FATF Flags Peer‑to‑Peer Stablecoin Transfers via Self‑Custody Wallets as a Key AML Blind Spot
June 2024 – Global anti‑money‑laundering body urges tighter oversight as stablecoins gain traction in payments and cross‑border remittances.
Overview
The Financial Action Task Force (FATF) released a targeted report this week focusing on stablecoins, “unhosted” (self‑custody) wallets and peer‑to‑peer (P2P) transactions. The document warns that transfers conducted directly between users through self‑custody crypto wallets represent a “key vulnerability” in the emerging stablecoin ecosystem. Because these transactions can bypass regulated intermediaries such as exchanges, custodians or virtual asset service providers (VASPs), they fall outside the traditional AML and counter‑terrorism financing (CTF) control framework.
Why P2P Transfers Matter
Stablecoins have increasingly moved beyond speculative trading, being adopted for everyday payments, settlement of cross‑border trades and as a hedge against fiat volatility. As the volume of stablecoin transactions climbs, the proportion of activity that occurs outside regulated platforms also rises.
Self‑custody wallets give users full control over private keys, meaning that a user can send a stablecoin directly to another user without involving any entity that is subject to AML monitoring obligations. In such a scenario:
- No KYC/AML checks – The sender and receiver are not required to undergo identity verification by a VASP.
- Limited reporting – The transaction does not trigger automatic suspicious‑activity reporting (SAR) obligations that would normally be triggered at an exchange or custodial service.
- On‑chain traceability with limited attribution – While blockchain ledgers capture the movement of tokens, wallet addresses are pseudonymous, making it harder for authorities to link a specific address to a real‑world identity without additional investigative resources.
The FATF notes that this structural gap can be exploited to move illicit proceeds, especially given the growing share of stablecoins in illicit flows.
Illicit Activity Data
A recent analysis from blockchain analytics firm Chainalysis, cited by FATF, shows that illicit addresses received roughly $154 billion worth of crypto in 2025. Stablecoins accounted for about 84 % of that illicit volume, even though illicit transactions represented less than 1 % of the total on‑chain activity. The concentration of illicit activity in stablecoins underscores the importance of addressing the regulatory blind spot identified by FATF.
FATF Recommendations
The report does not prescribe a one‑size‑fits‑all solution but lays out a “proportionate” risk‑based approach for jurisdictions:
- Risk Assessment – Countries should evaluate the exposure created by stablecoin ecosystems, focusing on the interaction between self‑custody wallets and regulated platforms.
- Enhanced Monitoring – When self‑custody wallets connect with VASPs (e.g., deposit or withdrawal), regulated entities should apply heightened due‑diligence, transaction monitoring and SAR obligations.
- Clear AML/CTF Obligations for Issuers and Distributors – Entities that issue or distribute stablecoins must implement robust AML frameworks, including customer verification and ongoing monitoring, even if the token ultimately ends up in an unhosted wallet.
- International Cooperation – Given the cross‑border nature of stablecoin transfers, the FATF urges information sharing and coordinated enforcement among member states.
Industry Implications
The FATF’s findings are likely to accelerate regulatory initiatives in several jurisdictions that are already drafting stablecoin‑specific legislation. For crypto businesses, the guidance translates into:
- Operational Adjustments – Exchanges and custodians may need to expand KYC checks to cover wallet addresses that are linked to self‑custody users, potentially leveraging blockchain analytics tools.
- Compliance Costs – Enhanced monitoring and reporting could raise compliance expenditures, especially for smaller firms that rely on third‑party AML solutions.
- Product Design – Issuers might consider built‑in controls that flag large or rapid transfers to unhosted wallets, similar to safeguards used in the traditional banking sector.
Key Takeaways
| Point | Detail |
|---|---|
| Vulnerability | P2P stablecoin transfers via self‑custody wallets bypass regulated AML controls. |
| Illicit Share | Stablecoins represent 84 % of illicit crypto volume in 2025, though overall illicit activity is <1 % of total on‑chain traffic. |
| Regulatory Call‑to‑Action | Jurisdictions should assess risks, enforce proportionate measures, and tighten AML/CTF duties for stablecoin issuers and distributors. |
| Traceability vs. Attribution | Blockchain records remain public, but wallet pseudonymity hinders direct attribution without additional investigative work. |
| Industry Response | Expect tighter KYC/monitoring for interactions between regulated platforms and unhosted wallets, and possible new compliance frameworks for stablecoin issuers. |
Outlook
As stablecoins cement their role in the global payments infrastructure, the regulatory focus on the “unhosted” segment is expected to intensify. The FATF’s report provides a blueprint for policymakers to close the AML gap while preserving the benefits of self‑custody—namely, user sovereignty and rapid, low‑cost transfers. Market participants that proactively adopt stronger compliance measures may gain a competitive edge, positioning themselves as trustworthy actors in a landscape that regulators are increasingly scrutinising.
The article is based on the FATF targeted report on stablecoins, unhosted wallets and P2P transactions, and data from Chainalysis on illicit crypto activity.
Source: https://cointelegraph.com/news/fatf-says-stablecoins-now-dominate-illicit-crypto-flows-including-sanctions-evasion?utm_source=rss_feed&utm_medium=feed&utm_campaign=rss_partner_inbound
