Related Questions
.png)
A merchant approaches with a stablecoin payment arrangement and points to their regulated processing partner as evidence that compliance is handled. For Heads of Merchant Risk, Program Managers, and Compliance leaders, the question is not whether using a licensed partner makes the arrangement acceptable. The question is whether the merchant can prove the controls apply to their specific activity, or whether "our partner is regulated" is a policy statement without documented substance.
A partner's license describes the partner's authorization. It does not describe the merchant's compliance.
For acquiring institutions evaluating these arrangements, the verification requirement belongs at the level of merchant underwriting: reviewing the contractual structure, the settlement path, the sanctions program, and the monitoring coverage that applies to this specific merchant's activity, not to the partner's program in general.
Regulatory perimeters around stablecoins are closing.
The EU's MiCA (Markets in Crypto-Assets Regulation) established a licensing and conduct framework for crypto-asset service providers, including stablecoin issuers, with full application from late 2024. OFAC (Office of Foreign Assets Control) has confirmed that sanctions obligations extend to on-chain virtual currency transactions. FinCEN (Financial Crimes Enforcement Network) has confirmed that exchangers of convertible virtual currency are money transmitters subject to BSA (Bank Secrecy Act) requirements. Acquiring institutions operating in these environments carry compliance obligations that are not satisfied by the partner's license status alone.
The compliance ownership question is structurally unresolved in most arrangements.
In our experience, the majority of stablecoin merchant arrangements that reach underwriting have no written document clearly allocating who is responsible for sanctions screening, dispute resolution, consumer disclosures, and regulatory reporting. The arrangement exists. The compliance ownership does not.
On-chain transactions have no network-level reversal mechanism.
Unlike card payments, confirmed on-chain stablecoin transactions are irreversible. This changes the dispute resolution structure, the consumer protection obligations, and the refund mechanics in ways that require explicit documentation rather than assumptions borrowed from card-based program standards.
The burden of proof sits with the acquiring institution.
Regulators and card schemes do not treat a partner's license as a transfer of the acquiring institution's obligations. Where a compliance gap is identified after the fact, the acquiring institution is accountable for what it verified, documented, and monitored at the time of onboarding and throughout the relationship.
Access the full verification framework
The complete guide covers a five-part verification framework for acquirers evaluating merchants with stablecoin payment arrangements.
1. Merchant of Record Determines Liability Allocation
Who appears as the merchant of record governs chargeback liability, scheme rule applicability, and consumer protection obligations. In stablecoin arrangements, the processing partner sometimes appears as the merchant of record rather than the underwritten merchant entity. Without a written contract establishing this explicitly, liability allocation is undefined.
Where the structure involves sub-merchant registration under the partner's facilitation program, partner oversight tooling becomes relevant: the acquiring institution needs visibility into the partner's merchant portfolio, not just the partner's own compliance status.
Key insight: Verbal representations about who "handles" merchant of record status are not sufficient. The acquiring institution should be able to produce the contractual clause before approval, not after an incident.
2. Settlement Path Documentation Determines Audit Integrity
Stablecoin settlements can involve multiple wallets, custodians, and conversion steps before fiat reaches the merchant. Each step that is not documented is a gap in sanctions screening coverage and a break in the fund accountability chain required for a defensible compliance record.
Key insight: We have seen arrangements where the settlement path described at onboarding was accurate but incomplete. Intermediate custodians were not disclosed, and the sanctions screening gap was only identified during a subsequent review. Settlement mapping should be verified against transactional evidence, not accepted on the merchant's representation alone.
3. Sanctions Controls Must Cover the On-Chain Leg
OFAC's guidance on virtual currency is explicit: sanctions compliance obligations apply to on-chain activity, including wallet address screening. Where a stablecoin partner conducts sanctions screening only at the fiat settlement stage, on-chain activity occurring before conversion is unscreened. That is a structural gap, not a compensating control.
