SB710, the Crypto ATM Fraud Prevention Act of 2025, would amend title 31 to create a concrete fraud-prevention framework for virtual currency kiosks. It establishes a registration regime for kiosk operators, defines key terms, and adds a new fraud-prevention provision (section 5337) that governs disclosures, receipts, anti-fraud policies, and compliance oversight.
The bill also introduces transaction limits for new customers, requires verbal confirmation for sizable transactions, and sets penalties for noncompliance. The intent is to raise transparency, strengthen oversight, and provide clear remedies for fraud involving crypto kiosks.
At a Glance
What It Does
The bill adds a new regulatory section focused on virtual currency kiosks, requiring operator registration with Treasury, defined terms, disclosures before transactions, requirement for receipts, anti-fraud policies, a designated compliance officer, and ongoing use of blockchain analytics to identify fraud.
Who It Affects
Operators of virtual currency kiosks within the United States or territories and their customers; FinCEN and law enforcement receive enhanced information flows and reporting obligations, and compliance personnel must be appointed.
Why It Matters
Kiosks are a growing touchpoint for crypto purchases and potential fraud. The act aims to standardize protections, improve traceability, and give authorities better tools to detect and deter fraudulent activity while clarifying operators’ responsibilities.
More articles like this one.
A weekly email with all the latest developments on this topic.
What This Bill Actually Does
The Crypto ATM Fraud Prevention Act creates a formal framework for virtual currency kiosks. It starts by registering kiosk locations with the Treasury and updating that list every 90 days, ensuring regulators know where kiosks are located and operating.
The act then adds a new section to Title 31 that defines key terms (virtual currency, wallet addresses, kiosk operators, and related concepts) and lays out a comprehensive set of obligations for operators.
Before a kiosk transaction occurs, operators must disclose all terms and fees, warn that the transaction is final and nonrefundable, and inform customers about common fraud schemes. Customers must acknowledge these disclosures, and operators must provide a receipt after each transaction containing detailed information (identity, transaction specifics, fees, and timestamps).
The bill also requires operators to maintain an anti-fraud policy, appoint a qualified compliance officer, and use blockchain analytics to screen for fraud and illicit activity.In addition, new-customer protections impose limits on daily and total transaction amounts and require verbal confirmation for transactions over $500, obtained via live phone or video, to deter coercion or misrepresentation. The act sets civil penalties for noncompliance and requires operators to establish and share contact channels with law enforcement.
It also clarifies how the act interacts with state laws—establishing a federal baseline while allowing stricter state protections—and specifies an effective date 90 days after enactment.Overall, SB710 seeks to increase transparency, accountability, and consumer protection in crypto kiosk transactions by combining registration, disclosures, documentation, and active fraud-prevention measures.
The Five Things You Need to Know
Kiosk operators must register each US location with Treasury and refresh the list at least every 90 days.
Before any transaction, operators must disclose terms, fees, finality, and fraud warnings to customers.
Operators must provide a detailed receipt after each transaction, including transaction hash and addresses.
An anti-fraud policy must be adopted and a qualified compliance officer appointed; blockchain analytics must be used.
New-customer transactions are capped and require verbal confirmation for larger transactions to deter fraud.
Section-by-Section Breakdown
Every bill we cover gets an analysis of its key sections.
Registration with the Treasury for kiosk operators
This section amends the code to require virtual currency kiosk operators to submit an updated list of all kiosk locations within 90 days of the effective date and at least every 90 days thereafter. The submission must include operator details, addresses of kiosks, start and end dates of operation, and each virtual currency address used. The registration framework creates a centralized registry to improve oversight and enable timely enforcement actions.
Definitions for the virtual currency kiosk regime
Section 3(a) provides definitions for terms used throughout the new fraud-prevention framework, including virtual currency, virtual currency address, virtual currency kiosk, and virtual currency kiosk operator, as well as related concepts like transaction hash, wallet, and customer. These definitions establish the scope of coverage and ensure consistent application across the statute.
