The Humanitarian Blockchain That Works Is the One You Never See 

• The permissioned coordination ledger (WFP’s Building Blocks) scaled into the hundreds of millions, and its strongest payoff is preventing duplicate assistance, while the public-chain stablecoin rail that got the headlines (UNHCR on Stellar) has moved $4.6m since 2022 and remains a pilot.
• Stablecoins earn their place narrowly, in corridors where banking is absent, illegal, dangerous, or politically severed, which is what Mercy Corps’ Syria, Afghanistan and Kenya pilots actually demonstrate.
• The chain is the easy part. Off-ramping, identity, inclusion and compliance decide whether a programme works, and the strongest 2026 designs treat offline access for people without smartphones as architecture rather than an afterthought.
• The dominant risk is operational, not cryptographic. Chainalysis logged $17bn in scams and $3.4bn in hacks in 2025, mostly from human and operational failure, so custody design, sanctions screening and licensed partners matter more than which chain you pick.
• Compliance has tightened (MiCA, the EU travel rule, UK CARF), pushing NGOs to work through licensed custodians and CASPs rather than become their own exchange, because the moment value converts back to local cash, regulated intermediaries reappear anyway.

Two numbers describe the state of blockchain in humanitarian aid more honestly than any conference panel. WFP’s permissioned ledger, Building Blocks, has moved more than $760 million through over 40 million beneficiary transactions and now touches around six million people, while UNHCR’s public-chain stablecoin rail on Stellar, the programme that won Paris Blockchain Week’s impact award and generated most of the sector’s press, has delivered $4.6 million since December 2022. The thing that scaled is a private database beneficiaries never experience as crypto, and the thing the industry keeps selling as the future of aid has moved a rounding error.

That gap is the whole story, because it is not a like-for-like comparison and the sector mostly pretends it is. Building Blocks is a coordination and settlement ledger that sits behind cash and food assistance, where the blockchain is a shared accounting layer between agencies rather than a token in anyone’s pocket. UNHCR’s Stellar work is the genuinely crypto-native model, with dollar stablecoins landing in recipient wallets and cashing out through MoneyGram or a bank. One of these is barely “crypto” and has scaled into the hundreds of millions, the other is properly on-chain and remains a pilot four years on. Any serious read of blockchain for humanitarian aid in 2026 starts by holding those two facts at once, rather than collapsing them into a single adoption curve that does not exist.

The database that scaled was never really crypto

Building Blocks earns its numbers by solving a problem that has nothing to do with price exposure or self-custody. When a dozen agencies assist the same population in the same crisis, they duplicate registrations, overlap transfers, and lose the ability to see who has received what, and the cost of that fragmentation is enormous. WFP’s Building Blocks started in 2017 as a way to settle cash-for-food transactions for Syrian refugees in Jordan without routing every payment through local banks, which saved roughly $3.5 million in fees and served more than a million refugees in Jordan and Bangladesh. The early framing was efficiency, the back end was a permissioned blockchain integrated with UNHCR’s iris authentication, and the refugee experience at the till never changed.

New Scam Prevention Course. Never make a rushed crypto decision again.

The metric that now anchors the programme has shifted from money moved to money not wasted. In Ukraine, where the system coordinates assistance across the response rather than disbursing it, Building Blocks has prevented an estimated $270 million of unintended overlap through 2025, and WFP reports that the platform processed data for 4.8 million unique households and flagged 855,000 duplicate cases between 2022 and 2024. In 2025, 159 organisations across Ukraine, Syria and Palestine used the network to align who they were paying. That is the strongest quantitative evidence base in the field, and it points at deduplication and inter-agency coordination, not at putting crypto in beneficiaries’ hands.

It is worth being blunt about why this design works where flashier ones stall. No names, dates of birth, or biometrics sit on the chain, because the ledger uses pseudonymous identifiers and keeps sensitive data off-chain, so the privacy surface that sinks most public-chain aid ideas barely exists here. Every participating organisation runs a node and co-governs the network as an equal, which removes the trust problem that would otherwise force everyone onto one agency’s system. Beneficiaries never manage a key, never hold a volatile asset, and never touch an exchange. Strip the word blockchain out of the description and you have a neutral, jointly operated entitlement database, which is exactly the point. The architecture that delivered the sector’s best results is the one that hid the technology completely.

