European Crypto Assets
Law & Regulation

The Markets in Crypto-Assets Regulation (MiCAR) aims to provide a comprehensive and harmonised framework for the regulation of crypto-assets and crypto-asset service providers (CASPs) across the EU.

MiCAR aims to close the regulatory gaps that exist in the cryptocurrency market, ensuring that consumer protection, market integrity, and financial stability are maintained while fostering innovation in the crypto space. It borrows heavily from the existing regulatory framework for financial instruments principally under Directive 2014/65/EU, the Markets in Financial Instruments Directive (MiFID).

MiCAR regulates token sales (ICO’s and SAFTs), multi-asset stablecoins and single currency stablecoins (e-money tokens). For a wide range of businesses providing various crypto-related services (i.e. CASPs) – MiCAR sets out clear rules and obligations that they must follow to operate legally within the EU. The regulation defines the scope of who is considered a CASP, outlines their obligations, and distinguishes between different types of businesses and activities to determine whether they fall within MiCAR’s jurisdiction.

EU wide law also governs AML/CTF obligations including implementation of FATF Recommendations and Guidance for Virtual Asset Service Providers and the Travel Rule.

This Guide is in six parts:

Part 1: MiCAR General Overview (updated 07 November 2025)
Part 2: MiCAR for crypto asset service providers (CASPs)
Part 3: Public Offer Rules for token sales (crypto asset issuers)
Part 4: (E-Money Tokens i.e. single currency stablecoins)
Part 5: Frequently Asked Questions About MiCAR
Part 6: MiCAR Regulator’s Guidance and Delegated Acts

Markets in Crypto Assets (MiCAR)

This puts the EU at the forefront of the token economy with 10 000 different crypto assets. Consumers will be protected against deception and fraud...Consumers will have all the information they need and all underlying risks around crypto-assets will have to be monitored. We secured that the environmental impact disclosure will be taken into account by investors in crypto assets. This regulation brings a competitive advantage for the EU. The European crypto-asset industry has regulatory clarity that does not exist in countries like the US.

Stefan Berger Lead MEP for MiCAR

MiCAR allows firms to passport their authorisation across Europe

Markets in Crypto Assets Regulation

MiCAR General

Introduction

The Markets in Crypto-Assets Regulation (MiCAR) has moved decisively past the legislative drafting phase and is now fully operational, placing immediate and mandatory technical compliance demands on issuers and CASPs across the EEA. While the client’s core understanding of the Level 1 structure is sound, the compliance risk currently resides in the failure to execute the specific requirements of the finalised Level 2 technical standards.

The primary strategic challenge facing CASPs in November 2025 is navigating the transitional regime, particularly the jurisdictional variance that often negates the use of the simplified authorisation procedure for historically VASP-registered firms.

The primary duty to monitor and report market abuse falls on Persons Professionally Arranging or Executing Transactions (PPAETs). PPAETs must have effective arrangements, systems, and procedures in place to monitor orders and transactions for reasonable suspicion of market abuse. Organisations acting as PPAETs must urgently validate or redesign their surveillance technology to meet the highly specific DLT-focused monitoring obligations established by the Market Abuse RTS.

Success in the regulated EU market necessitates a shift in focus from broad policy interpretation to granular, technical implementation and robust enforcement of DLT-specific operational compliance standards.

As of November 2025, the primary MiCAR compliance risk for regulated entities has shifted from interpreting Level 1 ambiguity to executing the specific technical and organisational requirements mandated by the finalised Level 2 measures (Regulatory Technical Standards (RTS) and Implementing Technical Standards ITS).

MiCAR’s implementation is now mature, with all main provisions directly applicable across the European Union.

The phased application schedule has concluded:

Stablecoin and Financial Stability Provisions: Titles III (ARTs) and IV (EMTs), which concern stablecoins, became applicable first on June 30, 2024. Issuers of these tokens must be authorised (or operating under strict transitional limits) and comply with rigorous capital and governance requirements.
Service Provider and General Offerings: Titles II (Rules on Public Offers and Admission to Trading for crypto-assets other than ARTs/EMTs) and Title V (Authorisation and Operation of CASPs) became applicable on December 30, 2024. This date triggered the mandatory authorisation requirement for CASPs and the requirement for issuers of general crypto-assets (e.g., utility tokens) to notify competent authorities and publish a compliant crypto-asset white paper.

The prevailing focus for national competent authorities (NCAs) and pan-European bodies like the European Securities and Markets Authority (ESMA) is the now successful execution and auditing of these mandatory rules.

The regulatory risk environment is no longer characterised by policy uncertainty but by the technical execution of stringent systems and controls detailed in the finalised RTS, particularly regarding operational resilience, market integrity, and conduct of business.

Impementation Timeline

MiCAR implementation is phased. For CASPs, the most relevant dates are 30 December 2024 when the CASP requirements are in force and 01 July 2026, as the last date for any grandfathering permissions under national law.

MiCAR provides a “grandfathering clause” that allows CASPs providing services in line with national laws before December 30, 2024, to continue operations until the expiry of the grandfathering period that is decided by each Member State (up to a maximum of 18 months) or until they receive or are denied a MiCAR authorisation.

MiCAR Title/Provision	Application Date	Status/Required Action (Nov 2025)
ARTs & EMTs (Titles III & IV)	30 June 2024	Fully Applicable. Issuers must be authorized and comply with capital and governance rules.
General Crypto-Assets Offerors (Title II)	30 December 2024	Fully Applicable. White Paper notification and Article 7, 14, 15 compliance mandatory.
CASPs (Title V)	30 December 2024	Fully Applicable. Entities must be authorized or operating under a national transitional period.
Sustainability Indicator RTS (2025/422)	In Force (Published March 2025)	Mandatory technical compliance for applicable CASPs/Issuers regarding environmental disclosures.
Grandfathering Period End (Maximum)	1 July 2026	Deadline for CASPs to obtain MiCAR authorization (subject to national variation/reduction).

Crypto-Asset Classification and Key Definitions

MiCAR defines three primary categories of in-scope crypto-assets, based on their function and stability mechanism.

Asset-Referenced Tokens (ARTs): These crypto-assets are defined as non-e-money tokens that purport to maintain a stable value by referencing multiple fiat currencies, rights, commodities, or a combination thereof. The issuance of ARTs generally requires authorisation by the competent supervisory authority.
E-Money Tokens (EMTs): These are stablecoins that purport to maintain a stable value by referencing the value of a single official fiat currency (e.g., EUR, USD). The regulation dictates that EMT issuance is restricted to entities already authorised as credit institutions (banks) or e-money institutions (EMIs).
Title II Crypto-Assets: This broad category encompasses all crypto-assets that are neither ARTs nor EMTs, and which are not otherwise excluded from MiCAR’s scope (such as MiFID financial instruments). This group often includes traditional utility tokens or exchange tokens (cryptocurrencies). Issuers of these tokens must prepare and notify NCAs of a crypto-asset white paper.

Transitional Measures and Authorization Pathway for CASPs

The European Union’s MiCA framework has triggered the emergence of distinct national regulatory archetypes within a harmonised legislative environment. While MiCA establishes uniform standards, the practical experience, supervisory capacity, and institutional tone of each Member State vary widely.

