What Are Tokenized Deposits? Why Banks Are Building New Settlement Rails

IMF Warnings vs. Banking Strategy: The Rise of Stablecoins

In late 2025, the International Monetary Fund (IMF) issued a stark warning regarding stablecoins, digital assets designed to maintain a 1:1 value with fiat currencies like the U.S. dollar. 

For the first time in history, transaction volumes for these stable assets have surpassed both Bitcoin and Ethereum, the market's leading but highly volatile cryptocurrencies, in cross-border settlements. 

The IMF focuses specifically on "cryptoization," a phenomenon where savers in emerging markets abandon volatile local currencies for digital dollars.

This rapid adoption creates a macro-level crisis characterized by capital flight, a loss of monetary sovereignty, and the weakening of local policy transmission.

Commercial Banks Fight for Payment Market Share

Inside the boardrooms of JPMorgan, Citi, and U.S. Bank, the primary driver is market share rather than macroeconomic stability. Traditional banks are losing significant payment volume to non-bank fintechs.

Circle has effectively built a parallel banking system that operates outside traditional regulations via its Payments Network (CPN), while Stripe and Brex are encroaching on direct Federal Reserve access.

This competition forces commercial banks to rebuild their infrastructure. They realize that failing to upgrade SWIFT and ACH rails today risks relegating them to back-end utilities for fintech front-ends.

URGENT: Protect your savings now.

Banks are desperately launching stablecoins to save themselves.

JP Morgan, Citi, and Charles Schwab know what's coming.

Here's what you must do before the system collapses: pic.twitter.com/fRTn3zlDDE

— GC Cooke (@Gccooke) March 3, 2025

What Are Tokenized Deposits? (And How They Differ From Stablecoins)

A tokenized deposit is a digital representation of a commercial bank deposit, recorded on a distributed ledger (blockchain) instead of a legacy database.

Legally, it is identical to the funds in a standard operating account. It represents a direct liability of the issuing bank to the customer. This means it carries the same regulatory protections, including FDIC insurance (within limits), as traditional deposits, but with the added ability to move instantly, 24/7, via blockchain rails.

Comparative Analysis of Digital Money Models

Market participants often confuse distinct forms of digital currency. However, clear distinctions exist regarding legal liability, balance sheet treatment, and operational mechanics.

Third-Party Stablecoins Explained

Third-party stablecoins like USDC and USDT operate as bearer-like digital instruments. This means ownership of the token equates to ownership of the value, similar to physical cash. These assets sit outside the traditional banking system. 

Consequently, every dollar minted represents a deposit leaving a commercial bank to sit in the issuer's reserve account. While this model offers maximum transferability for open markets, it introduces significant counterparty risk and disconnects the asset from banking safeguards.

Bank-Issued Stablecoins Explained

Bank-issued stablecoins represent a hybrid approach. Often organized through consortiums (such as USDF), these assets remain liabilities of the issuing bank but operate on shared networks. This model addresses the "deposit flight" issue by keeping funds within the banking sector. 

However, despite the theoretical benefits, this model faces two critical operational bottlenecks:

1. Restricted Network Effects: Unlike USDC or USDT, which flow freely across the global economy, consortium tokens only function between member banks. If your recipient’s bank is not part of the consortium, the token is effectively useless. This fragmentation limits liquidity compared to global, permissionless stablecoins.
2. Settlement Latency: While the token may transfer instantly on-chain, the underlying fiat settlement between banks is not always atomic. Bank A and Bank B often still need to reconcile funds in the background via traditional correspondent banking rails, creating operational delays compared to a truly unified ledger system.

Tokenized Deposits Explained

Tokenized deposits represent an infrastructure upgrade rather than a new asset class. They legally remain commercial bank deposits recorded on a distributed ledger.

Regulatory Certainty: Regulatory clarity in the United States further reinforced this distinction by late 2025. The FDIC confirmed that tokenized deposits receive the same insurance protection as traditional accounts, provided they represent a direct claim on the bank.

Restricted Transferability as a Feature: Unlike the open nature of stablecoins, tokenized deposits utilize permissioned transferability. Tokens move exclusively between whitelisted, KYC-verified wallets. This restriction is intentional. It ensures full compliance with Anti-Money Laundering (AML) standards while eliminating the risk of interacting with sanctioned entities.

Atomic Settlement (T+0): The primary commercial advantage of this model is settlement speed. Traditional rails like ACH involve batch processing delays (T+1 or T+2). Tokenized deposits enable atomic T+0 settlement, allowing value to move instantly, 24/7, without intermediaries.

