Buy Crypto- Markets
Futures- Spot
- Copy Trade
- Earn
- More
Yu Weiwen: Steady Development of Hong Kong's Compliant Stablecoin Ecosystem
On April 10, the Hong Kong Monetary Authority announced the official issuance of stablecoin licenses to DPoint (a joint venture of Standard Chartered Bank, Hong Kong Telecommunications, and Anning Group) and HSBC under the Stablecoin Ordinance. The President of the Hong Kong Monetary Authority, Eddie Yue, published an article titled "Robust Development of Hong Kong's Compliant Stablecoin Ecosystem" in the official "HKMA Insights" column, pointing out that this licensing marks a new stage in the regulation of stablecoins in Hong Kong. Both licensed entities plan to issue Hong Kong dollar stablecoins in the first phase, focusing on four major scenarios: cross-border and local payments, tokenized asset trading, and innovative applications. As both institutions have banking backgrounds and have participated in CBDC experiments, this is conducive to exploring the synergies of "future payments." The Monetary Authority emphasized that the licensing threshold remains high, and the number of licenses will remain limited in the future. Subsequent measures, such as on-site inspections, will be implemented to ensure compliance operations by the licensees. This move aims to address the pain points of the real economy through compliant stablecoins under international regulatory trends, laying a solid foundation for Hong Kong as a digital financial hub.
Author: Eddie Yue
Source: Hong Kong Monetary Authority The Monetary Authority announced today that the Financial Commissioner has granted stablecoin issuer licenses to two institutions—DPoint Financial Technology Limited (a company formed by Standard Chartered Bank (Hong Kong), Hong Kong Telecommunications, and Anning Group, hereinafter referred to as DPoint) and HSBC, marking a new phase in the implementation of Hong Kong's stablecoin regulatory system.
Looking back at the development of Hong Kong's stablecoin regulatory system, from legislative consultation, drafting, and legislation to the implementation of the licensing system and the issuance of licenses, we adhere to the risk-based principle of "same activity, same risk, same regulation," establishing a regulatory framework that is both robust and flexible based on international regulatory standards. This framework aims to maintain the bottom line of managing financial stability, anti-money laundering, and investor protection risks while retaining the flexibility to adjust regulatory requirements in a timely and moderate manner according to the development of international regulatory trends and market changes. The goal is to enable compliant stablecoins to play a positive role in various application scenarios and effectively address pain points in the real economy and financial activities.
License Approval
As of the first phase application deadline on September 30, 2025, the Monetary Authority has received applications from 36 institutions. In the face of numerous applications, over the past six months, the Monetary Authority's regulatory team has worked overtime to comprehensively and deeply review each application based on the specific provisions listed in the ordinance, maintaining communication with applicants as needed to clarify doubts and request information, ensuring that the entire approval process is rigorous and fair.
The Monetary Authority has always emphasized that the licensing has a relatively high threshold, with two main considerations during the approval process: (1) whether the applicant has sufficient risk management capabilities and experience and complies with relevant regulations in Hong Kong and other regions; (2) whether the applicant can propose specific application scenarios and feasible business plans and development strategies. Among the 36 applications, DPoint and HSBC demonstrated their ability to manage risks prudently and presented concrete application scenarios and future development plans, thus receiving their licenses.
Application Scenarios and Development Directions
Both licensed issuers plan to first issue Hong Kong dollar stablecoins in the initial phase. Overall, their business plans, application scenarios, and development directions include:
Cross-border payments: Leveraging the advantages of stablecoins and utilizing the issuers' extensive international business and partner networks to provide efficient, transparent, and lower-cost cross-border payment methods for businesses and individuals while complying with regulations and requirements set by other regional regulatory authorities;
Local payments: Accelerating the application of stablecoins in Hong Kong by utilizing existing business infrastructure and customer base, providing individuals and merchants with secure, fast, and efficient transaction and settlement experiences;
Tokenized asset trading: As a settlement tool for tokenized asset trading, compliant stablecoins can facilitate real-time transactions on the blockchain, helping to explore opportunities in the tokenized asset market and enhance market liquidity; they will also explore using compliant stablecoins as collateral management applications;
Innovative applications: Fully utilizing the programmable characteristics of stablecoins to explore innovative applications such as conditional payments and supply chain financing.