Strategically, seven jurisdictions stand out currently as offering differentiated value propositions for Crypto-Asset Service Providers (CASPs) seeking authorisation and EU market access:

Jurisdiction	Anchor Role	Core Strategic Advantage	Regulatory Style	Licensing Velocity (2025)	Corporate Tax (Effective)	Ideal For
Germany (BaFin)	Primary Strategic Anchor – Regulatory Certainty	Deep supervisory experience, clear process, institutional credibility	Institutional, rigorous, predictable	Highest (21 CASP licenses)	~30% (planned ~24.55% by 2032)	Institutional CASPs, large groups prioritising credibility
Netherlands (AFM/DNB)	Accelerated Path – Speed & Passporting	Shortest MiCA transition (historically); rapid cycle for prepared firms	High-trust, compliance-intensive	High (14 CASP licenses)	25.8%	Institutional-grade CASPs with robust AML/CFT, time-critical entry
Ireland (CBI)	Operational Efficiency Anchor	English language, low tax, collaborative regulator	Risk-based, methodical	Limited (2 CASP licenses)	12.5% (15% for large MNEs)	Multinationals, fintechs seeking simplicity and cost efficiency
France (AMF/ACPR)	Transitional Conversion Anchor	Legacy DASP regime, dual supervisor, ESMA-aligned	Structured, conservative	Moderate (7 CASP licenses; ~20 DASPs under transition)	25%	Existing DASPs, large firms seeking French market or ESMA signals
Malta (MFSA)	Responsive Entry Point	Established crypto regulator, pragmatic engagement	Dialogic, process-flexible	Moderate (6 CASP licenses; VFA transition ongoing)	5–35% headline (varies by distribution)	Early-stage CASPs, fintechs, VFA license holders
Luxembourg (CSSF)	Group Structuring/Secondary Anchor	Financial sector expertise, cross-border structuring	Quality-focused, low volume	Limited (3 CASP licenses)	24.94%	Banking/fund groups, multi-license consolidation
Poland (KNF)	Emerging Transitional/Operational Anchor	Pragmatic transition, extended operating window, robust IT compliance	Transparent, pragmatic, supervisory	Moderate (6+ CASP licenses estimated for 2025)	19% headline	VASPs transitioning, new entrants seeking larger market, EU passport

Notes:

Licensing velocity and number of approvals reflect data up to October/early November 2025 and published ESMA/industry trackers.
Some jurisdictions have additional transitional operators (e.g., France’s ~20 DASPs), but only fully licensed CASPs are counted here.
Poland offers pragmatic transition—VASPs can operate until July 1, 2026 prior to CASP reauthorization, with the KNF (Financial Supervisor) granting licenses.
Tax rates are headline statutory; effective rates may vary based on group reliefs and local structuring.
The 70+ total CASP authorizations approved across the EEA by October 2025 demonstrate that the MiCA regime is functioning, but approval velocity is concentrated in three jurisdictions (Germany, Netherlands, France, Poland representing ~75% of all licenses).

Conclusion

The jurisdictional concentration underscores the importance of anchoring strategy in proven supervisory capacity rather than theoretical regulatory frameworks. The MiCA regulatory landscape is converging toward harmonisation but not uniformity. Each jurisdiction expresses MiCA’s objectives—consumer protection, market integrity, and innovation—in a distinct operational style.

ESMA is tasked with seeking to minimise forum shopping:

“one of ESMA’s immediate priorities is making sure that supervisory practices are comparable across jurisdictions to ensure even application of the MiCA rulebook across CASPs operating in the EU. This would discourage CASPs from ‘forum-shopping’ whereby they seek authorizations in jurisdictions viewed as more favorable due to lenient enforcement.”

Interaction with MiFID II and DLT Pilot Regime

MiCAR’s fundamental purpose is to regulate crypto-assets and related services that are not currently covered by existing EU financial services legislation. This creates a crucial boundary with the Markets in Financial Instruments Directive II (MiFID II).

The application of MiCAR is strictly predicated on the crypto-asset not qualifying as a financial instrument under MiFID II. For market participants and NCAs, the primary challenge remains the correct classification, especially for complex or hybrid assets. Guidance, such as ESMA’s CAFI Guidelines, confirms three criteria that, if met, classify an asset as a financial instrument, thus applying MiFID II and excluding MiCAR:

The asset must not be primarily an instrument of payment.
It must belong to a “class of securities,” implying interchangeability (fungibility) and granting equivalent rights.
It must be negotiable on the “capital market,” a concept interpreted broadly to include all contexts where buying and selling interests in securities meet.

For hybrid tokens—those possessing features of both MiCAR-regulated assets and MiFID financial instruments—the legal classification mandates that the MiFID II framework takes precedence. This regulatory position requires firms to implement robust internal processes for the periodic reassessment of hybrid tokens to ensure their regulatory treatment remains appropriate throughout their lifecycle.

It is also necessary to contextualise MiCAR within the broader Digital Finance package, which includes the Digital Operational Resilience Act (DORA) and the Distributed Ledger Technology (DLT) Pilot Regime. The DLT Pilot Regime specifically addresses market infrastructures based on DLT that handle tokenized MiFID financial instruments, thereby managing the regulatory gap that occurs when traditional securities are moved onto a blockchain.

Sustainability Disclosure Requirements

(November 2025)

A mandatory technical requirement arising from the adoption of EC Delegated Regulation (EU) 2025/422 (the Sustainability Indicator RTS) is the integration of environmental disclosures. CASPs and issuers are now required to provide specific, standardized information detailing the climate-related and other environment-related adverse impacts associated with the crypto-assets in relation to which they provide services. Compliance necessitates implementing systems capable of collecting, calculating, and presenting these sustainability indicators using the methodologies and formats specified in the RTS.

Status of Implementing Measures

(November 2025)

The necessary Level 2 and Level 3 implementing measures (RTS, ITS, and Guidelines) required for operationalising MiCAR have been substantially completed by the European Supervisory Authorities (ESMA, EBA) in coordination with the EC. ESMA consulted with the public on these standards, which were published sequentially in three packages.

The maturity of the regulatory framework is evidenced by the adoption and publication of critical technical standards:

Sustainability Indicator Standards: EC Delegated Regulation (EU) 2025/422, specifying the content, methodologies, and presentation of information regarding climate and environment-related adverse impacts, was published in the Official Journal on March 31, 2025.
Market Abuse Detection and Prevention: On April 29, 2025, the European Commission adopted a Delegated Regulation supplementing MiCAR with Regulatory Technical Standards specifying the systems and procedures required to prevent, detect, and report market abuse. This adoption marked the definitive finalisation of the specific technical systems required for market integrity compliance.

EU CASP Licensing Strategy: Comparative Framework

Whilst MiCAR framework establishes a harmonised regulatory architecture, implementation across member states reveals distinct operational issues to be considered when choosing which member state to establish for your European wide CASP activities.

To date seven jurisdictions emerge as strategically significant: Germany, Netherlands, Ireland, France, Malta, Luxembourg and Lithuania. Each combines different regulatory maturity, approval velocity, cost structures, and supervisory engagement models.

Comparative Matrix (November 2025)

Licensing velocity and number of approvals reflect data up to October/early November 2025 and published ESMA/industry trackers.
Some jurisdictions have additional transitional populations (e.g., France’s 20 DASPs and Lithuania has many VASPs), but only fully licensed CASPs are included below.
Poland offers pragmatic transition—VASPs can operate until July 1, 2026 prior to CASP reauthorisation, with the KNF (Financial Supervisor) granting licenses.
Tax rates are headline rates, the effective rates may vary based on group reliefs and local structuring.

