Web3 Little Lawyer: Funds Arrive, Compliance Has Not—The Compliance Gap in Stablecoin Payment Acceptance and Merchant Selection

Author: Will A-Wang | Web3 Little Law

Original link:

Disclaimer: This article is a reprint. Readers can obtain more information through the original link. If the author has any objections to the form of reprinting, please contact us, and we will modify it as per the author’s request. Reprinting is for informational sharing only and does not constitute any investment advice, nor does it represent the views and positions of Wu’s remarks.

Receiving payments in USDT, arriving in ten seconds, with chargebacks disappearing—this is the real experience of many digital entertainment merchants when they first engage with stablecoin payment acceptance. But the arrival of funds is just the simplest part of this matter.

In the traditional payment acceptance system, the issuer bank, acquirer bank, and card organizations share all the invisible tasks: identity verification, risk screening, suspicious transaction reporting, and handling of consumer disputes. Stablecoins eliminate every intermediary layer in this mechanism. At the moment the on-chain transfer is completed, none of these four tasks are being performed by any party.

This article discusses this gap: who will fill it, how to fill it, and to what extent it is considered compliant. For platforms building stablecoin payment acceptance services and merchants evaluating whether to integrate, this is not a theoretical regulatory issue—it’s a compliance risk that already exists within your current business structure.

1. Payment collection and payment acceptance are not the same thing

By the end of 2023, a Southeast Asian digital entertainment merchant’s Stripe account was permanently suspended due to a chargeback rate exceeding the threshold. Within three weeks, they integrated a stablecoin payment platform registered in Saint Vincent, USDT started arriving, and chargebacks disappeared. But two years later, a compliance audit revealed: none of the transactions in those 24 months had undergone on-chain risk screening.

The money arrived. Compliance did not.

This is the real issue that stablecoin payment acceptance needs to address.

Stablecoins are inherently “payment collection,” not “payment acceptance”—the money moves from wallet A to wallet B, confirmed on-chain, and that’s it. We borrow the term “payment acceptance” because it points to a more accurate issue: merchants need not just to receive money but a complete service system that supports this money being legal, safe, and auditable.

In the traditional card system, this service system is shared by three parties: the issuer verifies the cardholder’s identity, the acquirer assumes each transaction and bears the risk exposure, and the card organizations handle settlement in between. When a merchant processes a card payment, a whole set of responsibility distribution mechanisms operates silently—KYC is done by someone, risk is borne by someone, chargebacks are handled by someone, and reports are submitted by someone. This is completely invisible to merchants and requires no management.

Stablecoins have eliminated all the intermediary layers in this mechanism. The funds have arrived, but:

· No party has completed the identity verification of the payer (KYC) · No party has performed risk screening on this transaction (KYT) · No party has reported suspicious fund flows to regulators (STR) · No party can handle payment errors or consumer disputes (Dispute)

These four deficiencies represent the entire gap between stablecoin payment collection and true “payment acceptance.” Who will fill it, how to fill it, and to what extent is considered compliant—this is all the questions this article aims to discuss.

Technically, stablecoin payment acceptance is a peer-to-peer transfer. Commercially, it must complete all the tasks that traditional acquirers handle. The value of stablecoin payment acceptance is not on-chain but off-chain.

2. Demand-driven: Why merchants are moving in this direction

What drives merchants towards stablecoin payment collection is never enthusiasm for new technology. The core demands driving their integration are three.

Demand 1: Eliminate chargebacks

Chargebacks are not a side risk of online payments; they are a structural feature. All online transactions lack physical card swiping, signatures, and face-to-face verification, placing the entire burden of proof for disputes on the merchants.

The scale of the issue is evident. Chargeflow data shows that global e-commerce chargeback losses will reach $33.8 billion by 2025, and are expected to rise to $41.7 billion by 2028. Sift’s Q4 2024 Digital Trust Index breaks it down into two layers: on a scale level, the average chargeback amount in Q1 2024 skyrocketed 59% year-on-year to $374; on a structural level, the chargeback rate for online travel and accommodation surged 816%, e-commerce rose 222%, and digital goods and services increased by 59%. Digital entertainment and financial services together account for 30% of all high-risk merchant disputes.

