This is not a passive treasury function; it is an active liquidity-risk operation that mirrors the demands placed on money market funds and large-scale payment processors. It requires continuous attention, disciplined controls, and resilient infrastructure.
Technology and operational infrastructure
Stablecoin issuance is, at its core, a technology-driven business operating within the framework of a regulated financial institution. To function as a credible issuer, a bank must build and maintain tokenization infrastructure capable of minting, burning, and tracking stablecoins across public or permissioned blockchains. That infrastructure must be tightly integrated with real-time ledgering and reconciliation systems so that on-chain activity aligns seamlessly with the bank’s core systems of record. The technology stack must also meet high standards for cybersecurity and operational resilience, with redundancy, incident response capabilities, and continuous monitoring designed to support uninterrupted, high-volume activity. Equally important is the development of scalable APIs and settlement rails that enable merchant acceptance, wallet connectivity, and institutional transaction flows.
Regulators will expect a bank to demonstrate that this end-to-end technology environment can support continuous issuance and redemption without outages, data integrity failures, or operational bottlenecks.14 In effect, the institution must show that it can operate a real-time, always-on payments infrastructure with the reliability and precision of a systemically important financial utility.
Compliance, risk, and supervisory expectations
The comprehensive compliance regime under which PPSIs will operate reflects the Act’s expectation that stablecoin issuance function with the rigor of a critical payments utility. This includes full Bank Secrecy Act (BSA) and sanctions compliance, supported by blockchain analytics-enabled transaction monitoring capable of identifying illicit activity across on-chain and off-chain flows.15 Consumer protection obligations must be met. These include the provision of clear redemption rights and transparent disclosures that ensure users understand how the stablecoin operates, and how reserves are managed.16 The regulatory framework further imposes strict activity limitations, prohibiting lending, rehypothecation, or any speculative use of reserves to preserve the integrity and liquidity of the backing assets.17 In addition, PPSIs are required to provide ongoing reporting such as reserve attestations, operational metrics, and incident notifications to give supervisors continuous visibility into the issuer’s risk profile and operational performance.18
Taken together, these expectations create a materially higher compliance burden than traditional payments products. Regulators will expect any bank pursuing this model to demonstrate that it can manage the risks of a 24/7, globally accessible instrument with the same discipline, transparency, and operational maturity demanded of systemically important financial infrastructure.
Capital, risk appetite, and strategic commitment
Issuing a stablecoin is not a side project; it is a capital-intensive, multiyear strategic commitment. A PPSI must dedicate sufficient financial resources to absorb operational, legal, and reputational risks, supported by a clearly defined risk appetite that accounts for liquidity shocks, cyber events, and periods of market-wide stress.19 The undertaking also requires a long investment horizon, as institutions must build and refine infrastructure, establish partnerships, and scale distribution channels before meaningful network effects emerge. Just as important is a coherent commercial strategy that articulates how the bank intends to monetize issuance, settlement, liquidity services, and broader participation in the stablecoin ecosystem.
Only institutions with strong operational capabilities, a durable balance sheet, and a compelling strategic rationale are likely to pursue this path, and regulators will expect banks to demonstrate that they can sustain the demands of a 24/7, high-velocity payments instrument over time.
Strategic option #2: Providing digital asset custody or operational services to issuers
Banks can indeed leverage their strengths in safekeeping, liquidity management, and disciplined risk controls to support stablecoin issuers without assuming the full obligations of a PPSI. But stepping into the role of a digital asset custodian introduces a different set of strategic challenges, most of them rooted in the information security demands of safeguarding cryptographic assets. Unlike traditional custody, where control is anchored in legal documentation and physical or electronic recordkeeping, digital asset custody hinges on the protection of private keys. This shifts the risk profile dramatically; a single compromise can result in irreversible loss, immediate customer harm, and significant reputational damage.
To operate credibly in this space, a bank must build an information security architecture that can withstand persistent, well-resourced cyber threats.20 That includes hardened key management systems, secure enclave technologies, multiparty computation or hardware security module-based signing workflows, and strict segregation of operational environments. Continuous monitoring, anomaly detection, and blockchain analytics-enabled surveillance become essential, not optional. The bank must also be prepared for adversaries who target not just systems, but personnel — through social engineering, credential harvesting, and insider compromise. As a result, digital asset custody requires a level of operational discipline and cyber resilience that exceeds what most institutions deploy for traditional securities or cash management.