Jurisdiction	Anchor Role	Core Strategic Advantage	Regulatory Style	Licensing Velocity (2025)	Corporate Tax (Effective)	Ideal For
Germany (BaFin)	Primary Strategic Anchor – Regulatory Certainty	Deep supervisory experience, clear process, institutional credibility	Institutional, rigorous, predictable	Highest (21 CASP licenses)	~30%	Institutional CASPs, large groups prioritising credibility
Netherlands (AFM/DNB)	Accelerated Path – Speed & Passporting	Early short transition window, rapid for ready firms	High-trust, compliance-intensive	High (14 CASP licenses)	25.8%	Institutional-grade CASPs with robust AML/CFT, time-critical entry
Ireland (CBI)	Operational Efficiency Anchor	English language, low tax, collaborative regulator	Risk-based, methodical	Limited (2 CASP licenses)	12.5% (15% for large MNEs)	Multinationals, fintechs seeking simplicity and cost efficiency
France (AMF/ACPR)	Transitional Conversion Anchor	Legacy DASP regime, dual supervisor, ESMA-aligned	Structured, conservative	Moderate (7 CASP licenses; ~20 DASPs under transition)	25%	Existing DASPs, large firms seeking French market or ESMA signals
Malta (MFSA)	Responsive Entry Point	Experienced crypto regulator, pragmatic engagement	Dialogic, process-flexible	Moderate (6 CASP licenses; VFA transition ongoing)	5–35%	Early-stage CASPs, fintechs, VFA license holders
Luxembourg (CSSF)	Group Structuring/Secondary Anchor	Financial sector expertise, cross-border structuring	Quality-focused, low volume	Limited (3 CASP licenses)	24.94%	Banking/fund groups, multi-license consolidation
Poland (KNF)	Transitional/Operational Rising Anchor	Robust compliance, IT, pragmatic transition	Transparent, pragmatic, supervisory	Moderate (6+ CASP licenses 2025)	19%	VASPs transitioning, new entrants seeking larger market, EU passport
Lithuania (BoL/FCIS)	Gateway/Fintech and SME Accelerator	Access to EEA (EU passport), double compliance (local+MiCA), clear regulatory roadmap	Fast, process-focused	Low ( only 1 CASP license under MiCA, several major VASP providers expected to be issued with CASP licences, rapid system integration; first MiCA license issued May 2025)	15%	Fintechs, SMEs, fast-track EU expansion, low-cost compliance

MiCAR for Crypto Asset Service Providers (CASPs)

CASPs Overview

Many readers will be aware of the term VASP (Virtual Asset Service Provider). This derives from the FATF definition of those persons that should be subject to AML/CTF obligations. Under MiCAR, a CASP is inclusive of all FATF defined VASP activities but also includes crypto-asset investment advisors and underwriters.

A CASP is broadly defined and in recognisable crypto market terms includes:

crypto exchanges;
custodians including wallet providers that offer custody;
transmitters (remitters);
brokers;
stablecoin issuers;
underwriters (for placement),
crypto-asset advisors that provide advice or guidance;
marketplaces; and
trading platforms (including OTC providers).

E-money token issuers (which covers single currency stablecoins like USDC) are treated slightly differently under MiCAR (see further below).

CASPs must comply with MiCAR’s requirements to provide these services within the EEA (the EU Member States plus Norway, Iceland and Liechtenstein).

Authorisation (Licensing)

All CASPs operating within the EU must be licensed and authorised by the relevant national competent authority (NCA) in the EU member state where they are established. To obtain a licence, CASPs must meet specific criteria in relation to key requirements (which we examine in more detail in this guide):

Capital Adequacy & Financial stability: CASPs must have adequate capital reserves to ensure they can meet their financial obligations. Capital requirements vary depending on the type of service provided.
Fit and proper management: Directors, managers, and key personnel must demonstrate integrity and possess the necessary qualifications and experience.
Transparent and Fair: CASPs must be transparent, fair and professional and they must act to protect their customers’ interests.
Risk management: CASPs are required to implement robust risk management frameworks that cover operational, legal, and financial risks.
Internal controls: CASPs must have effective internal control systems and governance structures to ensure compliance with legal obligations and manage conflicts of interest.

The Simplified Regime (Grandfathered Entities)

The transition from existing national regimes (often VASP registration) to the unified MiCAR authorisation process remains a critical operational challenge, subject to complex national variances.

The Grandfathering Clause (Article 143(3))

MiCAR provides a grandfathering clause, allowing entities that were providing crypto-asset services in accordance with national laws before December 30, 2024, to continue those operations until authorisation is granted, refused, or the transitional period expires. The maximum duration of this transitional period is set at 18 months, expiring no later than July 1, 2026. CASPs relying on this clause must initiate the full authorisation process promptly to avoid service disruption.

The Simplified Authorisation Procedure (Article 143(6))

MiCAR offers Member States the option to implement a simplified authorisation procedure for a limited period of 18 months. This pathway is intended to streamline the licensing process for firms already known to the regulator.

However, the applicability of this simplified path is severely restricted by two key conditions:

The entity must have been authorised to provide crypto-asset services under national law before December 30, 2024.
The National Competent Authority (NCA) must ensure that the CASP complies with the organisational and conduct requirements (Chapters 2 and 3 of Title V of MiCAR) prior to granting authorisation.

Critical National Divergence and Compliance Trap

The utility of the simplified procedure is significantly undermined by critical national divergence in interpretation. Many EU Member States had previously implemented crypto-asset oversight primarily through Anti-Money Laundering/Countering the Financing of Terrorism (AML/CFT) frameworks, which require registration rather than full financial services authorisation.

NCAs, such as the Central Bank of Ireland, have explicitly stated that their existing VASP regime, being AML/CFT registration-focused, is not equivalent to the financial services authorisation required under MiCAR Article 143(6). Consequently, most existing VASP-registered firms must proceed with the full, rigorous CASP application process, rather than the simplified pathway.

Furthermore, Member States have the discretion to reduce the maximum 18-month duration where they deem their existing national regulatory framework less strict than MiCAR. For example, Ireland set its transitional period to expire 12 months after the CASP rules became applicable, concluding on December 29, 2025.

This disparity forces CASPs in certain jurisdictions to secure full MiCAR authorisation six months sooner than the maximum European deadline. The result of this national divergence is that firms planning their jurisdictional establishment are driven to select the most suitable EEA country carefully, a practice often referred to as “Forum Shopping”.

The following table highlights the critical differences in transitional provisions:

National Transitional Period Variations

Transitional Aspect	MiCAR Maximum Provision	Jurisdictional Example (Ireland)	Implication for CASPs
Grandfathering End Date (Art. 143(3))	1 July 2026	29 December 2025 (12 months maximum)	Accelerates the authorisation timeline by six months, increasing pressure on firms.
Simplified Procedure (Art. 143(6))	Requires pre-existing national authorisation	National VASP registration is deemed insufficient for eligibility	Requires most existing VASPs to undergo the full, resource-intensive CASP application.

Capital Adequacy

The capital requirements for CASPs are outlined in Article 67 and must be equal to the higher of:

The amount of permanent minimum capital requirements specified in Annex IV of MiCAR, based on the types of crypto-asset services provided.
One-quarter (25%) of their fixed overheads for the previous year (or one year’s fixed overheads if they have not been in business for one year from the date of providing services). When calculating fixed overheads, CASPs cannot include certain variable costs, such as staff bonuses, remuneration tied to net profits, and other discretionary profit appropriations.
Prudential safeguards can take the form of own funds, an insurance policy, or a guarantee provided by a credit institution or an investment firm.
CASPs must also have a plan in place to support an orderly wind-down of their activities under applicable national law.

Annex IV of MiCAR categorises CASPs into different classes based on the services they provide, each with its own minimum capital requirement:

Class 1 CASP services: execution of orders on behalf of clients; placing of crypto-assets; transfer services for crypto-assets on behalf of clients; reception and transmission of orders for crypto-assets on behalf of clients; providing advice on crypto-assets; and/or providing portfolio management on crypto-assets = EUR 50 000
Class 2 CASP services: providing custody and administration of crypto-assets on behalf of clients; exchange of crypto-assets for funds or other crypto-assets = EUR 125 000
Class 3 CASP services: operation of a trading platform for crypto-assets = EUR 150 000.

