:1 reserve rule.

The FDIC proposes a “significant redemption request” concept, defined as aggregate redemption requests exceeding 10 percent of outstanding issuance value within 24 hours, and asks whether that threshold is appropriate.

The text ties this directly to the need for issuers to demonstrate monetisation capability, the ability to access and convert reserve assets into cash quickly enough to meet redemption demand. That indicates the agency is designing not just for ordinary redemptions but for stress redemptions.

It also asks about written contingency plans and orderly redemption processes in exigent circumstances. This is another sign that the rule is about operational resilience under run conditions, not merely static backing.

Custody and Bankruptcy Remoteness

The custodial side is equally important.

Subpart B requires custodians to treat customer reserve assets, collateral stablecoins, private keys, cash, and related property as belonging to the customer and not the custodian; to protect those assets from claims of the custodian’s creditors and sub-custodians’ creditors; and to maintain possession or control, directly or through properly overseen sub-custodians.

What the FDIC adds conceptually is the explicit recognition that control of private keys is the core mechanism of ownership in digital assets, and must therefore be embedded in the legal framework.

That is effectively a bankruptcy-remoteness and control framework adapted to digital-asset custody. The FDIC is clearly trying to ensure that stablecoin custody is not just operationally secure, but also legally robust in insolvency.

Tokenised Deposits vs Payment Stablecoins

A particularly important conceptual move is the treatment of tokenised deposits.

The FDIC proposes to clarify that deposits in tokenised form remain deposits, not payment stablecoins. It also proposes to amend deposit insurance rules so that deposits held as reserves backing a payment stablecoin are insured to the PPSI as corporate deposits, but not to payment stablecoin holders on a pass-through basis. The proposal also clarifies how this plays out operationally. Reserve deposits held at a single institution would be aggregated with the PPSI’s other corporate deposits and insured only up to the standard coverage limit, rather than being segmented or attributed to individual stablecoin holders. This reinforces the point that the stablecoin structure does not create a look-through claim on the underlying banking system

The definition section reinforces this by explicitly excluding tokenised deposits from the definition of payment stablecoins. That is a very important line. It means the FDIC is trying to prevent the market from collapsing the distinction between bank deposits, reserve accounts, and stablecoin claims. Stablecoin holders are not being treated as if they had direct deposit claims on the reserve bank simply because reserve deposits exist. 

That deposit-insurance clarification may end up being one of the most important parts of the proposal for market structure. 

The Broader Policy Significance

So, stepping back, what is the advanced policy significance?

The NPRM shows that the FDIC sees GENIUS not as a chartering statute for a new class of quasi-money issuers inside banks, but as a prudential containment framework. The proposal is trying to make payment stablecoins safe enough to exist in banking groups without letting them become deposit substitutes that blur legal claims, generate yield arbitrage, or import shadow-bank fragility into insured institutions.

The document itself reinforces this through repeated emphasis on:

• Narrow activity scope

• Identifiable and segregated reserves

• Strict limits on asset use (including rehypothecation constraints)

• And the ability to intervene where structures are deemed evasive

That is why the rule is built around narrow activities, strict reserve quality, anti-evasion provisions, custody safeguards, continuous reporting, and very careful treatment of insurance language.

Where the Key Debates Will Sit

Where the biggest legal and policy debates will likely sit:

Scope of Permissible Activities

One is the scope of permissible activities. The FDIC is explicitly asking whether additional activities should be permitted and how formal any approval process should be. That means the final rule could still shape how much of the broader crypto stack a bank-affiliated PPSI can touch.

Yield Prohibition

Another is the yield prohibition. The proposed affiliate/third-party presumption is aggressive, and market participants will almost certainly test whether the FDIC is reading the statute too broadly.

Reserve Structure and Constraints

A third is reserve segregation and concentration. The 40 percent counterparty cap, reserve-pool separation by stablecoin brand, and fair-value approach all reflect prudential caution, but they also create operational and funding frictions.

Open Definitions and Interpretive Gaps

A fourth is the unresolved definition work around holders, redemptions, smart contracts, ledger types, and tokenised deposit structures. The FDIC is asking many foundational questions in the proposal, including how to define “holder” (beneficial owner vs key controller), what constitutes redemption, and how to classify different ledger types.

That signals the statute left material interpretive gaps, and the final rules could still move meaningfully on some of the most basic architecture questions.

Final Take

This NPRM is the operational heart of GENIUS for FDIC-regulated entities. It converts the Act from a statutory permission structure into a prudential control framework.

The rule’s center of gravity is not “innovation enablement” in the abstract. It is controlled permissioning: allowing stablecoin issuance inside the banking perimeter only if it looks highly liquid, tightly bounded, legally ring-fenced, operationally monitored, and clearly distinguishable from insured deposits.