The flagship public-chain rail proved the concept and stayed small

UNHCR’s Stellar programme is where the rhetoric and the results diverge most sharply. The agency launched it in December 2022 with the UN International Computing Centre and the Stellar Development Foundation, calling it a first-of-its-kind blockchain payment solution, paying displaced Ukrainians in Circle’s USDC into a Vibrant wallet, with cash-out through any MoneyGram location in dollars, euros or local currency. It did what it set out to do, won the 2023 Paris Blockchain Week impact award, and demonstrated traceability and rapid cross-border settlement in a live war.

Then it stayed small. By UNHCR’s own 2024 reporting, the blockchain approach had delivered $4.6 million since December 2022, mostly in Ukraine and Argentina, with a rollout into Afghanistan for returning refugees. Set that against UNHCR’s wider cash operations, which have moved almost $5 billion to some 35 million people across 100 countries since 2016, and the on-chain slice is a fraction of a percent. The Argentina extension is the more interesting half of the story, because it used the stablecoin as a store of value for refugee entrepreneurs whose local currency was depreciating fast, which is a real use case that conventional rails handle badly. The Ukraine deployment proved portability and zero-cost traceability to UNHCR. Neither turned into the scaled disbursement channel the launch language implied, and the honest reading is that the public-chain model cleared the technical bar and then ran into everything that is not technical.

A stablecoin rail forces the programme to solve regulated cash-out, sanctions screening, identity proofing, and recipient usability all at once, and the moment value has to convert back into spendable local money, regulated intermediaries reappear and the supposed disintermediation evaporates. Throughput and fees were never the constraint. The chain handled the easy part, while the hard parts sat downstream where the model has not yet earned scale.

Where stablecoins genuinely earn their place

Mercy Corps Ventures has run the most useful recent experiments, because its pilots are designed around the failure of conventional rails rather than around the technology. The pattern across its work is consistent, with stablecoins winning where banking is absent, illegal, dangerous, or politically severed, and where the design solves a non-chain problem that mobile money cannot reach.

Northeast Syria is the clearest case. Working with HesabPay and the local enterprise Pioneers Innovation, Mercy Corps sent $30,000 in USDC to 100 smallholder farmers across Al-Hasakah, reaching roughly 400 people, and cut payment time from an average of 28 days to under one day with a 60% cost reduction against the informal money-transfer agents farmers had been relying on. The pilot ran on Algorand rather than the Ethereum-family chains most people assume, and it became feasible partly because Syria’s change of government and the easing of sanctions through 2025 opened space to connect the area to international finance at all. The technology mattered less than the corridor, which had simply not been bankable before.

Eastern Afghanistan pushed the design further into the place where most digital-cash assumptions break. The participants had no smartphones, no internet, and no prior experience with digital payments, so HesabPay issued physical cards linked to stablecoin wallets that worked fully offline, with merchant points syncing transactions later over satellite and HesabPay branches handling conversion to local currency. Over three months in early 2025 the pilot reached about 840 people through 100 farmers, hit a 100% spend rate, and cut overall delivery costs by 29% and distribution costs by 65% against cash. The timing made the case for it, because as the pilot closed, Afghanistan’s authorities shut down the internet nationwide and conventional digital payments stopped, while the offline cards kept working. A programme that had treated connectivity as a given would have failed in that window.

Kenya shows the same logic applied to anticipatory action, where the trigger is a forecast rather than a disaster already underway. The 2023 proof of concept with Fortune Credit, Shamba Network and DIVA Technologies used a smart contract holding funds in escrow against a vegetation index, and disbursed 11,271 USDT to 262 pastoralists with a 75% cut in transfer costs and a 90% reduction in settlement time. The 2026 scale-up moved to Ripple’s RLUSD on Ethereum with a multi-checkpoint payout design, and Mercy Corps reports a 95% reduction in settlement time and a 64% cut in transaction costs, with the share of households eating three meals a day rising from 13% to 77%. The reason a smart contract helps here is narrow and real, because automating the payout against an objective satellite trigger removes the lag between a forecast and the money, and in a drought that lag is the damage.