Corporate Governance

CASPs are required to implement robust governance arrangements comparable to traditional financial institutions.

Management Requirements: Directors, managers, and key personnel must meet stringent standards of integrity, demonstrating they are fit and proper, and possess the necessary qualifications and experience.
Risk Management and Controls: Effective systems must be in place to manage operational, legal, and financial risks. This includes robust internal controls and governance structures to manage conflicts of interest and ensure compliance.
Record Keeping: CASPs are mandated to keep records of all crypto-asset services, activities, orders, and transactions they undertake, analogous to record-keeping requirements under MiFID.
Enhanced Supervision: A CASP is deemed “significant” if it reaches, on average, 15 million active users in a calendar year, triggering enhanced supervisory requirements and mandatory notification to the NCA within two months of crossing that threshold.

Consumer Protection

MiCAR places a strong emphasis on consumer protection, requiring CASPs to provide clear and accurate information to users about the risks associated with crypto-assets and the services offered. Key obligations for CASPs include:

- Asset segregation: those that hold client assets (such as custodians) must keep these assets separate from their own funds to protect clients in the event of insolvency.
- Client Duty: acting in accordance with the best interests of their clients and prospective clients.
- Complaints: establishing complaints-handling procedures.
- Conflicts: Conflicts of interest must be publicly disclosed on a CASPs website (this is not a requirement under MiFID for banks and investment houses).
- Disclosure requirements: providing detailed, standardised information to users about the crypto-assets being offered, including the nature of the assets, the risks involved, and any fees associated with the service and, if applicable, firm quotes or the methodology they are using for determining the price of the crypto-assets they exchange.
- Honest, Fair & Professional: acting honestly, fairly and professionally.
- Security requirements: CASPs must implement robust cybersecurity measures to protect customer assets and prevent data breaches (which is covered by GDPR requirements).
- Compliant crypto-assets: Trading platform CASPs have additional obligations (see below).

(November 2025)

The maturity of the regulatory framework is evidenced by the adoption and publication of critical technical standards:

Sustainability Indicator Standards: EC Delegated Regulation (EU) 2025/422, specifying the content, methodologies, and presentation of information regarding climate and environment-related adverse impacts, was published in the Official Journal on March 31, 2025.
Market Abuse Detection and Prevention: On April 29, 2025, the European Commission adopted a Delegated Regulation supplementing MiCAR with Regulatory Technical Standards specifying the systems and procedures required to prevent, detect, and report market abuse. This adoption marked the definitive finalisation of the specific technical systems required for market integrity compliance.

Client Conduct

(November 2025)

Central to MiCAR is the protection of consumers and investors through stringent conduct rules.

Client Duty: CASPs must act honestly, fairly, and professionally, placing the protection of customers’ interests first.
Information Transparency: All information provided to clients, including marketing communications, must be clear, accurate, and not misleading. CASPs must publicly disclose their policy on pricing, costs, and fees in a prominent place on their website.
Asset Segregation: A critical obligation for custodians is the segregation of client assets from the firm’s own assets.
Supervisory Vigilance on Global Structures: NCAs are specifically advised by ESMA to maintain vigilance during the authorisation process, robustly assessing the business structures of global firms. This scrutiny is intended to ensure that complex international operational arrangements are not used to bypass core MiCAR obligations related to best execution, conflict management, and transparent market functioning.

Faciliators, Introducers and Intermediaries

There is significant scope for differing interpretation as to what types of crypto-asset related intermediation are sufficient to trigger a CASP authorisation requirement versus those that may be considered out of scope mere introducer activities.

Where there are equivalent regulated activities under MiFID, any national or European guidance that is related to the meaning of those terms will be highly persuasive (pending further guidance from ESMA). We note that even if a firm facilitates a transaction relating to financial instruments, such a firm may still be caught by MiFID II regulation. The distinction often lies in whether the firm is merely “introducing” clients (without further involvement) or actively participating in the transmission and completion of the transaction/deal.

For example, under MiFID, there are different interpretations across Member States of the following terms:

Reception and transmission of orders (RTO): In some EU jurisdictions, the scope of RTO is limited to situations where there is a formal process of receiving an order from a client and transmitting it directly to another entity for execution. This interpretation restricts the activity to a defined, linear process of handling client orders. However, in other Member States, RTO has been interpreted more broadly to include activities such as arranging or brokering transactions. Under this broader interpretation, intermediaries involved in connecting parties or facilitating deals, even if they do not directly receive or transmit orders, may be required to obtain authorisation for RTO activities. Under MiCAR, intermediaries that receive orders from clients for the sale or purchase of crypto-assets and transmit them to exchanges or liquidity providers may require authorisation as a core intermediary service. This may be the case even if the intermediary does not take custody of the crypto-assets, given MiCAR’s broad approach to regulating intermediary services in crypto markets.
Execution of Orders: Under MiFID, this activity involves completing client orders by executing transactions in financial instruments on behalf of clients. In the context of MiCAR, executing orders for crypto-assets on behalf of clients could similarly be interpreted to encompass intermediaries facilitating the matching and finalisation of transactions between two parties. However, in our view, if an intermediary merely introduces two people for a potential crypto-asset transaction or to establish a crypto-asset service relationship between them, then without further involvement in the actual execution of the order (i.e., they do not complete the transaction themselves) this is likely to fall outside the scope of the regulated execution of orders activity. Nonetheless, further guidance from EU authorities will be necessary to be confident in this interpretation on an EEA wide basis.

Providing Transfer Services

A key difference under MiCAR is the regulated activity of providing transfer services on behalf of clients, which has no direct equivalent under MiFID. Whilst the FATF definition of a Virtual Asset Service Provider (VASP) is not identical to the definition of a Crypto-Asset Service Provider (CASP) under MiCAR, the FATF guidance on VASP activities is relevant for understanding what might be considered transfer services since the term derives from FATF Guidance. According to the FATF, VASP activities involving the transfer of virtual assets require more than just an indirect relationship to the transaction; the intermediary must be actively involved in the onward chain of transfers.

“Similar to wire transfers between FIs, there may be VA transfer scenarios that involve “intermediary VASPs” or other intermediary obliged entities or FIs that facilitate VA transfers as an intermediate element in a chain of VA transfers. Countries should ensure that such intermediary institutions (whether a VASP or other obliged entity) also comply with the requirements of Recommendation 16, as set forth in INR. 15, including the treatment of all VA transfers as cross-border qualifying transfers.
Just as a traditional intermediary FI processing a traditional fiat cross-border wire transfer must ensure that all required originator and beneficiary information that accompanies a wire transfer is retained with it, so too must an intermediary VASP or other comparable intermediary institution that facilitates VA transfers ensure that the required information is transmitted along the chain of VA transfers, as well as maintaining necessary records and making the information available to appropriate authorities upon request”
FATF uses the analogy of money remittance, where the service typically involves both the receipt and onward transmission of funds. This analogy suggests that intermediaries need to be directly involved in the value transfer chain, rather than simply having a commercial relationship with the underlying payment service providers, to trigger AML/CFT obligations. They also specifically exclude cloud service and internet service providers.

This principle of meaningful involvement in the value flows aligns with the risk-based approach FATF encourages, ensuring that AML/CTF obligations are imposed where there is meaningful control over or participation in value transfers.

