Markets in Cryptoassets (MiCA) - a new cryptoasset regime for the EU finalised
At a glance:
- The EU’s MiCA was published in the EU Official Journal on 9 June. As the most comprehensive crypto-specific regulatory framework to date, this is a significant moment for crypto regulation globally.
- The key building blocks of the framework - the overall boundary of the EU crypto regulatory perimeter and the frameworks for crypto service providers and stablecoin issuers - are clear.
- MiCA will enter into force at the end of June 2023 with a phased implementation period running to December 2024. The first compliance deadline is on 30 June 2024. However, some important detailed requirements – notably those for stablecoin issuers and Member States’ approach to enforcing certain provisions – will only become clear in 2023/24 when technical standards and guidance are issued.
- Nevertheless, the MiCA provides a clear framework under which crypto natives and traditional financial services can shape their long-term EU crypto business plans, determine what role to play in the regulated EU crypto ecosystem, and start building an operating and compliance model that meets regulatory expectations.
On 9 June, the EU’s Markets in Cryptoassets (MiCA) regulation was published in the EU Official Journal (OJ), officially marking the adoption of MiCA into EU law. This is a landmark milestone both for EU crypto regulatory clarity and the global crypto landscape, as the first regulatory framework of its kind in the world.
However, some key details are yet to be revealed. A raft of detailed regulatory technical standards (RTS) and guidelines on how to implement the MiCA in practice are will only emerge over 2023/24.
This blog explores the key elements of MiCA and the impact on firms looking to develop their crypto strategy.
The EU crypto regulatory perimeter
The EU’s crypto regulatory perimeter is now better defined, with clarity on the types of tokens captured in and out MiCA’s scope.
The diagram below sets out the latest position:
Overall, MiCA will expand and harmonise the EU regulatory perimeter to capture – subject to certain exceptions – the issuance and servicing of most cryptoassets not caught by existing financial services (FS) legislation. However, MiCA is one part of a broader EU crypto regulatory landscape. Notably tokenised financial instruments, or tokenised securities, will not be within the scope of MiCA and will already be dealt with by existing securities frameworks, including MiFID.
In practice, this means that EU crypto firms servicing a suite of tokens may need to comply with multiple frameworks. Firms will need to assess the full range of tokens in their offering and map out which frameworks they should comply with. Take custody as an example. While MiCA may capture custodians of unbacked cryptoassets (e.g. Bitcoin) or stablecoins, general EU securities frameworks (e.g. MiFID) broadly apply to tokenised financial instruments instead.
As we highlighted earlier in 2023, the UK Government is proposing a different approach. The UK Government plans to apply its proposed new powers to specific groups of cryptoassets, dependent on the activity being regulated. This will become clear via secondary legislation later this year or next. As an illustrative example, exchange tokens could be in-scope for custody services, but outside the perimeter when serviced by a trading venue.
Regulated crypto services
The MiCA will capture firms providing one or more of the services below for in-scope cryptoassets, bringing them within the EU regulatory perimeter.
Crypto lending is one key service not captured by the MiCA. The EU Commission is expected to publish a report on the need to regulate this service - and if necessary, a legislative proposal (i.e. a potential MiCA 2.0) – by 30 December 2024.
Firms providing one of the in-scope services will need to comply with both service-specific and more general requirements applicable to all crypto service providers, with the key building blocks of these requirements now clearer.
For example, custody providers will be liable for damages from ICT incidents (including cyber-attacks or thefts), while trading platform operators will be subject to certain pre- and post-trade transparency requirements.
The general requirements applicable to all crypto service providers focus on the key themes below:
Meeting requirements across these focus areas will be challenging for crypto natives, many of whom are yet to have significant engagement with regulators. They will need to review the viability of their offerings in the light of MiCA’s requirements, considering the costs and benefits of becoming a fully regulated financial services (FS) firm.
As market events in 2022 underscored, in many cases this transition will require a significant shift in governance, risk and compliance, and overall corporate culture. We expect firms’ approaches to segregating firm/client cryptoassets and funds to be top of regulators’ agenda as they review MiCA authorisation requests. Some approaches are complex and will require careful thought and re-design, including frequent assessments.
Another area we expect to be a particular challenge is meeting minimum capital requirements. Many crypto natives are not currently required to set aside capital, so the maturity of existing approaches varies significantly. In addition, the reality of becoming a regulated FS firm means that crypto natives face the added challenge of complying with broader FS frameworks, e.g. including the EU Digital Operational Resilience Act.
Nevertheless, MiCA will include some tools to help both crypto natives and regulated FS firms build their crypto business. For example, authorised crypto service providers will be allowed to passport their services across the EU27, helping firms expand across the region. This is currently complex, with firms having to navigate fragmented national regimes.
