Stablecoins are no longer just “crypto plumbing” — they’re becoming a primary rail for illicit finance, especially when value moves peer-to-peer (P2P) through unhosted wallets, according to a new targeted report from the Financial Action Task Force (FATF).
In its March 2026 report, FATF says stablecoins have scaled rapidly — with over 250 in circulation by mid-2025 and market capitalisation above $300 billion — and that their liquidity and interoperability make them attractive both for legitimate use and for laundering, terrorist financing, and proliferation financing.
Why FATF is focusing on P2P and “unhosted wallets”
FATF’s central concern is what happens when stablecoins move outside the regulated perimeter. P2P transfers via unhosted wallets can occur without a VASP or financial institution in the middle, meaning standard AML/CFT controls may not be applied at the moment value moves.
The report notes that stablecoins show up both in simple illicit uses and in complex, multi-step chains designed to obscure origin and destination — and it flags the lack of reliable data on how much stablecoin activity is truly P2P versus routed through intermediaries.
Stablecoins are now a default tool in multiple threat models
FATF says stablecoins have become a common component of money laundering (ML), terrorist financing (TF), and proliferation financing (PF) schemes involving virtual assets. It highlights that state-linked cyber actors — including DPRK-linked groups — are adopting stablecoins in laundering flows from cybercrime (like ransomware and phishing), while Iranian actors are cited as leveraging stablecoins to finance proliferation.
FATF also references industry reporting that stablecoins accounted for a large share of illicit virtual asset transaction volume in 2025, reinforcing the idea that “crime money” is increasingly dollar-denominated on-chain.
Cross-chain activity is a growing control gap
Beyond unhosted wallets, FATF points to cross-chain movement as a specific vulnerability: stablecoin issuers may have limited ability to control or monitor activity once assets move across chains or into environments that fall outside established compliance tooling.
The message to regulators is clear: if supervision and enforcement remain chain-by-chain and jurisdiction-by-jurisdiction, criminals will keep routing around the strongest chokepoints.
What FATF wants countries and industry to do next
FATF does not propose rewriting the global standards here. Instead, it pushes harder on implementation — and on stablecoin-specific controls that can work in secondary markets.
Key “good practices” highlighted include:
- applying clear AML/CFT obligations across stablecoin arrangements (issuers, intermediaries, custodians, and other relevant participants) under FATF Recommendation 15;
- requiring stablecoin issuers to adopt risk-based technical and governance controls, including abilities to freeze, burn, or withdraw stablecoins in secondary markets; and using smart contract controls like allow-listing and deny-listing where appropriate;
- building supervisory and law enforcement capability around smart contracts, cross-chain mechanics, and blockchain analytics;
- strengthening domestic and cross-border cooperation for rapid information exchange, especially where freezing/burning is involved;
- expanding public-private collaboration on typologies, indicators, and investigations, supported by case studies and a consolidated list of risk indicators in the annex.
FATF also notes that only a limited number of jurisdictions have built targeted stablecoin frameworks that explicitly account for stablecoin features, urging proportionate measures that reflect stablecoins’ distinct risk profile.
Why it matters for crypto
- Stablecoins are increasingly treated as systemically important compliance rails, not neutral tokens.
- P2P transfers via unhosted wallets are being framed as a structural vulnerability regulators will keep targeting.
- Issuer-level controls (freeze/burn/allowlists) are moving from “optional features” to expected risk tooling in some jurisdictions.
- Cross-chain activity is now a mainstream policy concern — compliance won’t be judged chain-by-chain anymore.
- Expect more pressure for audit-ready monitoring and faster cooperation between issuers, VASPs, and law enforcement.
What to watch next
- Whether more jurisdictions introduce stablecoin-specific rules beyond baseline VASP obligations.
- New requirements (or de facto expectations) for programmable controls in stablecoin contracts used at scale.
- Increased enforcement focus on P2P exposure: how VASPs handle transfers to/from unhosted wallets.
- Cross-border “rapid response” channels for freezes/burns — especially in large fraud and cybercrime cases.
- Industry adoption of FATF’s risk indicators and case-study patterns in transaction monitoring playbooks.
Source: FATF — “Targeted Report on Stablecoins and Unhosted Wallets: Peer-to-Peer Transactions”