MiCA Regulation: 6 Major Updates Transforming Crypto-Asset Compliance

Alessandro Micagni
On November 8th, 2024

MiCAR Regulation outlines six key updates, including white paper approval, service provider notifications, and continuity measures, to enhance compliance and resilience in the crypto-asset market.

MiCA Regulation: 6 Major Updates Transforming Crypto-Asset Compliance


On 4 November 2024, the European Commission adopted a series of Delegated Regulations to supplement the Regulation on Markets in Crypto-assets (MiCAR). These Delegated Regulations set forth comprehensive Regulatory Technical Standards (RTS), refining and operationalizing MiCAR to establish a robust regulatory framework for the crypto-asset market. The primary objectives are enhancing consumer protection, bolstering market integrity, and addressing the evolving risks posed by the dynamic crypto-asset landscape.


These regulations are critical as they delve into technicalities such as ensuring continuity in service provision, detailed reporting requirements, and the standardized approval process for crypto-asset white papers. Institutions directly impacted include crypto-asset issuers, such as those offering asset-referenced tokens (ARTs) and e-money tokens (EMTs), as well as crypto-asset service providers (CASPs), including trading platforms, custodial services, and payment institutions. Additionally, traditional financial entities like banks, investment firms, and electronic money providers entering the crypto market will face new compliance requirements.


The adoption of these regulations by the European Commission signifies a robust effort to standardize crypto-asset governance, ensuring that financial innovation progresses without undermining financial stability.



Source

[1]

MiCA Regulation: EBA’s Guidelines on Data Reporting
The Regulation on Markets in Crypto-Assets (MiCA), Regulation (EU) 2023/1114, is crucial for the EU’s regulatory approach. On July 15, 2024, the EBA released draft guidelines for data reporting by NCAs, issuers of asset-referenced tokens, e-money tokens, and Crypto-Asset Service Providers.
GrandAlessandro Micagni

[2]

Register of Commission Documents


Markets in Crypto-assets (MiCA): The Regulatory Updates


1. Approval Procedure for Crypto-Asset White Papers


The approval procedure is central to ensuring transparency, consumer protection, and market integrity under the MiCAR Regulation. It establishes a framework for the rigorous evaluation of crypto-asset white papers issued by financial entities, particularly those offering asset-referenced tokens (ARTs) and e-money tokens (EMTs).



Steps and Timelines


The Regulatory Technical Standards (RTS) set forth a structured process to standardize and streamline the approval process across the European Union.


  1. Acknowledgment of Receipt:
    • Competent authorities must acknowledge the receipt of the application within two working days. This acknowledgment includes a unique reference number and the contact details of a designated official to handle issuer inquiries, ensuring a clear communication channel.
  2. Completeness Check:
    • Authorities have 20 working days to determine whether the white paper includes all required elements. These elements include:
      • A comprehensive description of the token’s purpose and economic function.
      • Governance frameworks, highlighting management roles, internal controls, and risk mitigation strategies.
      • Technical details of the underlying distributed ledger technology (DLT), including scalability, transaction verification mechanisms, and security features.
      • Information on the rights of token holders, particularly redemption rights for ARTs, and associated financial or operational risks.
    • The completeness check prevents poorly documented or vague white papers from advancing in the approval process.
  3. Revised Submissions:
    • If the submission lacks critical information, the issuer must revise and resubmit the white paper within 20 working days, addressing deficiencies identified by the authority. This process involves:
      • Providing a marked-up version of the white paper, highlighting all changes made.
      • Submitting a clean, finalized version of the document for final evaluation.
      • Offering a detailed explanation of how revisions meet regulatory requirements, ensuring transparency.
  4. Final Decision:
    • Once the white paper is deemed complete, the competent authority proceeds with a substantive review. This review assesses compliance with MiCAR standards, including the token's potential impact on monetary policy and financial stability. Authorities are required to issue a decision within a defined timeframe, preventing unnecessary delays.