The future of finance is here. Trade crypto and more

These results are encouraging and they are also operator-reported pilot findings rather than independent randomised evaluations, which the organisations involved generally acknowledge. Several run on small samples in single corridors, the cost baselines are self-defined, and a 60% saving against an informal hawala network is not the same claim as a 60% saving against a functioning bank. The direction is consistent enough to take seriously, but treating a hundred-household pilot’s headline percentage as a settled benchmark is how the sector talks itself into overclaiming.

The chain is the easy part, and the field is finally admitting it

The most important shift in 2025 and 2026 is that the credible work now treats inclusion and off-ramping as architecture rather than as training problems to be solved after launch. UNICEF’s AidLink prototype is the cleanest example, because it was built around the people a typical crypto product excludes. Run in Greater Nairobi in December 2025 with results published in March 2026, AidLink reached 49 participants with varying levels of intellectual disability, sent each 65 USDC, and converted it to Kenyan shillings on M-Pesa entirely over SMS with a 100% completion rate. No smartphone, no app, no internet, and no blockchain knowledge were required of the recipient. The work stitched together three UNICEF Venture Fund startups, with Rumsan providing the infrastructure, Xcapit the SMS wallet, and Kotani Pay the conversion to local mobile money, which is the real lesson, because the deliverable that worked was a modular end-to-end system rather than a chain.

That framing recurs everywhere the results hold up. Afghanistan worked because the design accepted that the user was offline and built around cards, satellite-synced merchants and branch cash-out. AidLink worked because wallet creation, conversion and the M-Pesa hand-off were one journey for the recipient. The interoperability that humanitarian blockchain really needs is organisational rather than cryptographic, linking registration systems, deduplication rules, wallet providers, screening engines, off-ramp partners and donor reporting, and none of that is solved by picking a faster chain.

Privacy is the trend that quietly reversed. Early humanitarian blockchain rhetoric sold immutable public transparency as the headline feature, and the field has since worked out that a permanent public record of who received aid is a liability when the recipient is a refugee, a defector, or a member of a targeted minority, because metadata, off-ramp KYC records and social-graph analysis can reidentify supposedly anonymous addresses. WFP’s answer was to keep names, dates of birth and biometrics off the chain and lean on pseudonymous identifiers, and the newer privacy-preserving pilots go further by trying to verify eligibility without disclosing identity at all. The principle that has settled out is that humanitarian identity should be minimally sufficient, separated from public transaction data, and revocable where feasible, which is close to the opposite of the radical-transparency pitch the technology first arrived on.

Inclusion also has a hard floor that technology cannot lift on its own. Mercy Corps’ Afghanistan pilot surfaced gender barriers that no card design could engineer away, because women in the pilot area faced structural restrictions on independent use regardless of how the payment rail was built. That forces a question every fragile-context programme has to answer explicitly, which is whether the true recipient is the registered individual, a household delegate, or a proxy, and then to track the protection consequences of that choice rather than assuming a digital wallet equals empowerment. A rail that quietly routes a woman’s entitlement through a male relative digitises the exclusion rather than removing it.

The risks are operational, not cryptographic

Adversary modelling for humanitarian crypto rarely centres on smart-contract bugs, because the threat is the people around the system. The relevant attackers are corrupt intermediaries, predatory local agents, armed groups, abusive partners, compromised insiders, sanctions evaders, and fraudsters running impersonation at scale, and the 2025 data backs that up. Chainalysis estimates $17 billion was stolen through crypto scams and fraud in 2025, with impersonation scams up 1,400% year on year and AI-enabled schemes 4.5 times more profitable than traditional ones, while a separate $3.4 billion was lost to hacks, of which centralised-service and private-key compromises did most of the damage. The takeaway from a brutal year is that the losses came from human trust and operational failure far more than from broken code.

For a programme moving aid, that reframes the security work entirely. Large treasuries should never sit in a single hot wallet, and the sane structure segregates cold or institutional custody, limited operational wallets, and beneficiary disbursement, with multisig or MPC approvals, role separation, allow-listed destinations where feasible, real-time screening, and out-of-band verification for any payout change. Self-custody should be optional rather than the default for the most vulnerable recipients, because handing a key to someone with no recovery path and a high phishing exposure transfers the risk onto the person least able to absorb it. None of this is exotic, it is institutional operational security that the humanitarian sector has not always applied to crypto with the seriousness it applies to cash.

