USDCrypto Regulators Advance New Stablecoin, Exchange and Wallet Rules
U.S., South Korea, France and Thailand tighten separate parts of crypto oversight
TL;DR
- U.S. authorities proposed new stablecoin anti-money-laundering and sanctions rules and named David Woodcock SEC enforcement director.
- South Korea tightened exchange controls after the Bithumb payout error and moved to restrict withdrawal-delay exemptions used in fraud cases.
- France advanced self-hosted wallet reporting, while Thailand moved to widen approval rules around financiers behind major crypto shareholders.
We’ve launched the all-new COIN360 Perp DEX, built for traders who move fast!
Trade 130+ assets with up to 100× leverage, enjoy instant order placement and low-slippage swaps, and earn USDC passive yield while climbing the leaderboard. Your trades deserve more than speed — they deserve mastery.
U.S., South Korean, French and Thai authorities advanced separate crypto oversight measures between April 6 and April 8, 2026, expanding scrutiny over stablecoin compliance, SEC enforcement leadership, exchange controls, fraud off-ramps, self-hosted wallet reporting and the funding structures behind major shareholders in crypto businesses. The measures came through different legal and regulatory channels, but each pushed more crypto activity into formal supervisory, reporting or approval frameworks.
The U.S. Treasury moved on April 8, 2026, with a joint proposal from FinCEN and OFAC under the GENIUS Act focused on permitted payment stablecoin issuers. The proposal would require anti-money-laundering and counter-terrorist-financing programs, sanctions compliance systems, risk identification and mitigation measures, and internal controls supported by auditing and testing. Treasury Secretary Scott Bessent said, “President Trump is strengthening American leadership in digital financial technology,” and added, “This proposal will protect the U.S. financial system from national security threats without hindering American companies’ ability to forge ahead in the payment stablecoin ecosystem.” FinCEN said it would not take major action unless there is a “significant or systemic failure.”
The proposed U.S. framework applies to issuers that are subsidiaries of insured depository institutions or entities authorized by a federal or state regulator to issue stablecoins. FinCEN also said the rule would establish a notice-and-consultation framework with primary federal payment stablecoin regulators for significant AML and counter-terrorist-financing supervisory actions. The proposal sits inside a broader compliance runway that extends to January 2027 under the GENIUS Act, which already requires stablecoins to be fully backed by U.S. dollars or similarly liquid assets and calls for annual audits for certain issuers. Comments on the FinCEN-OFAC proposal are due within 60 days.
Other U.S. agencies were also moving around the same policy perimeter. The FDIC proposed reserve-related requirements on April 7 and said stablecoins would not be “subject to federal deposit insurance.” The Office of the Comptroller of the Currency had already moved the previous month to assert jurisdiction over certain issuers, including subsidiaries of national banks or federal savings associations. Those steps, taken together, placed stablecoins more firmly inside a federal regulatory structure rather than leaving them as a loosely defined crypto product category.
A separate U.S. development came the same day when the SEC named David Woodcock as director of the Division of Enforcement. SEC Chair Paul Atkins said, “I am incredibly pleased to have David rejoin the SEC at this critical time, as we continue to focus on the types of misconduct that inflict the greatest harm to investors.” The agency said Woodcock led the SEC’s Fort Worth office from 2011 to 2015 and “oversaw investigations in nearly every major area of the SEC’s enforcement program.” Since February 2023, he has been a partner at Gibson, Dunn & Crutcher. His résumé also includes work as assistant general counsel at ExxonMobil, securities-litigation work at Jones Day and more than a decade as an adjunct professor at Texas A&M University.
Woodcock’s background was not presented as crypto-focused, but it did include prior contact with the sector from an enforcement perspective. At Jones Day in 2017, he co-authored commentary on the SEC’s first ICO-related enforcement action. At Gibson Dunn, he later helped write 2025 commentary describing SEC enforcement under Atkins as a “sea change.” The appointment came after Margaret Ryan’s departure from the role. Reuters reported Ryan had wanted to pursue fraud matters involving people in President Donald Trump’s inner circle more aggressively, while Atkins and other top Republicans at the agency opposed that direction, with tensions reportedly sharpening around the Justin Sun matter.
The SEC reportedly moved to drop several cases involving Coinbase and Kraken and in May dismissed its case against Binance. In March, it dropped charges against Justin Sun, the Tron Foundation and Rainberry, though Rainberry still had to pay a $10 million civil penalty. Sun has been an outspoken Trump supporter and has made significant investments in crypto ventures linked to the Trump family, including World Liberty Financial and the $TRUMP memecoin, while World Liberty Financial has invested millions of dollars in Tron and other digital assets. Democratic Sen. Richard Blumenthal called the situation a “pay-to-play enforcement regime.” The SEC released its 2025 enforcement report on April 7 and said prior Biden-era enforcement reflected a “misinterpretation of the federal securities laws.”
South Korea tightens exchange controls after Bithumb error
South Korea’s Financial Services Commission moved on April 6 after Bithumb’s February payout error, ordering major exchanges to reconcile internal ledgers against actual crypto holdings every five minutes and fully build the systems by the end of May. Before the incident, three of the five largest exchanges reportedly reconciled balances only once every 24 hours. Under the new regime, exchanges must halt trading automatically if major mismatches appear. Outside accounting firms must also shift from quarterly audits to monthly audits and report holdings by wallet.
