On March 6, the U.S. Department of the Treasury submitted to Congress its report mandated under the GENIUS Act (covered by InfoBytes here), detailing how regulated financial institutions are using, or could use, innovative technologies to combat illicit finance involving digital assets. The report, required by Section 9(e) of the statute, outlined findings from a public request for comment issued in August 2025 (covered by this Orrick Insight here), which drew more than 220 responses from industry associations, technology providers and other stakeholders. Treasury assessed risks posed by illicit actors’ abuse of digital assets and examined tools such as AI, digital identity verification, blockchain analytics, application programming interfaces (APIs), and decentralized finance for detecting money laundering and sanctions evasion. Treasury noted that digital asset mixers, which are software tools that obscure transaction paths, can serve lawful privacy purposes but are also used by criminals to conceal illicit activity, sometimes alongside stablecoins to convert assets into fiat currency.

The report’s recommendations include issuing guidance, statements of support or FAQs to encourage financial institutions to integrate AI into BSA/AML compliance programs, developing open-source API guidelines, and providing guidance on verifiable digital credentials consistent with customer identification programs. Treasury stated it will work with Congress to explore legislation that incentivizes digital identity adoption through additional grant funding for small businesses and state authorities, collaborate with the National Institute of Standards and Technology and international partners to promote common guidelines, and partner with Congress to better enable third-party providers to conduct identity verification. Other legislative options explored include updating frameworks for voluntary information sharing related to fraud prevention and considering a digital asset-specific “hold law” that would grant safe harbor for temporary asset retention during investigations. The report emphasized the need to promote responsible innovation in compliance and, at the same time, to address operational, privacy and cybersecurity challenges — particularly those faced by smaller institutions due to cost barriers, regulatory uncertainty, and a lack of industry standardization.