Navigating the New MiCA Regulation: What Crypto-Asset Service Providers Need to Know
Reading time: 8 mins
The recent collapse of the crypto-asset exchange FTX has underscored the risks associated with the crypto-asset industry. In response to a growing need for regulatory oversight, EU lawmakers have taken decisive action by drafting the comprehensive Markets in Crypto-Assets regulation (“MiCA”), a subject of a previous insight here. Following negotiations between representatives of the three EU institutions, a final draft of the regulation was agreed last year, and, last week, on 20 April 2023, the European Parliament voted in favour of this final MiCA text. On the same date, the European Parliament also voted to extend the Transfer of Funds Regulation (“TFR”) rules to crypto-asset transfers, as part of the EU’s AML/CFT legislative package. Alongside MiCA, this marks a significant milestone in the evolution of crypto regulation.
These developments mark a turning point for crypto-asset regulation globally, and in particular crypto-asset service providers (“CASPs”) who will be captured by the new regime, and who previously operated in a largely unregulated environment. This insight aims to provide a high-level overview of the MiCA regulation, as well as the extended TFR rules, outlining the implications for CASPs, and examining the new requirements CASPs will need to comply with. In particular, as MiCA replaces existing national legal frameworks and harmonises the rules for CASPs and issuers across the EU, it is crucial for CASPs to stay informed and adapt to these new regulatory standards.
Implementation of MiCA Regulation
The MiCA regulation is set to come into force in stages, beginning with an anticipated effective date in July of this year. Provisions specifically relating to stablecoins will become applicable first, while sections addressing other types of crypto-assets and the provisions concerning service providers and the travel rule will take effect from January 2025. It is intended that this phased approach will allow CASPs and other stakeholders to gradually adapt to the new regulatory landscape.
The European Parliament's approval of MiCA positions the EU at the forefront of crypto-asset regulation, ahead of the U.S. and U.K. A formal vote to finalise the MiCA regulation in the Council of the EU (EU member states) is scheduled on 16 May. What is of further note however are the technical details that are still to be agreed that will inform MiCA’s provisions. The practicalities of how MiCA will operate, as well as its success, largely depends on these implementation standards, as well as the enforcement practices, that the EU supervisory authorities will develop over the next 12-18 months. This crucial period will shape the effectiveness of the regulation in fostering a secure, transparent, and ethical crypto-asset market, and as such, CASPs would be wise to be alert to such future developments.
Regulatory Objectives of MiCA
In short, the objectives of MiCA include addressing the current fragmentation of the legal framework for crypto-assets and CASPs within the EU, ensuring the proper functioning of crypto-asset markets, and protecting crypto-asset holders and CASP clients. Additionally, MiCA seeks to maintain market integrity and financial stability at the Union level while fostering innovation, fair competition, and adaptability to technological developments.
MiCA introduces transparency and disclosure requirements for crypto-asset issuers and provides guidance on the authorisation process and supervision of CASPs. The regulation also sets out governance requirements for CASPs as well as measures to prevent insider dealing, unlawful disclosure of inside information, and market manipulation related to crypto-assets. These provisions work together to ensure the integrity of crypto-asset markets and promote a more secure and transparent environment for all stakeholders involved.
CASPs and Categorisation of Crypto-Assets
MiCA establishes a regulatory framework for CASPs and issuers, and in doing do so, defines three distinct sub-categories of crypto-assets: asset-referenced tokens (ARTs), e-money tokens (EMTs), and 'Other' Crypto-Assets (a catch-all sub-category for crypto-assets that are not ARTs or EMTs). ARTs reference other values or rights, including one or several official currencies, while EMTs reference only one official currency and function similarly to electronic money. CASPs, who engage in providing services related to these three types of crypto-assets, will be subject to MiCA's rules and regulations.
MiCA recognises different types of crypto-asset activities and in fact includes a list of what is deemed to be a crypto-asset service under the MiCA regime (which closely follows the list of investment services and activities according to MiFID II), which are as follows:
- the custody and administration of crypto-assets on behalf of third parties;
- the operation of a trading platform for crypto-assets;
- the exchange of crypto-assets for funds;
- the exchange of crypto-assets for other crypto-assets;
- the execution of orders for crypto-assets on behalf of third parties;
- placing of crypto-assets;
- providing transfer services for crypto-assets on behalf of third parties; the reception and transmission of orders for crypto-assets on behalf of third parties;
- providing advice on crypto-assets; and
- providing portfolio management on crypto-assets;
Under MiCA, a CASP will need to obtain an authorisation from a competent authority in respect of the services it proposes to provide. MiCA’s rules apply to CASPs only where crypto-asset services are provided in the EU, and the jurisdictional scope of MiCA does not include a separate regime for third countries. This means that individuals or companies located outside of the EU who wish to promote and advertise their crypto-assets services to clients within the EU must obtain full authorisation.
