Brazil is entering a new phase for crypto oversight. With the Central Bank of Brazil (BCB) publishing Resolutions 519, 520 and 521, Virtual Asset Service Providers (VASPs) finally have a clear rulebook for how they are expected to operate.

On 24 November, Notabene’s Regulatory & Compliance team brought together regulators, legal experts and market leaders who are directly involved in crafting, interpreting and applying these rules. This recap pulls together the main points from that discussion and what they mean in practice for firms operating in or serving Brazil.

We were joined by:

• Pedro Henrique Nascimento Silva, Coordinator, Financial System Regulation Department, Central Bank of Brazil
• Marcos Coelho da Rocha, Partner, Veirano Advogados
• Nicole Dyskant, Co-Founder & CEO, RegDoor
• Bruno Antoniolli, Director of Risk, Controls & AML, Mercado Bitcoin

Moderated by Lana Schwartzman and Catarina Veloso from Notabene’s Regulatory & Compliance team.

1. How we got here: Brazil’s path to a full framework

Pedro opened by walking us through the path that brought us to this critical regulatory milestone. .

• In 2022, Brazil passed its virtual asset law. It set AML expectations and made clear that there would be a specific authority responsible for supervising virtual asset service providers.
• In mid-2023, a presidential decree formally designated the Central Bank of Brazil as that authority.
• From there, the BCB did something unusual for its regulatory process: instead of starting with a draft rule, it began with 38 open questions to the market.

That consultation step mattered. Market participants, including Notabene and many of our customers, have highlighted practical challenges and risks that only become apparent once you are deeply entrenched  in operations. The BCB used that input to shape three core pieces of regulation:

1. The authorization process for VASPs and related entities
2. The business rules for VASPs and for other regulated institutions that offer virtual asset services
3. The FX perimeter, defining when virtual asset activity is treated as foreign exchange

Across these, the BCB chose to align the new regime with existing financial sector regulation wherever possible: cybersecurity, AML/CFT, governance, risk management and vendor oversight. For VASPs, the framework also introduces three basic business models:

• Intermediary
• Custodian
• Exchange / combined model

2. Upcoming Milestones: What is Coming in 2026?

Nicole focused on what most firms are currently asking: what happens next and when.

Here is the high-level timeline as it stands today:

• February 2026: Resolutions come into effect. Firms can start submitting license applications.
• By end of October 2026: 
  • Existing VASPs that are already operating in Brazil must apply for authorization under one of the new categories.
  • Eligible authorized institutions (e.g., banks, broker-dealers) do not require a separate license, but must notify the BCB of the provisioning of crypto asset services and adjust procedures as needed. 
  • Foreign firms serving Brazilian clients and seeking to maintain that activity must also transfer activities to an eligible authorised instituion or a existing VASP.

During this transition period, firms should be working toward:

• Clear internal mapping to the correct license type
• Governance, risk and control frameworks that match the BCB’s expectations
• Consistent AML, sanctions, reporting, accounting and corporate governance practices
• Documentation that reflects reality, not “what we plan to do later”

Nicole stressed one point in particular: because the timelines are generous, the BCB expects applications to be substantive, not placeholders. Submitting an incomplete file and promising to “fix it later” is likely to result in a refusal.

3. How a major VASP is preparing: Mercado Bitcoin’s view

Bruno brought the operator angle, sharing how Mercado Bitcoin is preparing internally.

A few themes stood out:

• Much of the work started years ago. Mercado Bitcoin already runs annual cybersecurity audits, has listing and delisting processes, and maintains established AML and risk frameworks.
• The new regime is less about starting from scratch and more about elevating documentation and governance: making sure processes are written down, reviewed regularly and escalated through the right committees.
• One key challenge is ensuring a unified view of risk: linking on-chain monitoring, off-chain financial flows, and customer behaviour into a single methodology and risk scoring system.

On prudential rules, Bruno flagged that this will be a critical piece to watch. VASPs do not operate like banks, so the calibration of these rules will matter. The BCB’s Public Consultation no. 125/2025 on prudential treatment is open until 30 January 2026.

4. Travel Rule: What Resolution 520 actually requires

As this was a Notabene-hosted webinar, we dedicated part of the session to reviewing the Travel Rule and its implications. Catarina provided an overview of the obligations set out in Resolution 520:

• The Travel Rule applies to all virtual asset transfers, regardless of amount.
• The originator institution must transmit identifying information about both the originator and the beneficiary.
• The required data includes a richer set of information on the originator (your own customer) and a more limited set on the beneficiary (as provided by your customer).

On top of the data elements themselves, the resolution reinforces two core obligations:

1. Suspicious activity reporting

   The Travel Rule is there to support detection of illicit activity, not to create a data-sharing exercise for its own sake. Firms should design their implementation so that Travel Rule data meaningfully strengthens AML and sanctions controls.

2. Reporting of non-cooperative counterparties

   If a BCB-supervised counterparty prevents you from complying with the Travel Rule, you are required to notify the central bank. That gives the BCB visibility into systemic obstacles and repeat offenders.

Phased rollout: domestic first, cross-border next

Article 89 sets out a phased approach over two years:

• Phase 1: February 2026 to February 2027

  Travel Rule applies to domestic transfers between institutions operating in Brazil.

• Phase 2: February 2027 to February 2028

  Travel Rule extends to cross-border transfers involving foreign institutions.

• From February 2028, full compliance is expected.

Throughout both phases, VASPs can rely on documented self-declarations from customers when dealing with self-hosted wallets, provided those declarations are properly documented and can be produced to the BCB on request.

Pedro highlighted that Travel Rule compliance is non-negotiable and called attention to an important milestone: by 2 February 2027, any firm operating legally in Brazil will either already be licensed or be in the licensing process, and will be expected to comply with Travel Rule requirements for domestic activity.

5. Notabene’s Brazil Travel Rule Testnet

From Notabene’s experience in other regions, we know Travel Rule implementation cannot be left to the last minute. It affects transaction flows, customer UX, sanctions screening and counterparty relationships all at once.

In this context, during the webinar, we announced that we are launching a Brazil-specific Travel Rule testnet program. This will allow Brazilian VASPs and global firms serving Brazil to:

• Test Travel Rule data exchange aligned with Resolution 520
• Trial customer journeys and transaction flows before go-live
• Identify and fix counterparty frictions early

We have seen how powerful this approach can be. In 2023, we supported two successful rounds of testing in the UK under the FCA’s sandbox, which helped firms enter enforcement with fewer surprises in production. 

We’re now bringing that proven model to Brazil, tailored specifically to the obligations and technical realities of Resolution 520.

Any institution is welcome to join the program by signing up below.

It’s a unique opportunity for the industry to prepare together before full enforcement begins. Register your interest to join the Brail Travel Rule Testnet today.

6. Stablecoins: Where the rules stand today

The BCB has made it clear that stablecoins dominate crypto flows in Brazil, with an estimated 80–90 percent of volume in recent years involving stablecoin pairs.

Marcos outlined how the resolutions handle this reality:

• Algorithmic stablecoins are banned. Brazilian VASPs will not be allowed to offer or intermediate purely algorithmic pegs.
• The rules focus on fiat-backed stablecoins, defined as virtual assets backed by reserve assets and intended to maintain a peg to a specific fiat currency.
• VASPs must carry out and document due diligence on:
  • The issuer's compliance with the token with the offering and public markets regulations of its home jurisdictions
  • The issuer’s regulatory and legal status
  • The structure and quality of the reserve
  • Concentration risks in those reserves
  • The stabilization mechanism and its track record
  • Audited financial statements of issuers and custodians
• Finally, Article 65 also requires VASPs to publicly disclose their methodology for selecting and maintaining stablecoin listings. The intention is that customers can evaluate whether a firm’s criteria align with their own risk appetite.

Pedro noted that stablecoins will be a central regulatory priority for 2026. He explained that although assets like Bitcoin and Ethereum once dominated Brazil’s crypto market, stablecoins have now become the primary vehicle for transactions. According to the BCB’s early, though still incomplete, data analysis, USD-denominated stablecoins account for the overwhelming majority of activity. Congress is debating several bills specific to stablecoins. Depending on which proposals advance, the BCB’s mandate may expand or shift, potentially requiring a more comprehensive regulatory framework governing issuance, reserve structures, and overall oversight.

