Are stablecoins safe for business payments? A risk assessment for banks and MSBs
Are stablecoins safe for business payments? A clear-eyed risk assessment for banks and MSBs: reserve, depeg, custody, AML and operational risk explained.
- Regulated, fully-reserved fiat-backed stablecoins used through compliant infrastructure are a manageable risk for business payments — but “stablecoin” is not one asset class, and the differences between instruments matter more than the label.
- The main risk categories are reserve and depeg risk, custody and key-management risk, operational and smart-contract risk, AML and sanctions risk, and regulatory risk — each of which can be assessed and mitigated with familiar tools.
- The GENIUS Act, signed in July 2025, established a US federal framework requiring permitted payment stablecoin issuers to hold one-to-one reserves in high-quality liquid assets with regular disclosures, materially strengthening the instrument banks and MSBs can rely on.
- History’s failures — algorithmic designs and unbacked issuers — were failures of specific structures, not of the fiat-backed, regulated model that institutional payments use.
- Safety in practice is mostly about process: regulated issuers, qualified custody, screened counterparties, and settlement infrastructure that enforces compliance on every transaction.
Yes — for banks and MSBs, regulated fiat-backed stablecoins are safe enough for business payments when they are fully reserved, issued under supervision, and moved through infrastructure that enforces AML compliance on every transaction. The caveats carry the weight in that sentence: “stablecoin” covers everything from federally supervised, one-to-one reserved payment instruments to algorithmic designs that have failed completely. A serious risk assessment starts by separating the instrument, the custody model and the settlement rail, and evaluating each on its own terms.
What are the real risks of stablecoins?
A payments risk committee assessing stablecoins should work through five categories. None of them is novel in kind — each has a close analogue in correspondent banking, e-money or securities operations — but each takes a specific form on-chain.
- Reserve and depeg risk: the risk that the issuer does not hold sufficient high-quality assets to redeem every token at par, or that the market price temporarily deviates from one dollar.
- Custody and key-management risk: the risk of losing control of the cryptographic keys that control funds, whether through error, insider action or external compromise.
- Operational and smart-contract risk: the risk of failures in the underlying blockchain, in token contracts, or in the institution’s own integration.
- AML and sanctions risk: the risk of processing payments for sanctioned parties or facilitating illicit finance, with the regulatory consequences that follow.
- Regulatory risk: the risk that the rules governing stablecoin activity change in ways that strand an institution’s chosen instruments or partners.
How likely is a stablecoin to lose its peg?
Depeg risk is the question executives ask first, and history gives a usefully differentiated answer. The catastrophic failures have been structural: TerraUSD, an algorithmic stablecoin backed not by dollars but by a mechanism tied to a volatile sister token, collapsed in May 2022 and erased tens of billions of dollars of value. That failure tells you about algorithmic designs, not about fiat-backed instruments — no supervised, fully-reserved payment stablecoin has failed in that way.
Fiat-backed stablecoins have wobbled rather than collapsed. In March 2023, USDC traded meaningfully below one dollar for a weekend after its issuer disclosed exposure to the failed Silicon Valley Bank; the peg was restored within days once US authorities guaranteed the bank’s deposits and redemptions resumed. The episode is instructive in both directions: even a well-run, transparently reserved stablecoin carries some exposure to the traditional banking system that holds its reserves — and a credible reserve model plus redemption at par is exactly what pulls a price back to a dollar. For a payments use case, where an institution holds the stablecoin for minutes or hours rather than as a long-term store of value, transient price deviation is a materially smaller risk than it is for an investor.
What does the GENIUS Act change about stablecoin safety?
The regulatory picture changed decisively in July 2025, when the United States enacted the GENIUS Act — the first federal framework for payment stablecoins. The law restricts issuance to permitted payment stablecoin issuers operating under federal or qualifying state supervision, requires reserves of at least one-to-one in cash and other high-quality liquid assets such as short-term Treasuries, mandates regular public disclosure of reserve composition, prohibits paying interest to holders, and brings issuers explicitly within Bank Secrecy Act obligations. Other jurisdictions have moved in the same direction, with the EU’s MiCA regime applying to stablecoin issuers since 2024. As of mid-2026, implementing rulemaking is still being completed, but the direction is settled: the payment stablecoin is becoming a supervised, disclosed, redeemable instrument — much closer to regulated e-money than to the unregulated crypto assets of the last cycle.
The question for a bank or MSB is no longer whether stablecoins can be made safe — regulation has largely answered that — but whether a given instrument, custodian and settlement rail meet the standard the institution already applies to every other payment.
How do banks and MSBs mitigate the remaining risks?
With the instrument question addressed by regulation, most residual risk is operational — and operational risk yields to process. Custody risk is managed the way institutions manage any critical credential: qualified custodians or institution-grade key management, segregation of duties, and no single point of failure. Smart-contract and network risk is managed by chain selection — settlement-oriented ledgers with long operating histories and simple, battle-tested token standards present a very different profile from experimental protocols. AML and sanctions risk is managed with the same disciplines applied to fiat: customer due diligence, transaction monitoring, sanctions screening and Travel Rule compliance — with the advantage that on-chain transparency makes flows more traceable than cash and often more traceable than layered correspondent payments.
- Use only regulated, fully-reserved fiat-backed stablecoins from supervised issuers with published reserve disclosures.
- Hold assets with qualified custody or hardened institutional key management; never rely on a single keyholder.
- Restrict settlement to screened, KYC’d counterparties, and screen every transaction against sanctions lists in real time.
- Prefer settlement infrastructure that enforces compliance — KYC, KYB, KYT, Travel Rule — at the protocol of the payment itself, not as an afterthought.
- Keep exposure windows short: convert to and from fiat around settlement rather than warehousing balance-sheet risk.
Regulatory risk, the final category, has inverted over the past two years. The historical worry was that regulators might prohibit or constrain stablecoin activity without warning; the current picture is the opposite — the US, the EU and other major jurisdictions have now written stablecoins into law, and the residual risk is the ordinary kind that accompanies any regulated activity: implementing rules still being finalised as of mid-2026, supervisory expectations that will sharpen over time, and divergence between jurisdictions that multi-market institutions must map. That is a compliance workload, not an existential threat — and it is one regulated institutions are structurally well placed to carry.
It is also worth stating what stablecoins remove. Correspondent chains introduce counterparty risk at every hop, settlement uncertainty measured in days, and pre-funded nostro balances that sit exposed in foreign banks. On-chain settlement with near-instant finality removes in-flight credit exposure and shrinks pre-funding — a genuine reduction in risk, not merely a transfer of it.
Safety as infrastructure: the StableNet approach
The pattern across every category above is the same: stablecoin safety for business payments is less a property of the token than of the infrastructure around it. That is the premise StableNet is built on. The platform settles payments in regulated fiat-backed stablecoins with KYC, KYB, KYT, sanctions screening and Travel Rule data enforced on every transaction, and connects to existing bank operations over SWIFT MT and ISO 20022 — so the risk assessment a compliance team runs on StableNet looks reassuringly like the one it already runs on its fiat rails.
See it on your corridors
Book a working session and we’ll map StableNet’s compliance and settlement to one of your live payment flows.