Strategically, this means banks must reconcile their appetite for participating in the digital asset ecosystem with the reality that custody is a 24/7, high-stakes security function. It demands sustained investment in talent, technology, and incident response capabilities, along with governance structures that can demonstrate to regulators that the bank maintains exclusive control over customer assets at all times. For institutions with established custody operations or strong treasury functions, the model is attractive — but only if they are prepared to elevate their information security posture to match the threat environment. In practice, the decision to custody digital assets is less about extending existing capabilities and more about committing to operate at the security standard of a critical financial market infrastructure.
Strategic option #3: Partnering with fintech or crypto-native issuers
Partnership models mirror the early years of open banking with banks providing regulated infrastructure, while fintechs provide distribution, user experience, and product innovation. This approach allows banks to participate in the stablecoin market without building end-to-end capabilities. It also positions banks as trusted intermediaries in a market where regulatory compliance and consumer protection are increasingly important.
The strategic advantages of the partnership approach start with an accelerated market without the burden of full buildout. Banks can participate in the stablecoin ecosystem immediately by leveraging fintech partners for token issuance, wallet UX, and distribution. This avoids multiyear investments in tokenization infrastructure, blockchain engineering, and specialized operational controls that Act-compliant issuers must maintain. Banks bring depth of experience in prudential oversight, consumer protection, and operational integrity as the regulated backbone overseeing Know Your Customer (KYC)/AML, reserve management, liquidity controls, and supervisory reporting, all indispensable to fintech partners and end-users.
Fintechs can iterate on user experience, programmability, and new use cases at a pace banks typically cannot match. The partnership model allows banks to benefit from this innovation while maintaining a controlled risk perimeter aligned with their supervisory expectations. Banks can view these partnerships as proving ground. If stablecoin volumes scale or regulatory clarity increases, banks can selectively insource capabilities in reserve management, token issuance, or onchain settlement without having overcommitted capital prematurely. Moreover, banks can generate fee-based revenue from custody, settlement, compliance services, and API-based infrastructure without taking on the full operational burden of becoming an Act-registered issuer.
In terms of strategic drawbacks, by placing dependence on fintech partners for executing on customer experience and growth, banks risk ceding to fintech partners the most valuable aspect of the value chain — distribution of products, services and customer engagement. Over time, this may limit brand visibility, customer ownership, and the ability to shape emerging stablecoin use cases. Even when fintechs handle front-end functions, regulators will expect banks to maintain oversight, vendor-risk governance, and compliance assurance.21 This creates asymmetric responsibility where banks bear supervisory risk for activities they do not fully control.
If many banks adopt the same model, the regulated-infrastructure layer could become commoditized. This may limit influence over product design and banks may be constrained in shaping token features, interoperability standards, or programmability attributes, all areas that will define competitive differentiation as the market matures.
There also is the potential for misalignment of risk appetite and pace of innovation. Fintechs may push aggressively into new use cases such as cross-border settlement, embedded finance, and corporate treasury automation, exceeding a bank’s risk tolerance or supervisory comfort and straining partnerships.
The partnership route offers banks a sensible, low-commitment way to establish a foothold in the Act era. The partnership model is a pragmatic, low-friction entry point for banks navigating the Act’s early regulatory landscape. It allows institutions to participate in stablecoin markets quickly, credibly, and with manageable investment. But it may not be a long-term strategy by default. Banks might view this as a transitional posture, one that preserves options while allowing time to evaluate whether to evolve into full issuers, specialized settlement providers, or orchestrators of the broader tokenized economy.
Strategic option #4: Focusing on tokenized deposits
Some institutions may decide that tokenized bank liabilities, rather than stablecoins, better align with their risk appetite and supervisory expectations. Tokenized deposits offer many of the same benefits as stablecoins (speed, programmability, interoperability) while remaining fully within the traditional banking framework. For banks that want to modernize payments without entering the stablecoin market directly, tokenized deposits may be the preferred path.