A mere introducer, who lacks direct involvement in the flow of assets or value, may not have the necessary information to manage AML/CTF risks effectively and it would be disproportionate using a risk based approach to require them to try to do so.

Clearly the provision of investment advice in relation to a specific crypto-asset transaction or a bringing about a relationship between two separate parties could also bring the intermediary into scope for the regulated CASP activity of providing advice in some circumstances.

Trading Platforms

CASPs) operating trading platforms must establish clear, transparent rules for the offer of crypto-assets. Key points include:

Operating Rules: Platforms must have approval processes, customer due diligence (CDD) measures, criteria for asset inclusion/exclusion, and rules for fair and orderly trading. The trading rules must also include liquidity thresholds, disclosure requirements, and conditions for suspending trading.
Asset Admission: Before admitting crypto-assets, platforms must assess their compliance, technical reliability, and potential association with illicit activities. Assets with anonymisation features are prohibited unless identifiable by the platform.
Language & Location: Rules must be in the official language of the home/host Member State or a customary international finance language.
Trading Restrictions: CASPs cannot trade on their own platform or engage in principal trading without client consent. Systems must handle peak volumes, market stress, and ensure protection against market abuse and money laundering.
Transparency: Platforms must disclose transaction prices, volumes, and other data in real-time to the public, with free access after 15 minutes.
Record-Keeping: Platforms must retain order and transaction data for at least five years and provide regulators access to data.
White Paper: As detailed further below, trading platforms are required to ensure that the White Paper requirements for crypto-assets offered to the public are met.

ESMA is required to develop and maintain the technical standards to ensure transparency and order book management.

Investment Advice & Portfolio Management

CASPs providing investment advice on crypto-assets or portfolio management of crypto-assets, must assess whether the crypto-asset services or crypto-assets are suitable for the client:

This should be done having regard to their clients’ experience, knowledge, objectives, and ability to bear losses.
If clients do not provide this information to the CASP or if it is clear that the crypto-assets are not suitable for them, the CASP should not recommend those crypto-asset services or crypto-assets to those clients.
When providing advice on crypto-assets, the CASP must provide clients with a report that includes the suitability assessment. This report should specify the advice given and how it meets the client’s preferences and objectives.
When providing portfolio management of crypto-assets, CASPs must provide their clients with periodic statements (at least every 3 months). These statements should include a review of the CASP’s activities and of the portfolio’s performance, and an updated statement on the suitability assessment.
Ban on accepting third-party fees, commissions, or non-monetary benefits from issuers in relation to client portfolio management.

AML/KYC Obligations

MiCAR itself does not directly impose stringent Anti-Money Laundering (AML) and Counter-Terrorism Financing (CTF) obligations on CASPs. AML/CFT requirements for CASPs are already covered by existing EU regulations, particularly Directive (EU) 2015/849 (AMLD5) and 2024/1640 (AMLD6) which will repeal AMLD5 when it comes into force by 2027.

MiCAR references these existing AML laws, meaning CASPs must comply with the AMLD obligations:

Internal Control Mechanisms: CASPs must have robust internal controls to manage money laundering (ML) and terrorist financing (TF) risks. This includes developing policies, procedures, and systems for risk assessment and mitigation, and ensuring compliance with reporting obligations.
Customer Due Diligence (CDD): CASPs are required under AMLD5 and AMLD6 to perform comprehensive CDD, including identity verification, monitoring transactions, and assessing risk based on customer profiles.
Ongoing Monitoring: CASPs must continuously monitor transactions for suspicious activity and report any such activity to Financial Intelligence Units (FIUs).
Suitability of Controllers: Both AMLD and MiCAR place requirements on the fitness and propriety of CASP management. Those in charge of CASPs must be of good repute and free from convictions related to ML/TF.
Risk-Based Approach: The risk-based approach is fundamental to AML compliance, and CASPs are encouraged to apply measures proportionate to the risk level posed by specific customers or transactions.
Travel Rule: Requirements to provide payer/payee (originator and beneficiary payment information) are applicable across the EEA.

In addition, the EBA has issued guidelines to EU supervisors of CASPs on the higher risks presented in the sector. Guidance for CASPs is due to follow by way of amendment to AML/CTF Risk Factors guidance.

The Travel Rule

The Transfer of Funds Regulation (TFR) implements the Travel Rule in the EU for crypto-asset transfers. MiCA and the TFR were both approved on April 20, 2023. The Travel Rule requirement for CASPs will take effect on December 30, 2024. See also the European Banking Authority (EBA)’s draft Guidelines on information requirements under Regulation (EU) 2023/1113, concerning information accompanying transfers of funds and certain crypto-assets and amending Directive (EU) 2015/849:

CASPs have specific obligations depending on whether they act as senders (originators) or receivers (beneficiaries) in crypto-asset transfers.

These requirements apply to transfers of any amount, although enhanced verification applies to transfers over €1,000 (or below if there is an enhanced risk profile for transaction). EBA guidance is also provided for how CASPs can meet these obligations in respect of self-hosted wallets (see below).

Sending CASP (Originating Providers)

Collecting Information: CASPs must collect and verify the originator’s information for transfers of crypto-assets. This includes:
- Name
- Account number or unique identifier (such as wallet address)
- Address (or alternatively, a government-issued ID number, customer ID, or birth date and place)
Transmitting Information: This information, along with the beneficiary’s name and account number or unique identifier, must be transmitted to the receiving CASP or entity in the transfer.
Verification: CASPs must verify the accuracy of the originator’s information for transfers over a certain threshold (generally €1,000), although verification may apply to all transfers depending on the CASP’s risk-based approach.

Receiving CASPs (Beneficiary Providers)

Receiving Information: CASPs receiving crypto-asset transfers must ensure they receive all required originator information and validate it based on their risk assessment.
Screening Requirements: CASPs must verify the identity of the beneficiary and conduct checks to ensure the transfer is legitimate.

Global Requirements

Monitoring for Suspicious Activity: CASPs at each stage (sending, receiving, or intermediary) are required to monitor transactions for signs of suspicious activity and to report any such activities to relevant authorities.
Compliance and Record Keeping: CASPs must also ensure compliance with EU AML and counter-terrorism financing requirements, including maintaining appropriate records for the relevant period (e.g., a minimum of five years).

Transactions with self-hosted Wallets

Section 4.8 of the EBA Guidelines sets out the requirements in respect of self-hosted wallets:

Identification of Transfers: CASPs must uniquely identify transfers to or from self-hosted wallets using transfer hashes or reference numbers.
Verification for Transfers Above €1,000: CASPs must verify ownership or control of self-hosted wallets involved in transfers exceeding €1,000.
Verification Methods: CASPs can use various methods to verify wallet ownership/control, including unattended and attended verifications, test transactions, and other technical means.
Risk-Based Approach: CASPs should assess risk and choose appropriate verification methods based on individual circumstances.
Third-Party Owned Wallets: If a wallet is owned by a third party, additional verification is required.
Risk Mitigation: CASPs must assess risk associated with self-hosted wallet transfers and apply appropriate risk mitigation measures.
Suspicious Activity Reporting: If suspicious activity is detected, CASPs must report to the relevant Financial Intelligence Unit.

Market Integrity & Abuse

MiCAR Title VI establishes rules designed to prevent, detect, and report market abuse (insider dealing, unlawful disclosure, and manipulation) in crypto-asset markets, ensuring financial stability and investor confidence. These requirements became fully operational on December 30, 2024.

Applicability and Core Obligations

The primary duty to monitor and report market abuse falls on Persons Professionally Arranging or Executing Transactions (PPAETs). PPAETs must have effective arrangements, systems, and procedures in place to monitor orders and transactions for reasonable suspicion of market abuse.

