Back to Ohio

HB648 • 2026

Regulate digital asset kiosks; register as money transmitters

Regulate digital asset kiosks; register as money transmitters

Passed Legislature

This bill passed both chambers and reached final enrollment, even if later executive action is not shown here.

Sponsor
Matthew Kishman
Last action
Official status
As Introduced
Effective date
Not listed

Plain English Breakdown

Using official source text because the generated explanation was unavailable or could not be confirmed against the official bill text.

Regulate digital asset kiosks; register as money transmitters

To amend sections 1315.05 and 1315.18 and to enact sections 1349.57, 1349.571, 1349.572, 1349.573, 1349.574, 1349.575, 1349.576, 1349.577, 1349.578, 1349.579, 1349.5710, 1349.5711, and 1349.5712 of the Revised Code to establish regulations for digital asset kiosks and require they be registered as money transmitters.

What This Bill Does

  • To amend sections 1315.05 and 1315.18 and to enact sections 1349.57, 1349.571, 1349.572, 1349.573, 1349.574, 1349.575, 1349.576, 1349.577, 1349.578, 1349.579, 1349.5710, 1349.5711, and 1349.5712 of the Revised Code to establish regulations for digital asset kiosks and require they be registered as money transmitters.

Limits and Unknowns

  • This entry is temporarily using official source text because the generated explanation could not be confirmed against the official bill text during the last sync.

Bill History

  1. Ohio Legislature

    As Introduced

Official Summary Text

To amend sections 1315.05 and 1315.18 and to enact sections 1349.57, 1349.571, 1349.572, 1349.573, 1349.574, 1349.575, 1349.576, 1349.577, 1349.578, 1349.579, 1349.5710, 1349.5711, and 1349.5712 of the Revised Code to establish regulations for digital asset kiosks and require they be registered as money transmitters.

Current Bill Text

Read the full stored bill text
As Introduced

136th
General Assembly

Regular
Session
H. B. No. 648

2025-2026

Representatives Kishman, Miller, M.

Cosponsors: Representatives Salvo,
Brennan

To
amend sections 1315.05

and

1315.18 and to enact sections 1349.57, 1349.571, 1349.572, 1349.573,
1349.574, 1349.575, 1349.576, 1349.577, 1349.578, 1349.579,
1349.5710, 1349.5711,

and

1349.5712 of the Revised Code
to
establish regulations for digital asset kiosks and require they be
registered as money transmitters.

BE
IT ENACTED BY THE GENERAL ASSEMBLY OF THE STATE OF OHIO:

Section
1.
That
sections 1315.05

and

1315.18 be amended and sections 1349.57, 1349.571, 1349.572,
1349.573, 1349.574, 1349.575, 1349.576, 1349.577, 1349.578, 1349.579,
1349.5710, 1349.5711,

and

1349.5712 of the Revised Code be enacted to read as follows:

Sec.
1315.05.
Each
licensee, at all times, shall meet
both

all

of
the following requirements:

(A)
Be a legally established business entity that is capitalized
separately and distinctly from every other legal entity and qualified
to do business in this state;

(B)
Have a minimum net worth of not less than five hundred thousand
dollars, calculated according to generally accepted accounting
principles, but excluding any assets that the superintendent of
financial institutions disqualifies and including any off-balance
sheet liabilities that the superintendent requires
.
;

(C)

Maintain a detailed plan and accounting as to how the licensee shall
engage in winding down operations and shall provide the plan and
accounting to the superintendent of financial institutions upon
request. The plan and accounting shall contain the following, at
minimum:

(1)
A record showing that the licensee's minimum net worth and reserves
are sufficient to prevent losses to consumers and purchasers and to
repay any outstanding obligations or accounts payable;

(2)
Procedures to ensure that, after winding down operations, the
licensee shall not retain any consumer funds, purchaser funds, or
other client funds;

(3)
A plan demonstrating that consumers shall have access to consumer
funds in the licensee's custody;

(4)
Detailed instructions informing consumers how they may withdraw
consumer funds upon request;

(5)
Any other records and information requested by the superintendent
regarding winding down operations.

(D)

No licensee shall fail to comply with this section.

Sec.
1315.18.
(A)
A licensee that ceases to do business in this state shall do so in
accordance with a plan approved by the superintendent of financial
institutions or pursuant to directions issued by the superintendent
in connection with the revocation or suspension of the licensee's
license pursuant to section 1315.151 of the Revised Code.

