In a recent article, we examined the Bank of England's policy statement and draft Code of Practice for sterling-denominated systemic stablecoins.
As that regulatory framework takes shape, this article turns to the practical legal risks that businesses face today when using stablecoins as live payment infrastructure (or alternative rails to the traditional card and bank-based payment rails), and how to manage them through proper contractual and operational structuring.
Why are businesses using stablecoins for payments?
Stablecoins are appealing for three practical reasons: they can clear and settle a payment (even cross-border) in minutes, operate 24/7 and – where bank correspondent chains are long, currency conversion costs are high, or local payment systems are slow – can be significantly cheaper than traditional payment rails for moving money cross border.
Several use cases have driven mainstream adoption. For instance:
- Cross-border payment fintechs use the "stablecoin sandwich" – converting local fiat into a stablecoin, transferring on-chain, then converting back at the destination – to undercut traditional money remittance operators on price and speed.
- Corporate treasury teams use stablecoins to move money between group companies, cutting out bank cut-off times and making cash available to group companies immediately.
- Merchants in emerging markets are accepting dollar-denominated stablecoins to protect themselves from local currency swings and to avoid slow local payment systems with deferred and bank-based settlement systems.
Importantly, stablecoins remove friction and reduce process steps.
A traditional cross border bank payment may pass through various correspondent banks, clearing banks, card networks, and payment processors. Each participant is regulated, contractually accountable, and carries defined legal and payment network liability – this is costly, time consuming and generally cumbersome.
For a stablecoin payment, many of these roles are discharged by the stablecoin issuer, exchanges which can act as both the entry and exit point for fiat, custodians holding the reserve assets (liquidity), and sometimes automated software protocols that have no legal identity at all. These new participants are less regulated, carry less defined liability, and often have no direct legal relationship with the person making or receiving the payment. Taken together, that creates speed and efficiency, but it also creates significant counter-party risk that is not typical.
Payment mechanics: When something goes wrong
So what happens when a stable coin transaction does not clear and settle?
With the traditional payment rails, there are clear processing, clearing and settlement obligations that clearly set out when a payment is cleared and settled, typically when the receiving bank's account is credited at the central bank or settlement agent. after which the payment cannot be unwound or reversed (i.e., settlement finality).
The stablecoin clearing and settlement process works differently. Depending on the blockchain protocol, a stablecoin transaction has the following components: (i) initiation; (ii) broadcast / validation; and (iii) reflection the recipient’s wallet (aka settlement finality) – each component will be governed by different rules, and each carrying different legal weight.
No stablecoin network in widespread use has a statutory or rulebook-based definition of settlement finality equivalent to CHAPS or SEPA.
Settlement finality for stablecoin transactions is currently a function of the blockchain protocol design, the stablecoin’s exchange’s internal policies, and whatever the contract says – which on this topic is usually very little.
The immutability of a blockchain transaction is a core principle of the blockchain process one a transaction has been recorded it cannot be “refunded” or “chargedback” in the same way as a bank or card transaction.
In addition to this, if a stablecoin payment goes to the wrong address, or the wrong network, it is often permanently lost. There is no recall mechanism and no central authority to contact to dispute a transaction.
Card and Bank payment rails have detailed and comprehensive dispute rules enabling recall, refund and chargeback with formal evidence processes underpinning them. There are also clear and settled lines of responsibility amongst participants to ensure that the key parties are protected. There are therefore risks that need to be identified and accepted or mitigated.
Contractual mitigants should include clear definitions of when a payment is complete and when settlement is final (for example, from a timing perspective should this be, when the instruction is sent, when the blockchain confirms it, or when the receiving exchange credits the recipients account). Contracts should also set out who bears the risk if the network goes down, gets congested, or a payment is sent to the wrong address.
For high-value transfers, blockchains that reach finality almost instantly reduce this uncertainty significantly. But even once a payment settles successfully, firms using stablecoins for payments need to consider what the stablecoin is worth, and what underpins its value?
