Following the pivotal “Crypto Week” of January 2025, the United States has transitioned from a period of regulatory uncertainty to a comprehensive, pro-innovation federal framework. SupraFin’s risk intelligence models are now calibrated to help institutions navigate the following active mandates:

1. Implementation of the GENIUS Act (2025–2026)

Signed into law on July 18, 2025, the Guiding and Establishing National Innovation for U.S. Stablecoins (GENIUS) Act established the first federal oversight for payment stablecoins.

• The 2026 Deadline: Federal and state regulators are required to finalise additional rules on issuer licensing and custody standards by July 18, 2026.
• Institutional Access: Federally approved stablecoins are now integrating with FedNow and ACH networks, enabling 24/7/365 institutional settlement.

2. SEC “Project Crypto” & Rulemaking

Under the leadership of Chair Paul Atkins and the SEC Crypto Task Force (led by Commissioner Hester Peirce), the SEC has moved away from “regulation by enforcement.”

• • Token Taxonomy: The SEC has introduced a formal taxonomy distinguishing between “tokenized securities” and “digital commodities,” significantly reducing the compliance burden for assets on mature, decentralised blockchains.
  • Innovation Exemptions: New “innovation exemptions” allow startups to enter the market under tailored disclosure frameworks rather than legacy industrial-era requirements.

3. Modernised Banking & Custody

The landscape for traditional financial institutions has been permanently altered:

• Rescission of SAB 121: Following the January 2025 rescission, banks are no longer required to list safeguarded digital assets as liabilities. This has cleared the path for major US banks to offer institutional-grade custody services throughout 2025 and 2026.
• Unified Oversight: The President’s Working Group on Digital Asset Markets has successfully harmonised the “turf war” between the SEC and CFTC, providing a single point of clarity for market structure and consumer protection.

4. Strategic Digital Asset Reserve

As directed by the 2025 Executive Order, the US Treasury has evaluated the creation of a National Digital Asset Stockpile. This initiative has solidified Bitcoin and other major digital assets as a permanent component of the US strategic financial infrastructure.

What this means for SupraFin Clients:

As the US enters the final implementation phase for the GENIUS Act and the SEC’s “Project Crypto” frameworks in 2026, institutional participation now requires rigorous, data-backed risk management. SupraFin provides the essential infrastructure to bridge the gap between digital innovation and regulatory mandate:

• Standardized Prudential Risk Scores (0-100): Our proprietary scoring system allows banks and asset managers to meet Basel III/IV and SEC disclosure requirements by providing a consistent metric for comparing risk across cryptocurrencies, RWA tokens, and hybrids.
• Audit-Ready Risk Assessment Reports: To satisfy the “Admissions and Disclosures” standards and internal compliance audits, our detailed reports provide the qualitative and quantitative “why” behind every score, ensuring your investment committee has a defensible paper trail for every asset.
• Compliant WealthTech Portfolio Construction: Our B2B platform automates the creation of lower, medium, and higher-risk portfolios. By utilizing our risk scores as the foundation, institutions can offer digital asset products that align with Regulation Best Interest (Reg BI) and federal consumer protection standards.

SupraFin transforms complex regulatory requirements into a turnkey growth engine for 21st-century wealth management.

Following the December 15, 2025 laying of the Financial Services and Markets Act 2000 (Cryptoassets) Regulations in Parliament, the UK has entered the active implementation phase of its new digital asset regime. The roadmap has shifted from high-level proposals to a definitive legal framework, with the FCA currently finalising the standards for the 2026 Authorisation Gateway.

1. Integration into “Regulated Activities” (RAO)

The UK has officially integrated qualifying cryptoassets into the existing Regulated Activities Order (RAO). Activities including custody (safeguarding), operating a trading platform, and dealing as a principal or agent are now professional financial services requiring specific FCA permissions.

• Authorization Requirements: Under the new regime, firms must prepare comprehensive applications for full FCA authorization. This process requires evidence of robust governance, high-level systems and controls, and a clear UK nexus.
• SupraFin’s Role: Our platform provides the Prudential Risk Metrics required by the CRYPTOPRU sourcebook. We help firms demonstrate the sophisticated risk management systems necessary to pass the FCA’s “Authorization Gateway.”

2. Admissions, Disclosures & Market Abuse (The DAR Regime)

Under the newly established Designated Activities Regime (DAR), any asset admitted to a UK trading platform must meet the “Necessary Information Test.”

• The Mandate: Issuers and platforms face strict liability for disclosure documents. They must provide fact-based, transparent data regarding the asset’s features, governance, and technical risks to combat market abuse.
• SupraFin’s Role: Our Risk Assessment Reports are designed to help platforms fulfil these mandatory disclosure obligations.

3. The Stablecoin “Sandbox” & Payments

In early 2026, the FCA opened its Regulatory Sandbox for stablecoin issuers. This follows the 2025 legislation that brought fiat-backed stablecoins under the same scrutiny as traditional payment systems.

• Institutional Adoption: As stablecoins become a primary tool for UK settlement, institutional users require a way to differentiate between “Qualifying Stablecoins” and higher-risk assets.

