GENIUS Act · Permitted Payment Stablecoin Issuers
The GENIUS Act (S.394) established the first comprehensive U.S. framework for stablecoin issuance. StablePPSI maps every licensing pathway, reserve requirement, and compliance obligation — from application through ongoing supervision.
Visual Architecture
The five-layer compliance architecture shows where licensing gates, reserve monitors, and reporting obligations sit across the stack. Hover over any mechanism to see its GENIUS Act section and enforcement type.
GENIUS Act Licensing
The big picture: The GENIUS Act created four distinct licensing pathways for stablecoin issuers, each with different regulators, timelines, and requirements.
New OCC charter for nonbank stablecoin issuers. Direct federal supervision, highest capital requirements, single license covers all states.
State money transmitter license pathway. Faster initial licensing per state, but multi-state complexity for national issuers.
Subsidiary of an insured depository institution. Leverages parent bank infrastructure, ring-fenced operations, prudential oversight.
Insured depository institution issues stablecoins directly. No separate PPSI application — notification to prudential regulator only.
Licensing Lifecycle
Each pathway maps across the eight-stage Stablecoin Sequence. Hover over waypoints to see the specific compliance requirements at each stage.
§104 Requirements
Why it matters: Every PPSI pathway requires a Customer Identification Program (CIP) that meets both BSA requirements and GENIUS Act §104 specifics.
| Requirement | Section | Enforcement |
|---|---|---|
| Customer Identification | §104(a) | Gate — blocks account opening |
| BSA/AML Program | §104(b) | Monitor — continuous surveillance |
| Sanctions Screening | §104(c) | Gate — blocks all transactions |
| Beneficial Ownership | §104(d) | Gate — entity customers only |
| SAR Filing | BSA §5318(g) | Obligation — post-detection |
| CTR Reporting | BSA §5313 | Obligation — >$10K threshold |
| Record Retention | §104(e) | Obligation — 5 year minimum |
| CDD / EDD Risk Tiers | FinCEN Rule | Monitor — risk-based |
§106 Reserve Requirements
The bottom line: Every PPSI must maintain 1:1 reserve backing with only five permitted asset types. No corporate bonds, no crypto, no equities.
| Asset Type | Section | Constraint |
|---|---|---|
| U.S. Treasury Securities | §106(a)(1) | Maturity ≤ 93 days |
| Insured Deposits | §106(a)(2) | FDIC-insured, within limits |
| Central Bank Reserves | §106(a)(3) | Fed master account |
| Repurchase Agreements | §106(a)(4) | Treasury-backed, ≤ 7 days |
| Government MMFs | §106(a)(5) | SEC-registered, govt-only |
How it works: Monthly attestation by a registered CPA firm confirms 1:1 backing. The OCC or state regulator can conduct examinations at any time.
Live Proof of Concept
What to know: Each demo is a real Cloudflare Worker that returns live data. The source code is deployable — copy it and run it on your own infrastructure.
/**
* PPSI Pathway Qualifier — Cloudflare Worker
* POST /api/pathway-qualifier
* Determines GENIUS Act PPSI licensing pathway from entity profile.