What firms should be doing now

Across all speakers, a few practical messages were repeated:

• Map your activities to the new categories. Assess whether you are an intermediary, custodian, combined broker or a regulated financial institution expanding into virtual assets.
• Start license preparation early. Governance, documentation, audits and risk assessments take time.
• Treat Travel Rule as a core compliance project, not an add-on. It touches customer onboarding, transaction monitoring, sanctions, product and engineering.
• Take stablecoin due diligence seriously. Given their dominance in Brazilian flows, they will be a major focus for supervisors.

At Notabene, we will keep working with both Brazilian and global firms as they prepare for this next phase, including through our Brazil Travel Rule testnet and ongoing regulatory updates.

If you would like to participate in the testnet program or want a more tailored discussion on how these rules affect your specific business model, our team would be happy to talk to you today.

Notabene has submitted a detailed response to the US Treasury’s recent advance notice of proposed rulemaking (ANPRM) on GENIUS Act implementation—guidance that will shape how stablecoin issuers meet illicit finance requirements in the United States. Alongside our October 17 response to Treasury’s request for comment on innovative methods to detect illicit activity involving digital assets, our recommendations on GENIUS ACT implementation center on one main goal: shifting stablecoin compliance from after-the-fact detection to pre-transaction prevention.

By opening this rulemaking to public comment, Treasury is giving the industry a rare chance to surface operational challenges, propose technical solutions, and shape how compliance obligations become law. The decisions made in the coming months will directly influence how issuers, banks, and digital asset service providers design programs and manage risk.

In our response, we call for authorization-before-settlement, clarified Travel Rule expectations, open and interoperable standards, alignment with global frameworks, and outcome-based supervision. Drawing on operational data from our network—over $1.5 trillion in transactions across 2,000+ institutions in 100+ jurisdictions—we argue for controls that stop illicit payments before they reach the blockchain.

.

What the GENIUS Act Means for US Stablecoin Regulation

The GENIUS Act, signed into law on July 18, 2025, established the first federal framework for payment stablecoins. It sets reserve, disclosure, and supervisory requirements designed to align stablecoin issuance with banking law principles like capital adequacy and consumer protection.

Most importantly for compliance teams, the GENIUS Act designates stablecoin issuers as financial institutions under the Bank Secrecy Act (BSA), bringing them under the same AML/CFT obligations as banks and other covered entities.

Since enactment in July, Treasury has been working to translate the statute into enforceable regulations. This process opened with two major consultations: a request for comment on innovative methods to detect illicit activity involving digital assets (required by the GENIUS Act) with a comment deadline of October 17, and an ANPRM on GENIUS Act implementation released September 18 with a comment deadline of November 4.

Two Consultations, One Goal: Preventing Illicit Finance

Treasury's ANPRM on GENIUS Act implementation sought public comment across six major categories: 

• Stablecoin issuers and digital asset service providers (issuance, treatment and requirements for payment stablecoins)
• Illicit finance
• Foreign payment stablecoin issuers
• Taxation
• Insurance
• Economic data

This consultation moved the conversation from law on paper to rulemaking and implementation, giving theindustry an opportunity to highlight practical challenges and propose technical solutions before final regulations are written. The most important sections for compliance leaders and market participants centered on illicit finance and Travel Rule compliance, where Treasury explicitly sought input on how stablecoin issuers and their partners should design AML/CFT frameworks.

The separate request for comment on innovative methods to detect illicit activity asked specifically about tools that regulated financial institutions use or could use to detect illicit activity involving digital assets. Treasury highlighted APIs, artificial intelligence, digital identity verification, and blockchain monitoring as areas of particular interest. The GENIUS Act requires Treasury to use public comments to inform research on the effectiveness, costs, privacy and cybersecurity risks, and other considerations related to these tools.

Together, these consultations signal Treasury's focus on operational readiness and AML/CFT safeguards as stablecoin regulation moves from statute to practice.

Illicit Finance and Travel Rule: Treasury's Compliance Expectations for Stablecoins

The ANPRM reiterates that stablecoin issuers will be treated as financial institutions under the BSA, making them subject to the full range of AML/CFT obligations including customer identification, due diligence, Travel Rule, and reporting requirements.

By opening the door to public comment, Treasury is providing the industry with an opportunity to highlight practical challenges, propose technical solutions, and influence how compliance frameworks will be written into law. For issuers, banks, and digital asset service providers, this means that the decisions made over the coming months will directly affect how they design compliance programs, structure partnerships, and approach risk management. In other words, the ANPRM is where law begins to meet practice.

Treasury's ANPRM invited comments on whether distributed ledger design creates barriers to meeting AML/CFT obligations. The request for comment on innovative methods asked directly about the role of APIs, AI-driven monitoring, blockchain analytics, and digital identity solutions in enabling compliance at scale.

These consultations signal that both stablecoin issuers and banks are converging under a shared set of expectations for mitigating illicit finance risk.

What We Told Treasury

Our responses to both consultations focused on a fundamental compliance challenge: crypto's "settle first, ask questions later" architecture. Traditional payments authorize before settling. Blockchain transactions invert this. Once a private key holder initiates a transaction, it executes without the recipient's consent, leaving minimal opportunity for preventive controls.

In our ANPRM response, we recommended five core measures for stablecoin regulation:

1. Mandate authorization before settlement. Require Travel Rule data exchange, sanctions screening, and beneficiary verification before a permitted payment stablecoin issuer reveals a settlement address or executes a transfer. This restores standard payment discipline and creates a window to block illicit payments before they happen.

2. Clarify Travel Rule obligations for stablecoin issuers. Issuers should collect, verify, and transmit originator and beneficiary data pre-transaction. They should verify beneficiary information before execution and collect minimally necessary counterparty information to enable sanctions screening.

3. Require open, interoperable standards. Issuers should use open messaging and authorization standards like IVMS-101 for data format and TAP for pre-transaction authorization. This prevents proprietary fragmentation and enables cross-border interoperability.

4. Coordinate with global precedents. Align US requirements with FATF Recommendation 16 and frameworks in jurisdictions like Hong Kong, Singapore, and the EU so US-regulated stablecoins can interoperate globally.

5. Measure what matters. Evaluate issuers on pre-transaction authorization rates, time-to-respond, Travel Rule responsiveness, and freeze actions taken, not just SAR counts.

How Innovative Tools Enable Compliance at Scale

In our response on innovative methods to detect illicit activity, we demonstrated how APIs, the Travel Rule, and pre-transaction authorization protocols work together to prevent illicit finance rather than merely detecting it after the fact.

APIs serve as the critical infrastructure for real-time compliance data exchange—connecting systems, counterparties, and authorization processes. They allow institutions to perform crucial checks in milliseconds, such as querying sanctions databases via API keys and verifying counterparty information to coordinate rapid authorization decisions. This speed is essential given blockchain’s near-instant settlement finality, and is particularly important for sanctions enforcement, where timing determines whether illicit transactions can be intercepted.

When implemented securely through APIs and pre-transaction authorization, the Travel Rule enables the transmission of compliance information at scale using standardized formats such as IVMS-101.

Most importantly, APIs enable holistic, pre-transaction risk assessment. Our system integrates connections to multiple risk intelligence sources—including sanctions screening providers and blockchain analytics platforms—into a configurable policy engine. This allows institutions to embed their own risk frameworks into automated decisioning. The result is an automated, pre-settlement risk determination that reflects each institution’s compliance posture while ensuring illicit finance risks are identified and mitigated before blockchain settlement occurs.

The Travel Rule as Prevention Control

The Travel Rule, formally codified in FinCEN's regulation 31 CFR § 1010.410(f), requires financial institutions to obtain, hold, and transmit required originator and beneficiary information for transactions of $3,000 or more. When implemented pre-transaction, the Travel Rule becomes a prevention control rather than an after-the-fact record-keeping rule.

Through the Transaction Authorization Protocol (TAP), originator and beneficiary institutions exchange data and settlement instructions before a transaction is broadcast. Both sides screen for sanctions and other AML/CFT risks. This prevents inadvertent transfers to designated parties and gives institutions a defensible basis to halt or refuse settlement in real time.

FATF guidance makes clear that the Travel Rule's core purpose extends beyond information transmission. Institutions must use this information to "take freezing actions and prohibit transactions with designated persons and entities." When correctly implemented through pre-transaction authorization, institutions gain the ability to screen both originators and beneficiaries against OFAC's SDN List before any funds move, detect indirect exposure to sanctioned parties through the payment chain, block transactions in real time before irreversible settlement, and maintain compliance even when customers attempt to send funds to sanctioned counterparties.

