Coinbase updated its User Agreement on May 15, 2026 to introduce provisions for 'Secured USDC,' a new feature tied to the Coinbase One Card. Under the previous terms, Coinbase could not sell, transfer, or loan digital assets except as required by law or when you instructed it to do so. The updated agreement now explicitly permits Coinbase to transfer USDC designated as 'Secured USDC' to a third party (the secured party) without your further consent, and restricts you from withdrawing or transferring such designated assets. The secured party's instructions will be followed by Coinbase regardless of conflicting instructions you may provide.
The updated terms establish a new arrangement for USDC designated as 'Secured USDC' in connection with the Coinbase One Card. Under the revised language, if you designate USDC in your wallet as Secured USDC, you agree that Coinbase may transfer that amount to a third party designated as the secured party, and you will be restricted from withdrawing or transferring those funds. Additionally, the secured party's instructions to Coinbase regarding those assets take priority over any conflicting instructions you provide. The agreement states that you consent to all such permitted transfers. This arrangement operates independently of amounts owed to Coinbase, meaning Secured USDC will not be debited to satisfy debts you owe to Coinbase.
The revised terms establish a new contractual framework that separates operational control of designated assets from user ownership. By agreeing to use Secured USDC, you authorize Coinbase to transfer those funds to a third party and to prioritize that party's instructions over yours. This shifts the traditional custodial model where the asset holder controls withdrawal and transfer instructions, and may engage regulatory frameworks governing custody, lending, and consumer protection depending on how the feature is implemented and whether it involves credit extension.
→ If you designate USDC as Secured USDC without understanding the terms, Coinbase will restrict your ability to withdraw or transfer those funds and will follow the secured party's instructions regardless of your own.
→ The updated terms will apply to any USDC you designate as Secured USDC, and you will not be able to reverse the subordination of control without coordination with the secured party.
This is the 4th significant Rights Removal change Coinbase has made since ConductAtlas began monitoring.
ConductAtlas has recorded 5 material changes to this document over 69 days of monitoring (since March 2026). An additional minor or cosmetic changes were excluded.
3 of Coinbase's significant changes have been classified as negative for consumers.
Permits Coinbase to transfer USDC designated as Secured USDC to a third-party secured party without user consent, and subordinates user instructions to the secured party's instructions.
Users agree they will be restricted from withdrawals or transfers of USDC designated as Secured USDC.
Secured USDC will not be debited by Coinbase for amounts owed by the user, although it may be transferred to the third party as described in the One Card agreement.
This change record describes what was added, removed, or modified in the document. Analysis reflects what the updated agreement states or permits. It does not constitute a legal determination about enforceability. Applicability may vary by jurisdiction. Methodology
By using Secured USDC, you consent to Coinbase transferring those funds to a third party and following that party's orders instead of yours if they conflict.
Coinbase has introduced a new contractual framework for a security-deposit feature tied to its One Card product. The updated terms authorize Coinbase to comply with instructions from a third-party secured party regarding designated USDC assets, overriding user instructions where they conflict. This creates a novel custodial arrangement within consumer terms where the user retains nominal wallet ownership but operational control is subordinated to a third party. Regulators monitoring digital asset custody, consumer lending, and payment card programs (CFPB, OCC, state regulators) may assess whether this arrangement triggers additional disclosures, reserve requirements, or consumer protection obligations. The feature appears to implement a security-deposit mechanism for credit extension, which may engage lending and deposit regulations depending on jurisdictional interpretation.
CFPB (unfair or deceptive acts or practices under the FTC Act Section 5; Regulation Z if credit is involved), OCC (if Coinbase operates or partners with a bank), state banking regulators (custody and security deposit standards), FinCEN (AML/KYC for asset transfers to third parties)
Full compliance analysis
Obligation analysis, escalation trigger, board language, and recommended action.
Monitor: regulatory citations + obligations. Compliance: full compliance memo.
ConductAtlas provides verified policy intelligence sourced directly from platform documents. All analysis is intended to support, not replace, legal and compliance review. Record CA-C-002110.
See the full side-by-side comparison of every sentence added, removed, and modified.
🔒 Full diff — MonitorCoinbase added a new section to its User Agreement describing Third-Party Liquid Staking Tokens (LSTs) and how they operate when …
Coinbase removed two sentences from its Fee Schedule on May 21, 2026: 'Need more help?' and 'Start a chat Chat …
Coinbase's User Agreement includes a mandatory arbitration clause that most users may not have reviewed. Here is what the clause states and…
ConductAtlas detected a major restructuring of Meta’s privacy policy that removed detailed consumer rights disclosures and relocated them t…
ConductAtlas tracked the restructuring, new disclosures, and entity changes that followed the largest privacy fine in EU history.
Get alerted when this policy changes again — including what changed and why it matters.
Prefer a weekly summary instead?
Get the biggest policy changes across 320+ platforms every Sunday.