Technical Standards for Market Abuse Monitoring (RTS)

The Commission Delegated Regulation finalising the RTS, adopted in April 2025, sets forth highly detailed, mandatory technical requirements that impose a significant operational burden on PPAETs. These requirements extend far beyond traditional financial market surveillance, demanding specialised monitoring of the underlying Distributed Ledger Technology (DLT).

The DLT-Specific Compliance Burden

PPAETs must establish and maintain effective ICT systems capable of automated, continuous monitoring of orders, transactions, and other aspects of the DLT to detect potential abuse. These systems must incorporate an appropriate level of human analysis to ensure the accuracy and relevance of generated alerts.

The surveillance framework must explicitly address crypto-native risks by monitoring:

DLT Characteristics: PPAETs must understand and monitor the specific governance and operational structure of the DLT being used (e.g., public/permissionless vs. private/permissioned), as different DLTs present unique vectors for manipulation.
Consensus Mechanism: Monitoring the DLT’s consensus mechanism is mandatory to detect and report any irregularities or manipulations in how transactions are validated, ordered, and added to the blockchain.
Transaction Queues (Mempools): PPAETs must monitor transaction flow through both public and private queues (mempools) prior to validation. This monitoring is critical for identifying suspicious patterns consistent with front-running or transaction reordering manoeuvres (e.g., “sandwich attacks”).
Smart Contract Interactions: Surveillance must track interactions with smart contracts, including the execution of specific functions or events that could be used to manipulate market dynamics.

PPAETs must document these systems and procedures in writing, review them periodically (at least annually), and maintain detailed records of their analyses for five years. Furthermore, staff involved in detection and prevention must receive regular, comprehensive training to ensure a strong compliance culture.

Reporting Obligations (STORs)

When a reasonable suspicion of market abuse is formed, PPAETs must submit a Suspicious Transaction and Order Report (STOR) to the NCA electronically without delay.

The MiCAR STOR CDR mandates a detailed, specified template for these reports, requiring comprehensive data regarding the suspected entity, the specific behaviour, and details of the DLT involved.

Stablecoins (E-Money Tokens) & Asset Referenced Tokens

The requirements in respect of single currency stablecoins (known as E-Money Tokens under MiCAR) and crypto assets that maintain their value with reference to a basket of assets (currencies, precious metals, other crypto assets, etc.) are significant. See major section further below.

Token Sales

Token sales (whether ICO’s, private sales and SAFTs) are regulated when offered within Europe (unless they fall within the Exemptions specified below). As long as they are not EMT’s or ARTs, they can be offered by businesses based outside of Europe within the EEA subject to the White Paper rules and other requirements detailed below.

Practical Issues

While MiCAR introduces a much-needed regulatory framework, CASPs may face practical challenges in achieving full compliance:

Cost of Compliance: CASPs, especially smaller firms or start-ups, may find the cost of compliance burdensome. Meeting capital requirements, upgrading internal controls, and implementing robust cybersecurity systems can strain resources, particularly for new market entrants. See also AML below.
Licensing Complexity: The process of obtaining authorisation (a regulatory licence) can be complex.
Cross-Border Challenges: For CASPs operating in more than one EU member state, MiCAR offers a passporting mechanism, allowing a CASP authorised in one member state to operate across the EU. However, cross-border operations may still involve navigating differences in local regulatory interpretations and consumer law which can complicate compliance.

Out of Scope CASP Activities

Key exemptions include:

Agents of a Principal: CASPs acting as agents for licensed entities may avoid direct licensing, as long as they do not hold client funds or crypto-assets, operating under the authority of their principal.
Borrowing and Lending: The borrowing and lending of crypto-assets is governed by other EU and national laws and is outside of scope.
Assets that are already in scope of existing financial services regulation: e.g. security instruments or tokens that are covered by MiFID and/or the prospectus regime.
Public Entities Exemption: MiCAR excludes crypto-assets issued by central banks or public authorities in a sovereign capacity from its scope. This exemption also applies to services related to these assets, like administration or transfer.
Existing Regulated Entities: Entities already regulated under other EU laws (e.g., MiFID) may provide certain related crypto services without additional authorisation, using a streamlined “top-up” licensing process as permitted under their Home State rules.
Intra-Group Services: CASPs providing services only within a corporate group may be exempt from licensing, provided the group is under consolidated supervision.
NFTs: Operators involved in the sale of genuine Non-Fungible Tokens (NFTs) may not be directly covered by MiCAR (as NFTs are not necessarily “crypto-assets”). However, if an NFT platform allows the use of cryptocurrencies for buying, selling, or trading NFTs, the platform may be considered a CASP since they facilitate transactions using regulated crypto-assets. In addition if the NFT’s have an investment function or nature that would make them a crypto-asset and may also bring them into scope of other EU laws.
Reverse Solicitation: Under Article 61 of MiCAR, CASPs from outside the EU can provide unsolicited services to EU clients without needing a licence, provided the client initiates the request (but this exemption is very narrowly construed).
Small Scale Exemptions: CASPs with limited scope or transaction volumes may qualify for exemptions to be defined by national regulators.
Limited Network Tokens (LNTs): LNTs are excluded from full MiCAR regulation but some provisions apply. These tokens are used in a closed system or network, such as loyalty points, store credits, or tokens used within a specific ecosystem (e.g., within a store, a group of stores or for limited services), and cannot be widely exchanged for other goods or services beyond this network.

DeFi & DAOs

Decentralised finance (DeFi) platforms / apps may be out of scope if they operate in a fully decentralised manner, without a central entity that could be classified as a CASP. Decentralised Autonomous Organisations (DAOs), which operate via smart contracts and governance tokens, often offer DeFi products. However, if a DeFi platform or DAO is managed or controlled by a central entity or provides specific services covered by MiCAR (like custody or trading), it could potentially fall under MiCAR’s regulatory scope.

If centralised control exists: Any entity that manages or has control over the DeFi protocol (even if partial) may be classified as a CASP and be subject to MiCAR’s requirements.
If fully decentralised: Platforms that are truly decentralised with no identifiable controlling entity should fall outside MiCA’s direct scope. However, EU regulators will likely still attempt to regulate DeFi indirectly, through regulated CASPs that may wish to work with these protocols.
Governance tokens: If a DAO’s governance tokens are traded on regulated platforms or if the DAO issues tokens that qualify as crypto-assets under MiCAR, then certain obligations under MiCAR will apply that may prove difficult to comply with.

For a platform or protocol to be considered “decentralised,” it would typically need to lack a centralised control structure. This could mean there is no specific company, entity or individual that can be held responsible for the operation or control of the system or that is able to exert control over the network (e.g. make unilateral changes). We expect more detailed guidance from ESMA on this point.

Closing Thoughts for CASPs

MiCAR represents a significant step in bringing regulatory clarity and consumer protection to the rapidly evolving crypto-asset market in the EU. For CASPs, MiCAR introduces obligations around licensing, consumer protection, market integrity, and AML/KYC compliance. While the regulation provides much-needed harmonisation across EU member states, CASPs may face practical challenges in terms of cost, compliance, and navigating the complexities of cross-border operations.

MiCA’s scope is broad, capturing most crypto service providers and businesses dealing with crypto-assets, but certain types of businesses, like crypto-asset finance companies, DeFi platforms or NFT issuers and exchanges, may be able to fall outside its regulatory framework. Nonetheless, MiCAR is reshaping the crypto landscape in Europe and beyond, ensuring a safer, more transparent environment for both consumers and businesses.