Coordination with Authorities


For asset-referenced tokens, additional regulatory scrutiny ensures alignment with macroeconomic objectives:


  1. Role of the ECB and National Central Banks:
    • Competent authorities must coordinate with the European Central Bank (ECB) and relevant central banks to evaluate ARTs’ potential implications for monetary policy and systemic stability.
    • Central banks must issue their opinions within a defined period, typically within 15 working days. If no response is provided, the review may proceed without their input.
  2. Electronic Submissions:
    • All communications, including applications and revisions, must be submitted electronically. This reduces administrative burden, enhances data security, and ensures a streamlined workflow.
  3. Cross-Border Harmonization:
    • Coordination with the European Securities and Markets Authority (ESMA) and national regulators ensures consistency across Member States. This harmonized approach supports the creation of a unified regulatory environment, minimizing barriers for cross-border issuances.

The RTS impacts ART issuers, EMT issuers, and credit institutions by imposing strict documentation and operational requirements. These measures:


  • Ensure that issuers provide detailed disclosures on the token’s risks and mechanisms, fostering investor confidence.
  • Require issuers to adopt robust governance and compliance frameworks, enhancing market integrity.
  • Streamline the submission process, leveraging digital workflows to minimize delays and ensure clarity.

2. MiCA: Notification for Intention to Provide Crypto-Asset Services


The RTS outlines the notification process for financial entities intending to provide crypto-asset services, ensuring that regulatory authorities receive detailed insights into planned operations.


Key Requirements

Entities must submit a notification that includes an exhaustive operational plan, covering various aspects:


  1. Marketing Strategy:
    • Notifications must outline promotional strategies, specifying tools such as:
      • Social media campaigns, influencer partnerships, and educational materials.
      • Webinars, demo accounts, and targeted advertisements to attract specific customer segments.
  2. Geographical Scope:
    • Entities must specify jurisdictions where they plan to operate, estimating the potential client base in each location. This geographical breakdown ensures transparency and enables regulators to assess cross-border compliance risks.
  3. Organizational Structure:
    • Details of internal governance frameworks, including risk management policies and outsourcing arrangements, are required. Notifications must also disclose the allocation of financial and ICT resources to crypto services.

AML and Cybersecurity

Entities must demonstrate compliance with anti-money laundering (AML) and cybersecurity standards:


  1. AML Requirements:
    • Notifications must include risk assessments identifying potential money laundering and terrorist financing risks.
    • Measures for customer due diligence, transaction monitoring, and suspicious activity reporting are mandatory.
  2. Cybersecurity Measures:
    • Detailed descriptions of ICT systems are required, focusing on:
      • Encryption protocols to protect sensitive data.
      • Incident response plans for addressing breaches or system failures.
      • Security frameworks for outsourced ICT services.

This regulation significantly affects investment firms, banks, and electronic money providers expanding into crypto services. It ensures that entities adopt robust operational and cybersecurity measures, fostering trust and stability in the crypto-asset ecosystem.


3. Continuity and Regularity of Crypto-asset service providers


Crypto-asset service providers must establish comprehensive frameworks to ensure operational continuity, addressing risks such as technological disruptions and external cyber threats.


Resilience Measures

Providers must develop and implement business continuity policies, addressing:


  1. ICT Outages:
    • Policies must include backup systems and failover mechanisms to maintain service availability.
  2. DLT Disruptions:
    • For services reliant on permissionless DLTs, contingency plans must mitigate risks associated with network failures or congestion.
  3. Cyberattacks:
    • Providers must incorporate strategies to prevent, detect, and respond to cyber incidents, minimizing downtime and protecting client data.

Testing and Communication

  1. Testing Protocols:
    • Regular scenario-based stress testing identifies vulnerabilities in the provider’s systems.
  2. Stakeholder Updates:
    • Providers must communicate promptly with regulators and clients during disruptions, outlining recovery timelines and interim solutions.