Beyond Illicit Finance: Foreign Issuers, Taxation, and Economic Data

The ANPRM solicits input on several additional fronts. One is the oversight of foreign stablecoin issuers, a category that raises questions about cross-border supervision and market access. Another is the treatment of taxation and insurance, which could affect both issuers' reporting requirements and consumer protections. Treasury is also asking how to design economic data collection frameworks that can capture the systemic and macroeconomic impacts of stablecoins.

These areas show that regulators are thinking beyond compliance mechanics to the wider implications of stablecoins for financial stability, market integrity, and consumer confidence.

What This Means for Stablecoin Issuers, Banks, and Compliance Teams

For the US market, these consultations create stronger incentives for onshore issuance under a compliant framework. For banks, they clarify partnership opportunities with issuers but also raise diligence requirements as both sides come under converging AML/CFT obligations.

For compliance teams, the message is clear: Travel Rule readiness and robust AML infrastructure are now table stakes.

Our platform enables secure interoperability between issuers, banks, and intermediaries by supporting counterparty identification, identity verification, and compliant transaction data-sharing. These are the capabilities Treasury is emphasizing as essential for stablecoin issuers to meet regulatory expectations. With proper implementation, stablecoin systems can prevent illicit activity before settlement rather than detecting it afterward, provide transparency through immutable audit trails while preserving legitimate privacy, and enable real-time compliance at global scale.

Read our full response to Treasury here.

Sources

• Treasury ANPRM Press Release
• Unpublished Federal Register PDF
• Treasury RFC (Aug 18, 2025)

Blockchain-based payments have reached an inflection point. Tokenization and stablecoins are no longer experiments—they’re actively shaping the future of payments. 

Yet beneath the optimism lies a stark reality. Despite their potential for speed, cost savings, and global reach, stablecoins make up just 0.03% of B2B payments. The gap is due to missing infrastructure, not lack of interest. Today’s blockchain rails don’t provide the basic elements businesses need: trust, context, and authorization.

The Hidden Barriers Slowing Stablecoin Adoption in B2B Payments

Despite their obvious advantages for speed, cost, and global reach, as of June 2025, stablecoins accounted for just 0.03% of B2B payments. While adoption is trending upward, this gap between potential and reality reveals a fundamental challenge: blockchain transactions, in their native form, lack three essential elements that businesses require.

1. Institutions demand counterparty trust
   When large established institutions transact, whether it be fiat or crypto, they demand a level of counterparty trust that has been missing from crypto-native payment flows. The crypto Travel Rule was introduced in 2019 in part to replicate the trust mechanisms that have been established in traditional finance for decades, and not being able to easily and confidently verify who is on the other side of a transaction is a deal-breaker for institutional players.
2. Blockchain transactions lack context
   What you see on a public ledger tells you nothing about the counterparty or what invoice a payment satisfies. For businesses that need to match payments to contractual obligations, this absence of information creates operational chaos.
3. Blockchain transactions lack authorization flows
   Traditional blockchain transactions are unilateral—whoever holds the private keys decides if settlement happens. As a receiver, you don't get a say in whether you want to accept those funds. This creates significant compliance and risk management challenges for regulated institutions.

Without these elements of trust, context and authorization, crypto rails are simply unable to power real-world business payments. The opportunity now is to add these missing layers without losing the efficiency of blockchain settlement.

The next era for payments: TradFi meets stablecoins

At the Federal Reserve’s first-ever Payments Innovation Conference last October, policymakers and market leaders sent a clear and unified signal that the convergence of traditional finance and decentralized systems is here. Federal Reserve Governor Chris Waller captured the shift succinctly when he urged conference attendees to “embrace the disruption.”

As Paxos CEO Charles Cascarilla noted in a panel on stablecoin use cases and business models, "We're in a bit of a strange interregnum, with stablecoins proliferating while regulatory frameworks like the GENIUS Act prepare to bring clarity and standardization to the market.”

Of course, since October this momentum has accelerated even more and the US market in particular seems to be closer than ever to the long-awaited crypto market structure bill aiming to remove any remaining regulatory uncertainty slowing efforts by traditional finance firms to fully embrace crypto and merge the worlds of TradFi and crypto.

This convergence creates tremendous opportunity, but also adds complexity. The question now isn't whether these worlds will merge, but how quickly and seamlessly that integration will happen and whether we can build the trust layer that enables blockchain payments to function like traditional business payments.

The Travel Rule as a catalyst

To understand how the industry can solve for this, we need to go back to the Travel Rule, introduced in June 2019 to require regulated VASPs (Virtual Asset Service Providers) to exchange originator and beneficiary information before or during value transfers. While initially seen by some crypto-native organizations as a regulatory burden, we recognized it as an opportunity. An opportunity to build the trust mechanisms, contextual messaging layer, and authorization flows that would truly enable crypto to become part of the everyday economy.

By mid-2025, 85% of jurisdictions with material crypto activity had implemented or were implementing Travel Rule requirements, according to the Financial Action Task Force (FATF). As compliance obligations expanded, so did the underlying authorization flows. In fact, the Notabene network alone has processed over $2 trillion in authorized transactions to-date.

But a critical problem remained: authorization wasn't enforceable. According to Notabene's 2025 State of Crypto Travel Rule Report, 61.6% of surveyed VASPs receive few or no incoming transactions with required Travel Rule data. Institutions could not block non-compliant transfers because traditional blockchain rails don’t allow receivers to control what hits their wallets.

Notabene Flow fundamentally changes this model with an innovation that is simple but transformative: no one receives a settlement address until authorization is complete.

Unlike with traditional crypto transactions, where anyone can send funds to your wallet address whether you want them or not, Notabene Flow only shares settlement addresses with counterparties after authorization.

This ensures that all due diligence, consent, and compliance checks complete before settlement, giving institutions control over their deposit flows while maintaining the efficiency benefits of blockchain settlement. This ability to ensure fully Travel Rule-compliant flows is critical for regulated entities to adopt stablecoins as an efficient and B2B payment method in regulated jurisdictions.

What makes Notabene different? It’s open network

Notabene Flow isn’t a point-to-point payments solution. It’s a network. In fact, it is the same powerful network that connects our more than 2,000 counterparties already transacting compliantly across the globe. We sidestep the cold start problem that new payment networks will encounter by leveraging the active open network that we’ve been building for the past 5 years. Any participant can transact with any other participant using shared standards, common authorization flows, and built-in compliance.

Notabene Flow is built on our open foundations:

• TAP (Transaction Authorization Protocol): An open-source messaging standard defining how institutions communicate about transactions
• Global Network: Regulated entities transacting digital assets across 100+ jurisdictions who have already processed over $2T in transaction volume
• Embedded compliance: Travel Rule requirements for 50+ jurisdictions built directly into the system

This approach is as practical as it is philosophical. We heard repeatedly throughout last fall’s Payments Innovation Conference, as well as every other event since, that this open-loop network design and protocol interoperability is crucial. The industry clearly doesn’t see a world with "one stablecoin to rule them all," but rather a variety of trusted assets and rails, all sharing clear standards for how they interact. Notabene Flow is designed for this multi-rail future.

Building the trust layer for stablecoin payments

As Tim Spence of Fifth Third Bank noted in October, innovation in payments comes down to "whether the incumbents get the innovation faster than the disruptors get distribution." Flow addresses both sides of this equation.

• For traditional institutions: A compliant gateway to blockchain-based payments without building infrastructure from scratch.
• For crypto-native companies: Enterprise-grade reliability and regulatory compliance that opens doors to institutional adoption.
• For businesses of all types: The ability to choose the best payment method for each transaction while maintaining necessary controls.

It's no longer a question of if traditional finance and blockchain will converge, but when and how.

The missing piece has always been trust. Stablecoins offer a fast, global settlement layer, but without counterparty confidence, businesses cannot fully leverage them.

Notabene Flow provides that missing trust layer by embedding authorization flows, delivering transaction context tied to real-world obligations, and ensuring compliance with Travel Rule requirements for virtually all payments on our open network with standardized protocols for seamless interoperability.

With three core payment types supporting the full range of business needs, Notabene Flow enables companies to embrace the efficiency of stablecoin payments today while maintaining the risk management and compliance frameworks they require. This is how we bridge the 0.03% gap to mainstream adoption—not by compromising on efficiency or control, but by building the infrastructure that provides both.

To learn more about Notabene Flow or explore partnership opportunities, visit notabene.id or contact our team.

On November 10, 2025, the Banco Central do Brasil (BCB) published three major resolutions — 519, 520, and 521 — establishing a comprehensive regulatory framework for virtual asset service providers (VASPs), officially termed “sociedades prestadoras de serviços de ativos virtuais” (SPSAVs).

