Summary

Requires operators of physical virtual-currency kiosks (crypto ATMs) to register kiosk locations and submit regular address lists to the Treasury, adopt and file anti-fraud and customer-protection policies with FinCEN, provide physical receipts and a customer refund process, and designate law-enforcement contacts. It creates new definitions and a new regulatory section with reporting, consumer‑protection, blockchain‑analytics, verbal‑confirmation, transaction‑limit, and customer‑service requirements, and imposes hefty civil penalties and enhanced damages for willful violations. All amendments take effect 90 days after enactment, and the law sets additional phased compliance deadlines (e.g., address reporting, policy filings, and receipts) after that effective date.

• Operators of physical virtual‑currency kiosks must regularly register and report every kiosk's U.S. physical address and related virtual‑currency addresses to Treasury/FinCEN.
• Operators must submit anti‑fraud policies and law‑enforcement contact information to FinCEN shortly after the law takes effect or after beginning operations.
• Kiosk operators must provide physical receipts (within one year) and issue refunds within 30 days of a customer request, with heavy penalties for willful denial.
• The law requires blockchain analytics, verbal confirmation steps, transaction limits, and other consumer‑protection measures at kiosks.
• Civil penalties of $10,000 per violation per day can be assessed; willful refund denials can trigger treble damages or a $10,000 minimum award.
• Federal law preempts conflicting State laws but allows States to enact stronger consumer protections.
• All provisions take effect 90 days after enactment; many compliance deadlines are timed from that effective date (e.g., periodic address reporting every 90 days).
• FinCEN and Treasury receive expanded oversight, reporting, and enforcement responsibilities for kiosk operators.