Public Offer Rules for Crypto-Assets under MiCAR

MiCAR applies to the public offer of crypto-assets in Europe (EEA)

MiCAR for Crypto Asset Issuers

Introduction

This analysis focuses on the obligations imposed on public offerings of crypto-assets other than E-Money Tokens (single currency stablecoins) including general in-scope crypto-assets and also Asset Referenced Tokens (ARTs) and the distinction between which public offers are in scope or out of scope under MiCAR.

There are core obligations which apply to all issues of in-scope crypto-assets:

In-Scope Crypto-Assets: MiCAR broadly defines in-scope crypto-assets as digital representations of value or rights that can be transferred and stored electronically, excluding MiFID financial instruments.
Public Offering: Defined as a communication to persons in the EU aimed at encouraging them to purchase crypto-assets. This includes advertising, marketing, or promoting tokens to the public, rather than private or institutional-only offerings.
Crypto-Asset White Paper: This disclosure document is required for any public offering of in-scope crypto-assets under MiCA, detailing essential information about the project, token, and associated risks to enable informed decision-making by investors.

What is the Trigger for the Issuance Offering obligations?

There are two main tests for whether an issue of crypto-assets is considered to be offered within the European Economic Area (EEA):

Offering Crypto-Assets in the EEA: If a company intends to offer crypto-assets to the general public within the EU, it must comply with MiCAR’s disclosure requirements, including the White Paper obligations.
Admission to Trading on an European Trading Platform: If crypto-assets are to be listed on an EEA-registered crypto-asset trading platform (e.g. a crypto exchange), MiCAR’s public offering requirements are also triggered for the person seeking admission to trading. This applies even if the tokens were initially offered privately. In addition, the EEA trading platform is also responsible for ensuring that MiCAR requirements are met.

Note also that if the crypto-asset qualifies as a significant EMT or ART this triggers additional disclosure and operational requirements.

What is an Offer to the Public?

An offering to the general public is broadly defined as any communication that seeks to promote or encourage the acquisition of in-scope crypto-assets by members of the public within the EU. This covers a range of marketing and advertising activities designed to attract public interest, but in some cases may exclude private, closed, or institutional-only offerings if the offer falls within the exemptions provided in MiCAR (see Exemptions section below). This definition means various marketing and advertising activities could fall under this definition, including:

Online advertising: Website banners, social media campaigns, online articles, and blog posts.
Traditional advertising: TV and radio commercials, print ads, billboards.
Public statements: Press releases, interviews, and presentations.
Website content: Information on a company’s website about its crypto-assets.
Airdrops (potentially): Depending on how they are structured and presented, airdrops could be seen as a form of public offering under MiCAR.

ESMA state: “solicitation should be construed in the widest possible way. It includes banner advertisements, sponsorship deals, solicitation by any kind of affiliates such as influencers and other celebrities. “

Asset Referenced Tokens

“The second type of crypto-assets concerns ‘asset-referenced tokens’, which aim to stabilise their value by referencing another value or right, or combination thereof, including one or several official currencies. That second type covers all other crypto-assets, other than e-money tokens, whose value is backed by assets, so as to avoid circumvention and to make this Regulation future-proof.”

Under MiCAR, ARTs refer to crypto-assets backed by a pool of assets, which could include fiat currencies, commodities, crypto-assets or any other assets. The regulation defines ARTs based on their reliance on external assets to maintain their value, rather than on the extent to which they purport to provide price stability.

Issuers of in-scope ARTs are required to obtain authorisation to offer their ARTs to the public or admit them to trading within the EU. This authorisation is granted upon application in the issuer’s home country to the National Competent Authority (NCA).

Credit institutions are exempt from this authorisation requirement however they must notify the NCA at least 90 working days before issuing ARTs. Authorisation might not be needed if the token value doesn’t exceed a certain threshold, or the offer is limited to qualified investors.

All ART issuers as well as issuers if any MiCAR in-scope crypto-assets must prepare a Crypto-Asset White Paper (White Paper) see White Paper Requirements below. This White Paper should contain comprehensive information about the crypto-asset and an explanation of why it is not EMT or a crypto-asset that is excluded from the scope of MiCAR. The White Paper must be notified to the competent authority at least 20 working days before publication. The NCA does not need to pre-approve the White Paper, but they can require the issuer to provide further documentation or information and they can also suspend or prohibit the issuer’s activities if they believe it is not compliant.

Other in-Scope Crypto-Assets

In addition to E-Money Tokens and Asset Referenced Tokens, Recital 18 of MiCAR makes clear that it covers a very wide range of crypto-assets (unless they are specifically exempted):

“Finally, the third type consists of crypto-assets other than asset-referenced tokens and e-money tokens, and covers a wide variety of crypto-assets, including utility tokens.”

MiCAR Definitions (Art. 3) define crypto-assets as follows:

(5)	‘crypto-asset’ means a digital representation of a value or of a right that is able to be transferred and stored electronically using distributed ledger technology or similar technology;

Crypto-Asset Issuer Rules

There are common rules for issuers of crypto assets which are offered to the public or admitted for trading which apply generally whether they are in-scope crypto-assets, single currency stablecoins (EMTs) or ARTs (however we note below those which do not apply to ARTs and EMTs).

Honesty, fairness, professionalism and best interests: Issuers of in-scope crypto-assets must act honestly, fairly and professionally and in the best interests of the holders of tokens in all their dealings.
Marketing communications: All marketing communications must be fair, clear, non-misleading and consistent with the White Paper.
Legal Entity: Any entity offering crypto-assets to the public or seeking admission to trading on an EU trading platform must be a legal person and not an individual. This excludes purely decentralised offerings without an identifiable legal entity. This issuer can be based anywhere in the world, other than in respect of ARTs and EMTs which must be issued by an EEA authorised person.
Crypto-Asset White Paper (White Paper): A White Paper containing mandatory disclosures is required for public offerings or admission to trading – see CA White Papers below. This document provides prospective holders with essential information to make informed decisions.
Content: The White Paper must include details about the issuer, offeror, project, offer terms, rights and obligations attached to the crypto-assets, underlying technology, and associated risks.
Language: The White Paper must be in at least one official language of the home Member State and any host Member State or a customary international finance language.
Notification and Publication: The White Paper must be notified to the competent authority of the offeror’s home Member State at least 20 working days before publication. After notification, the White Paper must be published on the offeror’s website and it can only be rejected if the issuer and the offer does not meet the MiCAR standards and requirements.
Right of Withdrawal: Retail customers have a period of 14 calendar days (cooling-off period) to withdraw from their agreement to purchase crypto-assets (other than for ARTs and EMTs) without incurring any fees or costs. The cooling-off period begins from the date of the agreement of the retail holder to purchase the crypto-assets.
Marketing Communications: All marketing materials must be fair, clear, and not misleading. They must be consistent with the information presented in the White Paper.

Safeguarding Arrangements: Offerors setting a time limit for their offering must have arrangements to monitor and safeguard funds or crypto-assets raised during the offer and return the same if the offer is cancelled. Safeguarding must be done using a credit institution or a CASP providing custody services. Issuers of EMTs and ARTs have more detailed safeguarding requirements.