This marks a historic milestone in Brazil’s journey toward implementing Law No. 14,478/2022, the country’s legal foundation for virtual assets, and positions Brazil among the most advanced jurisdictions in Latin America in providing legal certainty on how digital asset service providers can operate.

Scope of the New Resolutions

• Resolution 519/2025 – This resolution defines the authorization process for SPSVAs. It clarifies how entities must apply for approval by the BCB before engaging in virtual-asset services.
• Resolution 520/2025 – This key regulation governs how SPSVAs and other authorised institutions can operate within Brazil’s virtual-asset market. It covers the types of services, governance, risk management, anti-money-laundering (AML) and counter-terrorist-financing (CTF) obligations (including Travel Rule requirements), and transition provisions.
• Resolution 521/2025 – This resolution integrates virtual-asset activities into Brazil’s foreign-exchange (FX) regime. It recognizes operations such as cross-border payments, stablecoin transactions and transfers involving self-hosted wallets as falling under the FX regulatory framework in Brazil.

Who Can Operate in Brazil’s Virtual Asset Market?

1. Sociedades Prestadoras de Serviços de Ativos Virtuais (SPSAVs)

Under Article 4 of Resolution 520, SPSAVs must be authorized by the BCB and may be classified as:

• Virtual Asset Intermediaries — Entities facilitating the purchase, sale, exchange, and management of virtual assets, including staking and FX-related operations.
• Virtual Asset Custodians — Entities responsible for safeguarding assets and private keys, maintaining records, and executing client instructions.
• Virtual Asset Brokers — Entities performing both intermediary and custodial functions.

2. Eligible Authorized Financial Institutions

The following already-regulated financial institutions may also offer virtual asset services, provided they formally notify the BCB in accordance with the established procedures:

• Commercial, investment, and “bancos multiplos”, as well as Caixa Econômica Federal.
• Securities brokers, distributors, and foreign exchange dealers.

These are henceforth referred to as eligible authorized institutions.

Transition and Grandfathering: Preparing for Compliance

Institutions currently offering virtual asset services in Brazil must transition into the new regulatory regime established by the BCB. To ensure business continuity, the framework allows these entities to continue operating provided that they meet the following obligations by October 30, 2026 (270 days from the entry into force of Resolution 520 on February 2, 2026):

• Eligible authorized institutions (e.g., banks, brokers, distributors) must notify the BCB of their intent to continue providing virtual asset services.
• Other institutions currently providing virtual asset services must apply for authorization from the BCB to operate as SPSAVs.
• Foreign institutions offering virtual asset services to Brazilian clients must migrate their operations and customer base to either:(i) an eligible authorized institution, or
• (ii) an SPSAV already operating or established to carry out these activities.

To benefit from the grandfathering period, institutions must have already been offering virtual asset services before February 2, 2026.

After October 30, 2026, any institution that has not complied with the transition requirements will no longer be permitted to operate in Brazil’s virtual asset market and must cease operations within 30 days.

Finally, it is worth noting that Article 88 of Resolution 520 establishes an adjustment period between February 2, 2026 and the BCB’s decision on phase 1 of the authorization process, during which SPSVAs must demonstrate compliance with a defined set of obligations. These include:

• Implementing a risk-management framework covering market, credit (where applicable), operational, and liquidity risks.
• Maintaining a cybersecurity policy, an incident-response and action plan, and appropriate data processing, storage, and cloud-computing arrangements.
• Establishing internal controls to prevent the use of the Brazilian Financial System and Payment System for money laundering or asset-concealment crimes.
• Implementing procedures to comply with Law 13,810/2019 regarding UN Security Council sanctions.
• Adopting the accounting and audit standards applicable to financial institutions authorized by the Central Bank of Brazil.
• Complying with any additional requirements expressly imposed by regulation for institutions in the adjustment phase.

Once the aforementioned adjustment period has ended, SPSVAs must fully comply with the provisions of Law No. 14,478 of December 21, 2022, and with the regulations issued by the Central Bank of Brazil, even if no final decision has yet been made regarding their authorization request.

Travel Rule Implementation: Timeline and Requirements

Under Article 44 of Resolution 520, SPSAVs must comply with AML/CTF obligations and the Travel Rule, ensuring that identifying information accompanies virtual asset transfers.

Requirements

For each transfer, the originator’s institution must transmit data on both the originator and the beneficiary, as follows:

The resolution explicitly establishes the obligation to report suspicious activities and to notify the BCB of any difficulties in complying with the Travel Rule that stem from the practices adopted by counterparties authorized by the BCB.

Two-Year Phased Implementation

Travel Rule implementation will occur in two stages between 2026 and 2028, according to Article 89 of Resolution 520:

During both phases, SPSAVs may rely on self-declarations from clients to identify the transacting parties and the purposes of the transactions, provided these are documented and accessible to the BCB.

Full compliance will be mandatory starting February 2, 2028.

The illustration below provides an overview of the grandfathering timeline and the phased implementation schedule for Travel Rule requirements.

Self-Hosted Wallets and FX Integration

Resolution 521 defines self-hosted wallets (“carteiras autocustodiadas”) as wallets where the user controls the private keys without a third-party intermediary.

Under the resolution, the provision of services that include transfer to or from a self-hosted wallet is subject to Brazil’s foreign exchange (FX) framework, and SPSAVs are required to identify the wallet owner.

Key Takeaways

• Brazil’s Central Bank (BCB) is assuming full regulatory responsibility for the country’s virtual asset ecosystem, establishing clear rules for authorization, operation, and supervision.
• A grandfathering period allows existing providers to continue operating compliantly, provided they meet the notification and authorization requirements outlined in the resolutions by October 30, 2026.
• The two-year phased rollout of Travel Rule obligations offers the industry a measured timeline to adapt systems, processes, and counterpart relationships to the new compliance expectations.
• The requirement to identify self-hosted wallet owners under the foreign exchange (FX) regime represents a move toward comprehensive transaction traceability across the digital asset ecosystem.
• By implementing these measures, Brazil aligns its framework with global AML and Travel Rule standards, setting a regional benchmark for regulatory modernization in Latin America.

Prepare your business for Brazil’s new Travel Rule requirements.

Notabene helps virtual asset service providers automate compliance, exchange Travel Rule data securely, and stay aligned with local and global regulations. 

👉 Register for our upcoming webinar: How to Prepare for Brazil’s New Crypto Regulatory Framework if you operate in Brazil or support customers who do. This session will help you understand what’s changing and what comes next.

Stack Chats Episode 3: The Future of Payments and the Rise of Money 3.0‍

In this episode of Stack Chats, Notabene CEO Pelle Braendgaard sits down with Kevin Lehtiniitty, CEO of Borderless.xyz, to explore how stablecoins are evolving from speculative assets into functional payment infrastructure. Kevin shares insights on building the foundational rails that connect global stablecoin networks to local financial systems, unlocking seamless interoperability and real-world utility. Watch the full episode below:

‍

From the limitations of traditional cross-border payments to the promise of “Money 3.0,” this conversation dives deep into how Borderless is making stablecoin adoption practical—and compliant—for fintechs, wallets, and regulated entities.

📌 Topics include:

• Bridging stablecoin networks with local payment systems
• Regulatory interoperability and compliance-by-design
• What “Money 3.0” means for the future of finance
• Building for developers and scaling across jurisdictions

Pelle and Kevin set the stage by looking at where stablecoins fit into today’s financial landscape and why so many companies are turning to them as part of their core infrastructure. Their conversation moves from the challenges businesses face today to the emerging solutions shaping the next generation of payments. What follows is a look at the key themes they explored and why they matter for anyone building or using stablecoin-based systems. Read on for a breakdown of the rest of the discussion points:

Why global payments still feel local

Once the conversation begins, one theme emerges right away. Even though stablecoins let value move across the world as easily as sending an email, the financial systems around them remain deeply local. Stablecoins operate on global, always-on networks. But banks, licensing regimes and national currencies still function in country-by-country silos.

Kevin has watched this play out throughout his years in the industry. Whether working on issuance, custody, collateral or payments, the same challenge appears: as soon as stablecoins touch the real world, companies encounter a maze of regulatory requirements, fragmented liquidity and inconsistent banking access.

This is the problem Borderless.xyz set out to solve. Rather than becoming another regional on or off ramp, Borderless focuses on the connective layer between them. A single integration gives companies access to diverse liquidity providers, payment partners and banking channels across many markets. Instead of every business rebuilding the same integrations repeatedly, Borderless abstracts that work into one unified network.

