Compliance-by-design or a liquidity squeeze: Crypto’s 2026 stress test | Opinion

For most of the last decade, crypto’s regulatory environment developed around one central question: what will the rules be? That question has now been answered. From Markets in Crypto-Assets Regulation in Europe to stablecoin frameworks evolving across the U.S. and Asia, the industry finally has transparent rules written into law.

Yet clarity doesn’t equal readiness. Rules can be put into practice, but that doesn’t automatically mean the industry is mature enough to function fully within them. So, as 2026 gets closer, the pressure shifts from interpretation to execution. Crypto companies will have to prove they can comply with these rules every day across custody, payments, liquidity access, and reporting, while still scaling products and meeting client needs.

In this sense, 2026 is set to be a make-or-break year for compliance. Let’s take a closer look.

When implementation turns into friction

When regulation moves into live implementation and starts to affect daily operations, crypto companies are no longer assessed by intentions or roadmaps. Instead, the focus switches to something far less forgiving: whether they can actually run a compliant infrastructure without interruptions.

That’s where implementation starts to bite. Licensing regimes like MiCA can’t simply be switched on overnight. Transitional periods differ across jurisdictions, supervisory capacity is highly uneven, and approval processes can stretch for months. Even firms that are actively working toward compliance often find themselves caught in prolonged grey zones.

In that environment, uncertainty is operational. Banks, payment providers, and other counterparties rarely wait for formal clarity. They reassess exposure, delay integrations, or tighten conditions while authorizations are still unclear. As a result, what begins as a temporary regulatory gap turns into real friction through slower settlement and constrained liquidity.

Exactly the same logic now applies to transaction flows. The Travel Rule, once discussed as a distant initiative, now sits directly inside payment pipelines. Missing data fields, incompatible messaging formats, or inconsistent counterparty identifiers no longer trigger follow-up emails. They trigger delayed transfers or even outright rejections. That difference is tangible.

At first glance, the impact is subtle, yet it’s powerful. Compliance gaps that once looked like legal risks now start showing up as P&L and balance-sheet risks. Naturally, growth slows, even for firms that are technically allowed to work.

Once compliance begins to have a direct impact on cash flows, treating it as an external function stops working. Infrastructure either absorbs regulatory requirements or becomes a bottleneck. That’s where RegTech and compliance-by-design architecture become part of core systems.

Compliance-by-design as the only scalable architecture

Compliance-by-design means building crypto infrastructure so that regulatory requirements are met by default. That way, compliance is embedded directly into systems, workflows, and transaction logic, so operating within regulatory boundaries becomes the product’s normal state.

This approach changes the unit economics of crypto businesses. When auditability, asset segregation, transaction monitoring, and incident response are inside the core architecture, firms spend less time putting out fires and more time scaling. More importantly, they become legible to banks, payment providers, and institutional partners. That legibility is what unlocks access.

The shift is already delivering visible results. On December 11, 2025, J.P. Morgan arranged a $50 million U.S. commercial paper issuance by Galaxy Digital, executed on Solana, with Coinbase and Franklin Templeton among the buyers, and USDC used for issuance and redemption.

That wasn’t “blockchain for the sake of blockchain.” Rather, it was a familiar money-market instrument moved on-chain in a way that made it legible to regulated participants. This means tokenization scales only through verified counterparties, controlled settlement logic, and auditable flows embedded from day one.

Still, even if the win is real, it isn’t free. There are also second-order effects that I have to recognize.

Fragmented rulebooks across regions raise fixed costs and reward larger platforms, pushing smaller firms toward consolidation or exit. In turn, cybersecurity and operational resilience become binding constraints, as one serious incident can trigger rapid de-risking by banks and payment partners.

The point is that compliance-by-design doesn’t remove risk. Yet it changes where risk sits and how it’s priced. In 2026, capital will flow toward infrastructure that is auditable, resilient, and predictable under supervision.

What 2026 will reward

From where I stand, the industry is entering a phase where compliance isn’t something you “handle” anymore. It’s something you build.

The firms that treat it as architecture will keep access to banking, payments, liquidity, and institutional counterparties, even as standards tighten. The ones that treat it as an external layer will keep paying for it through friction that shows up in the worst places: settlement delays, constrained liquidity, and partners that quietly step back.

Yes, compliance-by-design comes with limitations. The alternative is worse. In 2026, companies will feel that difference. So choose which operating model you want to defend.

Carlos Martins

Carlos Martins

, Head of Compliance at Currency.com, with over 30 years of experience and senior roles at Credit Suisse (Gibraltar) Limited and SG Hambros Bank. Carlos is a GFSC-licensed EIF Director and chairperson of the Gibraltar Association of Compliance Officers.