"My view for a long time has been that a deposit is a deposit. Moving a deposit from a traditional‑finance world to a blockchain or distributed‑ledger world shouldn’t change the legal nature of it.” — FDIC Acting Chair Travis Hill (November 2025)

How Tokenized Deposits Differ from CBDCs

It is crucial not to confuse Tokenized Deposits with Central Bank Digital Currencies (CBDCs). While both use blockchain technology, they serve fundamentally different roles in the economy.

For tokenized deposits, think of these as an upgrade to existing bank accounts. They are commercial products issued by private banks to facilitate B2B payments, trade finance, and automated treasury flows. They are ready to be deployed now to solve specific commercial friction points.

CBDCs, on the other hand, is digital cash issued by the Federal Reserve or Central Bank. They function as public infrastructure that focuses on monetary sovereignty and financial stability rather than commercial programmability.

The Asset-Liability Lock: How Tokenized Deposits Work

To understand the security implications, we must first understand the mechanics. Tokenized deposits rely on a precise synchronization between a bank's internal ledger and the blockchain.

Unlike crypto assets that derive value from market demand, a tokenized deposit derives value from a strict 1:1 rule: for every token minted on-chain, an equivalent amount of fiat currency must be legally and operationally locked off-chain on the bank’s balance sheet.

This requires a near-real-time bridge between the bank’s traditional Core Banking System (e.g., on Mainframe) and the Distributed Ledger (Blockchain).

End to End Tokenized Deposit Workflow

To illustrate the process, consider a corporate treasury scenario where a client wants to move $1 million instantly to a supplier on a Saturday.

Step 1: Client Request 

The client initiates a request via the bank’s portal to tokenize $1 million from their standard operating account.

Compliance Check: The system automatically verifies the request against internal policies: Is the client KYCd? Is the destination wallet whitelisted?

Step 2: Off-Chain Segregation 

Upon approval, the Core Banking System records an internal ledger allocation, identifying the $1 million in the client’s fiat account and marking it as legally encumbered and restricted for token backing purposes.

Rule: This money cannot be lent out or double-spent. It is now legally segregated to back the token.

Step 3: On-Chain Creation 

Once the lock is confirmed, the system sends a secure signal to the bank’s Minting Smart Contract on the blockchain. The smart contract, controlled by the bank's private key, executes the mint() function.

Result: Exactly 1,000,000 tokens are created and sent to the client’s digital wallet. The client now holds a valid claim against the bank on-chain.

Step 4: Redemption & Settlement

When the client (or the recipient) wants to convert back to fiat, they send the tokens to a designated "Burn Address.” The blockchain detects this destruction of tokens. Then, an oracle or API signals back to the Core Banking System. 

Finally, the system “unlocks” the $1 million fiat, making it available again in the standard banking ledger.

Why This Matters: From Batch to Real-Time

Why build this complex infrastructure? The answer lies in settlement efficiency.

Traditional systems like ACH or SWIFT operate on Batch Processing. A payment initiated on Friday evening sits in a queue until Monday morning (T+2 or T+3 settlement).

Because the token itself is the final settlement instrument, not a payment instruction. Therefore, the transfer happens instantly (T+0), 24/7, without clearinghouses.

This allows capital to move at the speed of the internet, unlocking liquidity that is currently trapped in weekend banking queues.

"In 2026, tokenized deposits will be as big as stablecoins. Every single bank will have a tokenized deposits strategy."@Ozhar sharing some Crypto Predictions for next year during his recent @NYSE @TakingStockLive interview. pic.twitter.com/bMfoS6Fj6Z

— ZKsync (@zksync) December 12, 2025

Whether or not this timeline proves optimistic, the direction is clear:

Banks are increasingly treating tokenized deposits as core infrastructure, not experimental technology.

The Critical Security Risk in Tokenized Deposits

Building tokenized deposit infrastructure is conceptually straightforward. Securing it is not. Once the lifecycle of minting and redemption is understood, the real challenge emerges: the entire system ultimately depends on how minting authority is controlled.

To understand the risk, we must revisit the minting step itself. At the core of the asset–liability lock lies a single digital capability: the authority to invoke the smart contract’s mint() function.

The bank’s private key represents a critical concentration of power. Control over this key allows an attacker to bypass every off-chain safeguard, including compliance checks and balance segregation, to gain direct control over the bank’s liabilities.

When a bank’s minting authority is compromised, the event is systemic. There is no predefined upper bound on the potential loss. The risk shifts from theft to solvency.

The most extreme manifestation of this risk is the so-called “infinite mint” scenario. In a worst-case breach, whether through external compromise or insider abuse, an attacker gains access to the system responsible for authorizing minting.