The hidden cost of pre-funding in global money movement

A major theme Pelle and Kevin explore is the role of pre-funding in today’s payments ecosystem. For most cross-border flows, especially in emerging markets, companies must lock funds in multiple partner accounts to simulate real-time settlement.

This creates several issues:

• Large amounts of capital sit idle across bank accounts in many countries.
• That capital is exposed to local banking risk.
• Treasury teams face constant operational pressure to balance and rebalance accounts.

Kevin shares examples of remittance companies holding more than four hundred million dollars in pre-funded balances simply to keep corridors running. This cost ultimately flows to end users through fees.

Stablecoins change the equation. Because they can move globally in near real time, they allow companies to:

• Reduce pre-funding from days of coverage to a few hours.
• Move liquidity around the clock, including weekends and holidays.
• Unlock capital that can go back into product, growth or customer acquisition.

Businesses do not have to overhaul their existing treasury workflows to gain these benefits. Stablecoins simply let them operate with far more flexibility and lower capital cost.

Open networks outpace closed loops

As the discussion evolves, Pelle and Kevin look closely at the difference between closed loop payment networks and open ones. Closed networks are controlled by a single company that determines participation and flow. They can work in limited contexts, but their total value is capped by the value of the operator controlling them.

Open networks grow far larger because value is created by everyone participating, not just the administrator. Kevin highlights several historical examples:

• The shift from isolated charge-card programs to the Visa consortium.
• The standardization of rail gauges that unlocked interstate commerce.
• The rise of Linux as the foundation of cloud computing and modern devices.

Stablecoins and public blockchains follow the same pattern. They create shared standards that many companies can build on, which expands use cases far beyond what any one entity could design.

Notabene takes the same approach. Its Transact product is built on TAP, an open messaging protocol that supports different transaction types and authorization flows without locking users into a closed database or proprietary environment. This keeps innovation open to the entire ecosystem while providing strong compliance controls.

Moving stablecoins from simple transfers to real business workflows

Most stablecoin payments today are push-only. Tokens sit in a wallet and move only when someone signs a transaction. This works for one-time transfers, but not for the full range of business payments the world runs on.

Traditional payments rely heavily on pull flows, such as:

• Subscriptions and recurring billing.
• Invoicing and accounts receivable versus accounts payable processes.
• Automated treasury and liquidity management.
• Merchant settlement and reconciliation.

Card networks became central to commerce not only because they moved money, but because they integrated directly into business systems and workflows.

This is the missing capability in stablecoin-based payments today. It is also where the partnership between Borderless.xyz and Notabene becomes important.

By combining:

• Borderless’s connectivity to stablecoin and fiat liquidity in more than seventy countries.
• Notabene’s open messaging and compliance layer built on TAP.

They are bringing stablecoin pull payments, treasury automation and workflow connectivity to businesses that want to move beyond one-off transfers. The result is a stablecoin infrastructure layer that mirrors how businesses already operate, while taking advantage of global, always-on settlement.

Money 1.0, Money 2.0 and the arrival of Money 3.0

Kevin introduces a simple framework for understanding how global money movement has evolved.

Money 1.0

Traditional networks like Swift and card schemes created the first generation of cross-border connectivity. These systems were built before the internet era. Settlement is slow, fragmented and expensive.

Money 2.0

Fintech companies improved the experience but did not change the underlying rails. To cover the limitations, they added layers of pre-funding, user-friendly interfaces and workflow tools. This produced many successful companies but did not solve the core infrastructure challenges.

Money 3.0

With blockchains and stablecoins, payments can finally be modernized at the foundation. Instead of adding more band-aids, value can move directly between counterparties that support the same stablecoin and blockchain network. This removes unnecessary intermediaries and supports real-time global settlement.

Pelle and Kevin argue that the next five to ten years will determine whether global payments continue relying on legacy patches or shift decisively to this new model.

What the next decade could look like

As stablecoin adoption accelerates across remittance providers, PSPs and global businesses, the need for an open, infrastructure-ready payments layer becomes clearer. The vision that Notabene and Borderless share is grounded in a few core ideas:

• Stablecoins can settle business payments directly.
• Local liquidity can be accessed without each company rebuilding the same integrations.
• Workflows and compliance can run on open messaging networks like TAP.
• Money can finally move at the speed of the internet rather than the speed of legacy rails.

For businesses exploring stablecoins, this episode offers a practical look at what it takes to move from experimentation to production. Money 3.0 is not a distant idea. It is already taking shape, and the companies building it are laying the groundwork today.

Episode breakdown

Here is a quick minute-by-minute guide to the conversation:

• 00:00 - 03:00
• Introductions. Pelle and Kevin talk about their history in stablecoins and why stablecoin adoption has felt like "it is coming next year" for nearly a decade.
• 03:00 - 08:00
• Global assets vs local fragmentation. Why regulatory licenses, banking rails and central bank currencies will always remain local, and what that means for anyone building on stablecoins.
• 08:00 - 15:00
• On and off ramps as the next generation of banks. Borderless’ view of orchestrators, market makers and local liquidity partners, and why building the same integrations again and again adds no real enterprise value.
• 15:00 - 22:00
• Where stablecoins deliver the most value today. Dollarization and the "store of value" use case in emerging markets versus the much bigger opportunity in global payments.
• 22:00 - 30:00
• Pre-funding and the illusion of real-time. How correspondent banking actually works, the risks of pre-funding in different markets and why stablecoins can release hundreds of millions in trapped capital.
• 30:00 - 36:00
• Open networks vs closed loops. Visa, railroads and Linux as case studies for why open systems outcompete walled gardens over time, and what that means for stablecoin ecosystems.
• 36:00 - 42:00
• TAP, open messaging and Flow / Flow Forward. How Notabene uses an open protocol rather than a closed database, and how that supports many use cases from payments to trade settlement on the same compliance rails.
• 42:00 - end
• Money 1.0, 2.0 and 3.0. Kevin’s framework for the future of money, and how Borderless XYZ and Notabene think about success over a 5 to 10 year horizon.

‍

🎙️ Stack Chats is Notabene’s video series for product leaders, fintech builders, and infrastructure innovators shaping the next generation of blockchain-based payments.

We are standing at the edge of a defining opportunity for the crypto industry. The Travel Rule is still perceived by many as a burdensome obligation that should be met with a check-the-box approach. But in reality, it is the catalyst for building critical infrastructure needed to unlock stablecoin payments at global scale and connect digital assets to the real economy. Once it is understood in this light - not as another compliance obligation, but as the foundation of the next phase of market infrastructure - its effective implementation becomes a strategic imperative deserving of united industry action. Only collective alignment around interoperability and openness will make effective implementation possible.

The Value of the Travel Rule: A Catalyst for Real-World Adoption

The Travel Rule requires financial institutions to securely exchange originator and beneficiary information before or in parallel with a virtual asset transfer. At first glance, this might seem like a regulatory nuisance, another box to check. In reality, it introduces a profound change in how crypto transactions work.

Natively, crypto payments are unilateral and context-free: senders can move value without the receiver’s consent, and the information recorded on the blockchain provides no information about who was transacting or why. These characteristics have slowed down the adoption of crypto rails for business and institutional use cases that depend on context, authorization, and risk controls.

The Travel Rule changes that. By requiring counterparties to exchange information before settlement, it introduces, for the first time, an opportunity to build a pre-transaction authorization flow into crypto transactions. Institutions must communicate before funds move. This creates the missing messaging layer that connects transactions to compliance processes, payment context, and counterparties.

What began as a regulatory requirement has become a forcing function for the infrastructural upgrade that crypto has been missing. Through the Travel Rule, the industry is building the same kind of pre-settlement messaging rails that power traditional payments, where transactions carry context, receivers can approve or reject transfers, and value and information travel together.

In this sense, the Travel Rule is more than a compliance requirement - it serves as the catalyst for building the missing foundations of institutional trust in crypto. By requiring institutions to exchange information before settlement, it opens the door to systems that restore control and risk management to both sides of a transaction. By mandating data exchange, it attaches real-world context to payments. And by making counterparties visible, it creates a trust fabric that allows institutions to confidently transact with third-parties in open loop systems, opening up business opportunities.

Together, these shifts establish the trust layer that crypto has been missing and unlock its potential to move beyond speculative markets and power the next generation of global payment systems.

Why Travel Rule Implementation Has Stalled

Since its adoption by the FATF in 2019, the Travel Rule has been implemented as a regulatory requirement for virtual asset transactions across jurisdictions worldwide. The FATF reports that 99 jurisdictions have passed or are in the process of passing Travel Rule legislation¹. Regulatory clarity is no longer the barrier. The barrier is infrastructure and whether the industry will choose a future defined by open connectivity, or fragmentation and control.