As explored in our latest European Banking Trend Radar report, crypto is one of the key trends in FS innovation likely to have an important influence on the European banking market. The MiCA makes it comparatively easier for regulated banks to launch crypto offerings. They will be able to provide any of the ten in-scope services via a simpler regulatory notification, rather than going through a full authorisation process. Other traditional regulated FS firms can leverage existing permissions to launch certain crypto offerings too.
Overall, the MiCA will bring key intermediaries in crypto markets within the regulatory perimeter from a conduct and prudential perspective, most notably custodians and exchanges. The UK Government proposed to do so too in February 2023, although significant work will be required to develop the detailed UK regulatory requirements.
Framework for stablecoin issuers
The MiCA approach to stablecoin issuers is linked to how the stablecoin is backed.
Issuers of those backed by a single fiat currency (known as e-money tokens) need to be an authorised bank or e-money firm. They also need to comply with additional MiCA requirements, e.g. publishing a document with key information (white paper).
MiCA also sets out a tailored framework for issuers of stablecoins backed by any other asset or value (known as asset-referenced tokens), e.g. a basket of currencies or a commodity. Issuers must be either a bank or authorised under the MiCA to issue asset-referenced tokens.
We know that MiCA will require issuers of asset-referenced tokens used as a means of exchange - for payments of debts, e.g. with merchants - to reduce the token’s level of activity. An asset-referenced token will be considered a means of exchange when the number and value of transactions per day when used as a means of exchange is higher than one million and EUR 200 million respectively, within a single currency area. “Means of exchange” will not include use in spot trading. E-money tokens based on non-EU currency will also be required to reduce their level of activity.
As with crypto servies, the MiCA also makes it easier for banks to start engaging with stablecoins. Banks will be able to issue a stablecoin via a simpler regulatory notification, rather than a full authorisation process.
Beyond the EU, policymakers in other key jurisdictions are developing stablecoin regulatory frameworks. This includes the USA, with draft bills proposing a federal framework for payment stablecoins. Meanwhile the UK is focussing on a framework for fiat-backed stablecoins used for payments, with a consultation on detailed requirements expected by end-June 2023.
Implementation periods
Following entry into force in June 2023, the MiCA’s implementation will be phased. The rules relating to stablecoin issuers will apply from 30 June 2024. The rest of the MiCA will apply from 30 December 2024, subject to certain transitional measures.
Key unanswered questions
Once detailed firm-level requirements emerge in 2023/24 some of the MiCA’s key unanswered questions - especially the three below - may fall away.
1. Member States’ approach to enforcing the MiCA on crypto service providers
Crypto service providers that provided their services in accordance with applicable law before 30 December 2024 may continue to do so until 1 July 2026 or until they are granted/refused authorisation, whichever is sooner. However, Member States may decide not to apply this measure or reduce its duration. They can do this where they consider that crypto service providers will be subject to stricter requirements than those in existing national frameworks applicable before 30 December 2024.
Member States are required to notify the EU Commission and ESMA by 30 June 2024 on whether (and how) they will exercise this option. Crypto natives will be keen to understand how this plays out. Clarity on when Member States intend to enforce the MiCA will likely be a key consideration when deciding where to establish an EU presence – some crypto natives will likely struggle to be fully MiCA compliant by December 2024.
2. Detailed requirements for stablecoin issuers
Some detailed regulatory requirements to enable issuers of asset referenced tokens to shape their risk and compliance approaches will only emerge in 2023 through RTS and guidance. This includes areas such as authorisation, methodology to calculate the token’s use as means of exchange, liquidity, and governance arrangements. EU policymakers also need to define criteria to determine a stablecoin as significant. Given the nascent nature of the market, we expect this to be challenging.
Nevertheless, these details will go a long way to determine how challenging an environment the EU is for stablecoin issuers and could significantly affect their expansion plans.
3. Tokenised financial instruments – harmonised criteria
As expected, the MiCA won’t apply to security tokens. However, we still await detailed and harmonised criteria on what cryptoassets qualify as security tokens. ESMA will publish detailed guidelines on this by 30 December 2024, helping firms to delineate between cryptoassets captured by MiCA vs MiFID II.
Next steps and conclusion
The MiCA will enter into force at the end of June 2023, after which its phased implementation period begins, and the European Supervisory Authorities will begin publishing a raft of RTS and guidance on how to implement it in practice.
The challenge of complying with MiCA will be most acute for crypto natives, many of whom will come within the regulatory perimeter from a conduct and prudential perspective for the first time. For these firms, this places a premium on understanding the MiCA’s impact as soon as possible and starting to design a suitable operating and compliance model. These firms should lose no time in building robust governance, risk management frameworks, and regulatory affairs teams to engage local regulators on authorisation plans.
Nevertheless, while some crypto natives (and traditional FS firms) may not agree with all of MiCA’s detailed provisions, it provides a clear framework under which they can shape their long-term crypto plans in the EU. It enables these firms to determine how and where to play in the regulated crypto ecosystem and - via passporting - grow their business across the EU