The plan shall be delivered in writing to the superintendent at least
thirty business days prior to the effective date of the proposed
cessation. The plan shall require the licensee to:

(1)
Provide written notice to all consumers, purchasers, and users of the
licensee of the proposed cessation, and the date of the proposed
cessation, at least thirty business days prior to the date of the
proposed cessation;

(2)
Provide all consumers, purchasers, and users of the licensee with
detailed final accounting of the consumers', purchasers', and users'
accounts;

(3)
Remit all money held in the custody of the licensee on behalf of
consumers, purchasers, and users to such consumers, purchasers, and
users.

(B)
When a licensee ceases to do business in this state, if the
superintendent considers it necessary to protect the interests of the
licensee's customers, the superintendent may do either of the
following:

(1)
Take control of permissible investments or other assets owned by the
licensee equal in value to the licensee's outstandings in this state;

(2)
Require the sale of the licensee's contracts for continuing services
or require the licensee's termination of those contracts with
compensation to the customers for loss of the services.

(C)
No licensee shall fail to comply with this section.

Sec.
1349.57.
As
used in sections 1349.57 to 1349.5711 of the Revised Code:

(A)(1)
"Digital asset" means any type of digital unit that is used
as a medium of exchange or a form of digitally stored value or that
is incorporated into payment system technology.

(2)
"Digital asset" includes digital units of exchange that
meet the following:

(a)
Have a centralized repository or administrator;

(b)
Are decentralized and have no centralized repository or
administrator;

(c)
May be created or obtained by computing or manufacturing effort.

(3)
"Digital asset" does not include digital units of exchange
that are used as follows:

(a)
Solely within online gaming platforms with no market or application
outside of such gaming platforms;

(b)
Exclusively as part of a consumer affinity or rewards program, and
can be applied solely as payment for purchases with the issuer or
other designated merchants, but cannot be converted into or redeemed
for fiat currency.

(B)
"Digital asset address" means an alphanumeric identifier
representing a destination for a digital asset transfer that is
associated with a digital asset wallet.

(C)
"Digital asset kiosk" means an electronic terminal acting
as a mechanical agent of the owner or operator to enable the owner or
operator to facilitate the exchange of digital assets for fiat
currency or other digital assets, including by connecting directly to
a separate digital asset exchanger that performs the actual digital
asset transmission, or by drawing upon the digital assets in the
possession of the owner or operator of the electronic terminal.

(D)
"Digital asset wallet" means a software application or
other mechanism providing a means for holding, storing, and
transferring digital assets.

(E)
"Existing customer" means a consumer who is engaging in a
transaction at a digital asset kiosk in this state and who has been
registered as a customer of the owner or operator for seventy-two
hours or more.

(F)(1)
"Linked identifier" means any identifier or data point that
the owner or operator of a digital asset kiosk designates in its
written, risk-based anti-money-laundering and fraud prevention
program as reasonably capable of associating two or more transactions
with the same customer or related customers for the purpose of
section 1349.5711 of the Revised Code.

(2)
"Linked identifier" may include any combination of customer
accounts or profiles, telephone numbers, electronic mail addresses,
device identifiers, payment instructions or funding sources, or
digital asset wallets or addresses.

(G)
"New customer" means a consumer who is engaging in a
transaction at a digital asset kiosk in this state and who has been
registered as a customer of the owner or operator for less than
seventy-two hours.

Sec.
1349.571.
A
person who owns, operates, solicits, markets, advertises, or
facilitates digital asset kiosks in this state is deemed to be
engaged in money transmission and require licensure pursuant to
Chapter 1315. of the Revised Code.

Sec.
1349.572.
Prior
to entering into an initial transaction for, on behalf of, or with a
customer, a digital asset kiosk owner or operator shall disclose in
clear and conspicuous writing in the English language all material
risks associated with its products, services, and activities and with
digital assets generally. The disclosures shall provide substantially
all of the following information:

(A)
A disclosure to be acknowledged by the customer, provided separately
from other disclosures required under this section, written
prominently and in bold type stating the following:

"WARNING:
NO GOVERNMENTAL ENTITY OR FINANCIAL INSTITUTION WILL ASK YOU TO USE
THIS MACHINE FOR PAYMENT OF DEBTS OR FINES. LOSSES DUE TO FRAUDULENT
OR ACCIDENTAL TRANSACTIONS MAY NOT BE RECOVERABLE AND TRANSACTIONS IN
DIGITAL ASSETS ARE IRREVERSIBLE."