From the outset, interoperability has been cited as a primary barrier to Travel Rule implementation. In hindsight, this was almost inevitable.

Travel Rule information pipelines are emerging as the financial messaging backbone of the crypto economy. In traditional finance, we have clear precedents: SWIFT is classified as a systemically important messaging network deserving of cooperative oversight by G10 central banks, the European Central Bank, and the chair of the G10 Committee on Payment and Settlement Systems². Control over the Travel Rule messaging layer is highly attractive as it ultimately provides control over market access. Thus far, the fight for control has come at the expense of effective Travel Rule implementation, with limited coordination toward establishing open standards or interoperability.

As a result:

• Compliance silos persist,  reflecting not just the lack of interoperability and open standards, but also the fragmented pace of Travel Rule adoption and enforcement worldwide. According to the 2025 State of Crypto Travel Rule survey, over 60% of respondents reported that almost none or only a small portion of incoming transactions include the required Travel Rule information

  

• Law enforcement lacks access to critical information, limiting the ability to investigate and disrupt illicit activity
• Crypto cannot fulfill its potential because it lacks the infrastructure necessary for integration into the global economy, as further explained in the above section

A Moment of Choice: Network Effects or Network Control

Overcoming the challenges in Travel Rule adoption is not simply about regulatory compliance; it is about unlocking crypto’s role as the next-generation backbone of global finance.

The core promise of crypto lies in openness: borderless settlement and universal reach. These advantages are only realized if the supporting messaging layer is equally open. Just as the internet scaled through universal protocols rather than private networks, crypto adoption can only reach its potential through open standards.

History has already shown that open networks win:

• SWIFT and ISO 20022 created a shared messaging language that enables thousands of financial institutions to transact globally.
• HTTP for web browsing, SMTP for email, and critically, SSL for secure transactions allowed any computer to connect to any other, regardless of service provider, enabling the open web to flourish and creating exponentially more value than the closed systems they replaced.

Crypto must follow this path. The messaging layer for Travel Rule compliance and transaction authorization cannot be proprietary and controlled by a handful of market actors. It must be built on open standards that allow every institution to connect, transact, and innovate without seeking permission from a competitor. Closed, proprietary protocols create fragmentation, entrench market power, and suppress innovation, preventing crypto from fulfilling its economic potential.

Advantages of Open Standards

Innovation through competition

Open networks eliminate lock-in. Institutions can choose service providers freely without risking access to counterparties. This forces innovation to flourish as providers must compete on service quality, not network control. 

Connectivity over control

Open, neutral messaging standards ensure every institution retains autonomy over counterparties, risk rules, and transaction authorization, without ceding control to a central operator. An open messaging layer also creates the network effects that allow the industry to prosper. Every new participant increases the value of the network for all others.

The Cost of Fragmentation

The alternative is a fragmented ecosystem that undermines the value-add of crypto. Imagine if, instead of a unified network like SWIFT, the global financial system had evolved into dozens of incompatible, closed messaging networks,  each unable to communicate with the others. Payments would stall at borders, institutions would struggle to reach counterparties, and innovation would be stifled by inefficiency. This is precisely the path crypto risks taking without open standards. Competing silos may deliver short-term advantages to a few, but they erode the collective value for all. For a technology built on openness and global connectivity, allowing fragmentation to persist would mean falling short of its original promise. Without interoperability, crypto cannot fulfill its potential as a truly borderless financial system, and we risk setting the industry back by years.

A Call to the Industry

If the Travel Rule messaging layer is built on proprietary networks, the industry will remain trapped in compliance silos. Travel Rule will become a regulatory burden that slows down business, instead of a catalyst to build the infrastructural upgrade that crypto has been missing.

But if we embrace open standards, we can turn Travel Rule into an opportunity to adopt an open authorization and messaging layer that connects counterparties, unlocks network effects and  powers real-world adoption.

Solving Travel Rule interoperability is not only a compliance urgency, it is a strategic imperative for the industry to flourish. And it requires a collective endorsement of open standards.

Notabene is committed to an open and interoperable future. Our platform is powered by the Transaction Authorization Protocol (TAP), an open standard purpose-built for transaction authorization and Travel Rule compliance in digital assets. We invite all industry participants, regulators, and innovators to join us in advancing this standard, and we reaffirm our commitment to ensuring full interoperability with other open standards that share our vision for a connected and transparent digital finance ecosystem.

¹ FATF, June 2025, VIRTUAL ASSETS: TARGETED UPDATE ON IMPLEMENTATION OF THE FATF STANDARDS, Figure 1.11.  

² https://www.ecb.europa.eu/press/financial-stability-publications/fsr/focus/2005/pdf/ecb~d573ca68c6.fsrbox200512_18.pdf 

Few technologies have captured the imagination of the financial world quite like stablecoins. They promise to make money programmable, borderless, and instant. With blockchain as their foundation, stablecoins can streamline settlement, reduce costs, and open up a new era of global commerce.

Yet despite their growing adoption, stablecoins represent only 0.03% of the $120 trillion B2B payments market. The reason is simple: on their own, stablecoins don’t constitute a full payment system.

Businesses need more than fast transfers. They need context—the ability to link payments to contracts, invoices, and compliance data. Institutions processing payments for businesses also need to operate with counterparty trust and robust compliance frameworks.

The potential of stablecoins to revolutionize payments will remain largely untapped until these missing layers are built.

Why Stablecoin Payments Need Authorization and Context

Traditional payment systems have long relied on authorization—the ability to approve a transaction before settlement. When a card is swiped or a wire is initiated, institutions verify funds, screen for fraud, and apply compliance checks. This two-step process—authorization first, settlement later—is what makes payments reliable, reversible when needed, and compliant.

Equally important is the context: the information that moves alongside the funds. Payment messages transmit essential information for compliance and business operations, including Travel Rule data, invoice numbers, merchant details, and customer identifiers. This context allows businesses to reconcile payments with contracts, match them with invoices, and meet AML/CTF requirements.

Crypto transactions, by contrast, are unilateral and lack context. Whoever holds the private keys decides has full control to decide whether settlement happens. Without a pre-transaction authorization step or counterparty context, institutions have no way to vet, approve, or refuse incoming funds. Additionally, blockchains record only the amount, asset, and wallet addresses—no information about the counterparty, purpose, or which invoice it references.

Without a pre-transaction authorization step or counterparty context, crypto rails can’t power real-world payments. Businesses need to know who they’re transacting with, why a payment is being made, and whether it meets compliance criteria before funds move.

This is a key limitation stablecoins face today. They enable instant, global value transfer, but lack the context, trust signals, and institutional coordination that make payments truly work for businesses.

How the FATF Travel Rule Became a Catalyst for Crypto Authorization

When the FATF introduced the Travel Rule in 2019, it created the perfect conditions to build a compliant authorization layer for crypto. The rule requires counterparties in a virtual asset transaction to exchange originator and beneficiary information before settlement.

For the first time, crypto institutions were required to collaborate before a transaction occurred, mirroring the same pre-transaction authorization and due diligence flows that underpin traditional finance.

At Notabene, we saw this as a pivotal opportunity. The Travel Rule isn’t just a regulatory requirement—it’s an architectural upgrade. It gives the industry a shared standard to exchange trusted information, unlock counterparty confidence, and enable compliant, authorized crypto transactions at scale.

We’ve Already Built It: Pre-Transaction Authorization as Best Practice

Over the past five years, Notabene has turned Travel Rule compliance into an operational standard for the industry.

Today, more than 2,000 institutions across 100+ jurisdictions rely on Notabene’s open Transaction Authorization Protocol (TAP) to exchange verified transaction data and pre-transaction authorizations. To date, the Notabene Network has powered more than $2 trillion in compliant transaction volume.

Within our network, pre-transaction authorization has become an established best practice. Counterparties exchange compliance data, verify each other’s risk profiles, and explicitly approve transactions before funds move.

The Dilemma: Global Travel Rule Adoption Still Faces Gaps

Since the FATF introduced the Travel Rule in 2019, global implementation has expanded rapidly but unevenly.

According to the FATF’s June 2025 targeted review, 85 jurisdictions now enforce or have enacted Travel Rule legislation, up from 65 in 2024. 99 out of 117 jurisdictions had either passed or were in the process of passing relevant legislation at the time of the report.

