The code may be there to create systems that can adjust privacy settings, but regulators may not yet be convinced.
In the past year, crypto and blockchain have become increasingly embraced by traditional institutions. Digital currencies are now praised by business leaders for their potential to save in cross-border payments and drive efficiency in financial flows. Blockchain, as a public and verifiable ledger, can also help with audits and reporting, providing enhanced insight to help flag bad actors in supply chains.
But blockchain’s transparency can also be a sticking point for adoption. While it appeals to crypto natives, some businesses are put off, driven by the need to protect sensitive operational data from competitors and the public. According to Circle’s CBO, Kash Razzaghi, payroll and supply chain finance are particular points of concern, as exposing recipient data can become a security risk.
In December 2025, Circle and Aleo announced the launch of USDCx, a new “privacy-wrapped stablecoin” that seemed to address the transparency trade-off. Unlike Circle’s USDC, which operates on public blockchains, the new private stablecoin uses zero-knowledge cryptography to allow for shielded payments. USDCx joins a number of initiatives that create systems of programmable privacy, allowing institutions to choose their levels of privacy according to need. While payroll is earmarked as a particularly critical use case, the optionality to go private could open doors for more traditional institutions looking at tokenization while still remaining compliant with regulation.
Coding in optionality
For its advocates, the Web3 technologies that allow privacy-preserving features in digital assets are a breakthrough. “For the first time in the history of money, you can create a privacy-preserving digital currency which is based on software rather than fancy hardware,” Jonas Gross, chairman of the Digital Euro Association, told Sandmark.
In crypto’s early days, projects like Bitcoin aimed to build money that was both permissionless and private, but developers struggled to design assets and networks that achieved both. In recent years, developments in zero-knowledge tools and a reworking of blockchain infrastructure have allowed for privacy to be used without compromising functionality. Privacy coins, like Zcash and Monero, which once took hours to complete a transaction, now have speeds similar to other currencies.
The option for cash-like privacy within digital currencies can be appealing to privacy-conscious consumers. As cash payments continue to decline, there have been few options left that shield payment details. However, in the traditional finance space, “privacy-preserving tech is rather a bug than a feature,” continued Gross. Financial institutions and businesses alike have to operate under strict regulatory regimes that require collecting data for money laundering and customer identity checks.
“The regulator is going to tell you to do one” if you attempt to make all transactions private, said Boris Bohrer-Bilowitzki, CEO of Concordium, a privacy-preserving blockchain. Concordium builds zero-knowledge proofs directly into its base layer and incorporates an identity system, so that users can prove things like age, residency or KYC status without revealing full identity data.
Smart contract risk
The Canton Network approaches the problem by creating a “network of networks”, creating smaller, private ledgers of data within a global one. Melvis Langyintuo, Executive Director of the Canton Foundation, explained in an interview with Sandmark that this creates privacy while allowing for a composability of different functions using smart contracts that interact with the broader network. Canton has collaborated with the likes of JP Morgan, HSBC and Lloyds to build out blockchain capabilities.
While the developments allowing privacy functions on permissionless blockchains are promising, they come with new elements of risk. Smart contracts remain one of the most fragile parts of crypto, with security firms estimating DeFi exploits in 2025 racking up over $500mn (£385mn) in losses due to bugs in logic and coordinated attacks.
Despite the risk vectors being a potential stumbling block, the main point of contention is regulatory. Moves by regulators in South Korea and Japan have called for a delisting of privacy coins. While programmable privacy may technically be able to deliver full transparency for supervisors while still protecting data when needed, many observers doubt regulators will come around quickly. In America, recent changes in digital asset laws point to more transparency within blockchain-based development rather than the opposite. “We have made tremendous progress when it comes to the technology side, but it needs regulatory alignment,” said Gross.