Stablecoin sanctions compliance is often described as a control problem. Sanctioned addresses are identified, added to a blacklist or frozen, and prevented from moving funds further. That model is directionally useful, but it leaves out one critical layer. A freeze action on a public blockchain is not a magic switch. It is still a transaction that must be ordered, included, and executed before the sanctioned party’s transfer succeeds.
That is the uncomfortable finding behind the March 2026 research paper Ordering Power is Sanctioning Power: Sanction Evasion-MEV and the Limits of On-Chain Enforcement. The paper argues that centralized stablecoin issuers may have contract-layer authority to freeze assets, but that authority still depends on execution-layer infrastructure where transaction ordering is shaped by economic incentives.
In other words, freeze capability is not the same as freeze certainty.
When Freeze Authority Meets Transaction Ordering
When a sanctioned entity is identified, a stablecoin issuer may submit a freeze transaction to the blockchain. However, if the sanctioned address has already submitted a transfer transaction, the outcome may depend on which transaction gets executed first.
That is where the research introduces the concept of Sanction-Evasion MEV, or SE-MEV. MEV normally refers to the value that can be extracted by controlling transaction ordering. In this case, the value comes from deciding whether the freeze or the evader’s transfer gets priority. The paper’s core claim is simple. When enforcement actions and evasion transfers compete for ordering, block producers and related infrastructure actors can become economically relevant to the outcome of sanctions enforcement.
This matters because the compliance system may have done the “right” thing operationally. The address may be known. The risk may be clear. The legal basis may exist. The issuer may act, but if the transfer is ordered before the freeze, the funds can still move.
This introduces a new type of risk for sanctions teams. Not only is there screening and investigation risk, but now there is also enforcement risk at the execution layer.
Pre-Freeze Movement is Becoming a Compliance Signal
The paper analyzes Ethereum-based USDT and USDC sanctions enforcement and evasion from November 2017 through August 2025. According to the authors, the dataset covers more than $1.5 billion in frozen value. However, the same dataset also shows that some sanctioned addresses had already been drained before enforcement became effective. At least 7.3% of sanctioned USDT addresses and 18.7% of sanctioned USDC addresses had zero balances before the freeze took effect.
The study does not claim that every sanctions failure is a dramatic same-block race. That distinction is important. A lot of capital flight can happen before sanctions become effective. It goes through a slower strategic migration rather than last-second MEV competition. When true race conditions occur, the financial value can be material.
The paper describes an escalation path. The issuer-side failures include out-of-gas transactions, public gas auctions, private order flow, and direct payments to block producers. That means sophisticated evaders may not simply “move fast.” They may use the same transaction-priority infrastructure that already powers advanced DeFi execution.
The uncomfortable implication is that stablecoin enforcement does not end at the smart contract. It passes through mempools, builders, relays, validators, private submission routes, and the incentives that connect them.
MEV Turns Infrastructure Into an Enforcement Variable
Ethereum’s current execution environment already separates parts of the block-production process. Flashbots describes MEV-Boost as middleware that lets validators access a competitive block-building market, where builders produce blocks containing transaction order flow and a fee for the validator. Relays then aggregate blocks and identify the most profitable block to submit to the proposer.
Ethereum.org explains proposer-builder separation in a similar way. Block builders create blocks, and block proposers typically choose the most profitable blocks. The proposer may not see the contents of the block before choosing it.
This may sound like an infrastructure detail for normal users. It is much more than that for sanctions enforcement.
If the freeze and the transfer are both ordinary transactions and transaction priority is economically mediated, the enforcement outcome may depend on actors outside the issuer’s legal and compliance department. A freeze action is no longer only a compliance workflow. It becomes a transaction-ordering event.
That is why the paper’s title is so sharp: ordering power is sanctioning power.
Stablecoin Scale Raises the Stakes for Ordering Risk
The timing matters. Stablecoins are no longer a narrow crypto-market utility. A Federal Reserve note published in April 2026 states that stablecoin market capitalization reached $317 billion as of April 6, 2026, representing more than 50% growth since early 2025. The same note points to growing transaction volume, DeFi usage, complex intermediation chains, vertical integration, and expanding links with traditional financial infrastructure.
At the same time, the regulatory perimeter around payment stablecoins is getting more explicit. The GENIUS Act defines a “lawful order” as an order that can require a person to seize, freeze, burn, or prevent the transfer of payment stablecoins, and it requires foreign payment stablecoin issuers making stablecoins available in the United States to have the technological capability to comply with lawful orders.
FinCEN’s April 2026 proposed rule goes further into operational detail. It would require permitted payment stablecoin issuers to maintain technical capabilities, policies, and procedures to block, freeze, and reject impermissible transactions, including activity involving third parties where the transaction interacts with the issuer’s smart contract.