However, only 35 jurisdictions have initiated active enforcement or supervisory actions. Nearly 60% of jurisdictions with legislation have yet to begin active Travel Rule enforcement.

Even where rules exist, VASPs face structural barriers to compliance. Because public blockchains are open settlement layers, VASPs cannot fully control the origin of incoming transfers. Many VASPs still lack the ability to reject deposits that arrive without verified Travel Rule data or from untrusted counterparties, which undermines their ability to maintain consistent counterparty risk controls.

This fragmented and inconsistent implementation, coupled with persistent technical interoperability challenges, limits the Travel Rule’s full potential. To unlock the next generation of payments, authorization and compliance must become built-in properties of the transaction, not optional layers added after the fact.

Notabene Flow: Stablecoin Payments with Authorization Built In

Enter Notabene Flow, the open stablecoin payments platform that makes authorization and Travel Rule compliance native to every payment.

Flow uses an addressless payments architecture: settlement addresses are revealed only after all Travel Rule information is exchanged and the required due diligence, consent, and compliance checks are completed. No address, no payment—and as a result, no possibility of unauthorized or non-compliant settlements.

Here’s how it works in a Pull Payment scenario:

1. Payment initiation – The merchant’s payment service provider (PSP) issues an invoice and payment request in Flow, automatically generating a Travel Rule message that includes payee data and transaction details.
2. Payment response – The payer selects their payment provider, who adds payer information to the Travel Rule record.
3. Dual authorization – Both counterparties conduct compliance and risk checks.
4. Settlement and disclosure – Once both counterparties have completed their compliance checks and authorized the transaction, the agent representing the payee sends an authorization message back to the agent representing the payer. This message includes the settlement address, which is revealed only at this stage. .

This model elevates pre-transaction authorization from a best practice to a built-in feature of every Flow payment. It also transforms the Travel Rule from an isolated compliance task into a requirement enforced by the design of the payment itself.

By revealing settlement addresses only after both sides complete authorization and exchange verified information, Flow makes it technically impossible to receive unvetted or non-compliant deposits. Institutions regain full control over inbound payment flows, strengthening their ability to apply consistent counterparty risk policies, prevent unwanted exposure, and enforce compliance at the protocol level.

Business-Ready Stablecoin Payments—Built for the Real World

Notabene Flow transforms stablecoins from fast settlement tools into a fully authorized, compliant, and business-ready payment network.

By combining the instant settlement of stablecoins with a pre-transaction authorization and compliance layer, Flow delivers what neither can achieve alone:

• Instant, borderless settlement without intermediaries
• Pre-transaction authorization, counterparty verification, and Travel Rule compliance
• End-to-end control and transparency across every transaction

With Flow, companies can finally unlock the efficiency of stablecoins — without sacrificing oversight, trust, or regulatory alignment.

This is the foundation for the future of B2B payments: instant, compliant, and ready for the real world.

Explore Notabene Flow and join the network.

In this episode of Stack Chats, a new video series from Notabene, Pelle sits down with Anoosh Arevshatian, CPO of Zodia Custody, to talk about the complex world of custodial services in the digital assets space.

On September 29, Notabene Summit 2025 brought stablecoin operators, payment innovators, and compliance experts together in New York City to explore a critical question: how do we build the trust infrastructure that turns global stablecoin payments into a reality?

Against the Manhattan skyline, industry leaders gathered to discuss the $120 trillion B2B payments opportunity, and the role that stablecoins will play in capturing it. The timing couldn't be better. With regulatory clarity emerging in the US and institutional adoption accelerating globally, the conversation around stablecoin adoption has shifted from "if" and “when”, to "how."

These were the three defining insights from the day:

1. Trust Infrastructure Unlocks Institutional Adoption

Regulatory clarity was the first domino to fall. With the GENIUS Act now law and broader market structure legislation advancing, the US is finally signaling openness to innovation. As Chris Shimizu, AML Program Manager for Robinhood, put it after 14 years in crypto compliance: “It’s amazing to finally see this level of openness in the US.” 

Now comes the harder part: turning that clarity into operational reality.

In the first two panels of the day, leaders from Blockchain Association, the US Treasury Department, Anchorage Digital, Talos, Apollo, Digital Asset, and DRW outlined what needs to happen next. Christine Moy from Apollo described the institutional trust challenge: 

"You couldn't trust the technology because it was new and parametrically different from anything that you ever built internally at a centralized financial institution." —Christine Moy, Partner, Strategy (Digital Assets, Data, AI), Apollo

Mark DuBose from Anchorage summed up the moment: 

"GENIUS was good for the United States. Clarity will be really good for the industry." 

Regulatory progress opened the door. Now institutions need the tools to walk through it.

The operational barriers are formidable:

• Travel Rule compliance is required across jurisdictions with differing implementations
• Real-time counterparty verification is needed for multiple transaction participants
• Due diligence at scale is a significant operational burden

The principle repeated throughout the day was clear: trust can’t be outsourced to a closed network. Institutions need open, interoperable tools that let them enforce their own policies while operating at scale.

Regulation provides the framework. Trust infrastructure makes it work.

2. B2B Stablecoins Face a $120T Opportunity

The numbers are staggering: $120 trillion in annual B2B payment flows, and stablecoins currently capture 0.03% of it. The gap isn’t demand. It’s infrastructure that doesn’t yet serve real business needs. 

During the Summit, Alice Nawfal walked through a simple example: a Portuguese clothing manufacturer paying a Turkish fabric supplier. This simple transaction involves five intermediaries, six SWIFT messages, transfer fees, and operational overhead at every step.

"Traditional banking rails were designed to optimize for domestic payments, not the kind of fast global trade businesses need today," Notabene's Pelle Braendgaard added.

Stablecoins natively solve one half of the settlement problem with 24/7 availability, low costs, and instant finality for sending payments. But their "push-only" transaction model leaves out essential B2B workflows: no pull payments, recurring billing, payment requests, nor dispute resolution.

The closing panel—featuring leaders from Walapay, Bitso, Mastercard, and Borderless—dialed up the urgency. Kevin Lehtiniitty of Borderless noted that one of the most common questions from TradFi companies is how to enable requests for payments — a capability that, until now, hasn’t existed. "How can we stop moving money on Telegram, please, as an industry," he pled with the audience.

Announced live at the Summit, Notabene Flow is the our next major product evolution: an open coordination layer for trusted B2B stablecoin payments. Built on Notabene's existing network of 2,000+ regulated entities processing $1.5 trillion annually, Flow combines three elements:

• Context - Provided by secure data messaging between entities, related to the transaction, and facilitated by the open-source TAP protocol
• Trust - Provided by 2,000+ trusted entities completing Travel Rule-compliant transactions on the Notabene Network today
• Authorization - Via Notabene Transact’s automated transaction authorization platform that allows counterparties to use custom policy engines to approve, reject, or flag transactions based on their own unique business needs and risk factors.

The combination of these three key elements is what allows us to build a payments layer on top of our existing network that can enable pull payments. This payment type, which includes recurring billing, payment requests, and subscription flows, is an essential capability that traditional businesses rely on —and a key reason that stablecoins have not yet been able to make a dent in the massive B2B payments market.

The result is near-100% straight-through processing rates and a pathway to scale compliant stablecoin payments across borders with no need for costly and burdensome bilateral banking relationships in each jurisdiction.

Anoosh Arevshatian from Zodia Custody (one of twelve Founding Partners of Notabene Flow, also including Bitso, Borderless.xyz, Dfns, Flutterwave, Gnosis, Monerium, Orbital, Portal, Walapay, Yellow Card) said of the launch: 

"Compliance and trust aren't optional—they're the foundation of how we operate. That's why we value working with partners like Notabene, who embed instant counterparty trust into every transaction."

Mukul Tripathi from Mastercard added, "Notabene is very uniquely positioned to solve some of the very pressing pain points that exist in the industry with compliance first... making the whole ecosystem trustworthy."

Notabene CEO Pelle's Brændgaard summarized the vision: 

"This is really why I got into crypto in the first place 15 years ago. We're going from being SWIFT for crypto to let's just be a better SWIFT."

3. Open Architecture Drives Adoption 

The way payment networks are structured isn’t just a technical choice. Architecture determines which institutions can participate and how efficiently they can operate.

Kevin Lehtiniitty of Borderless.xyz highlighted the industry shift: 

"A year and a half ago, VCs were saying 'you have issuers, blockchains, and on-ramps—we're done.' Now with Circle CPN and Fireblocks Network launching, people are circling back: 'Wait, maybe there's more to this.'"