The root of the problem lies in the reversibility design of the credit card system. Friendly fraud—users initiating chargebacks for “unauthorized transactions” after consumption—remains a chronic issue for digital entertainment platforms. Even more serious is account suspension: if the chargeback rate exceeds the threshold, Stripe or Adyen directly suspends the account, making it impossible to collect payments for 2-4 weeks, and existing users see “payment failed” and directly churn.

Blockchain lacks a “dispute and reverse” mechanism. On-chain irreversibility fundamentally cuts off this problem.

NOWPayments’ data confirms the scale of this demand: its iGaming transaction volumes grew 40% year-on-year, with around 15% market share in that industry. By 2025, stablecoins (USDT/USDC) accounted for over 50% of global crypto iGaming on-chain transaction volume. It should be noted that the motivations for iGaming shifting towards stablecoins are diverse—elimination of chargebacks is one, regulatory arbitrage and low entry barriers are also significant factors. But the result has occurred. The market has migrated.

Irreversibility eliminates chargebacks, but it also removes the consumer safety net—this issue will be addressed in Chapter 3.

Demand 2: Compress online payment acceptance costs

The cost of online payment acceptance is not a single number; it is a series of accumulated taxes.

Stripe’s standard rate for U.S. merchants is 2.9% + $0.30 per transaction, with an additional 1% for international cards and another 1% for currency conversion—so a $100 order from an overseas consumer incurs nearly $5 just in payment processing costs. Adyen’s Interchange++ model is more transparent for large clients, but after adding card organization fees for cross-border transactions, the actual comprehensive cost easily exceeds 4%. High-risk industries also face higher additional rates and rolling reserves—Stripe directly refuses to service most digital entertainment and high-risk categories.

A merchant processing $500,000 in online transactions annually will incur $15,000 to $20,000 just in payment processing fees, not counting chargeback losses, currency conversion, and platform monthly fees.

The cost structure of stablecoin payment acceptance is entirely different. Comprehensive rates on platforms like Triple-A typically range between 0.5%-1.5%, with no cross-border surcharges and no currency conversion intermediary—on-chain transfers do not distinguish between “domestic” and “cross-border.” The more critical change is in settlement speed: traditional payment acceptance has a fund arrival cycle of T+2 to T+3, whereas stablecoin settlements can achieve T+0 or even real-time.

According to Triple-A founder Eric Barbier’s calculations, the operating capital required for cross-border payment businesses using stablecoins can be reduced to one-tenth of the traditional model. For start-ups, this is not just about improving efficiency; it’s a matter of survival.

Demand 3: Reach wallet holders and global internet consumers

This is the fastest-growing of the three demands and also the one most easily underestimated.

BVNK, in collaboration with YouGov, conducted a survey of over 4,600 stablecoin holders across 15 countries (Note: respondents were all active users who had held or planned to purchase cryptocurrency in the past 12 months and do not represent the general consumer base). Three findings are worth breaking down: 52% of holders specifically chose to shop at merchants that support stablecoins—payment methods are not just tools but customer acquisition channels; the spending intention of wallet holders is higher than the actual spending ratio across all tested categories, indicating that the bottleneck lies not in willingness but in merchant integration; stablecoin users have a stronger demand for international payments, with higher average transaction values and conversion rates compared to local credit card users.

On-chain data from Visa and Allium shows that in August 2025, the total volume of stablecoin micropayments below $250 reached $5.84 billion, a historic high. This signals everyday consumption rather than speculative behavior.

However, stablecoin payment acceptance reaches not just “wallet holders.” For consumers in emerging markets with weak banking infrastructure, stablecoins provide a bypass to participate directly in global e-commerce without traditional banking systems. Data from NOWPayments across 2023-2025 shows that the driving logic varies significantly across different markets—convenience in the U.S., bypassing banking restrictions in India and Nigeria, and alternative routes after traditional payment tracks fail in Russia and other emerging markets. A one-size-fits-all global payment strategy can lose 15%-20% of potential conversions in these markets.

Razer Gold’s integration with Triple-A is based on this logic: a single payment interface covers internet consumers in 130 countries without needing to individually connect to local payment methods for each market.

· The commonality among the three demands: stablecoins solve real operational issues here, not just minor optimizations in payment experience. · Stablecoin payment collection has already occurred on a large scale before regulatory frameworks were fully established. · The real issue faced by regulators is not “should we allow it,” but “how to establish order for what has already happened.”

3. Three-tier logic of payment acceptance platforms

The on-chain confirmation is done, the money has reached the address, then what?

