The adoption of stablecoins has been swift: as of mid-2025,there were 250 stablecoins in circulation, with a market capitalisation exceeding USD 300 billion, and trading volumes surpassing those of Bitcoin.

The appeal of stablecoins goes beyond price stability. Their high liquidity, interoperability, and efficiency in enabling fast cross-border transactions, along with their function as a store of value, have made them a useful financial tool for individuals, businesses, and institutions. However, a recent report by the Financial Action Task Force (FATF) flags an important concern: the same features that make stablecoins efficient and accessible also make them vulnerable to misuse.

The FATF's 'Targeted Report on Stablecoins and Unhosted Wallets: Peer-to-Peer Transactions' does not treat stablecoins as inherently dangerous; it recognises their legitimate value while identifying specific conditions under which they become vulnerable to misuse.

The central concern is peer-to-peer (P2P) transfers between unhosted wallets: transactions conducted directly between individuals, without the involvement of a regulated exchange or virtual asset service provider (VASP). As no licensed intermediary is involved, these transactions fall outside standard anti-money laundering and counter-terrorist financing (AML/CFT) checks. Case studies from DPRK and Iran show how criminal groups convert proceeds into stablecoins, typically USDT on the Tron blockchain, before using OTC brokers or P2P platforms to withdraw funds in fiat currency.

The report further identifies vulnerabilities across the stablecoin lifecycle, including issuance, circulation, and redemption.

These risks are amplified by cross-border and offshore issuers, inconsistent compliance among intermediaries, and the availability of off-ramp channels such as OTC brokers, informal exchange networks, and P2P platforms. The use of cross-chain transactions adds another layer of complexity, as funds are moved across multiple blockchains, fragmenting transaction trails and making them harder to trace.

To address this, the FATF recommends that countries must properly license and supervise VASPs and apply these rules consistently across the ecosystem, including stablecoin issuers, intermediaries and relevant financial institutions. The report also highlights a practical opportunity.

Stablecoin issuers have technical tools built into their systems, such as the ability to freeze, burn, or block transactions through smart contracts. These controls can serve as active safeguards in both primary and secondary markets if regulators require their use.

On P2P transactions and unhosted wallets specifically, the FATF asks jurisdictions to assess how common these activities are and what level of risk they carry, and to put in place measures accordingly.

Singapore and Germany are cited as examples where VASPs must apply stronger checks for unhosted wallet transactions, including identity verification, blockchain forensics, transaction limits, and ongoing monitoring. More broadly, the FATF points to advanced analytics, stronger supervision, and public-private cooperation as the foundations of an effective response.

India appears relatively well-positioned to respond to these challenges. Through the Financial Intelligence Unit, VASPs are already subject to AML/CFT oversight, and efforts are underway to strengthen cybersecurity systems. However, regulatory gaps remain.

Existing and upcoming crypto-asset regulations must address the risks associated with P2P transactions, which can bypass intermediary-based safeguards.

Bridging these gaps will be essential to building a more coherent and effective regulatory framework. At the same time, continued collaboration between the government and private platforms will be critical in managing the evolving risks linked to stablecoins and the broader crypto ecosystem.