Key insight: The three questions that define adequacy are whether wallet screening is conducted in real time (not batch), whether entity-level screening supplements wallet screening, and whether there is a named escalation owner for sanctions alerts with a documented response timeline.
4. Reversal and Refund Mechanics Must Be Operationally Documented
Because on-chain transactions are irreversible, the refund mechanism for stablecoin payments must be explicitly designed: on-chain reissuance, fiat reimbursement, or account credit. Each structure has different operational requirements and different implications for consumer protection compliance. Policies that reference the card chargeback process for stablecoin disputes do not reflect how those instruments work.
Key insight: The disclosure question is as important as the mechanism itself. If the customer is not informed of the applicable dispute process before payment, the acquiring institution's consumer protection exposure exists regardless of whether the merchant has an internal refund policy.
5. Transaction Monitoring Must Include On-Chain Activity
Monitoring configured exclusively for the fiat settlement leg will not capture wallet address risk, transaction clustering, layering signals, or jurisdiction exposure that occur on-chain before conversion. This is the most common monitoring configuration gap we identify in stablecoin merchant programs. The fiat leg appearing clean does not indicate the on-chain leg is clean.
Merchant monitoring that covers behavioral and channel risk signals, adverse media, and configurable policy logic provides a framework for extending oversight beyond fiat settlement data. Where a program does not have on-chain monitoring coverage, this gap should be documented with compensating controls identified, not treated as acceptable by default.
Key insight: Programs that have not addressed this gap have accepted on-chain risk without the visibility to manage it. The fiat settlement appearing normal is not evidence that the on-chain activity is clean.
Access the full verification framework
The complete guide provides a detailed benchmark for evaluating stablecoin arrangements. The minimum acceptable profile includes:
This profile defines an arrangement where the compliance structure is documented, testable, and defensible. Arrangements that cannot produce this documentation at review carry compliance risk that cannot be offset by the partner's license status.
Access the full verification framework
The guide identifies the highest-frequency gaps in how stablecoin merchant arrangements are currently underwritten.
Treating the partner's license as the merchant's compliance. A licensed VASP or regulated crypto processor is authorized to operate. That is not the same as saying this merchant's activity is compliant under your program requirements. These are different questions and they require separate evidence.
Incomplete settlement mapping at onboarding. Merchants describe the settlement path they know or choose to disclose. Intermediate wallets and custodians are frequently omitted, not because they are concealed, but because they were not asked for specifically. The acquiring institution's underwriting request needs to be explicit.
Monitoring configured for fiat only. This is a structural blind spot. Risk that occurs on-chain before conversion does not appear in fiat-side monitoring. Programs that have not addressed this gap have accepted on-chain risk without the visibility to manage it.
No documented escalation path for compliance issues. Merchants and partners may each have a sanctions policy. If no one has documented what happens when a sanctions alert fires on this merchant's account, including who contacts whom and in what timeframe, the compliance program does not function under the conditions that test it.
Consumer recourse not disclosed pre-payment. In many arrangements we review, the stablecoin dispute and refund process is either undocumented, inconsistent with the general terms of service, or disclosed only after the payment is made. This creates consumer protection exposure in jurisdictions where regulatory oversight is extending to digital payment instruments.
The verification framework in the full guide enables risk teams to:
The guide includes verification checklists for each dimension, a settlement mapping template, a sanctions controls assessment table, a compliant-profile benchmark, and documentation requirements for each stage of the review.
Ballerine builds AI-powered merchant underwriting and ongoing monitoring infrastructure for acquirers, PSPs (Payment Service Providers), PayFacs, marketplaces, BIN sponsors, and banks. Our platform supports compliance and risk teams in documenting merchant oversight, evaluating complex payment structures including stablecoin and crypto-adjacent arrangements, and producing defensible evidence for scheme inquiries and regulatory review. Ballerine is a Mastercard MMSP (Mastercard Merchant Monitoring Service Provider) certified partner.
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.png)