The order system does not recognize on-chain addresses, the financial system does not account for USDT, balance sheets cannot hold cryptocurrencies, regulators require reports on suspicious transactions, and if consumers pay the wrong amount, someone needs to handle it. None of these issues are resolved by on-chain transfers.

The product logic of stablecoin payment acceptance platforms is to sequentially take over these problems. The more they take on, the higher the service value and the greater the regulatory obligations.

First layer: On-chain layer

Generate a unique payment address for each transaction, monitor on-chain status, confirm receipt, and translate on-chain events into order callback signals recognizable by the merchant system. Mature platforms also provide multi-chain aggregation, smart contract revenue sharing, and order status management (timeout closure, partial payment adjustment).

Without this layer, merchants would not know which on-chain transfer corresponds to which order. It is also at this layer that many platforms claim to be “neutral technology service providers”—only providing technical tools and not interfering with the flow of funds, thus should not be viewed as regulated entities.

Whether this claim holds depends on the determination of the next layer.

Second layer: Compliance layer

Every incoming fund requires someone to perform on-chain risk screening (KYT): whether this wallet address is on a sanctions list, whether it has interacted with mixers, dark web markets, or known fraudulent addresses. Transactions exceeding threshold amounts must trigger payer identity verification. The Travel Rule requires the transfer of payer and payee information between VASPs. Suspicious transactions need to be reported to regulators (STR).

This layer is the core source of compliance obligations and the essential test for regulators to determine the nature of the platform.

The FATF’s updated virtual asset guidelines in October 2021 established two principles: first, function over form—regulation looks at business function, not technical form; non-custodial, decentralized, or smart contracts do not constitute exemptions; second, the owner/operator test—even if superficially decentralized, “creators, owners, operators, or others who maintain control or sufficient influence” may still fall under the VASP definition, with factors like whether they profit from the service, whether they have the ability to set or change parameters, and whether they have an ongoing commercial relationship with users being key.

Who exercises substantial control over the flow of funds—regardless of whether they handle the funds themselves—will be the regulated entity. Having a front-end interface, collecting fees, having an identifiable operating entity—if all three conditions are met, the self-positioning as a “neutral technology service provider” becomes untenable. The reach of this test is much broader than most platforms realize.

Third layer: Financial layer

Users pay in USDT, while merchants want Hong Kong dollars or U.S. dollars. Someone needs to perform instant currency exchange, lock in exchange rates, and settle fiat currency into the merchant’s bank account. Merchants do not want to hold cryptocurrencies on their balance sheets—this is not just a preference but a hard constraint of financial compliance for most companies.

Without fiat settlement, stablecoin payment collection is a financial burden for most businesses, not a payment tool.

Beyond the three layers: Structural gap in dispute resolution

The first three deficiencies (KYC, KYT, STR) correspond to the three-layer framework mentioned above, and there are platforms covering them systematically. Only the fourth item—consumer dispute resolution—has no payment acceptance platform incorporating it into standard services, leaving this gap unaddressed.

In the credit card system, consumers’ chargeback rights for disputed transactions are not just customer service functions; they are legal obligations (U.S. Regulation E / Regulation Z, EU PSD2). The on-chain irreversibility of stablecoins eliminates chargebacks but also removes the consumer’s recourse channel. The “advantage” from the merchant’s perspective is seen as a “deficiency” from the regulatory perspective.

Three types of remedial solutions are emerging in the market: off-chain manual refunds at the platform level (Triple-A model), smart contract escrow condition releases, and on-chain arbitration agreements like Kleros—but none of these solutions have been scaled in payment acceptance scenarios. Consumer protection will not be exempted due to changes in underlying technology. This issue remains open.

The more layers a payment acceptance platform covers, the lighter the compliance burden on merchants, and the heavier the platform’s own regulatory obligations. This is the core trade-off in the industry.

4. Choosing which layer to cover determines your role

The three-layer framework is a multiple-choice question. The layer you choose to cover determines what role you play and what regulations you face. The three main architectures in the market correspond to three different choices and fates.

Light intervention: Window period for regulatory arbitrage

Platforms only handle the first layer: generating addresses, monitoring receipts, and funds going directly to the merchant’s wallet. NOWPayments is a typical example of this model—its operating entity is registered in Saint Vincent and the Grenadines, with almost no substantial regulatory requirements for virtual asset businesses. The handling of compliance obligations is directly stated in the service agreement: FD Transfers LLC clearly states that the platform “does not bear responsibility for KYC, KYB, and AML compliance for merchants or end-users,” and “merchants and end-users are fully responsible for the transactions they execute.”