Payment networks need to evolve in an open context rather than creating a series of walled gardens. Without that openness, the industry risks returning to the same limited structures that blockchain was supposed to improve.

The open vs. closed question is practical, not philosophical. Closed networks force binary choices: join our ecosystem on our terms, or build everything yourself. The practical benefits of open networks are clear:

• Implement your own counterparty verification policies
• Connect to multiple liquidity sources simultaneously
• Work with preferred compliance and custody providers
• Operate across jurisdictions with different requirements

Across the Summit, examples illustrated how open networks unlock real-world B2B payments. Ben Reid from Bitso is creating on-ramps for Mexican peso and Brazilian real stablecoins. Tom Borgers of Walapay is connecting emerging market corridors. Kevin Lehtiniitty of Borderless.xyz is building scalable transaction processing infrastructure. And Notabene Flow provides the coordination layer that ties it all together.

The pieces only work together if they're interoperable.

As Brændgaard put it: 

"Crypto should be open, stablecoins should be open, payments should be open."

What’s Next?

The decisions made today will determine whether stablecoins scale in B2B payments or remain a promising but limited technology. To realize the opportunity, three building blocks must come together:

1. Trust infrastructure that institutions can build on: Not just compliance checkboxes, but tools for real-time counterparty verification and risk management at scale.

2. Payment coordination that serves real business needs: Pull payments, recurring billing, dispute resolution—the real-world capabilities that make large payment volumes work.

3. Open networks that preserve control: Interoperable infrastructure that lets participants maintain their own policies while gaining the benefits of coordination.

The validation throughout the 2025 Notabene Summit suggested that the industry recognizes what's needed. The companies building these solutions aren't waiting for permission. They're solving immediate problems for customers who need better payment rails today.

Stablecoins will transform B2B payments. The only question is how quickly we build the infrastructure needed to make it happen.

Let’s build it together.

Notabene Flow testnet is live, APIs and documentation ready, and Founding Partners already integrated. To learn more and join the open network, visit notabene.id/flow.

Notabene Flow introduces new business payment capabilities like pull payments and recurring subscriptions, enabling its fast growing network to tackle the huge addressable B2B payment market. The launch is backed by founding partners Bitso, Borderless.xyz, Dfns, Flutterwave, Gnosis, Monerium, Orbital, Portal, Walapay, Yellow Card, and Zodia Custody.

NEW YORK — September 29, 2025
Notabene, the trust layer for global money movement, today announced the launch of Notabene Flow—the first open stablecoin payments platform built for high-value cross-border business payments, on its active network of 2,000+ regulated entities processing over $1T annually.

The $120T global B2B payments market is massive, and while stablecoins provide faster and more efficient transactions, they account for only a tiny 0.03% of this volume. Their role remains limited because today’s crypto rails lack the trust infrastructure that traditional payment systems provide—capabilities like coordination, authorization, invoicing, and dispute resolution. Without these, companies struggle to prevent fraud, block illicit activity, and manage payment reversals. The result: stablecoin businesses are locked out of the larger B2B market or limited to one-way, push-only payments.

Notabene Flow unlocks this market by delivering the payment coordination and authorization layer missing from crypto rails. It introduces pull payments, recurring subscriptions, and compliant multi-party flows, all built on the strength of the Notabene Network—the world’s largest regulated crypto network, active in 100+ jurisdictions and processing over $5B in transaction volume a day.

“At Bitso, we have seen firsthand how stablecoins are a foundational layer for the next evolution of financial infrastructure, particularly in Latin America. But in addition to the value layer provided by stablecoins and the movement layer enabled by blockchain, an interoperability and compliance layer is required to fully bring this evolution to the most demanding institutional payment flows. Notabene addresses this directly with Notabene Flow, and building on a trusted existing network that provides the necessary layers of security and transparency is crucial for Bitso's growth strategy in cross-border business payments.”
—Ben Reid, Head of Stablecoins at Bitso

Having already tackled one of the industry’s toughest challenges—cross-border Travel Rule compliance—Notabene is now transforming their compliance core into a revenue engine. Notabene Flow’s open-loop network and transparent economic model incentivizes verified participants through revenue-sharing on competitively priced, stablecoin-powered transactions and reduced operational overhead and compliance costs, creating a virtuous cycle of adoption that rewards network participants while fueling sustainable growth of B2B stablecoin payments worldwide.

“Cross-border B2B payments have always been slow, expensive, and complex. Stablecoins are the first real opportunity to change that—but these high-value payments need a trust framework to succeed at scale. Notabene Flow delivers that framework, giving businesses the ability to run trusted, compliant payment flows with the efficiency of stablecoins and the reliability they expect from traditional finance.”
—Pelle Braendgaard, CEO, Notabene

Notabene Flow delivers immediate value through a single API integration that unlocks Travel Rule–compliant, multi-party B2B payment flows—making launching cross-border digital payments as simple as flipping a switch. With one integration, businesses gain instant access to an established and trusted global network that combines regulatory certainty with the flexibility of stablecoin and digital-asset payments.

“At Zodia Custody, compliance and trust aren’t optional—they’re the foundation of how we operate. Our institutional clients demand the same. That’s why we value working with partners like Notabene, who embed instant counterparty trust into every transaction. With Notabene Flow, a single integration point provides us the opportunity to expand stablecoin payments in a way that meets the highest standards of security and interoperability, with no heavy technical lift on our end."
—Anoosh Arevshatian, Chief Product Officer, Zodia Custody

Through a partnership with the Global Legal Entity Identifier Foundation (GLEIF), entity verification is anchored to the internationally recognized LEI standard, giving every participant a reliable foundation of counterparty trust. As of mid-September 2025, the Global LEI Index records just over 3.05 million LEIs issued worldwide, with more than 93% (~2.85 million) active. This reach and interoperability allows institutions to implement custom policy-based workflows aligned to their risk tolerance and jurisdictional needs—strengthening compliance while enabling faster, more scalable growth. 

Notabene Flow is open-loop by design and built on the Transaction Authorization Protocol (TAP)—an open messaging standard that enables any verified entity to transact securely with trusted participants. Open-loop means no gatekeeping: no restrictions on assets, blockchains, jurisdictions, or membership tiers. Standardized messaging across the ecosystem enables trusted payment coordination with built-in Travel Rule compliance, eliminating the regulatory and operational burden of setting up separate entities, licenses, or bilateral agreements. Just as SWIFT standardized financial messaging for banks, TAP provides a common language for transaction authorization in the digital asset economy.

"As the first and one of the largest stablecoin payment networks, we believe mass adoption requires open standards - not additional walled gardens that create more fragmentation and slow growth. Companies already face a patchwork of providers, regulations, and jurisdictions, and the limits of push-only payments are clear. Having rolled out our network with leading stablecoin providers across 70+ countries, including Bridge, Bitso, and Yellow Card, we have seen firsthand the need for pull and recurring payments. We’re excited to partner with Notabene Flow to make this possible across our global on- and off-ramp network."
—Kevin Lehtiniitty, CEO, Borderless.xyz

Notabene Flow builds on the proven scale of the Notabene Network, trusted for over 5 years by more than 240 institutions to power fully compliant, multi-party transactions with straight-through processing rates above 85%. With the launch of Notabene Flow, Notabene cements its position as the de facto trust layer for global money movement—expanding beyond compliance to solve the broader challenge of enabling trusted, interoperable transactions across stablecoin rails.

Businesses can join the network today at notabene.id/flow.

‍

‍

About Notabene

Notabene is the trust layer for global crypto money movement, powering the largest Travel Rule-compliant transaction authorization network for regulated institutions globally. Our platform enables regulated entities across 100+ global jurisdictions to securely and seamlessly verify counterparties, authorize transactions, and comply with regulations—ensuring trust in every transaction.

With SOC-2 certification, ISO27001 compliance, and a strong focus on privacy and user experience, Notabene provides industry-leading tools for stablecoin payments, real-time transaction authorization, counterparty sanctions screening, and self-hosted wallet identification.

Headquartered in New York, Notabene operates globally with a presence in Switzerland, Singapore, Germany, and the United Kingdom. Trusted by over 240 companies, including Copper, Luno, Crypto.com, and Bitstamp, Notabene helps institutions build trust into every transaction while ensuring compliance with evolving regulatory frameworks.

Learn more at Notabene.id

Connect with us on LinkedIn | X

‍

‍

‍

‍

In this first episode of Stack Chats, a new video series from Notabene, Pelle sits down with Clarisse Hagége, CEO & Co-Founder of Dfns, to talk about stablecoin payments infrastructure and unique institutional needs.