There are plenty of arguments favoring industry investment in supporting tokenized deposits versus direct involvement in stablecoins. The main argument most often waged is that tokenized deposits preserve deposit base and that stablecoins risk disintermediation. Stablecoins can reduce, restructure, or displace bank deposits depending on adoption patterns, reserve allocation, and whether issuers gain master account access. If stablecoins substitute for bank deposits, banks lose funding. Deposit outflows to stablecoins reduce credit supply through balance sheet contraction, higher funding costs, liquidity buffer requirements, and maturity transformation constraints. It is estimated that for every $100 billion net deposit drain, this reduces lending by $60 billion to $126 billion, with additional reductions from composition effects. Tokenized deposits preserve the deposit-to-loan multiplier, while PPSI adoption erodes banks’ ability to extend credit.22
Arguments aside, a balanced path is emerging in which tokenized deposits and payment stablecoins evolve as complementary, not competing, instruments. In this middle-ground model, tokenized deposits remain the primary on-chain expression of commercial bank money, supporting insured retail and commercial payments, prudentially supervised balance sheet activity, and on-chain settlement for customers who want blockchain functionality without exiting the banking system. Stablecoins, by contrast, occupy the open-loop, platform-native domain, powering global marketplaces, cross-border flows, and decentralized finance. Rather than forcing a binary choice, each instrument can meet specific market needs when optimized for its respective environment. In this model, tokenized deposits anchor the regulated financial system, while PPSIs extend programmability and reach into broader digital ecosystems.
Strategic option #5: Monitoring from the sidelines
Observing from the sidelines as a strategy may be viable in the short term, particularly for institutions assessing demand, regulatory clarity, or competitive fit. But it carries significant risks. Financial institutions that move early will shape customer expectations, build partnerships, and establish market share. Those that wait may find themselves competing on someone else’s terms.
Strategic implications by bank segment
Community banks: Niche opportunities, real constraints
Community banks face both opportunity and risk. On one hand, they can carve out roles in local market use cases, such as supporting small business payments, community-based fintech partnerships, or regional economic development initiatives. On the other hand, scale, technology investment, and supervisory expectations may limit the ability of smaller financial institutions to issue stablecoins directly.
True to the times, a realistic, viable path for community banks is often collaboration. This approach leverages third-party infrastructure while maintaining customer relationships. By partnering with fintechs, core providers, or consortiums, community banks can offer stablecoin-enabled services without building the underlying technology themselves.
Regional banks: Modernization under pressure
Regional banks sit in the most competitively pressurized position. Banks in this size category must modernize infrastructure to remain relevant in treasury services, payments, and commercial banking. They face pressure from money-center banks with scale and from fintechs with speed. Stablecoin-enabled services could become a differentiator if they move decisively.
For regional banks, the Act is less about issuing stablecoins and more about upgrading capabilities related to blockchain connectivity, real-time settlement, digital asset custody, and enhanced compliance. Institutions that invest early will be better positioned to compete for corporate clients seeking faster, programmable, and globally interoperable payment solutions.
Money-center banks: Scale and execution
Large banks have balance sheets, global networks, and operational sophistication to issue stablecoins at scale. They are also best positioned to integrate stablecoins into wholesale settlement, cross-border payments, and liquidity management. But they face the highest expectations from regulators and the market.
For money-center banks the challenge is not a question of capability; it is about speed and time to market. Delay in adopting risks allowing fintechs and crypto firms to define the market before banks fully engage. Money-center banks that move quickly can shape industry standards, influence regulatory expectations, and capture early mover advantages.
Preparing for the Act: Bank priorities for 2026
Regardless of strategic posture, banks must prepare for a new supervisory environment. Key priorities include:
Internal literacy and governance
Boards and executive managers must understand stablecoin mechanics, risks, and regulatory obligations. This understanding must translate to governance structures updated to reflect new operational and compliance responsibilities. Banks that treat digital asset literacy as a strategic competency rather than a technical niche will be better positioned to make informed decisions.
Strategic fit assessments
Banks face a determination as to whether issuance, custody, partnership, tokenized deposits, or some combination of digital products and services align with their business model, customer base, and risk appetite. Cross-functional input will be essential to assessing these business models. Making a business decision of this magnitude and complexity cannot be treated as a siloed strategic exercise. Each pathway touches multiple risk domains, operational dependencies, and regulatory expectations. To effectively navigate this decision, the process must engage:
- Strategy to evaluate market opportunity, competitive positioning, and whether stablecoin participation advances the bank down a broader digital asset roadmap.
- Risk management to assess operational, liquidity, credit, third-party, model, and reputational risks, each of which manifests differently across issuance, partnership, and tokenized deposit models.
- Compliance to interpret the Act and the implementing regulations, supervisory expectations, BSA/AML and sanctions obligations, and the heightened scrutiny applied to bank-fintech business model arrangements supporting on-chain activities.