No vault needs to be opened, and no reserves need to be touched. The attacker simply executes the mint() function to issue a large quantity of tokens directly to their own wallet.

From the blockchain’s perspective, these tokens are fully valid. They are indistinguishable from legitimately issued tokens and settle atomically on-chain. Off-chain, however, no corresponding fiat has been locked. The bank is left with an immediate, unbacked liability.

“This is equivalent to unauthorized access to a central bank’s money-printing mechanism, executed at digital speed.”

Why Traditional Security Models Fail

Traditional security approaches struggle to address this risk. Banks often default to familiar models, such as storing keys in Hardware Security Modules (HSM) and restricting access through physical and procedural controls. While effective for holding static assets, this approach breaks down in the context of tokenized deposits.

Tokenized deposits require continuous, automated operation to support real-time settlement. If the minting key is offline, real-time payments stop. Moreover, even within secure hardware environments, administrative access often remains concentrated, creating a vulnerability to insider threats.

The Solution: Enterprise-Grade Custody & Programmable Governance

If the Minting Key represents a Single Point of Failure, the objective is clear: we must eliminate it. The question for banks is no longer "is there a solution?" but rather "which architecture fits our operational needs?"

One of the core security challenges in tokenized deposits lies in a paradox inherited from traditional key management. While Hardware Security Modules (HSMs) are highly secure when kept in cold storage (offline) or isolated within private networks, this model was designed for low-frequency custody, where human administrators manually approve infrequent transactions.

Tokenized deposits, however, demand high-velocity, 24/7 operations. Therefore, minting and burning must occur automatically, at any hour, without human intervention. This makes true cold storage impractical.

At the same time, keeping a highly privileged minting key online in a single location creates a single point of failure.

It is a structural problem that demands a new security primitive.

The Solution: Multi-Party Computation (MPC) & Threshold Signatures

Multi-Party Computation (MPC) has emerged as a practical answer to this problem. In an MPC architecture, the minting authority is split into multiple cryptographic key shares, each held by an independent system or domain. 

When a minting transaction is required, these shares collaboratively generate a valid signature without ever reconstructing the full key in memory. At no point does a single machine, administrator, or insider gain unilateral signing power.

Programmable Policy: Encoding Bank Controls Into the Signing Layer

Decentralizing key material, however, is only the foundation. In a world of programmable money, banks also need programmable security.

Traditional governance relies on documented procedures, approval emails, and human oversight. But tokenized deposits operate at machine speed. Governance must therefore move closer to the execution layer itself. This is where MPC-based policy engines become critical.

Instead of merely asking who can sign, banks can define under what conditions a signature is even possible.

• Quorum Approval: "Minting requests over $1M require 3-of-5 approvals (e.g., CFO + Compliance + IT)."
• Allowlisting: "Tokens can only be minted to wallets that have passed real-time KYT (Know-Your-Transaction) screening."
• Velocity Limits: "Maximum issuance is capped at $50M per 24-hour cycle."

Custody Architecture Choices for Regulated Institutions

Finally, institutions must decide how this infrastructure is deployed. Some will prioritize speed to market and opt for managed or hybrid models. Others, particularly systemically important banks, may require full self-hosting to meet regulatory, sovereignty, or resilience requirements.

As discussed in our deeper analysis of custody models for tokenization, there is no one-size-fits-all approach. What matters is that the minting authority, regardless of deployment model, never becomes a latent liability.

This is the design principle guiding modern tokenized deposit infrastructure: operationally live, cryptographically constrained, and structurally resilient.

For teams ready to explore these architectural choices, our team at Fystack is available to discuss the optimal setup for your settlement rails.

Talk to Us: https://t.me/anhthind 

Conclusion: Building the Future of Settlement

With regulatory pathways clearing and the inefficiencies of legacy payment systems becoming unsustainable, banks are actively constructing the next generation of settlement infrastructure.

However, success in this transition will not be defined merely by speed to market. It will be defined by resilience. The ability to mint bank liabilities on-chain introduces systemic operational risks that legacy security models cannot contain.

Consequently, adopting Multi-Party Computation and programmable governance is the prerequisite for safe institutional participation in the digital economy.

Financial leaders who prioritize robust security governance today will ultimately define the settlement rails of tomorrow. For those ready to build infrastructure that is both compliant and future-proof, the time to lay the architectural foundation is now.

If you want to read more deep-dive articles like this, please join our telegram group with more than 250+ builders for up-to-date announcements, security research, and market insights. 

Frequently Asked Questions (FAQs)