4. Consumer Duty & “Overall Risk Assessment”

The FCA Consumer Duty is the centrepiece of the new regime, requiring firms to “act to deliver good outcomes” for customers. In December 2025, the FCA confirmed that a firm’s “Overall Risk Assessment” is the primary tool for evaluating financial and operational adequacy.

• SupraFin’s Role: Our WealthTech Platform automates the alignment between an investor’s risk profile and their digital asset portfolio. By utilising our 0-100 Risk Scores, firms can provide mathematical proof of Suitability and Appropriateness, satisfying the core requirements of the Consumer Duty.

What this means for SupraFin Clients:

The era of “self-regulation” in the UK has concluded. As we move toward full implementation in 2026/2027, SupraFin offers the institutional-grade infrastructure—Standardised Ratings, Professional Risk Reports, and Compliant Portfolio Tech—required to satisfy the FCA’s new due diligence and disclosure mandates.

EU Regulatory Landscape: The MiCA Era (2025–2026)

The Markets in Crypto-Assets (MiCA) regulation is now fully operational across all 27 EU Member States. Since becoming applicable to Crypto-Asset Service Providers (CASPs) in late 2024, MiCA has established the world’s first harmonised “passporting” regime for digital assets.

1. The July 2026 Transitional Deadline

While MiCA is live, a transitional “grandfathering” period allowed existing providers to operate under national laws.

• The Deadline: In many jurisdictions (including France, Italy, and Luxembourg), this transitional period expires on July 1, 2026. Firms that have not secured a full MiCA license by this date will lose their right to operate and “passport” services across the EU.
• SupraFin’s Role: We provide the Prudential Safeguard data and Risk Management frameworks required for a successful MiCA authorisation application. Our platform helps firms prove to National Competent Authorities (NCAs) that they have the sophisticated systems required for a permanent license.

2. Mandatory White Paper & Disclosure Standards

Under Title II and III of MiCA, offerors of crypto-assets (other than BTC/ETH) and stablecoins must publish a MiCA-compliant White Paper.

• The Mandate: Issuers are legally liable for the claims in their MiCA White Papers.
• SupraFin’s Role: Our Risk Assessment Reports provide the independent due diligence needed to verify a token’s features. We help issuers and platforms ensure their white paper disclosures are “fair, clear, and not misleading,” reducing the risk of administrative penalties or delisting from EU exchanges.

3. Stablecoins: Monitoring the “Digital Wrapper” Risk

The Markets in Crypto-Assets (MiCA) regime for Asset-Referenced Tokens (ARTs) and E-Money Tokens (EMTs) is now fully enforceable. While traditional auditors verify the physical existence of reserve assets (cash and bonds), SupraFin provides the critical digital risk layer required for daily compliance.

• Managing “De-Peg” Risk: MiCA requires issuers to ensure their stablecoins are “immediately and reliably convertible into funds.” SupraFin’s risk scores monitor the on-chain liquidity and stability of the token itself—ensuring that even if the collateral is safe, the digital “wrapper” remains resilient and functional.
• Due Diligence: Under MiCA Article 36, issuers must maintain a high standard of operational resilience. Our risk assessment reports evaluate the overall risk of a stablecoin, providing the technical evidence needed for the mandatory “Overall Risk Assessment” filings.
• Qualified Stablecoin Selection: For institutional users, our platform differentiates between “Qualifying Stablecoins” (those meeting strict MiCA/EBA liquidity standards) and higher-risk alternatives, ensuring that your digital treasury stays within regulatory limits.

4. DORA Compliance (Digital Operational Resilience Act)

Starting in January 2025, all CASPs in the EU became subject to DORA. This requires firms to maintain a high standard of cybersecurity and operational risk management.

Beyond the Code: Managing Systemic Resilience DORA requires more than just a standard cybersecurity audit; it mandates an assessment of systemic digital resilience. As seen in the 2022 algorithmic stablecoin collapses, “clean code” does not prevent failure if the underlying economic design is flawed. SupraFin’s fundamental risk framework evaluates economic design, protocol dependencies, and technical integrity in a single unified score—providing the comprehensive due diligence required to satisfy DORA Article 28.

SupraFin’s suite of products provides the Digital Audit Trail necessary to prove this operational resilience to regulators:

• Continuous ICT Monitoring: Use our fundamental risk scores to satisfy DORA’s mandate (Article 6) for the real-time monitoring of technical and design-based vulnerabilities across your entire digital asset inventory.
• Technical Due Diligence: Our risk assessment reports provide the third-party technical verification required for DORA’s “Third-Party Risk Management” (Article 28), documenting the resilience of smart contracts and protocol-level dependencies.
• Resilient Portfolio Construction: Our wealthTech platform automates “Business Continuity” (Article 12) by ensuring client portfolios are programmatically balanced according to verified technical and fundamental risk levels, not just market volatility.

Global Regulation: The Basel 2026 Standard (SCO60)

Contact Us

Copyright © 2019 SupraFin  |  Privacy Policy

As with all investing, your capital is at risk. The value of your digital assets / crypto currencies can go down as well as up and you may get back less than you invest.