The regulation targets crypto exchanges, custodial services, and payment institutions, particularly those with significant reliance on DLTs. It ensures resilience against operational and external risks, enhancing investor confidence.


4. Methodology for Estimating ART and EMT Transactions


The RTS establishes guidelines for accurately reporting transactional usage of ARTs and EMTs, ensuring transparency and compliance.


Scope

Issuers must report transactions with clear economic intent:


  1. Exclusions:
    • Transfers between wallets of the same owner, speculative trades, and collateral-based transactions are excluded.
  2. Geographic Focus:
    • Reports must prioritize transactions occurring within single currency areas, where both payer and payee reside.

Methodology

  1. Data Reconciliation:
    • Issuers must reconcile custodial wallet data with DLT records to ensure accuracy.
  2. Transaction Categorization:
    • Deduction of non-economic transactions ensures reports focus solely on economic activity.
  3. Rationale Documentation:
    • Issuers must provide verifiable evidence for excluding specific transactions.

This regulation affects ART and EMT issuers, requiring advanced reporting systems and compliance measures to ensure data accuracy and regulatory alignment.


5. MiCA Conditions for Supervisory Colleges


Supervisory colleges oversee significant tokens to ensure consistent and effective regulatory oversight.


Determination of Membership

Supervisory colleges must include entities such as:


  • Payment service providers with significant transaction volumes.
  • Trading platforms managing critical token liquidity.
  • Custodial services holding substantial reserves.

Collaboration Framework

Colleges must establish written agreements detailing:


  • Roles and responsibilities of members.
  • Coordination protocols for decision-making and task delegation.
  • Timelines for regular reviews to adapt to market changes.

This ensures that cross-border entities and large-scale token issuers are subject to harmonized oversight, reducing fragmentation and enhancing market integrity.


6. Applications for CASP Authorisation


The RTS outlines stringent documentation standards for entities seeking authorization as crypto-asset service providers (CASPs).


Content Requirements

Applicants must submit:


  • Governance frameworks and prudential safeguards.
  • Operational plans specifying services and resource allocation.
  • Mechanisms addressing risks like market abuse and AML compliance.

Client Protections

CASPs must demonstrate robust safeguards for client funds and crypto-assets, including:


  • Segregation mechanisms to prevent misuse or insolvency risks.
  • Security frameworks to protect assets from cyber threats.

This regulation affects startups and established institutions, ensuring only entities with robust frameworks can enter the market.


Strategic Implications of Regulation on Markets in Crypto-assets (MiCA) Delegated Regulations
Strategic Implications of Regulation on Markets in Crypto-assets (MiCA) Delegated Regulations

Strategic Implications of Regulation on Markets in Crypto-assets (MiCA) Delegated Regulations


The MiCAR Delegated Regulations represent a strategic shift toward a regulated and secure crypto market within the EU. By addressing critical operational, governance, and technical aspects, these rules aim to create a balanced environment for innovation and investor protection. They reflect a global trend toward more structured regulatory frameworks for crypto-assets.



  1. Convergence of Finance and Technology: Greater integration of traditional finance principles into the crypto sector is evident in requirements for prudential safeguards and operational transparency.
  2. Focus on Consumer Protection: Enhanced transparency and resilience requirements underscore a commitment to protecting retail investors. Examples include mandatory business continuity frameworks for CASPs and detailed reporting obligations for token issuers.
  3. Cross-Jurisdictional Coordination: Supervisory colleges and EU-wide standards signify a move toward harmonized oversight across Member States, reducing regulatory fragmentation and fostering trust in the crypto ecosystem.

The regulations' phased implementation and collaborative design indicate a forward-looking strategy, fostering trust and stability in the evolving crypto ecosystem. By providing clear guidelines for compliance, the MiCAR Regulation facilitates a robust framework that enables innovation while mitigating risks.

Reduce your
compliance risks

Sign Up Free Request Demo