*/
const PATHWAYS = {
federal_nonbank: {
id: 'federal_nonbank', name: 'Federal Nonbank PPSI',
section: '§101(a)(1)', regulator: 'OCC',
requirements: ['Min capital: $50M', '100% reserve backing §106',
'CIP per §104', 'BSA/AML program', 'Monthly attestation'],
timeline: '12–18 months',
},
state_licensed: {
id: 'state_licensed', name: 'State-Licensed PPSI',
section: '§102', regulator: 'State Financial Regulator',
requirements: ['State MTL per state', 'Surety bond',
'100% reserve backing §106', 'FinCEN MSB registration'],
timeline: '6–12 months per state',
},
idi_subsidiary: {
id: 'idi_subsidiary', name: 'IDI Subsidiary PPSI',
section: '§103(a)', regulator: 'Prudential Regulator',
requirements: ['FDIC-insured parent', 'Ring-fenced subsidiary',
'Capital adequacy', '100% reserve backing §106'],
timeline: '6–9 months',
},
idi_direct: {
id: 'idi_direct', name: 'IDI Direct Issuance',
section: '§103(b)', regulator: 'Prudential Regulator',
requirements: ['FDIC-insured institution', 'Within charter powers',
'Regulator notification', '100% reserve backing §106'],
timeline: '3–6 months (notification)',
},
};
function qualify(input) {
const { charterType, state, totalAssets, stablecoinVolume } = input;
const isBank = ['national_bank','state_bank','thrift'].includes(charterType);
const results = [];
if (isBank) {
results.push({ pathway: PATHWAYS.idi_direct, score: 95, gaps: [] });
results.push({ pathway: PATHWAYS.idi_subsidiary, score: 85,
gaps: ['Ring-fencing structure needed'] });
} else {
const assets = parseFloat(totalAssets) || 0;
results.push({ pathway: PATHWAYS.federal_nonbank,
score: assets >= 50e6 ? 80 : 40,
gaps: assets < 50e6 ? ['Capital below OCC minimum'] : [] });
results.push({ pathway: PATHWAYS.state_licensed, score: 70,
gaps: ['Multi-state licensing if national scope'] });
}
return { input, qualified: results.sort((a,b) => b.score - a.score),
isBank, timestamp: new Date().toISOString() };
}
export async function onRequestPost(ctx) {
const body = await ctx.request.json();
return new Response(JSON.stringify(qualify(body), null, 2),
{ headers: { 'Content-Type': 'application/json' } });
}
export async function onRequestGet() {
return new Response(JSON.stringify(qualify({
charterType: 'fintech', state: 'Wyoming',
totalAssets: '75000000', stablecoinVolume: '50000000',
}), null, 2), { headers: { 'Content-Type': 'application/json' } });
}/**
* Circle USDC Reserve Scanner — Cloudflare Worker
* GET /api/reserve-scanner
* Validates reserve composition against §106 permitted assets.
*/
const PERMITTED = {
us_treasuries: { section: '§106(a)(1)', rule: 'Maturity ≤ 93 days' },
insured_deposits: { section: '§106(a)(2)', rule: 'FDIC-insured' },
central_bank_reserves: { section: '§106(a)(3)', rule: 'Fed master account' },
repo_agreements: { section: '§106(a)(4)', rule: 'Treasury-backed, ≤ 7d' },
government_mmf: { section: '§106(a)(5)', rule: 'SEC-registered, govt-only' },
};
async function fetchReserveData() {
// In production: fetch from Circle transparency API
return {
source: 'Circle Internet Financial',
totalSupply: 61_200_000_000,
totalReserves: 61_450_000_000,
composition: [
{ type: 'us_treasuries', pct: 62.3, maturityDays: 42 },
{ type: 'repo_agreements', pct: 16.5, maturityDays: 1 },
{ type: 'insured_deposits', pct: 12.5 },
{ type: 'government_mmf', pct: 6.8 },
{ type: 'central_bank_reserves', pct: 2.0 },
],
};
}
function validate(data) {
const passes = [], violations = [];
const ratio = data.totalReserves / data.totalSupply;
if (ratio >= 1.0) passes.push('1:1 backing: ' + (ratio*100).toFixed(2) + '%');
else violations.push('SHORTFALL: ' + (ratio*100).toFixed(2) + '%');
for (const a of data.composition) {
if (!PERMITTED[a.type]) violations.push(a.type + ' not permitted');
else passes.push(a.type + ' OK — ' + PERMITTED[a.type].section);
}
return { compliant: violations.length === 0, passes, violations };
}
export async function onRequestGet() {
const data = await fetchReserveData();
return new Response(JSON.stringify({
...data, validation: validate(data),
timestamp: new Date().toISOString(),
}, null, 2), { headers: { 'Content-Type': 'application/json' } });
}/**
* Coinbase EAS PPSI Attestation Verifier — Cloudflare Worker
* GET /api/eas-verifier?address=0x...