Both licensed issuers have banking backgrounds and have participated in the Monetary Authority's experiments related to central bank digital currency (CBDC) and tokenized deposits, providing them with a deeper understanding of the functions and application scenarios of various digital currencies, which is beneficial for exploring the possibilities of "future payments." One of the issuers has formed a consortium with local telecommunications, payment, and digital asset companies, allowing compliant stablecoins to achieve synergistic effects. The two institutions plan to gradually introduce more different enterprises (such as scenario providers) to promote the application of compliant stablecoins after their business develops steadily, and will continue to expand the application scenarios of stablecoins, explore more overseas markets, and consider introducing other currencies based on business operations, market conditions, and international regulatory developments.
Risk Management Measures
Licensed issuers must implement prudent and comprehensive policies and risk management measures in accordance with regulatory requirements regarding reserve asset management, asset security assurance, price stability mechanisms, redemption arrangements, and technological security, and establish robust anti-money laundering systems. This includes using blockchain monitoring tools in daily operations to detect suspicious transactions and take appropriate follow-up actions, verifying the identities of stablecoin holders either independently or through reliable third-party partners to ensure the effectiveness of monitoring measures. Both licensed issuers demonstrated their capability to comply with and implement these measures in their applications.
Follow-up Work
Before officially launching their compliant stablecoins, licensed issuers must complete relevant preparatory work, including technology platform and system testing, implementation of risk management measures, and human resource arrangements. Based on the current business plans of the two institutions, we expect that regulated stablecoins in Hong Kong will be gradually launched from mid to late this year.
After the stablecoins are officially launched in the market, the Monetary Authority will conduct ongoing and effective supervision based on the business and risk nature of individual licensees through on-site inspections, off-site inspections, independent assessments, and meetings with the management of the licensees to ensure compliance with relevant regulatory requirements. We will also review the effectiveness of the implementation and the preparation for business expansion according to the business plans proposed at the time of application, ensuring that the policy objectives of issuing stablecoin licenses in Hong Kong are realized.
As for the institutions that did not receive licenses in the first batch of applications or other institutions that may apply in the future, the Monetary Authority will maintain communication and dialogue with them, reviewing these applications according to relevant laws and uniform regulatory standards and requirements. Regarding future license issuance and timing, we maintain an open yet cautious attitude, with no clear inclination at this stage. However, we must reiterate that considering the risks involved in issuance activities, user protection, and the market's capacity and long-term development, the licensing has a relatively high threshold. Even if licenses are issued in the future, the overall number of licenses will remain very limited. The effectiveness of operations and market responses after the two licenses are implemented will also help us make a more comprehensive assessment.
Looking ahead, many regions around the world are formulating regulatory rules for stablecoins. Major international financial organizations such as the Financial Stability Board and various regional regulatory authorities are actively researching and discussing various aspects of stablecoin operations and risk management, including regulatory models for large multinational stablecoin issuers, with expectations that global regulatory directions will become clearer. We will actively participate in these discussions and provide Hong Kong's implementation experience, and periodically review the design of Hong Kong's regulatory system in accordance with international regulatory trends and practical experiences, striving to lay a solid foundation for Hong Kong as a digital financial hub and provide a path for stablecoin regulation that balances innovation and robustness.
You may also like
After the blockade of the Strait of Hormuz, when will the war end?
Before using Musk's "Western WeChat" X Chat, you need to understand these three questions
The X Chat will be available for download on the App Store this Friday. The media has already covered the feature list, including self-destructing messages, screenshot prevention, 481-person group chats, Grok integration, and registration without a phone number, positioning it as the "Western WeChat." However, there are three questions that have hardly been addressed in any reports.
There is a sentence on X's official help page that is still hanging there: "If malicious insiders or X itself cause encrypted conversations to be exposed through legal processes, both the sender and receiver will be completely unaware."
No. The difference lies in where the keys are stored.
In Signal's end-to-end encryption, the keys never leave your device. X, the court, or any external party does not hold your keys. Signal's servers have nothing to decrypt your messages; even if they were subpoenaed, they could only provide registration timestamps and last connection times, as evidenced by past subpoena records.
