TL;DR: 2025 turned crypto policy from rulemaking into implementation, with MiCA, the GENIUS Act, stablecoin oversight, tokenization and fraud controls all exposing national friction, supervisory gaps and operating-model changes across major markets, according to Chainalysis. The practical lesson is that compliance maturity now depends on execution, not legislation alone.
NHIMG editorial — based on content published by Chainalysis: 2025 crypto regulation in review and what to watch in 2026
By the numbers:
- Over 90 firms were authorized as CASPs in the EU one year into MiCA’s full applicability.
- AUM for tokenized commodities such as gold climbed above $3.5 billion in 2025.
Questions worth separating out
Q: What is the biggest challenge in implementing crypto regulation in practice?
A: The biggest challenge is not drafting the rule, but making it enforceable across real workflows, tools and jurisdictions.
Q: Why do stablecoin rules create identity governance issues for financial institutions?
A: Stablecoin rules change who can issue, distribute, custody and service regulated assets, which turns access into a compliance issue.
Q: How should organisations manage cross-border differences in digital asset regulation?
A: Organisations should build a single operating model with jurisdiction-specific overlays, not separate control philosophies for every market.
Practitioner guidance
- Map regulatory obligations to executable workflows Translate each crypto compliance obligation into a specific workflow, system owner and evidence point.
- Review privileged access across crypto service chains Identify who can issue, distribute, custody, amend and reverse crypto-related actions across internal teams and third parties.
- Align stablecoin controls with regulated delegation For stablecoin and tokenization programmes, define who can approve reserve actions, distribution changes and operational exceptions.
What's in the full report
Chainalysis' full round-up covers the operational detail this post intentionally leaves for the source:
- Regional policy-by-policy breakdowns across the US, EU, UK, APAC and Middle East
- Detailed discussion of MiCA implementation issues, including stablecoin regime questions and supervisory convergence
- Specific regulatory developments around tokenization, DORA and anti-money laundering expectations
- The article’s own 2026 watchlist for policy, supervisory and market-structure change
👉 Read Chainalysis' 2025 crypto regulation round-up and 2026 outlook →
Crypto regulation in 2025: where implementation is breaking down?
Explore further
Implementation friction is now the dominant governance risk in crypto regulation. The article makes clear that the hardest problems are no longer whether rules exist, but whether they can be interpreted and enforced consistently across institutions and jurisdictions. That is a familiar governance failure mode for identity programmes too, where policy intent breaks down at the point of workflow, approval and exception handling. Practitioners should treat regulatory implementation as a control design problem, not a legal afterthought.
A question worth separating out:
Q: Who is accountable when crypto-related fraud or laundering is detected?
A: Accountability usually spans security, fraud, compliance, legal, and platform operations because each owns a different part of the control chain. A usable response model defines who can preserve evidence, who can escalate to exchange partners, and who can approve external referrals.
👉 Read our full editorial: Crypto regulation in 2025 shows implementation is the real test