Sanctions compliance is the line that ends programmes rather than embarrassing them. OFAC treats virtual currency as subject to US sanctions, publishes wallet addresses on the SDN list, and expects blocked property to be denied and reported, and the same logic runs through UK and EU frameworks. For an NGO that means screening at onboarding and at payout, escalation rules for potential matches, blocked-property procedures, and contractual commitments from every custodian, issuer and off-ramp partner in the chain. A displaced-persons programme operates in precisely the geographies where sanctions exposure is highest, which is the opposite of a context where a casual approach survives contact.

Compliance has tightened, and it pushes toward licensed partners

The legal environment is materially harder than it was during the first wave of pilots. In the EU, MiCA became fully applicable on 30 December 2024, with a grandfathering window for existing providers that closes by 1 July 2026, and on the same date the revised Transfer of Funds Regulation switched on the crypto travel rule with no transitional grace period, requiring originator and beneficiary information on every transfer regardless of amount. The UK has enforced its travel rule since September 2023, requires FCA registration for in-scope firms, and brought HMRC’s Cryptoasset Reporting Framework into effect from January 2026. In the US the picture stays more fragmented, but FinCEN’s money-transmission treatment of convertible virtual currency, OFAC’s sanctions guidance, and IRS digital-asset reporting all bite immediately.

Buy bitcoin and stocks. Signup to Coinbase today

The practical conclusion follows from the structure rather than from any single rule. An NGO that accepts and transmits stablecoins as part of its operation can find itself inside regulated money-transmission or CASP activity, with the AML, recordkeeping and reporting obligations that attach, which is a poor place for a humanitarian organisation to be by accident. The cleaner path is to work through licensed custodians, crypto-asset service providers, and regulated local payment partners, and to keep the regulated perimeter with parties built to hold it. That is an inference from the regulatory direction rather than legal advice, and it is highly context dependent, because recipient-country law on exchange controls, crypto legality, payment licensing and cash-out adds a second layer that donor-jurisdiction compliance does not touch. A US-compliant custodian does nothing about whether the off-ramp is legal in the country where the recipient lives.

The honest decision frame for 2026

The wrong question is whether an organisation should use blockchain, and the sector has wasted years answering it. The useful question is whether a specific delivery problem exists that conventional bank, card or mobile-money rails cannot solve as well, and the candidates are narrow, running to cross-border settlement where banking is weak or politically severed, value portability for displaced people, store-of-value protection under high inflation, duplicate-assistance control across many agencies, and privacy-preserving eligibility verification where exposure of identity data is itself a protection risk. Where none of those binds, conventional digital cash is usually cheaper, faster to stand up, and less risky, and reaching for a chain is solution-led.

Where one of them does bind, the design that has worked in practice is consistent. A dollar stablecoin held by a licensed custodian, disbursed to abstracted recipient wallets, with the recipient free to hold, spend at a merchant, convert to mobile money, or withdraw at a bank, and with self-custody offered rather than imposed. Identity stays off-chain and minimal, with only a pseudonymous identifier on the ledger and KYC applied at the cash-out or at a risk-triggered stage. There is an offline fallback for people without smartphones, whether that is SMS, an NFC sticker, or a card, because excluding the people aid is supposed to reach is a programme failure dressed as a technical constraint. The off-ramp is confirmed legal and liquid before launch, because recipients trapped holding value they cannot spend are worse off than they were with cash. The most credible 2026 pilots, from Mercy Corps’ offline cards to UNICEF’s SMS rail, are the ones that treated those constraints as the design and let the chain recede into plumbing.

Mercy Corps’ Colombia pilot, built with Aleo, Humanity Link and the Danish Refugee Council to verify eligibility through zero-knowledge proofs rather than exposing beneficiary data, is the frontier worth watching, because it targets the one constraint the rest of the field has mostly waved at. If privacy-preserving deduplication works at field scale, it would let public-chain rails carry the kind of vulnerable population that currently makes any on-chain transparency dangerous. It has not been outcome-tested yet, and the right posture is interest without the usual pre-emptive celebration.

The defensible position on blockchain for humanitarian aid is neither the booster’s nor the cynic’s. The permissioned coordination model has earned its scale and is the closest thing the field has to proven impact, the public-chain stablecoin model has earned a real but bounded place in corridors where nothing else reaches, and almost everything that determines whether either succeeds lives off the chain entirely. The organisations getting it right in 2026 are the ones that stopped asking the technology to be the point.