Disclosures and acknowledgment of disclosures
Before a transaction, operators must disclose all terms, fees, and risks, including the finality and nonrefundable nature of transactions, and any other customer obligations. Customers must acknowledge these disclosures, ensuring informed consent for the transaction.
Receipts and physical receipt deadline
Operators must issue a receipt after each transaction containing operator contact details, customer name, transaction type and value, time, transaction hash, and addresses involved, as well as a USD value and fees. Within a year, all receipts must be provided physically at the kiosk, with other formats allowed in addition.
Anti-fraud policy and compliance officer
Operators must maintain a written anti-fraud policy addressing risk areas, controls, accountability, and periodic review. A qualified compliance officer must be appointed and employed full-time (not the CEO) with limited ownership stake to oversee adherence to the new requirements.
Blockchain analytics and compliance checks
Operators are required to use blockchain analytics to avoid sending funds to known fraudulent wallets and to detect suspicious patterns. FinCEN may request evidence to confirm compliance with this subsection.
New-customer protections and transaction limits
For new customers, transactions over $500 require a live verbal confirmation, and operators must implement reasonable checks to determine if the customer is being fraudulently induced. There are also explicit daily and total transaction limits for new customers: $2,000 in a 24-hour period and $10,000 in total.
Customer service, law enforcement, and penalties
Kiosk operators must provide a live customer service helpline and submit a direct contact channel (phone and email) to FinCEN and other agencies. Civil penalties for noncompliance are set at $10,000 per violation, with each day counting as a separate violation and enforcement aligned with existing Treasury collection authorities.
Effective date
The amendments take effect 90 days after enactment, after which all new obligations apply to kiosk operators and related entities.
This bill is one of many.
Codify tracks hundreds of bills on Finance across all five countries.
Explore Finance in Codify Search →Who Benefits and Who Bears the Cost
Every bill creates winners and losers. Here's who stands to gain and who bears the cost.
Who Benefits
- Kiosk operators receive a clear compliance framework and data flow that supports legitimate operations and risk management.
- Crypto kiosk customers gain enhanced protection through disclosures, receipts, and refund rights.
- FinCEN and law enforcement benefit from improved visibility, traceability, and cooperation through mandated reporting and data-sharing channels.
- Blockchain analytics providers and compliance professionals gain a structured market for their services, supported by regulatory requirements.
Who Bears the Cost
- Kiosk operators incur costs to implement disclosures, receipts, anti-fraud policies, compliance officers, and ongoing reporting to FinCEN.
- Consumers may face higher transaction costs or friction due to disclosures, limits, and verification steps.
- Regulatory agencies may require additional staffing and technology investments to manage compliance and enforcement.
- State and local agencies may experience a shift in enforcement focus as federal baseline protections expand, requiring coordination.
Key Issues
The Core Tension
The central dilemma is whether a highly prescriptive, tech-driven fraud-prevention regime can meaningfully reduce scam risk at crypto kiosks without unduly burdening legitimate customers or imposing prohibitive costs on operators.
The bill creates a robust fraud-prevention framework for crypto kiosks, but it also introduces friction that could affect legitimate users and small operators. Requiring detailed disclosures, receipts, and compliance oversight helps regulators monitor activity and deter scams, yet the added steps, limits, and verification checks could slow legitimate transactions and increase operating costs.
The explicit use of blockchain analytics raises privacy considerations and dependency on technology providers to accurately classify wallets as fraudulent or legitimate, which could have false-positive consequences if misapplied. The preemption clause establishes a federal baseline with room for stricter state laws, but the interaction between federal requirements and existing state consumer protections will need careful navigation in practice.
Overall, the key tensions center on balancing fraud prevention with access and efficiency: the framework aims to deter fraud without creating excessive barriers for ordinary users or stifling legitimate commerce. The success of the policy will depend on how effectively operators implement the anti-fraud program, how FinCEN exercises its oversight, and how privacy and consumer protection considerations are reconciled with technology-driven safeguards.
Try it yourself.
Ask a question in plain English, or pick a topic below. Results in seconds.