What the $300T Mint Says About the Stablecoin Compliance

We discussed internal controls for stablecoin issuers with some leaders working in the blockchain industry in the light of the recent Paxos accidental mint of $300T PYUSD.

Nov 01, 2025

[This post was updated on November 1, 2025]

Introduction

Earlier this month, Paxos accidentally minted $300 trillion of PYUSD, PayPal’s dollar-backed stablecoin. The mistake was quickly detected, corrected, and disclosed. Paxos issued an announcement confirming the mint and immediate burn:

Official tweet published by Paxos with the notification of the accidental mint of $300T PYUSD on October 15, 2025

Almost immediately after the tweet, PYUSD’s price fell slightly below $1.00, reaching $0.99927 at 5:00:03 PM EST, according to CoinGecko, showing almost no sensitivity to the event.

Five days later, on October 20, 2025, KPMG issued its Independent Accountant’s Examination Report, concluding that as of 6:00:00 PM on October 15, both total PYUSD tokens outstanding and redemption assets available were “fairly stated, in all material respects.”:

KPMG Examination Report issued on October 20, 2025, for management’s assertions as of 6.00 PM EST on October 15, 2025

Note: the URL link to transactions in the KPMG report is broken - copy and paste the complete transaction ID to access the correct page on Etherscan

While an affirmative report from a Big Four auditor is a notable milestone, it’s important to note that the examination did not assess the design or effectiveness of Paxos’ internal controls.

Many have argued that a comparable mistake in traditional finance (TradFi) would likely never be visible to outsiders and would take longer to fix if it were.

Perspectives

This event highlights operational and control challenges facing all stablecoin issuers, and, more broadly, the evolving landscape in issues related to blockchain transparency, regulatory oversight, and financial accountability.
We spoke with two industry leaders who are shaping how the next generation of issuers approach compliance and risk management.

Jonathan Rose, BlockTrust IRA

Jonathan Rose, CEO of BlockTrust IRA, noted that since the passage of the GENIUS Act, he’s observed “…the complete reimagining of compliance as a core business strategy, not a peripheral requirement”.

According to Mr. Rose:

“We’re witnessing the emergence of what I call ‘Compliance-First’ stablecoin models…” with “Innovative approaches include blockchain-based proof of reserves, where every transaction is instantaneously verified and recorded, creating an unprecedented level of financial transparency.”

He pointed to innovations such as blockchain-based proof of reserves, where each transaction is verified and recorded in real time, creating a new standard of financial visibility.

Rose also described BlockTrust’s internal model:

“…Similar to the infrastructure we’ve built at BlockTrust, my recommended approach would include advanced multi-signature wallet architectures that require multiple independent verifications for any significant transaction. We’ve implemented machine learning-powered anomaly detection systems that can identify potential errors or malicious activities in milliseconds…”

Finally, Rose offered a longer-term perspective:

“…Our market projections indicate growth to $3 trillion by 2030, but this expansion is now intrinsically linked to our ability to demonstrate absolute reliability and transparency… The most exciting chapters of digital finance are yet to be written, and we need to be authoring them with integrity, innovation, and an unwavering commitment to the end users.”

Connor Dempsey, Crossmint

Our following conversation was with Connor Dempsey, Head of Marketing at Crossmint, a startup developing infrastructure for institutions and high-growth fintechs, including stablecoin issuers such as Circle.

Dempsey emphasized that one-size-fits-all compliance no longer works:

“Each company needs tailored risk management standards. Regulators are looking at each issuer’s specific business model and risk profile. A company issuing $100 million in stablecoins for cross-border remittances faces different operational requirements than one managing $10 billion for institutional treasury operations. Companies can right-size their compliance infrastructure to match their actual risk exposure….”

He highlighted hybrid custody setups as a major trend:

“….These combine custodial and non-custodial wallets to serve global user bases: custodial in regions where companies are licensed, non-custodial where they’re not. This strategy enables enterprises to meet differing regulatory requirements across jurisdictions while preserving flexibility for both the company and its customers. The hybrid custody model is also a critical safeguard for larger enterprises that want to adopt stablecoins. Smart wallets with programmable controls, such as spending limits, velocity rules, and key rotation capabilities, provide both security and operational flexibility…”

Dempsey also shared a clear framework of core safeguards issuers should implement:

“Segregated hot and cold wallet operations
Multi-signature requirements for any significant transactions or manual interventions in automated systems
Real-time monitoring with automatic circuit breakers.
Real-time sanctions screening and compliance monitoring embedded directly into transaction flows.”

Reflecting on the Paxos incident, he concluded:

“…PYUSD maintained its peg, trading continued normally, and confidence wasn’t shaken. That’s because the transparency and rapid remediation actually demonstrated the system working as designed. This is why blockchain-based systems are more trustworthy than traditional finance, not less. A bank could have hidden this error from public view. When everything is on-chain, it’s visible and auditable. Modern stablecoin infrastructure needs to be built with transparency as a feature, not a bug. If anything, it’s pushing everyone to implement enterprise-grade controls faster. The companies that invest in robust operational infrastructure now will be the ones that scale successfully under the new regulatory framework.”

Conclusion

Based on our conversations, this is a maturing industry rapidly aligning around operational safeguards and controls, which can be grouped as follows:

Preventive Controls:
1. Multi-signature smart wallets with programmable controls (key rotation, spending limits, velocity rules)
2. Machine-learning systems for anomaly detection and compliance screening
Detective Controls:
1. Proof of Reserve Attestations
2. Real-time monitoring tools.

The Paxos event, while harmless in financial impact, is invaluable as a case study. It highlights that blockchain transparency is only as effective as the operational discipline that underpins it. Stablecoin issuers, auditors, and regulators now share a common mandate: trust through verifiable control.

We’ll continue exploring this theme in future posts, including deeper assessments of internal controls and audit readiness for stablecoin issuers.

Discussion about this post

Ready for more?