To obtain authorisation and therefore be licensed as a CASP under MiCA, a company must have a registered office in an EU member state where they carry out at least some of their services, an effective place of management within the EU, and at least one EU resident director. MiCA provides for a unified licensing regime for CASPs within the EU and once authorised, CASPs will be able to passport their services to different jurisdictions within the EU.
There are distinct obligations set out in MiCA in respect of these different crypto-asset services and also general requirements applicable to all CASPs. CASPs should be aware of the specific requirements that affect them and particular take note of the requirements to maintain permanent minimum capital of:
- €150,000 for trading platforms;
- €125,000 for custodians and exchanges; and
- €50,000 for all other CASPs.
Other CASP general requirements cover various aspects, such as governance, operational and procedural requirements and, during the authorisation process, CASPs must provide comprehensive information about their operations and internal structures. This information includes details of the operations related to the crypto-asset services that the applicant CASP aims to provide, as well as information about the CASP’s governance and internal risk control mechanisms, policies, and arrangements.
CASPs are also required to provide evidence that members of their management body have a good reputation and possess the necessary knowledge, skills, and experience. Additionally, they must share information about legal persons holding qualifying stakes in the CASP and details of the IT systems and security arrangements in place. CASPs need also to outline the procedure for segregating client’s crypto-assets and funds, ensuring transparency and security for their clients. MiCA also requires CASPs (as well as crypto-asset issuers) to declare information on their environmental and climate impact.
This comprehensive set of requirements aims to ensure that CASPs adhere to the highest standards of operation, promoting transparency, security, and stability within the crypto-asset market.
Market Abuse and Duty to Act in Best Interests
MiCA notably imposes strict prohibitions on CASPs and issuers with regard to market manipulation. This includes measures to address insider trading and wash trading, among other manipulative practices. To deter market abuse, MiCA also requires CASPs to implement internal procedures and controls. Furthermore, CASPs are obligated to act honestly, fairly, and professionally in the best interest of their clients. This extends to providing accurate and transparent information to clients, ensuring that their needs and interests are prioritised. These stringent measures contribute to promoting a secure, transparent, and ethical crypto-asset market for all stakeholders.
CASP Custody policy and Segregation of Client Funds
Another notable incoming provision is the requirement for certain CASPs (i.e. those authorised for the custody and administration of crypto-assets on behalf of third parties) to segregate holdings of crypto-assets on behalf of their clients from their own holdings and ensure that the means of access to crypto-assets of their clients are clearly identified as such. CASPs are further required to ensure on the blockchain that their clients’ crypto-assets are held on separate addresses from those on which their own crypto-assets are held. These provisions are certainly certainly of note in light of recent events where exchanges have seemingly misused client funds that were not appropriately segregated and protected.
MiCA also provides that a CASP will be considered significant if it “has at least 15 million active users, on average, in one calendar year, in the European Union, where the average is calculated as the average of the daily number of active users throughout the previous calendar year”. A significant CASP will have to meet more stringent requirements such as ongoing notification requirements about the CASP’s authorisations.
As mentioned above, alongside MiCA, legislation implementing the anti-money laundering travel rule for crypto-assets was also approved. The revised Transfer of Funds Regulation (“TFR”) extends existing rules for cash transfers to crypto-asset transfers. Under the new TFR regime, in an effort to prevent money laundering and ensure customer protection, CASPs must include information on both the initiator and beneficiary of crypto-asset transfers. In practicality this will require information on the source and beneficiary to accompany transactions and be stored on both sides of the transfer. The law covers transactions above €1000 involving self-hosted wallets and hosted wallets managed by CASPs. It does not apply to person-to-person transfers without a provider or among providers acting on their own behalf.
The implementation of MiCA, as well as the extension of the TFR to crypto-assets, represents a significant step forward in the regulation of crypto businesses, aiming to elevate the industry standards to the same level as traditional financial institutions. By transitioning from a relatively straightforward registration system, previously more focused on compliance and anti-money laundering, to a more comprehensive regulatory framework, MiCA will likely enhance the reputation and credibility of the industry. This improved reputation will likely encourage increased institutional adoption and activity in the EU crypto market, further strengthening its growth and stability. Given the potential advantages and the anticipated growth of the crypto market, it is crucial for CASPs to become familiar with and stay aware of the specific provisions and requirements affecting them under MiCA. By doing so, they can effectively navigate the changing regulatory landscape and capitalise on the opportunities presented by MiCA, as well as benefit from the harmonised licensing regime that MiCA introduces, enabling them to passport their CASP authorisation from one member state to another seamlessly.