Happy Thursday. A few quick hits before we dig in. Morgan Stanley's spot Bitcoin ETF launched this week, pulling in 430 BTC and about $30.6 million on day one. The FDIC advanced its second major rule proposal under the GENIUS Act, laying out reserve and redemption standards for bank-issued stablecoins. Japan is loosening privacy laws specifically to make AI development easier. Bitcoin briefly topped $72,000 on ceasefire optimism before settling around $71,200. And Block, Jack Dorsey's company, is running a $1 million Bitcoin giveaway through Sunday, reviving the faucet concept from 2010. Let's get into it.
The U.S. stablecoin regulatory picture got significantly more concrete this week. The FDIC put out its second GENIUS Act rule proposal, and this one goes beyond the application procedures from December 2025. It now covers the actual operating standards for bank-issued stablecoins. Here's the core of it. Permitted payment stablecoin issuers, or PPSIs as the regulators are calling them, must maintain dollar-for-dollar reserves at all times, backed by eligible assets like short-term U.S. Treasuries, cash at insured banks, qualifying repos, and money market funds. Daily monitoring is required. Reserves must be segregated from other assets. Counterparty exposure is capped at 40% of total reserves. On redemptions, there's a hard two-business-day window. If someone redeems more than 10% of the outstanding value within 24 hours, the issuer has to notify the FDIC and may get a brief extension, but there's no dodging the obligation. New issuers need at least $5 million in minimum capital for their first 3 years, and the capital has to be common equity or additional tier 1. No tier 2 capital tricks. They also need a liquidity backstop equal to 12 months of operating expenses in highly liquid assets. One important distinction: deposits backing stablecoins may qualify for FDIC coverage at the bank level, but that insurance does not pass through to stablecoin holders. The GENIUS Act explicitly prohibits marketing stablecoins as federally insured. So if you hold a bank-issued stablecoin, you're not a depositor in the regulatory sense. Now this isn't just the FDIC acting alone. The OCC released its own extensive proposed rule back in February covering similar ground for federally supervised issuers. And the Treasury issued its first GENIUS Act notice of proposed rulemaking on April 3, outlining how state regimes can qualify as substantially similar to federal standards. State-licensed issuers with $10 billion or less in consolidated issuance could stay under state supervision if their home state meets the bar. Larger issuers above that threshold have to transition to federal oversight within 360 days of the final rule taking effect. Meanwhile, Treasury Secretary Scott Bessent is also pressing Congress to pass the CLARITY Act, which he says is vital for setting rules around tokenized assets and decentralized exchanges. This three-agency coordination, FDIC, OCC, and Treasury, is moving faster than a lot of people expected. The GENIUS Act takes effect on the earlier of January 18, 2027, or 120 days after final regulations. The FDIC wants its rules finalized before the July 18, 2026 deadline, and there's a 60-day public comment period with 144 questions open now. Banks, for their part, are still cautious. An S&P Global report this week noted that most U.S. lenders remain in wait-and-see mode. Deposit cannibalization risk, regulatory flux, and new competition from fintechs and crypto-native firms are all complicating the decision to jump in. But the framework is no longer theoretical. The plumbing is being laid.
Bitcoin's been in a tug of war all week, and the data tells a conflicted story. Monday brought $471 million in net inflows to U.S. spot Bitcoin ETFs, the strongest single day since late February. BlackRock's IBIT led with about $182 million, followed by Fidelity's FBTC at $147 million and ARK's ARKB at around $119 million. Total assets across spot Bitcoin ETFs have now crossed $90 billion. Then Tuesday and Wednesday flipped to outflows, about $159 million and $124.5 million respectively. Fidelity and ARK saw the heaviest redemptions, though BlackRock continued pulling in about $40 million. So there's rotation happening within the ETF complex, not a wholesale exit. Morgan Stanley's new spot Bitcoin ETF debuted on Tuesday, trading on the NYSE Arca under the ticker MSBT. It logged $34 million in volume and bought 430 BTC on its first day, with $30.6 million in net inflows. Solid but not in the same league as BlackRock's IBIT launch. The bigger question is what these flows mean for price. Bitcoin popped above $72,000 after the U.S. and Iran announced a conditional 2-week ceasefire, which eased fears around the Strait of Hormuz and oil supply disruption. But it stalled just below key resistance, hovering around $71,200 by Wednesday. The derivatives market is split. Perpetual funding rates have moved toward neutral, suggesting leveraged longs are unwinding rather than new shorts piling on. Options data shows the $80,000 strike call dominating open interest, a big bullish bet from whales, but near-term put protection is modestly favored, meaning traders are hedging rather than going all in. Tom Lee from Fundstrat declared the bottom is in, arguing the ceasefire is the starting gun for a rally. CryptoSlate took the other side, noting the ceasefire is conditional and the Hormuz risk isn't fully resolved, calling the rebound a possible trap. On-chain data adds another wrinkle. Despite the price recovery, Bitcoin's fee market has barely moved. On-chain activity remains subdued, which some analysts interpret as the price rally being driven primarily by corporate and ETF products rather than organic network demand. That divergence is worth watching. If this rally is built on institutional positioning and macro relief rather than on-chain demand, it could stall quickly if the ceasefire breaks down or inflation data disappoints.