X Chat uses the Juicebox protocol. This solution divides the key into three parts, each stored on three servers operated by X. When recovering the key with a PIN code, the system retrieves these three shards from X's servers and recombines them. No matter how complex the PIN code is, X is the actual custodian of the key, not the user.
This is the technical background of the "help page sentence": because the key is on X's servers, X has the ability to respond to legal processes without the user's knowledge. Signal does not have this capability, not because of policy, but because it simply does not have the key.
The following illustration compares the security mechanisms of Signal, WhatsApp, Telegram, and X Chat along six dimensions. X Chat is the only one of the four where the platform holds the key and the only one without Forward Secrecy.
The significance of Forward Secrecy is that even if a key is compromised at a certain point in time, historical messages cannot be decrypted because each message has a unique key. Signal's Double Ratchet protocol automatically updates the key after each message, a mechanism lacking in X Chat.
After analyzing the X Chat architecture in June 2025, Johns Hopkins University cryptology professor Matthew Green commented, "If we judge XChat as an end-to-end encryption scheme, this seems like a pretty game-over type of vulnerability." He later added, "I would not trust this any more than I trust current unencrypted DMs."
From a September 2025 TechCrunch report to being live in April 2026, this architecture saw no changes.
In a February 9, 2026 tweet, Musk pledged to undergo rigorous security tests of X Chat before its launch on X Chat and to open source all the code.
As of the April 17 launch date, no independent third-party audit has been completed, there is no official code repository on GitHub, the App Store's privacy label reveals X Chat collects five or more categories of data including location, contact info, and search history, directly contradicting the marketing claim of "No Ads, No Trackers."
Not continuous monitoring, but a clear access point.
For every message on X Chat, users can long-press and select "Ask Grok." When this button is clicked, the message is delivered to Grok in plaintext, transitioning from encrypted to unencrypted at this stage.
This design is not a vulnerability but a feature. However, X Chat's privacy policy does not state whether this plaintext data will be used for Grok's model training or if Grok will store this conversation content. By actively clicking "Ask Grok," users are voluntarily removing the encryption protection of that message.
There is also a structural issue: How quickly will this button shift from an "optional feature" to a "default habit"? The higher the quality of Grok's replies, the more frequently users will rely on it, leading to an increase in the proportion of messages flowing out of encryption protection. The actual encryption strength of X Chat, in the long run, depends not only on the design of the Juicebox protocol but also on the frequency of user clicks on "Ask Grok."
X Chat's initial release only supports iOS, with the Android version simply stating "coming soon" without a timeline.
In the global smartphone market, Android holds about 73%, while iOS holds about 27% (IDC/Statista, 2025). Of WhatsApp's 3.14 billion monthly active users, 73% are on Android (according to Demand Sage). In India, WhatsApp covers 854 million users, with over 95% Android penetration. In Brazil, there are 148 million users, with 81% on Android, and in Indonesia, there are 112 million users, with 87% on Android.
WhatsApp's dominance in the global communication market is built on Android. Signal, with a monthly active user base of around 85 million, also relies mainly on privacy-conscious users in Android-dominant countries.
X Chat circumvented this battlefield, with two possible interpretations. One is technical debt; X Chat is built with Rust, and achieving cross-platform support is not easy, so prioritizing iOS may be an engineering constraint. The other is a strategic choice; with iOS holding a market share of nearly 55% in the U.S., X's core user base being in the U.S., prioritizing iOS means focusing on their core user base rather than engaging in direct competition with Android-dominated emerging markets and WhatsApp.
These two interpretations are not mutually exclusive, leading to the same result: X Chat's debut saw it willingly forfeit 73% of the global smartphone user base.
This matter has been described by some: X Chat, along with X Money and Grok, forms a trifecta creating a closed-loop data system parallel to the existing infrastructure, similar in concept to the WeChat ecosystem. This assessment is not new, but with X Chat's launch, it's worth revisiting the schematic.
