Womble Perspectives
Welcome to Womble Perspectives, where we explore a wide range of topics from the latest legal updates to industry trends to the business of law. Our team of lawyers, professionals and occasional outside guests will take you through the most pressing issues facing businesses today and provide practical and actionable advice to help you navigate the ever-changing legal landscape. With a focus on innovation, collaboration and client service, we are committed to delivering exceptional value to our clients and to the communities we serve.
Womble Perspectives
Guardrails for Crypto: California’s Approach
Use Left/Right to seek, Home/End to jump to start or end. Hold shift to jump forward or backward.
California residents to be licensed—or have an application pending through NMLS—by July 1, 2026. This episode covers who must comply, key consumer protection requirements under AB 39 and SB 401, new rules for crypto kiosks, and what digital asset companies should be doing now to prepare for DFPI oversight.
Read the article
About the authors
Welcome to Womble Perspectives, where we explore a wide range of topics, from the latest legal updates to industry trends to the business of law. Our team of lawyers, professionals and occasional outside guests will take you through the most pressing issues facing businesses today and provide practical and actionable advice to help you navigate the ever changing legal landscape.
With a focus on innovation, collaboration and client service. We are committed to delivering exceptional value to our clients and to the communities we serve. And now our latest episode.
Host 1:
Today we’re talking crypto. California’s new Digital Financial Assets Law is officially here, and it’s a big deal for companies operating in the digital asset space. Signed by Governor Newsom back in October 2023, this law creates a comprehensive licensing and oversight framework for certain crypto activities. And by July 1, 2026, affected companies must be licensed or have an application on file through the Nationwide Multistate Licensing System.
Host 2:
Companies should pay close attention to that date, because the Digital Financial Assets Law is designed to bring a lot more structure to what’s been a pretty fast‑moving industry. At a high level, the law regulates activities like exchanging, transferring, storing, and issuing digital financial assets for California residents. It’s essentially California saying, “If you’re in the crypto business here, we want visibility and accountability.” The law also gives the Department of Financial Protection and Innovation real licensing and enforcement authority. So this isn’t just guidance; it has teeth.
Host 1:
The Digital Financial Assets Law is actually made up of two bills working together: Assembly Bill 39 and Senate Bill 401. AB 39 focuses on licensing and regulating crypto businesses more broadly, with an emphasis on consumer protection. Lawmakers were pretty direct about their concerns—high volatility, fraud, and technical vulnerabilities all played a role. The idea is to support innovation, but not at the expense of consumer safety.
Host 2:
And SB 401 zeroes in on crypto kiosks, which have been a growing concern for regulators and law enforcement both. These kiosks are now subject to transaction limits—no more than $1,000 per customer per day. Operators also have to cap fees at either $5 or 15% of the transaction value, whichever is greater. On top of that, customers must receive detailed receipts explaining exactly what happened in the transaction. The goal is to reduce fraud and rein in some of the eye‑watering markups we’ve seen.
Host 1:
The kiosk rules go even further when it comes to transparency. Operators must provide the Department of Financial Protection and Innovation with the physical locations of all kiosks, and the agency is required to publish that information online. That helps regulators and local law enforcement spot unregistered or suspicious activity and supporters believe this will make it much harder for bad actors to hide in plain sight.
Host 2:
More broadly, the Digital Financial Assets Law creates a full regulatory program for many crypto companies serving California residents. The Department of Financial Protection and Innovation now has authority to license, supervise, and examine digital asset businesses, custodians, and even certain stablecoin issuers. Licensees must meet capital and liquidity requirements to ensure they can meet customer obligations. They’re also expected to vet assets before offering them to Californians, which is meant to reduce scams and fraud. And yes, there are disclosure requirements too—fees, risks, and conflicts of interest all need to be clearly communicated.
Host 1:
There are also some operational requirements that might surprise people. Licensed companies must offer at least 10 hours of live customer phone support on weekdays. Stablecoins get special treatment as well—they can’t be offered unless they meet specific reserve and redemption requirements. And again, kiosks come up here too, with limits, fee caps, and mandatory disclosures baked directly into the statute. California is clearly aiming for consistency across the digital asset ecosystem.
Host 2:
Of course, not everyone is covered by the Digital Financial Assets Law. There are exemptions for certain banks, some technology providers that only offer connectivity or computing power, and businesses that reasonably expect to make less than $50,000 a year from covered activities. Merchants that simply accept digital assets as payment for goods or services are also excluded. But for companies that do fall within scope, the Law doesn’t replace other required licenses—they may still need additional California approvals. And for stablecoin issuers, applicability often requires a deeper, case‑by‑case analysis.
Host 1:
If a company does need a Digital Financial Assets Law license, the obligations are significant. Licensees must maintain compliance and risk‑management policies, meet minimum capital and liquidity standards, and post a surety bond of at least $500,000—or maintain a trust account if required. They also have to keep records, file reports, and submit to ongoing supervision and examination by the Department of Financial Protection and Innovation. This is not a “check the box once and forget it” type of license. It’s an ongoing regulatory relationship.
Host 2:
One last timing note before we wrap up. The original licensing deadline was July 1, 2025, but AB 1934 extended it to July 1, 2026. That gives companies more runway, but not as much as it might seem. Anyone currently doing business with California residents should already be reviewing the Digital Financial Assets Law license checklist on the Nationwide Multistate Licensing System Resource Center.
Thank you for listening to Womble Perspectives. If you want to learn more about the topics discussed in this episode, please visit The Show Notes, where you can find links to related resources mentioned today. The Show Notes also have more information about our attorneys who provided today's insights, including ways to reach out to them.
Don't forget to subscribe via your podcast player of choice so that you never miss an episode. Thank you again for listening.