Subscribe to the Non-Human & AI Identity Journal

Stablecoin operating model

The way a bank chooses to participate in stablecoin activity, whether by issuing its own token, partnering with an issuer, or integrating existing tokens. The model determines control ownership, risk distribution, and the level of operational and regulatory burden the bank must carry.

Expanded Definition

A stablecoin operating model describes how a financial institution structures its role in stablecoin activity, including whether it issues the token, distributes a third-party stablecoin, or embeds stablecoin rails into existing payment and custody workflows. The term is operational rather than purely technical: it defines who controls issuance, reserves, redemption, wallet handling, compliance checks, ledger integration, and incident response. In practice, the operating model also shapes governance across treasury, legal, AML, sanctions screening, and technology teams.

Definitions vary across vendors and market participants because there is no single standard governing bank participation in stablecoin ecosystems yet. Some institutions treat the model as a product decision, while others treat it as a risk allocation framework. For that reason, NHI Management Group views the concept as a control and responsibility map as much as a commercial design choice. The closest governance anchor is the NIST Cybersecurity Framework 2.0, especially where custody, access, and third-party dependence create security obligations.

The most common misapplication is assuming that “partnering” with an issuer transfers operational accountability, which occurs when a bank underestimates the residual duties tied to custody, monitoring, and customer-facing support.

Examples and Use Cases

Implementing a stablecoin operating model rigorously often introduces governance and integration overhead, requiring organisations to weigh faster settlement and product flexibility against control complexity and regulatory exposure.

  • A bank issues its own stablecoin and must manage reserve governance, redemption rights, and internal controls over token minting and burning.
  • A bank acts as a distribution partner for an external issuer and must validate due diligence, customer disclosures, and ongoing counterparty risk.
  • A payments team integrates an existing stablecoin for cross-border transfers and must align wallet operations, sanctions screening, and transaction monitoring with internal policy.
  • A treasury function uses stablecoins for liquidity movement and must coordinate reconciliation, exception handling, and segregation of duties across finance and operations.
  • A digital asset platform supports institutional clients and must decide whether custody, transfer approval, and key management stay in-house or move to a qualified third party.

These scenarios connect directly to broader control expectations in the NIST Cybersecurity Framework 2.0, because the model chosen determines where trust boundaries begin and end. In the identity layer, the operating model also affects who can authorise wallet access, approve transactions, or rotate keys, which is especially relevant when stablecoin activity is embedded into bank-managed digital services.

Why It Matters for Security Teams

For security teams, the stablecoin operating model is a boundary-setting exercise. It determines whether the institution owns the full security stack or inherits material exposure from a partner, including wallet compromise, API misuse, reserve manipulation, and service outages. It also influences how the bank designs segregation of duties, approval workflows, logging, and escalation paths. Where identity controls are weak, an apparently commercial arrangement can become an access-control problem, because stablecoin operations depend on precise authorization for minting, transfer approval, exception handling, and reconciliation.

The governance challenge is that the risk is often distributed unevenly across functions. Legal may define liability, compliance may define monitoring obligations, and engineering may implement the platform, but security still has to validate trust assumptions end to end. That is why this term sits at the intersection of cyber governance, third-party risk, and identity control, even when it is discussed as a payments or treasury model. Organisaties typically encounter the real burden only after a failed transfer, a wallet compromise, or a partner incident, at which point the operating model becomes operationally unavoidable to address.

Standards & Framework Alignment

This section maps relevant standards and security frameworks to the operational risks and controls described in this guidance.

NIST CSF 2.0, NIST SP 800-63 and NIST AI RMF set the technical controls, while DORA define the regulatory obligations.

Framework Control / Reference Relevance
NIST CSF 2.0 GV.1 Defines governance expectations for managing cyber risk across business models and third parties.
NIST SP 800-63 AAL2 Supports assurance planning where operator identity and transaction authorization must be strongly verified.
NIST AI RMF Risk governance principles help structure accountability when AI and automation support transaction controls.
DORA Operational resilience expectations apply when stablecoin services depend on critical third parties and ICT.

Document accountability, monitoring, and escalation for any automated decision support in the model.