CoinPayments (a non-custodial payment gateway supporting over 100 cryptocurrencies) and PayRam (focusing on self-hosted node deployment) follow the same path: the platform only provides technical tools, and compliance responsibilities are fully delegated to merchants and users.

This model operates efficiently during regulatory gray areas, serving precisely the sectors that traditional payment acceptance refuses to enter. However, on-chain records exist permanently, meaning all historical transactions during the unlicensed operational period can be traced at any time. This implies that today’s compliance decisions affect not just tomorrow’s risk exposure but also the legal exposure of the past two years.

The problem with the NOWPayments model is not “will something happen now,” but “when something happens, the window has already closed.”

Medium intervention: Not touching the money does not mean no need for a license

Platforms handle both the first and second layers: performing KYT screening and sanctions filtering before funds are released but not handling foreign exchange and fiat settlement. Coinbase Commerce (now renamed Coinbase Payments) is the most misinterpreted case of this model.

The logic of an on-chain direct connection is enticing: funds go straight from the user’s wallet to the merchant’s wallet, and the platform never handles it, so why would I be considered a financial service provider? Coinbase’s approach directly negates this logic. Coinbase Payments’ terms of service explicitly state that they do not hold merchant assets—yet simultaneously reserve the right to modify, suspend, or terminate the service. With a front-end interface, collecting fees, an identifiable operating entity, and the ability to shut down the service—all conditions for the owner/operator test are simultaneously met.

Coinbase holds a FinCEN MSB registration, multi-state money transmission licenses, and a New York BitLicense in the U.S., and has a CASP license covering the EU through its Luxembourg entity. This is the correct way for the industry to handle medium intervention architecture: by recognizing that once you take on the second layer, you acknowledge that you are a regulated entity. It is not about trying to avoid classification by claiming “we only do risk control.”

Heavy intervention: Making compliance a product

Platforms cover all three layers—payment collection, screening, and currency exchange settlement, ensuring that merchants see normal fiat currency deposits without touching cryptocurrencies. Triple-A represents a mature form of this model.

Triple-A’s terms of service directly reflect this role positioning: it is not a technical tool provider but a complete payment processing and settlement service provider—executing currency exchange, deducting fees, and settling net fiat amounts to merchants, while the merchants’ KYB review and ongoing compliance obligations are also written into the agreement. Licensing map: Singapore MAS Major Payment Institution (MPI) license, France ACPR payment institution license (covering 27 EU member states through the EU passport mechanism), FinCEN MSB registration, money transmission licenses in 17 U.S. states, Canada FMSB, and South Africa FSCA registration.

Grab, Razer, and Farfetch choose Triple-A not for the lowest fees—but because Triple-A absorbs the entire three-layer problem, allowing businesses to open a market that was previously unmanageable with a single API, without needing to touch any crypto assets. Other players in the same space include Stripe, which supports USDC settlements through the acquisition of Bridge (with fees of 1.5% and no additional fixed fees), and traditional payment giant Shift4 launching stablecoin settlement options by the end of 2025. The entry of traditional payment companies signals market maturity.

Compliance itself becomes a product. The value of this product rises with tightening regulations.

The window period for light intervention is closing, the regulatory boundaries for medium intervention are tightening, and the thresholds for heavy intervention are rising. NOWPayments’ growth dividend comes from regulatory vacuum, while Triple-A’s growth dividend comes from tightening regulations. The same industry is driven by two entirely opposite forces.

5. The multiple-choice question for online merchants

The most common question merchants ask is: “Is it compliant for our platform to integrate stablecoin payment acceptance?”

There is no answer to this question because it is incorrectly framed. Compliance is not a binary judgment; it is the result of the intersection of two variables:

Where are your consumers? How much compliance responsibility does the platform you integrate bear?

Intersecting these two variables determines how many obligations remain for merchants themselves.

Variable 1: Where are the consumers

Regulatory obligations follow the location of the business activity, not the location of the entity registration. A payment acceptance platform registered in the Cayman Islands serving transactions between Hong Kong users and Hong Kong merchants—Hong Kong regulators have full jurisdiction over this transaction, regardless of where the platform is registered. Offshore registration can evade tax but cannot evade regulation.