This creates tension that compliance teams cannot ignore. Regulators are increasingly focused on whether issuers have technical capabilities to freeze, block, reject, burn, or comply with lawful orders. The March 2026 research asks a different but related question: what happens when the technical capability exists, but the enforcement transaction loses the ordering race?
The Gap Between Legal Authority and On-Chain Execution
It would be too narrow to read this research as a criticism of stablecoin issuers only. The deeper point is structural.
OFAC guidance for the virtual currency industry already encourages risk-based sanctions programs, sanctions list and geographic screening, transaction monitoring, investigation tools, blockchain analytics, and historical lookbacks after OFAC lists a virtual currency address.
Those controls remain necessary, but they mostly address identification, detection, investigation, and response. They do not fully answer the ordering problem.
A complete sanctions compliance workflow now has to think across at least four layers:
- Detection — Is the address, entity, exposure, jurisdiction, or transaction pattern identified quickly enough?
- Decisioning — Is there a legal or policy basis for escalation, blocking, freezing, rejection, or reporting?
- Execution — Can the enforcement action be submitted, prioritized, and finalized before the funds move?
- Documentation — Can the team reconstruct what happened, when it happened, what was known, what action was taken, and why the outcome followed?
The third layer is where the research adds something important. It shows that even a strong sanctions program may face a hidden failure mode if it does not understand how enforcement interacts with transaction-ordering infrastructure.
Practical Controls for Stablecoin Sanctions Compliance
The practical lesson is not “freezes do not work.” That would be the wrong conclusion.
Freezes, blocks, rejects, burns, and lawful-order workflows are becoming more central to stablecoin compliance, not less. The better conclusion is that compliance teams should stop treating freeze capability as a binary control.
A more useful question is:
How quickly, reliably, and defensibly can the organization move from risk detection to enforceable on-chain action, and how does it document the outcome if that action is contested by transaction ordering?
For stablecoin issuers and VASPs, this points to several operational priorities:
Monitor latency between trigger, decision, submission, and finalization. If an address is identified as sanction-relevant, every delay between detection and execution can matter.
Watch for pre-freeze movement patterns. Some outflows may be strategic migration rather than same-block racing, but both are relevant to case review.
Treat private order flow as part of the risk context. If evaders can use private channels or specialized execution routes, public mempool visibility alone may not be enough.
Preserve evidence around sequencing. Compliance and investigation teams need to explain not just where funds moved but also when key enforcement and transfer actions entered the workflow and how they were ordered.
Separate legal authority from realized enforcement. A team may have authority to freeze and still need to explain why a freeze did or did not capture funds in time.
None of this replaces legal review, sanctions screening, blockchain analytics, or standard AML/CFT controls. It adds a missing operational layer: sequencing and execution context.
Why Timing Context Matters in Sanctions Investigations
For investigators, the issue is equally important. When funds leave a sanctioned or soon-to-be-frozen address, the first question is not only “where did they go?” It is also “what happened around the enforcement window?”
A defensible investigation should be able to reconstruct the following:
- The first observed risk signal
- The sanction or lawful-order trigger,
- The timing of the issuer or intermediary action
- Competing transfers from the address
- Public or private transaction routes that are observable
- Gas and priority behavior
- Downstream movement after the freeze failed or succeeded
- The evidentiary limits of what can be proven from available data
This is where a visual investigation workflow becomes valuable. Teams need to connect on-chain movement, entity risk, transaction sequencing, case notes, and reporting into one reviewable narrative. The goal is not just to “find the funds.” The goal is to explain what happened in a way that another investigator, compliance reviewer, counsel, or regulator can follow.
That distinction matters. In sanctions-sensitive cases, a graph without timing context can be misleading. A timeline without risk context can be incomplete. A report without evidentiary boundaries can overstate certainty.
From Address Screening to Execution-Aware Compliance
The March 2026 paper should be read carefully. It is an arXiv preprint, and its empirical work focuses on Ethereum-based USDT and USDC through August 2025. It should not be treated as the final word on every stablecoin, every chain, or every sanctions scenario.
The central insight is strong. Stablecoin sanctions enforcement is not only a matter of issuer authority, it is also a matter of blockchain execution.
As stablecoins become more embedded in payments, DeFi, cross-border settlement, and regulated financial infrastructure, compliance teams will need a more precise model of enforcement risk. Screening tells you who may be risky. Smart contracts may provide the power to freeze, but ordering determines whether the freeze arrives before the funds leave.
That is the hidden infrastructure vulnerability.
For compliance teams, the next step is clear. Sanctions workflows need to account not only for addresses and lists but also for timing, sequencing, transaction priority, and defensible documentation.
Explore how Caudena helps investigation and compliance teams connect on-chain activity, risk context, and defensible case review.