Stablecoin Treasury: What Controllers Need to Know Now

Stablecoins stopped being someone else's problem about eighteen months ago. Most controllers haven't noticed yet.

For most of the last decade, they were a crypto-native concern. Crypto-native exchanges held them. Crypto-native funds traded them. The treasury team at a mid-market manufacturing company had no reason to think about USDC, USDT, or PYUSD, and the controller's office had no reason to learn the accounting.

That changed faster than most finance functions noticed. Stablecoin transaction volume has grown by orders of magnitude, with annual flows now measured in the trillions on the most cited industry estimates. Major payment processors have added stablecoin rails. PayPal launched its own. Visa has been settling cross-border transactions on-chain. The Treasury Department has issued guidance, the SEC has weighed in, and Congress has had at least one serious legislative push at federal stablecoin regulation.

What this means for the controller's office is simple: the accounting questions are no longer theoretical, and they're no longer just the problem of crypto-native firms. If your company accepts stablecoins for payment, holds them for any operational purpose, settles cross-border in them, or has a partner that does any of the above, you have stablecoin accounting questions whether you've recognized them or not.

Most controllers haven't caught up. Here's what you actually need to know.

The classification question. It's not as obvious as it looks.

The first instinct is to treat a stablecoin like cash. After all, it's pegged 1:1 to the dollar, redeemable on demand, and used for payment. That instinct is wrong, and getting it right matters.

Under U.S. GAAP, cash and cash equivalents have a specific definition that stablecoins do not meet. Cash equivalents must be highly liquid, have a maturity of three months or less from the date of acquisition, and present insignificant risk of changes in value. Stablecoins fail at least one of these criteria — most obviously, the "insignificant risk of changes in value" test, given documented depeg events. They also are not legal tender, not securities, not foreign currency, and not inventory in any traditional sense.

Under the prevailing accounting frameworks, most stablecoin holdings have ended up classified as intangible assets with indefinite life. This is a deeply unsatisfying answer because it ignores what the stablecoin is actually being used for, but it is where the analysis lands when the available categories are exhausted.

FASB's ASU 2023-08, which took effect for fiscal years beginning after December 15, 2024, partially fixed this for crypto assets — moving qualifying crypto from cost-less-impairment to fair value through net income. But the scope of ASU 2023-08 is narrow. It covers crypto assets that meet specific criteria, and the application to stablecoins specifically is less clean than the application to Bitcoin or Ether. Whether a particular stablecoin qualifies depends on its structure, the issuer's representations, and the consensus interpretation that emerges as practice develops.

This is the first thing controllers need to do: understand what classification your auditor will accept for the specific stablecoins your company holds, and document the rationale. Don't assume cash equivalent. Don't assume it's all under ASU 2023-08. Get the answer specific to your facts.

The custody and counterparty question.

The second thing controllers underweight is custody risk. A dollar in a bank account is held by an FDIC-insured institution under heavy regulatory supervision, and even there, controllers monitor counterparty exposure for material balances. A stablecoin held in a self-custody wallet is held by no one but the company. A stablecoin held with an exchange or custodian is subject to that custodian's solvency, security, and operational integrity.

The disclosure questions that arise:

• Where is the stablecoin custodied, and what is the legal nature of that custody? Is the company a creditor of the custodian, or does the company have a property interest in the specific tokens?
• What is the company's exposure if the custodian fails? Is there segregation? Is there insurance? Has it been tested?
• What is the company's exposure if the stablecoin issuer fails or depegs? The peg is a representation, not a guarantee. USDT, USDC, and PYUSD have all traded off peg at points, sometimes materially.
• What is the disclosure obligation if any of these risks become material?

For most companies, the answer to all of these in 2026 is "we haven't really thought about it." That answer will not survive a serious audit cycle.

The transaction-level accounting.

If the company is using stablecoins for actual payment activity — accepting them from customers, paying suppliers, settling cross-border — there is a layer of transaction-level accounting that has to work.

The basic mechanics:

• Receipt of stablecoin from a customer. Recognized at fair value at the time of receipt. Difference between invoice amount and stablecoin fair value goes to FX gain/loss or its equivalent. The intangible asset is then recorded on the balance sheet.
• Holding period. Under ASU 2023-08 (where applicable), changes in fair value flow through net income. Outside that scope, the indefinite-life intangible model applies — meaning impairment if the price drops below cost basis, but no recognition of upward movement until disposal.
• Disposal. Whether by conversion to fiat, payment to a supplier, or transfer to another party, the disposal is a recognition event. Gain or loss is calculated against the cost basis (or fair value at last measurement, depending on the framework).
• Cost basis tracking. Specific identification, FIFO, or weighted average — all viable, but the choice has to be documented and applied consistently. This becomes complex fast for companies with high-volume transaction activity.

For a company processing meaningful stablecoin volume, the cost basis problem alone can require dedicated tooling. Spreadsheet tracking does not scale past a few hundred transactions, and most general ledger systems don't have native crypto subledger capabilities yet.

The disclosure question. This is where most companies are exposed.

Even for companies with relatively small stablecoin balances, the disclosure question is non-trivial. Material risks have to be disclosed. The SEC has been clear about its expectations on crypto-related disclosures, and stablecoin holdings — even if classified as immaterial in dollar terms — can carry disclosure-relevant risk that is not obvious from the balance sheet.

The questions a controller should be able to answer:

• What is our gross stablecoin exposure, and to which specific tokens and issuers?
• What is our custody arrangement, and what risks does it create?
• What is the worst plausible loss scenario, and is it material to our financials or our operations?
• How does our use of stablecoins fit into our broader risk management framework, and is that documented?
• What controls do we have over the wallets and accounts that hold these assets?

Most companies cannot answer these clearly. The ones that can are positioned for whatever comes next. The ones that can't are taking on a disclosure risk that scales with the volume of activity, often without the controller's office being aware of the exposure.

What I'd be doing about this now.

If I were responsible for the controller function at a company where stablecoins are anywhere in the operating environment — directly, indirectly, through a payment processor that handles the conversion behind the scenes, or through a corporate development pilot — three things would be on my desk this quarter:

1. Inventorying the exposure. Where in the business are stablecoins touching us? Most companies don't have a clear picture, and you can't manage what you can't see. Even an indirect touchpoint through a vendor or partner creates accounting exposure that has to be understood.
2. Getting the accounting position documented before it matters. The cost of formalizing an accounting position with the auditor in advance is a fraction of the cost of arguing about it during fieldwork. The auditor's view on classification, measurement, and disclosure should be in writing before the year-end balance is material.
3. Building the controls posture before the volume scales. Wallet controls, custody arrangements, segregation of duties on stablecoin transactions, reconciliation procedures, disclosure language. All easier to build now, when the stakes are low, than after the auditor has questions.

None of this requires a position on whether stablecoins are good or bad, transformational or overhyped. It just requires recognizing that they are now a treasury instrument that touches mainstream business, and the controller's office is responsible for the accounting and disclosure either way.

The companies that get ahead of this look prudent. The ones that don't will look reactive when the question lands on the desk under audit pressure — and at that point, the answer is much harder to put together.

Deeper coverage of stablecoin accounting, payment system integration, and the broader payments controller function lives at paymentscontroller.com.