X Chat generates communication metadata, including information on who is talking to whom, for how long, and how frequently. This data flows into X's identity system. Part of the message content goes through the Ask Grok feature and enters Grok's processing chain. Financial transactions are handled by X Money: external public testing was completed in March, opening to the public in April, enabling fiat peer-to-peer transfers via Visa Direct. A senior Fireblocks executive confirmed plans for cryptocurrency payments to go live by the end of the year, holding money transmitter licenses in over 40 U.S. states currently.
Every WeChat feature operates within China's regulatory framework. Musk's system operates within Western regulatory frameworks, but he also serves as the head of the Department of Government Efficiency (DOGE). This is not a WeChat replica; it is a reenactment of the same logic under different political conditions.
The difference is that WeChat has never explicitly claimed to be "end-to-end encrypted" on its main interface, whereas X Chat does. "End-to-end encryption" in user perception means that no one, not even the platform, can see your messages. X Chat's architectural design does not meet this user expectation, but it uses this term.
X Chat consolidates the three data lines of "who this person is, who they are talking to, and where their money comes from and goes to" in one company's hands.
The help page sentence has never been just technical instructions.
Parse Noise's newly launched Beta version, how to "on-chain" this heat?
Is Lobster a Thing of the Past? Unpacking the Hermes Agent Tools that Supercharge Your Throughput to 100x
Declare War on AI? The Doomsday Narrative Behind Ultraman's Residence in Flames
Crypto VCs Are Dead? The Market Extinction Cycle Has Begun
Claude's Journey to Foolishness in Diagrams: The Cost of Thriftiness, or How API Bill Increased 100-Fold
Edge Land Regress: A Rehash Around Maritime Power, Energy, and the Dollar
Arthur Hayes Latest Interview: How Should Retail Investors Navigate the Iran Conflict?
Just now, Sam Altman was attacked again, this time by gunfire
Straits Blockade, Stablecoin Recap | Rewire News Morning Edition
From High Expectations to Controversial Turnaround, Genius Airdrop Triggers Community Backlash
The Xiaomi electric vehicle factory in Beijing's Daxing district has become the new Jerusalem for the American elite
Lean Harness, Fat Skill: The Real Source of 100x AI Productivity
Ultraman is not afraid of his mansion being attacked; he has a fortress.
US-Iran Negotiations Collapse, Bitcoin Faces Battle to Defend $70,000 Level
Reflections and Confusions of a Crypto VC
Morning News | Ether Machine terminates $1.6 billion SPAC deal; SpaceX holds approximately $603 million in Bitcoin; Michael Saylor releases Bitcoin Tracker information again
After the blockade of the Strait of Hormuz, when will the war end?
Before using Musk's "Western WeChat" X Chat, you need to understand these three questions
The X Chat will be available for download on the App Store this Friday. The media has already covered the feature list, including self-destructing messages, screenshot prevention, 481-person group chats, Grok integration, and registration without a phone number, positioning it as the "Western WeChat." However, there are three questions that have hardly been addressed in any reports.
There is a sentence on X's official help page that is still hanging there: "If malicious insiders or X itself cause encrypted conversations to be exposed through legal processes, both the sender and receiver will be completely unaware."
No. The difference lies in where the keys are stored.
In Signal's end-to-end encryption, the keys never leave your device. X, the court, or any external party does not hold your keys. Signal's servers have nothing to decrypt your messages; even if they were subpoenaed, they could only provide registration timestamps and last connection times, as evidenced by past subpoena records.
X Chat uses the Juicebox protocol. This solution divides the key into three parts, each stored on three servers operated by X. When recovering the key with a PIN code, the system retrieves these three shards from X's servers and recombines them. No matter how complex the PIN code is, X is the actual custodian of the key, not the user.
This is the technical background of the "help page sentence": because the key is on X's servers, X has the ability to respond to legal processes without the user's knowledge. Signal does not have this capability, not because of policy, but because it simply does not have the key.
The following illustration compares the security mechanisms of Signal, WhatsApp, Telegram, and X Chat along six dimensions. X Chat is the only one of the four where the platform holds the key and the only one without Forward Secrecy.
The significance of Forward Secrecy is that even if a key is compromised at a certain point in time, historical messages cannot be decrypted because each message has a unique key. Signal's Double Ratchet protocol automatically updates the key after each message, a mechanism lacking in X Chat.