(B)
That digital assets are not backed or insured by the government and
accounts and value balances are not subject to federal deposit
insurance corporation, national credit union administration, or
securities investor protection corporation protections;

(C)
That some digital asset transactions shall be deemed to be made when
recorded on a public ledger, which is not necessarily the date or
time that the customer initiates the transaction;

(D)
That the value of digital assets may be derived from the continued
willingness of market participants to exchange fiat currency for
digital assets, which may result in the potential for permanent and
total loss of value of a particular currency should the market for
that digital asset disappear;

(E)
That there is no assurance that a person who accepts digital assets
as a payment today will continue to do so in the future;

(F)
That the volatility and unpredictability of the price of digital
assets relative to fiat currency may result in significant loss over
a short period of time;

(G)
That the nature of digital assets may lead to an increased risk of
fraud or cyberattack;

(H)
That the nature of digital assets means that any technological
difficulties experienced by the digital asset kiosk owner or operator
may prevent the access or use of a customer's digital assets;

(I)
That any bond or trust account maintained by the digital asset kiosk
owner or operator for the benefit of its customers may not be
sufficient to cover all losses incurred by customers;

(J)
That digital asset transactions are irreversible and are used by
persons seeking to defraud customers, including a person
impersonating a customer's loved one, threatening jail time, stating
that a customer's identity has been stolen, insisting that a customer
withdraw money from the customer's bank account and purchase digital
assets, or alleging that a customer's personal computer has been
hacked.

Sec.
1349.573.
Prior
to entering into an initial transaction for, on behalf of, or with a
customer, a digital asset kiosk owner or operator shall disclose in
clear and conspicuous writing in the English language, whether in
accessible terms of service or elsewhere, all relevant terms and
conditions associated with its products, services, and activities and
with digital assets generally. The disclosures shall provide
substantially all of the following information:

(A)
The customer's liability for unauthorized digital asset transactions;

(B)
The customer's right to stop payment of a preauthorized digital asset
transfer and the procedure used to initiate a stop payment order;

(C)
Under what circumstances the digital asset kiosk owner or operator
will, absent a court or government order, disclose information
concerning the customer's account to third parties;

(D)
The requirement that the digital asset kiosk owner or operator
communicate to the customer what customer information may be
disclosed to third parties;

(E)
The customer's right to receive a physical, provisional confirmation
for a digital asset transaction at the time the transaction is
initiated, and a final receipt upon completion of the transaction
that complies with section 1349.576 of the Revised Code;

(F)
Upon any changes in the rules or policies of the digital asset kiosk
owner or operator, the customer's right to consent to such changed
rules or practices prior to performing any transaction after such
change.

Sec.
1349.574.
Prior
to entering into each transaction for, on behalf of, or with a
customer, a digital asset kiosk owner or operator shall disclose in
clear and conspicuous writing in the English language, in at least
twenty-four point sans serif font, the terms and conditions of the
digital asset transaction, including:

(A)
The amount of the transaction;

(B)
Any fees, expenses, and charges borne by the customer, including
applicable exchange rates;

(C)
The type and nature of the digital asset transaction;

(D)
A warning that, once executed, the digital asset transaction may not
be undone, if applicable, provided that transactions subject to
section 1349.577 of the Revised Code are cancelable during the
seventy-two-hour hold period;

(E)
A daily digital asset transaction limit in accordance with section
1349.578 of the Revised Code;

(F)
The difference in the sale price of the digital asset versus the
current market price.

Sec.
1349.575.
The
owner or operator of a digital asset kiosk shall ensure that each
customer acknowledges receipt of all disclosures required under
sections 1349.572 to 1349.574 of the Revised Code.

Sec.
1349.576.
(A)
The owner or operator of a digital asset kiosk shall, upon the
completion of any digital asset transaction, provide to the customer
a receipt containing the following information:

(1)
The name of, and contact information for, the owner or operator of
the digital asset kiosk, including the owner's or operator's business
address and a customer service telephone number established by the
owner or operator to answer questions and register complaints;

(2)
The name of the customer;

(3)
The type, value, date, and precise time of the digital asset
transaction, and each digital asset address;

(4)
The amount of the digital asset transaction expressed in United
States currency;

(5)
The full unique transaction hash or identification number;

(6)
The public digital asset address of the customer;

(7)
The digital asset kiosk's:

(a)
Nationwide multistate licensing system unique identifier;

(b)
Ohio money transmitter license number;

(c)
RSSD ID number assigned by the board of governors of the federal
reserve system, if applicable.