The Bithumb incident itself was described as a massive input error. According to the file, an employee entered 620,000 BTC as a reward for 249 users instead of 620,000 won, causing the exchange to distribute Bitcoin worth about $40 billion, or about 13 times more Bitcoin than Bithumb actually held. The FSC said inspections found “deficiencies in Bithumb’s internal control system” and said it was completing a legal review to determine sanctions tied to the February accident.
Bithumb was already facing separate penalties from South Korea’s Financial Intelligence Unit. Those sanctions included a six-month partial business suspension running from March 27 to September 26 and a 36.8 billion won ($24.6 million) fine after authorities found 45,772 transactions with unregistered overseas exchanges and failures in customer identification verification. The FSC’s latest measures went beyond Bithumb and applied across the country’s largest exchanges, including Upbit, Bithumb, Coinone, Korbit and Gopax, after a meeting that also included DAXA.
The South Korean controls also tightened manual approval and governance procedures inside exchanges. High-risk transaction accounts must now be segregated, every manual payout requires a third-party cross-check and larger payouts may need multi-level approval. Exchanges must appoint a Risk Management Officer, establish a Risk Management Committee and submit to inspections every six months instead of annually, with the results reported to the government. The FSC and DAXA were also working to finalize separate licensing changes by the end of April that would require virtual asset service providers to monitor all transfers, rather than only those above the previous 1 million won Travel Rule threshold, keep debt ratios below 200% and avoid default for three years.
South Korea took a second step on April 8 by tightening the country’s virtual-asset withdrawal delay system after finding that criminals had exploited inconsistent exchange exception rules to move stolen funds out before banks or police could intervene. Under the earlier framework, new users’ funds were held for 24 to 72 hours, but some exchanges allowed exceptions based on minimal transaction history. Between June and September 2025, 59% of fraudulent activity, or 1,490 of 2,526 cases, occurred in accounts that had been exempted from withdrawal delays. Those exempted accounts were linked to 170.5 billion won, or 75.5% of the total 225.7 billion won lost, and in some cases the laundering route took less than an hour.
The tightened South Korean system sharply narrows who can receive immediate withdrawals. Exchanges must now use stricter evaluations based on transaction frequency, transaction period and deposit and withdrawal amounts. Simulations cited in the file showed the number of customers qualifying for exceptions should fall to “significantly reduced to less than 1% of existing customers.” Even those exception accounts must now undergo enhanced KYC at least once a year, including source-of-funds checks. The FSC said it would “minimize consumer inconvenience” in legitimate urgent cases and would “regularly reconsider the adequacy of the standards to prevent new bypass methods from occurring.”
France and Thailand widen wallet and ownership scrutiny
France advanced a tax-focused crypto measure on April 8 when a bill passed first reading in the National Assembly requiring taxpayers to declare every self-hosted wallet holding more than €5,000, or about $5,900. The measure forms part of a wider law on the fight against social and tax fraud and is aimed at digital financial flows that authorities want to make less opaque than traditional fiat transfers. The French government is seeking to reach wealth that had previously escaped detection after a strong 2025 for the tax authority, when reported amounts rose by €249 million and collections exceeded €17 billion in taxes and penalties. The same file said results from tax credit refund audits rose 148%.
The French measure still requires Senate review and approval by a joint committee, possibly in May, before final adoption. Enforcement would also depend on bylaws defining monitoring and audit procedures, making implementation more likely toward the end of 2026 or early 2027. According to the country’s watchdog, digital currency wallets would be included in France’s annual tax audit and carried a blunt warning: “Taxpayers will have to anticipate increased transparency regarding their digital assets, under threat of sanctions comparable to those for undeclared work or unreported foreign bank accounts.” It also said crypto could be integrated into the finance ministry’s surveillance mechanisms after AI-powered audits proved effective the previous year.
Thailand’s April 8 proposal targeted a different part of the crypto business chain by expanding shareholder-approval rules to include not only major shareholders, but also the people financing or backing those shareholders directly or indirectly. The Thai SEC said the goal was to ensure crypto operators are funded from legitimate sources rather than money tied to unlawful activity that could create legal, reputational and credibility risks. The proposal said, “The provision of significant funding shall include guarantors, contractual arrangements, or investments in any instruments that result in the financial supporter having the status of, or acting in substance as, a funding provider to such major shareholders.”
Thailand’s draft would apply both to direct share acquisitions in crypto business operators and to share acquisitions in legal entities that hold shares in those operators. The main carveout covers government-related entities such as ministries, departments and public organizations. On that point, the Thai SEC said, “These entities are already subject to government supervision and oversight.” Public consultation runs through April 22, 2026.
The proposal also sits inside a broader anti-money-laundering drive in Thailand that included a “gray money” campaign launched in January and freezes on 10,000 accounts by local crypto platforms working with the Thai SEC and the Thai Digital Asset Operators Trade Association.
FAQ
What did the U.S. Treasury propose?
New stablecoin AML, counter-terrorist-financing and sanctions compliance rules.
Why did South Korea tighten exchange rules?
The Bithumb payout error and abuse of withdrawal-delay exceptions exposed control failures.
What would France require from self-hosted wallet holders?
Reporting if holdings exceed €5,000.
What is Thailand trying to capture with its proposal?
Financiers behind major crypto shareholders, including indirect backers.
This article has been refined and enhanced by ChatGPT.