- Technology to determine whether existing infrastructure can support on-chain settlement, wallet integrations, reserve reporting, and real-time monitoring or whether system upgrade and modernization is required.
- Treasury to evaluate reserve composition, liquidity implications, intraday settlement flows, and how stablecoin liabilities interact with the bank’s balance sheet strategy.
No single functional area has a full picture. Only a coordinated assessment can determine whether the bank’s capabilities, economics, and risk posture align with the demands of stablecoin issuance, the constraints of partnership, or the operational logic of tokenized deposits.
Technical readiness
Stablecoin-enabled services introduce a set of capabilities that extend well beyond traditional banking infrastructure. Banks must be prepared to support wallet functionality for customers and counterparties, including key management, address whitelisting, and transaction-level controls.23 Additionally, robust blockchain connectivity, with nodes, monitoring tools, and analytics that allow real time visibility into on-chain activity will factor into overall readiness. Effective reserve management systems are essential to track assets, reconcile flows, and meet the Act’s reporting requirements. In parallel, banks must implement smart contract governance frameworks to oversee contract deployment, versioning, permissions, and auditability. All of this must coexist within cybersecurity controls tailored to digital asset risks, including private key protection, multiparty computation, and enhanced monitoring for on-chain threats.
Given the breadth and specialization of these requirements, banks must make deliberate decisions about whether to build, buy, or partner for each capability, while balancing speed, control, cost, and regulatory expectations as they shape their long-term digital asset strategy.
Vendor due diligence
Banks evaluating whether to become a PPSI must treat vendor due diligence as a strategic capability, not a compliance formality. The PPSI model depends on a tightly integrated ecosystem of blockchain analytics firms, custody providers, wallet vendors, and smart contract auditors, each introducing operational dependencies that regulators will scrutinize. The strategic question is not simply whether a vendor is “adequate” but whether the bank can demonstrate credible, end-to-end control over a technology stack that operates continuously, globally, and with little tolerance for error.
Blockchain analytics partners, for example, become extensions of the bank’s financial crime program. Their methodologies, data sources, and false positive rates directly influence the bank’s ability to detect illicit activity on-chain. Custody providers raise questions about key management models, segregation of duties, and the bank’s ability to evidence exclusive control over customer assets. Wallet vendors shape the customer experience and the bank’s exposure to device-level vulnerabilities, while smart contract auditors determine whether the bank can defend the integrity of the token itself. Each relationship therefore affects not only risk but also the bank’s credibility with supervisors, counterparties, and the market.24
Strategically, banks must decide whether to build, buy, or partner for these capabilities — and how those decisions align with long-term ambitions in digital assets. Overreliance on a single vendor may accelerate time-to-market but creates concentration risk and weakens negotiating leverage. A multivendor model improves resilience but increases integration complexity and oversight demands. Banks must also consider how vendor choices signal maturity, as regulators will expect evidence that the bank selected providers based on rigorous criteria, validated controls, and established monitoring mechanisms capable of supporting a 24/7 issuance and redemption environment.
In short, vendor due diligence for PPSI candidates is not a back-office exercise. It is a strategic design decision that shapes the bank’s risk posture, regulatory defensibility, and long-term ability to operate a stablecoin program safely and at scale.
Wallet and custody capabilities
Whether built or outsourced, digital asset safekeeping becomes a core competency. Banks must evaluate custody models, insurance coverage, segregation of assets, and operational controls.
Whether developed internally or sourced through a third-party provider, digital asset safekeeping becomes a foundational competency for any bank operating as a PPSI. The bank must evaluate not only the technical custody model, but also how that model supports continuous issuance, redemption, and settlement obligations. Insurance coverage, asset segregation, and operational controls take on heightened importance because the bank must be able to demonstrate exclusive control over private keys and uninterrupted access to customer assets.25
Strategically, custody design choices shape the bank’s entire risk posture. Decisions about wallet architecture influence customer experience, fraud exposure, and the bank’s ability to enforce address-level controls. Key management workflows determine resilience against insider threats and external compromise. The bank must also assess how custody and wallet infrastructure integrate with broader governance requirements such as smart contract permissions, reserve management systems, and blockchain monitoring tools, so that the stablecoin program operates as a coherent, defensible whole.
In effect, custody is no longer a supporting function; it becomes the operational core of the PPSI model. Banks must therefore treat wallet and safekeeping capabilities as strategic infrastructure that must withstand supervisory scrutiny, adversarial threat environments, and the demands of a 24/7 digital asset ecosystem.