There are still divergences in the regulatory categorization of stablecoins across major markets (virtual assets vs. payment tools), corresponding to different types of licenses. However, regardless of the categorization, licensing obligations remain rigid.

Tether has yet to obtain MiCA authorization, and the compliance status of USDT in the EU remains distinctly uncertain, with some EU trading platforms having delisted USDT. Payment acceptance platforms serving EU consumers need to prepare in advance regarding stablecoin choices.

Variable 2: How much compliance responsibility does the platform bear

The more compliance responsibility the platform bears, the fewer obligations remain for merchants, but the premium on service fees increases.

KYC divergence for on-chain consumers

Stablecoin payment acceptance has a structural issue that traditional payment acceptance does not: on-chain payments inherently carry no identity information. Users scan a code, USDT is transferred from one wallet address—this transaction only exposes a string of on-chain addresses, with no names, no ID numbers, and no bank accounts. In traditional payment acceptance, the cardholder’s KYC is completed by the issuer bank, which the acquirer then trusts. There is no issuer bank for stablecoins, so this KYC chain does not exist from the start.

This does not mean that anonymous wallets are exempt from compliance requirements. Regulators require “measures commensurate with risk”: KYT is the baseline, sanctions address filtering is the red line, identity verification triggers for transactions above threshold amounts, and deep investigations for abnormal behaviors. The Travel Rule requires the exchange of payer and payee information between VASPs, but when consumers pay using self-custodied wallets, this information simply does not exist.

These issues have not yet received unified answers in regulatory texts—but regulators will not wait for uniform answers to arrive.

Obtaining a license only proves that regulators allow you to operate. True compliance is executing KYT screening on every transaction, completing KYB reviews for every merchant onboarding, and being able to present complete transaction records when regulators come calling. Missing any of these pieces constitutes a vulnerability. The only difference is which vulnerability is discovered first.

6. What will happen next

Rules are taking shape. However, for which type of participants this is good news and which type it is bad news, the answers differ.

Clarification of regulations is the entry ticket

2024-2025 will be a watershed for stablecoin regulations. The three most important financial regulatory jurisdictions globally will complete foundational legislation in the next two years—but completing legislation does not mean that rules are clear. The GENIUS Act governs the issuance side, while the conduits to the acceptance side are still being negotiated among state regulatory agencies; MiCA’s CASP licenses have material differences in approval standards across different member states; and Hong Kong’s Stablecoin Regulation governs issuers, with no clear enforcement cases for the boundaries of coverage for payment acceptance platforms. A survey by Fireblocks in March 2025 showed that the proportion of 295 financial institutions and payment companies perceiving “regulation as a barrier” dropped from around 80% to below 20%—but a reduced barrier does not mean the path is already paved.

Compliance endorsement is replacing product capability as the primary driver for customer acquisition

Triple-A has significantly expanded its enterprise client coverage in the past two years, and the direct reason is not that its product is better, but that its compliance endorsement allows companies like Grab, Razer, and Farfetch to integrate with confidence. The launch of stablecoin settlements by Stripe and Shift4 providing stablecoin options for its hundreds of thousands of merchants—entry of traditional payment giants signals to the market that stablecoin payment acceptance has evolved from a “gray area alternative” to “a part of mainstream payment infrastructure.”

Extended implication: the market value of compliance consultants, on-chain analytics tools (Chainalysis, TRM Labs), and cross-jurisdictional legal services supporting stablecoin payment acceptance will rise in tandem with regulatory intensity. Compliance is not a cost center; it is the business itself.

The answer to the cost question is not technology, but the competitive landscape

Who ultimately bears compliance costs? If platforms pass the costs to merchants, and merchants cannot accept it, they will churn. If platforms bear the costs themselves, they must recoup it through premium pricing, leading merchants back to the comparison logic of “why not use a cheaper unlicensed platform.”

Experience from the traditional payment industry indicates that after standardization of regulatory requirements, competition does not disappear; rather, the dimension of competition shifts from “compliant vs. non-compliant” to “who can lower costs within the compliance framework.”

Stablecoin payment acceptance will undergo the same process—once unlicensed platforms systematically exit, compliance costs become the common baseline for all players, and the ensuing competition will be about who can achieve maximum efficiency on that baseline. The scale advantages of Triple-A and BVNK today essentially position them for that competition.

There is no need to guess which model can complete the entire journey.