GENIUS ACT: Implementation Treasury Proposes State Regulatory Equivalence Standards
Under the GENIUS Act, the OCC was designated as the federal bank regulator authorized to issue national charters to business organizations involved in stablecoin issuance and related activities that would vest them with broad authorities excluding depository accounts/services. The Act also provided for businesses to choose to operate under state charters provided the state banking/other agency issuing them operated under a regulatory framework substantially similar to the federal framework. Comments on both proposals are due in early May with the regulations expected to be finalized shortly thereafter to meet a July deadline specified in the Act.
A week after the OCC proposed its regulatory framework, the Treasury proposed the standards state agencies would need to satisfy to issue charters. The OCC proposal includes the operating requirements for OCC chartered entities, while the Treasury proposal is directed to the state agencies that would then need to develop the frameworks state chartered entities would have to comply with.
Digital sovereignty risks complicating global data flows and innovation
International Association of Privacy Professionals Article
The IAPP (International Association of Privacy Professionals) is a policy neutral, not-for-profit association with a mission to define, promote and improve the professions of privacy, artificial intelligence governance and digital responsibility globally. They offer professional certifications and develop and promote best practices/standards.
This IAPP article discusses a global shift by nations seeking to pass laws that provide them with control of the systems that enable cross-border data flows and the entities within their borders that collect, store and process data. The potential ramification is disruptions in the free flow of data that businesses and individuals increasingly depend upon and that geopolitical forces are increasing the frequency and magnitude of these disruptions causing nations to move even more quickly to protect data within their borders. Data sovereignty is term used to refer to national legal frameworks regulating data that is created, processed, or stored in a country. It is distinct from legal privacy/ownership frameworks governing the ownership and use of data. In the case of data created in one jurisdiction, that is processed and housed in one or more others, multiple frameworks can apply leading to complexity in managing compliance obligations. Further, from a policy perspective, different countries take different approaches in designing their frameworks with some imposing strict sovereignty (eg, Russia) while others are in between (EU) and still other jurisdictions lacking frameworks altogether (United States)
U.S. Financial Regulators Propose Audit-Ready Controls to Govern AI
In support of President Trump’s AI Action Plan (July 2025), in February 2026, Treasury announced it was initiating six workstreams in partnership with industry and federal and state agencies that developed the following deliverables to help enable secure and resilient AI across the U.S. financial system:
- AI Lexicon
- Financial Services AI Risk Management Framework (FS AI RMF)
- Mitigating AI-Powered Attacks Against Identity and Authentication (2 parts)
- Recommendations for Private Sector
- Recommendations for Policymakers
- The Explainability deliverable – AI and Explainability in Finance: Explainability Challenges, Practices and Recommendations (January 2026)
- The Data Nutrition Labeling (DNL) deliverable: Data Nutrition Labels: Supporting AI Explainability in Financial Services (March 2026)
- The AI Enhanced Fraud deliverable: AI-Generated Fraud in the Financial Sector: Threat Categories and Defense Strategies (2026)