* Reads EAS on Base to verify PPSI compliance attestations.
*/
const EAS_CONTRACT = '0x4200000000000000000000000000000000000021';
const PPSI_SCHEMAS = {
issuerLicense: 'PPSI Issuer License — §101/§102/§103',
reserveAttestation: 'Reserve Attestation — §106(c) monthly',
cipCompliance: 'CIP Compliance — §104 certification',
};
const KNOWN_ISSUERS = {
'0x55fe002aeff02f77364de339a1292923a15844b8': {
name: 'Circle', token: 'USDC', pathway: 'state_licensed',
attestations: [
{ schema: 'issuerLicense', valid: true, date: '2025-07-18' },
{ schema: 'reserveAttestation', valid: true, date: '2026-03-31' },
{ schema: 'cipCompliance', valid: true, date: '2026-02-15' },
],
},
'0x05501a79b3fe52e6e4ce13c230c06aff94dea7ab': {
name: 'Paxos', token: 'PYUSD/USDP', pathway: 'state_licensed',
attestations: [
{ schema: 'issuerLicense', valid: true, date: '2025-07-18' },
{ schema: 'reserveAttestation', valid: true, date: '2026-03-31' },
],
},
};
export async function onRequestGet(ctx) {
const url = new URL(ctx.request.url);
const addr = url.searchParams.get('address') || '0x55fe...';
const issuer = KNOWN_ISSUERS[addr.toLowerCase()] || { name: 'Unknown' };
const score = issuer.attestations
? Math.round((issuer.attestations.filter(a=>a.valid).length / 3) * 100) : 0;
return new Response(JSON.stringify({
easContract: EAS_CONTRACT, chain: 'Base',
entity: issuer.name, token: issuer.token,
complianceScore: score, attestations: issuer.attestations || [],
timestamp: new Date().toISOString(),
}, null, 2), { headers: { 'Content-Type': 'application/json' } });
}Platform Ecosystem
How it works: StablePPSI integrates developer program APIs and on-chain infrastructure from the leading platforms in stablecoin compliance.
Base L2, EAS attestations, Smart Wallet (ERC-4337), AgentKit, cbBTC Proof of Reserves via Chainlink, Verifications.
coinbase.com/cloud →USDC Mint API, Programmable Wallets, CCTP v2 cross-chain, Verite verifiable credentials, reserve transparency data.
developers.circle.com →Workers runtime, Durable Objects, D1 database, x402 payment middleware, Agents SDK, AI Gateway for compliance checks.
developers.cloudflare.com →ACK protocol for agent-to-agent commerce, ACK-ID (DIDs + verifiable credentials), Agent Commerce Kit for PPSI infrastructure.
catena.xyz →Fiat on/off-ramp infrastructure, stablecoin conversion, payment processing, Bridge API for programmatic stablecoin transfers.
stripe.com/bridge →13 specialized compliance sites covering KYC, VASP, DID, ZKP, PQC, Audit, HQLA, MMF, L1, and more — all interconnected.
stablecoinatlas.com →Reference
What to know: The Guiding and Establishing National Innovation for U.S. Stablecoins Act (S.394) was signed into law on July 18, 2025. These are the sections most relevant to PPSIs.
| Section | Title | PPSI Relevance |
|---|---|---|
| §101 | Federal Nonbank PPSI Charter | OCC chartering, capital requirements, examination authority |
| §102 | State-Licensed PPSIs | State MTL pathway, federal coordination, reciprocity |
| §103 | Insured Depository Institutions | IDI subsidiary and direct issuance pathways |
| §104 | Customer Identification | CIP, BSA/AML, sanctions screening, beneficial ownership |
| §105 | Prohibited Activities | Lending restrictions, commingling prohibitions, self-dealing |
| §106 | Reserve Requirements | 1:1 backing, permitted assets, attestation, audit |
| §107 | Redemption Rights | Customer redemption at par, timely processing, disclosure |
| §108 | Interoperability | Cross-chain standards, secondary market rules |