(8)
Any fee charged, including any fee charged directly or indirectly by
the owner or operator of the digital asset kiosk or a third party
involved in the digital asset transaction;

(9)
The exchange rate, if applicable;

(10)
Any tax collected by the owner or operator of the digital asset
kiosk;

(11)
A statement of the liability of the owner or operator of the digital
asset kiosk for nondelivery or delayed delivery, provided that a
delay attributable solely to the seventy-two-hour hold required by
section 1349.577 of the Revised Code does not constitute nondelivery
or delayed delivery;

(12)
The name and telephone number of the department of commerce's
division of financial institutions and a statement disclosing that
the customer may contact the division with questions or complaints
about the owner's or operator's digital asset kiosk services;

(13)
Any additional information the superintendent of financial
institutions requires.

(B)
A receipt required under division (A) of this section:

(1)
Shall be provided in:

(a)
A retainable form;

(b)
The English language;

(c)
The language principally used by the owner or operator of the digital
asset kiosk to advertise, solicit, or negotiate, either orally or in
writing.

(2)
May be provided electronically if the customer requests or agrees to
receive an electronic receipt.

Sec.
1349.577.
(A)
The owner or operator of a digital asset kiosk shall place a
seventy-two-hour hold on any transaction initiated by a new customer.

(B)(1)
A new customer may cancel a transaction placed on hold under division
(A) of this section at any time during the seventy-two-hour-hold
period through procedures established by the owner or operator of the
digital asset kiosk.

(2)
Upon cancellation of a transaction placed on hold under division (A)
of this section, the owner or operator of the digital asset kiosk
shall promptly return the customer's funds, less irreversible
third-party network fees, if any.

(C)
During a hold placed pursuant to this section, neither the owner or
operator of the digital asset kiosk nor any service provider shall
provide provisional credit, vouchers, or off-chain ledger postings
that make funds or digital assets available to the customer or any
third party, or represent or certify to any person that such funds or
digital assets are available or transferable before settlement.

(D)
Nothing in this section shall be construed to require the owner or
operator of a digital asset kiosk to hold or refund transactions of
existing customers.

(E)
Nothing in this section shall be construed to prohibit the owner or
operator of a digital asset kiosk from requiring a new customer to
verify the customer's identity and provide proof of initiation, such
as a digital asset kiosk-issued transaction reference or confirmation
number, prior to canceling the transaction.

Sec.
1349.578.
The
owner or operator of a digital asset kiosk transaction shall not
allow customers to transfer more than the following amounts in a
twenty-four-hour period:

(A)
Two thousand five hundred dollars for each new customer of a digital
asset kiosk, adjusted annually in accordance with section 1349.5712
of the Revised Code;

(B)
Ten thousand five hundred dollars for each existing customer of a
digital asset kiosk, adjusted annually in accordance with section
1349.5712 of the Revised Code.

Sec.
1349.579.
(A)
The owner or operator of a digital asset kiosk shall provide a refund
of any transaction fees or commissions for any fraudulent digital
asset transaction made as the result of deception or improper
inducement if, within thirty days of the fraudulent digital asset
transaction, the customer:

(1)
Contacts the owner or operator of the digital asset kiosk and a
government or law enforcement agency to inform them of the fraudulent
nature of the digital asset transaction;

(2)
Files a report with a government or law enforcement agency
memorializing the fraudulent nature of the digital asset transaction
and provides a copy of the report to the owner or operator of the
digital asset kiosk.

(B)
A refund under this section shall be provided within ten business
days of the owner or operator of a digital asset kiosk receiving the
report required by division (A)(2) of this section.

(C)
A refund under this section shall be credited to the customer's
original funding source where practicable, or otherwise by a
commercially reasonable method requested by the customer.

(D)
If a law enforcement agency requests in writing that the owner or
operator of a digital asset kiosk temporarily refrain from issuing a
refund to avoid interference with an active investigation, the
ten-day period is tolled during the documented hold and resumes upon
withdrawal or expiration of the hold.

(E)
Nothing in this section shall be construed to require the owner or
operator of a digital asset kiosk to refund the principal amount of a
completed digital asset transfer or to limit the owner or operator of
a digital asset kiosk's ability to assist recovery from
counter-parties or law enforcement.

Sec.
1349.5710.