Asset risks: What 'stable' actually means
Issuers of Stablecoins backed by real-world currencies hold cash and other liquid assets in specific reserves and promise that holders can redeem their coins for face value on demand. In practice, both the quality of those reserves and the right to get your money back carry risks that most users overlook.
For instance, holders of stablecoins may find themselves treated as ordinary creditors rather than owners of protected assets if an issuer or custodian fails.
The legal rules on who owns the reserves – and who gets paid first – vary significantly between countries, and standard issuer terms are often silent on the point.
In the United Kingdom, the Bank of England has proposed a two-trust statutory safeguarding model for systemic stablecoins would; under Trust 1 – ring-fence backing assets (reserves), protecting stablecoin holders’ claims on 1:1 basis, and; under Trust 2 – segregate capital and reserves to ensure orderly wind-down and insolvency costs are funded.
The consequence is that a stablecoin's stability, insofar as the asset holder is concerned, does not just depend on the technology behind it. It also depends on the issuer and custodian’s financial health, how well they manage reserves, and how well they are governed. Where confidence in any of these factors deteriorates, a stablecoin may trade below its peg on secondary markets – a depegging event – even if the issuer has not formally defaulted.
As a result, holders of stablecoins should consider requiring access to regular, independently verified statements of the issuer's safeguarded reserves, and seek legal advice on whether those reserves are genuinely ring-fenced from the issuer's own assets.
Agreements must also set out precisely when and how you can redeem your coins, under what conditions that right can be suspended, and what the timelines are, rather than leaving this to an issuer’s discretion. In some cases, it may be prudent to even require substitution with an alternative stablecoin or fiat settlement, and, where depegging persists beyond a defined period, to terminate the arrangement.
Compliance: Tracing, freezing and the GDPR problem
Stablecoin networks were not built with financial crime controls or data protection rules in mind. Both sets of rules assume that there are identifiable businesses in the middle of every transaction, and that data can be corrected or deleted when needed (for instance, for a GDPR erasure request). Neither assumption holds for a public blockchain.
In the absence of the more traditional intermediaries, stablecoin users need to build financial crime controls into every stage of the payment journey (e.g., when stablecoins are issued, transacted, converted, held, and redeemed) rather than relying on the issuer's own controls. These transaction monitoring tools and wallet risk-screening should be standard from the moment you launch.
At the design stage, providers of stablecoin solutions should also consider whether privacy-protecting technology, private blockchains, or off-chain processing could resolve the inherent tension between every transaction on a public blockchain being permanently visible to anyone who looks, and data protection laws giving individuals the right to have their personal data deleted.
Regulatory identity: A different answer in every country
The same stablecoin can have different, simultaneous classifications in different jurisdictions (e.g., as e-money, a commodity or no classification at all). For businesses using stablecoins for payments, that fragmentation matters because the classification in each jurisdiction determines the protections available to holders, the enforceability of redemption rights, and the regulatory obligations that attach to each leg of a cross-border payment. A stablecoin that carries full consumer protection at the point of purchase may carry none at the point of receipt.
In the United Kingdom, the Bank of England’s proposed systemic designation framework (currently slated for a 2027 rollout) would add a further consideration for users. Where a stablecoin is designated as systemic, the issuer would be subject to enhanced reserve, redemption and safeguarding requirements – including the use of the two-trust model discussed above – which should strengthen the protections available to holders. However, equivalent protections may not exist in other jurisdictions through which a payment passes, and you should assess the regulatory status of the stablecoin at each stage of the payment chain.
Before committing to using stablecoin as a payment rail, businesses should map the regulatory classification of the relevant stablecoin in every jurisdiction through which the payment passes and assess what protections are available at each waypoint. Where a stablecoin is unregulated or lightly regulated at the destination end, contracts should address the resulting gaps – for example, by specifying fallback settlement in fiat currency, requiring the counterparty to bear depegging risk, or building in termination rights if the regulatory status of the stablecoin materially changes.