Block is running what it calls Bitcoin Day, a 5-day promotion from April 6 through the 10th, tying together Cash App, Square, and Bitkey with a $1 million Bitcoin giveaway. The structure is deliberate. There are 4 steps, each rewarded. Buy at least $10 of Bitcoin on Cash App and get $5 in free BTC. Pay a participating merchant through Square using Lightning and earn $25. Withdraw Bitcoin to Bitkey, Block's self-custody hardware wallet, and get $50. Complete all 3 and you can earn up to $80 per person. Block is framing this as a spiritual successor to the original Bitcoin faucet that Gavin Andresen ran in 2010, when anyone could claim free BTC just to try it out. But this version is clearly a product funnel. Each step drives adoption of a specific Block product, and the ultimate destination is self-custody on Bitkey. That's actually interesting from a philosophical standpoint. A publicly traded company with roughly 8,883 BTC on its balance sheet is actively pushing users toward holding their own keys. Eligibility is limited to U.S. residents 18 and older, with New York excluded from the Square and Bitkey rewards due to licensing restrictions. The whole thing runs through btc. day. Meanwhile, the broader self-custody space got a reminder about fundamentals this week. Law enforcement seized about $600,000 in crypto tied to a Ledger phishing campaign. Critically, this wasn't a hardware wallet hack. Attackers tricked users into revealing seed phrases through fake wallet interfaces and malicious transaction approvals. Once a seed phrase is exposed, no hardware wallet can protect you. That's the perennial lesson. And on the developer side, Bitcoin Core contributors staged a live demonstration of so-called attack blocks on Bitcoin's Signet test network. These are specially crafted blocks that take dramatically longer to verify, illustrating a consensus vulnerability that the Great Consensus Cleanup initiative and BIP 54 aim to fix. Developers held sessions at 3 different times to accommodate global participants, and anyone running a Signet node could observe the slow verification in real time. It's the kind of unglamorous infrastructure work that keeps Bitcoin secure but rarely makes headlines. The combination of Block pushing mainstream adoption while core developers quietly shoring up protocol security is a good snapshot of where Bitcoin is right now. The top of the funnel is getting wider, and the foundation underneath is being reinforced.
Two very different approaches to AI governance are crystallizing right now, and they tell you a lot about how this decade's regulatory landscape will shake out. In the U.S., it's still a patchwork. The White House released a National Artificial Intelligence Legislative Framework in late March targeting 6 objectives: protecting children, safeguarding communities, protecting intellectual property, preventing censorship, enabling innovation, and workforce education. But executive orders can't override state authority, and states aren't waiting. Tennessee just signed a law banning AI systems that impersonate mental health professionals. Georgia has 3 AI bills on the governor's desk covering chatbot disclosure, child safety, and prohibiting insurance decisions based solely on AI. South Carolina is advancing age verification and parental consent requirements. Idaho sent 4 AI bills to its governor. The EU is further along. The EU AI Act has multiple phases already active, with August 2026 as a key milestone, not for the start of compliance, but for proving that governance actually works in practice. The guidance from AI Competence, a compliance resource, emphasizes moving past the question of whether you have an AI policy to whether you have a working operating model. That means identifying every AI system in your organization, assigning legal roles to each, classifying use cases as prohibited, high-risk, or transparency-triggering, and translating those classifications into operational controls with evidence. Then there's Japan, which is taking a completely different tack. The government plans to amend its Personal Information Protection Act to remove opt-in consent requirements for certain data uses in AI development. If the data poses little risk and is used for statistical research, consent won't be needed. Facial scans can be used with disclosure but without mandatory opt-out. Minor protections remain: images of those under 16 require parental approval. Fines target malicious misuse, proportional to profits gained. Japan's digital minister argued bluntly that current privacy laws are a major obstacle to AI competitiveness and that the country risks falling behind without these changes. It's a calculated bet: lower the regulatory friction and accept the trade-offs on privacy to attract AI investment and talent. Whether that bet pays off depends on whether the guardrails on misuse actually hold. The synthetic data angle is worth mentioning here too. Companies like Welo Data are pushing privacy-first synthetic data as a middle path, where you preserve the statistical patterns of real data without exposing sensitive records. In regulated industries like healthcare and finance, this could thread the needle between utility and compliance. But the caveats matter: poorly abstracted synthetic data can still enable re-identification. So the tool works only as well as the governance around it.
Here's the thought to sit with. We're watching regulators in the U.S., Europe, and Japan all trying to solve the same problem, how do you build rules fast enough to keep up with technology, and arriving at wildly different answers. The U.S. is coordinating across 3 agencies on stablecoins while 50 states freelance on AI. The EU is demanding operational proof that governance works. Japan is stripping away privacy requirements to move faster. None of these approaches is obviously right. But the companies and builders who survive will be the ones who design for flexibility, because the rules are going to keep changing. That's it for today. I'm out.