Each owner or operator of a digital asset kiosk shall do the
following:

(A)(1)
Verify each customer's identity using a copy of a government-issued
identification card for any of the following transactions:

(a)
A transaction of one thousand dollars or more;

(b)
Two or more related transactions totaling one thousand dollars or
more within a twenty-four-hour period.

(2)
Nothing in this section shall be construed to prohibit the owner or
operator of a digital asset kiosk from requiring identity
verification for transactions below one thousand dollars.

(3)
An owner or operator of a digital asset kiosk acts in good faith and
is not liable for a violation of division (A) of this section when
applying reasonable written procedures to identify related
transactions using linked identifiers designated under its risk-based
program. Immaterial or technical mismatches do not create liability.

(4)
As used in this section, "related transactions" means
multiple transactions that the owner or operator of a digital asset
kiosk knows or reasonably should know are connected, structured, or
split to avoid division (A)(1) of this section. "Related
transactions" includes transactions linked by one or more linked
identifiers as designated by the owner or operator of the digital
asset kiosk.

(B)
Disclose on the digital asset kiosk in clear and conspicuous writing
in the English language that identity verification may be required
for any transaction to comply with law or prevent fraud;

(C)(1)
Do all of the following regarding data collected pursuant to this
section:

(a)
Limit data collection to what is reasonably necessary to verify the
customer's identity and to comply with any applicable laws;

(b)
Securely store data collected;

(c)
Unless otherwise required by law, retain data no later than three
years from the date of the transaction or the date the customer's
account is closed, whichever is later.

(2)
Nothing in this section shall be construed to require the owner or
operator of a digital asset kiosk to retain a photographic copy of a
government-issued identification card as part of its identification
data.

(D)(1)
Use a customer's electronic mail address or telephone number for
transactional purposes only, unless the customer opts to receive
marketing materials.

(2)
Not condition access to the digital asset kiosk on agreeing to
receive marketing materials.

(3)
Allow a customer to opt out of receiving marketing materials at any
time, including by providing an option to opt out in all marketing
materials.

(4)
Not disclose a customer's electronic mail address or telephone number
without separate express consent.

(E)
Offer, during a digital asset kiosk's hours of operation, live
customer support by telephone from a telephone number prominently
displayed at or on the digital asset kiosk;

(F)(1)
Identify and speak by telephone with any new customer, flagged via a
government-issued identification card or linked identifiers as being
sixty years of age or older, attempting to perform a digital asset
transaction that equals or exceeds one thousand dollars before the
transaction may be completed.

(2)
The communication described in division (F)(1) of this section shall
be recorded. During such communication, the owner or operator shall
do all of the following:

(a)
Positively identify the new customer;

(b)
Review the new customer's stated purpose of the transaction;

(c)
Discuss types of fraudulent schemes relating to digital assets.

(3)
Approval of a transaction described in division (F)(1) of this
section is dependent upon the owner's or operator's assessment of
such communication.

(G)
Designate and employ a chief compliance officer who shall do all of
the following:

(1)
Be qualified to coordinate and monitor a compliance program to ensure
compliance with sections 1349.57 to 1349.5711 of the Revised Code and
all other applicable federal and state laws, rules, and regulations;

(2)
Be employed on a full-time basis by the owner or operator;

(3)
Not own more than twenty per cent of the digital asset kiosk owner or
operator that employs the officer.

(H)
Use full-time employees to fulfill the owner's or operator's
compliance responsibilities under federal and state laws, rules, and
regulations.

(I)
Designate linked identifiers no more broadly than reasonably
necessary. Linked identifiers shall not require collection or
retention of biometric data or identification images, except as
permitted for transient automated verification or where required by
law.

Sec.
1349.5711.
A
person shall not structure or cause transactions to be structured to
evade the identification requirements set forth in division (A) of
section 1349.5710 of the Revised Code.

Sec.
1349.5712.
(A)
The superintendent of financial institutions may, in accordance with
Chapter 119. of the Revised Code, adopt reasonable rules to
administer and enforce sections 1349.57 to 1349.5711 of the Revised
Code.

(B)
Beginning January 1, 2027, and on the first day of January every year
thereafter, the superintendent of financial institutions shall adopt
rules to annually adjust the transaction limits established in
section 1349.578 of the Revised Code by the rate of inflation for the
twelve-month period ending in September of the prior year according
to the consumer price index or its successor index.

Section
2.
That
existing sections 1315.05

and

1315.18 of the Revised Code are hereby repealed.