After analyzing the X Chat architecture in June 2025, Johns Hopkins University cryptology professor Matthew Green commented, "If we judge XChat as an end-to-end encryption scheme, this seems like a pretty game-over type of vulnerability." He later added, "I would not trust this any more than I trust current unencrypted DMs."
From a September 2025 TechCrunch report to being live in April 2026, this architecture saw no changes.
In a February 9, 2026 tweet, Musk pledged to undergo rigorous security tests of X Chat before its launch on X Chat and to open source all the code.
As of the April 17 launch date, no independent third-party audit has been completed, there is no official code repository on GitHub, the App Store's privacy label reveals X Chat collects five or more categories of data including location, contact info, and search history, directly contradicting the marketing claim of "No Ads, No Trackers."
Not continuous monitoring, but a clear access point.
For every message on X Chat, users can long-press and select "Ask Grok." When this button is clicked, the message is delivered to Grok in plaintext, transitioning from encrypted to unencrypted at this stage.
This design is not a vulnerability but a feature. However, X Chat's privacy policy does not state whether this plaintext data will be used for Grok's model training or if Grok will store this conversation content. By actively clicking "Ask Grok," users are voluntarily removing the encryption protection of that message.
There is also a structural issue: How quickly will this button shift from an "optional feature" to a "default habit"? The higher the quality of Grok's replies, the more frequently users will rely on it, leading to an increase in the proportion of messages flowing out of encryption protection. The actual encryption strength of X Chat, in the long run, depends not only on the design of the Juicebox protocol but also on the frequency of user clicks on "Ask Grok."
X Chat's initial release only supports iOS, with the Android version simply stating "coming soon" without a timeline.
In the global smartphone market, Android holds about 73%, while iOS holds about 27% (IDC/Statista, 2025). Of WhatsApp's 3.14 billion monthly active users, 73% are on Android (according to Demand Sage). In India, WhatsApp covers 854 million users, with over 95% Android penetration. In Brazil, there are 148 million users, with 81% on Android, and in Indonesia, there are 112 million users, with 87% on Android.
WhatsApp's dominance in the global communication market is built on Android. Signal, with a monthly active user base of around 85 million, also relies mainly on privacy-conscious users in Android-dominant countries.
X Chat circumvented this battlefield, with two possible interpretations. One is technical debt; X Chat is built with Rust, and achieving cross-platform support is not easy, so prioritizing iOS may be an engineering constraint. The other is a strategic choice; with iOS holding a market share of nearly 55% in the U.S., X's core user base being in the U.S., prioritizing iOS means focusing on their core user base rather than engaging in direct competition with Android-dominated emerging markets and WhatsApp.
These two interpretations are not mutually exclusive, leading to the same result: X Chat's debut saw it willingly forfeit 73% of the global smartphone user base.
This matter has been described by some: X Chat, along with X Money and Grok, forms a trifecta creating a closed-loop data system parallel to the existing infrastructure, similar in concept to the WeChat ecosystem. This assessment is not new, but with X Chat's launch, it's worth revisiting the schematic.
X Chat generates communication metadata, including information on who is talking to whom, for how long, and how frequently. This data flows into X's identity system. Part of the message content goes through the Ask Grok feature and enters Grok's processing chain. Financial transactions are handled by X Money: external public testing was completed in March, opening to the public in April, enabling fiat peer-to-peer transfers via Visa Direct. A senior Fireblocks executive confirmed plans for cryptocurrency payments to go live by the end of the year, holding money transmitter licenses in over 40 U.S. states currently.
Every WeChat feature operates within China's regulatory framework. Musk's system operates within Western regulatory frameworks, but he also serves as the head of the Department of Government Efficiency (DOGE). This is not a WeChat replica; it is a reenactment of the same logic under different political conditions.
The difference is that WeChat has never explicitly claimed to be "end-to-end encrypted" on its main interface, whereas X Chat does. "End-to-end encryption" in user perception means that no one, not even the platform, can see your messages. X Chat's architectural design does not meet this user expectation, but it uses this term.
X Chat consolidates the three data lines of "who this person is, who they are talking to, and where their money comes from and goes to" in one company's hands.
The help page sentence has never been just technical instructions.
App