Additional Regulatory Requirements for all ART Issuers

ART issuers are subject to various additional regulatory requirements to in-scope crypto asset issuers that do not issue ARTs, including:

Complaints handling: Effective and transparent procedures for handling complaints from token holders must be established.
Conflicts of interest: Issuers must identify, prevent, manage and disclose conflicts of interest.
Governance: A well-defined, appropriate and transparent governance structure must be maintained.
Own funds: ART issuers must hold a certain level of own funds to cover potential risks. These own funds must be at least the higher of:
- EUR 350,000
- 2% of the average amount of the reserve assets (3% for significant ARTs), or
- a quarter of the fixed overheads of the preceding year.
- However, NCA’s may require issuers to hold an amount of own funds between 20% and 40% higher than the amount calculated according to the minimum own funds requirement based on stress-test results.
Reserves: A reserve of assets must be established to back the ARTs and mitigate risks associated with the referenced assets and redemption rights:
- The reserve assets must be held in custody and segregated from the issuer’s own assets.
- MiCAR and the RTS provides for issuers to maintain the following proportions of the reserve of assets as deposits with credit institutions:
  - for ARTs and EMTs referencing official currencies – at least 30% of the amount referenced.
  - for Significant ARTs and EMTs referencing official currencies – at least 60% of the amount referenced.
- For ARTs referencing assets other than official currencies: the reserve may include assets received and retained (e.g., gold, deposits with banks), sovereigns and covered bonds (maximum 35%), and the referenced assets themselves.
Liquidity Management: Issuers of ARTs and EMTs must manage their reserve of assets to ensure its market value is always at least equal to the market value of the referenced assets.
- The EBA has developed regulatory technical standards further specifying the liquidity requirements, taking into account the size, complexity and nature of the reserve of assets and of the asset-referenced token itself including the draft RTS on liquidity Management.
- Issuers must ensure that a proportion of the required reserve of assets for regulated stablecoins (ARTs and EMTs) referencing official currencies are available on short notice.
- MiCAR introduces minimum maturity requirements for the portion of the reserve assets held with credit institutions to ensure readily available funds for token redemption:
  - 20% of the reserve of assets maturing within one working day and an additional 10% of the reserve of assets maturing within 5 working days.
  - For significant tokens, where the minimum amount required of deposits with credit institutions is 60% of the assets referenced in each official currency (versus 30% in the tokens that are not significant) those percentages are proposed to be proportionately increased to 40% and 20% for maturities within one working day and 5 working days.
- Over-collateralisation: The EBA RTS proposes to include a minimum mandatory overcollateralisation in the context of the techniques for liquidity management of the reserve of assets where the size, complexity and nature of the reserve of assets and of the asset-referenced token itself will be taken into account.
Redemption plan: ART issuers must maintain an operational plan to ensure the orderly redemption of each ART. This plan must also be notified to the NCA (or EBA for significant ARTs).
Recovery plan: ART issuers must prepare a recovery plan outlining actions to be taken in case of events that could disrupt their operations and prevent them from meeting the requirements for the reserve of assets. This plan must be notified to the NCA (or EBA for significant ARTs).
Remuneration policy: Issuers must implement a remuneration policy that promotes the sound and effective risk management of such issuers.
Fit and Proper Assessment: Non-credit institution issuers undergo a fit and proper evaluation of their management, and their shareholders with qualifying holdings are screened for good repute.
Prudential Requirements: ART issuers must comply with prudential requirements, including maintaining a robust governance structure, meeting own funds requirements, and holding a reserve of assets to cover risks.

Significant ARTs

If an ART meets specific thresholds, such as a large customer base or high market capitalisation, the EBA may classify it as “significant”. For issuers of significant asset referenced tokens, supervision moves from their NCA to the EBA.

A token becomes classified as “significant” if it meets at least three of the following criteria:

Users: Over 10 million users hold the token.
High value: The total value of the tokens issued is over 5 billion euros, OR the market capitalisation is over 5 billion euros, OR the reserve assets backing the token are worth over 5 billion euros.
High trading volume: On average, there are more than 2.5 million transactions per day, worth over 500 million euros.
Issued by a “gatekeeper”: The issuer is a major player in the digital platform world (like a big tech company such as Meta, Google or Microsoft) and is designated as a “gatekeeper” under separate EU rules.
International importance: The token is used a lot for payments and transfers across borders.
Strong links to the financial system: The token or its issuer has close connections to traditional finance e.g., it is being used in the traditional finance sector for securitisation, margin management or payment purposes.
Issuer is involved in other crypto activities: The issuer also issues other types of digital tokens or provides crypto-asset services.

Issuers of significant ARTs are subject to:

Higher Capital & Stricter Custody Requirements: More stringent own capital and custody requirements than those issuing non-significant ARTs, aligning with the increased potential risks associated with wider adoption.
Interoperability: Issuers must ensure the tokens can be held by a wide range of custodian CASPs on fair, reasonable, and non-discriminatory terms.
Audit: Audits of reserves must be conducted on a 6 monthly basis from the date of classification as “significant”.
Liquidity Management: Issuers must establish a robust liquidity management policy to ensure they can meet redemption requests, even under stressed market conditions. This policy should address the specific liquidity risks inherent to ARTs, such as potential mass redemptions.

Crypto-Asset White Papers

All in-scope crypto assets are subject to the White Paper requirements.

The following information is mandatory for all White Papers:

Mandatory Information for ARTs, EMTs and other crypto-assets

Issuer and Offeror Details: Includes identification of the issuer, offeror, and other involved parties (e.g., custodians or advisors) with a legal person responsible for the offer.
Project Overview: An outline of the project for which the crypto-assets are issued, covering its purpose, use cases, and development status.
Rights and Obligations: Disclosure of rights attached to the crypto-assets (e.g., governance rights, profit entitlements) and the conditions under which they can be exercised.
Technology Overview: Explanation of the underlying distributed ledger technology (DLT) or blockchain, its features, and the associated risks.
Risk Factors: Information on risks relevant to the project, including operational, technical, and financial risks that could impact the token holders.
Regulatory Notice: The White Paper must contain the following clear and prominent statement on the first page:

“This crypto-asset white paper has not been approved by any competent authority in any Member State of the European Union. The offeror of the crypto-asset is solely responsible for the content of this crypto-asset white paper.”

No Investor Protection Cover: the White Paper must state that the crypto-asset is not covered by relevant EU investor compensation or deposit guarantee schemes.

Additional Obligations other than for EMTs

Future Value: The White Paper can not contain any assertions as regards the future value of the crypto-asset other than that it must contain the following clear and unambiguous statement that:

- the crypto-asset may lose its value in part or in full;
- the crypto-asset may not always be transferable;
- the crypto-asset may not be liquid
- if it is a utility token, that the utility token may not be exchangeable against the good or service promised in the crypto-asset White Paper, especially in the case of a failure or discontinuation of the crypto-asset project

Content Requirements

Offer Terms: The number of tokens offered, price per token, timeline, and any conditions, such as vesting periods or lockups.
Safeguard Mechanisms: If funds are raised during the offer, the White Paper must disclose arrangements to safeguard these assets, typically involving a licensed CASP or credit institution to protect investors.
Market Intent: Clear information on whether the crypto-assets will be admitted to trading and where they will be traded.
Language and Accessibility: Language: The White Paper must be available in at least one official language of the issuer’s home Member State or a customary language for financial services.
Publication and Notification: Issuers must notify the national competent authority 20 working days before publication. Upon approval, the White Paper must be published on the issuer’s website and remain available as long as the crypto-assets are offered or traded.

Consistency with Marketing Communications

All marketing materials related to the public offer must align with the information presented in the White Paper to avoid misleading potential investors. Marketing messages must be clear, fair and not misleading.

However, issuers of ARTs have additional White Paper requirements as follows:

Enhanced Disclosure: ART White Papers to provide in-depth details on the assets backing the token, the mechanisms ensuring value maintenance, and information on redemption rights for holders.
Stabilisation Mechanism: ART issuers must explain how the token’s value remains consistent with the underlying assets. This includes details on reserve management, redemption policies, and any governance protocols.
Risk and Safeguarding: ART White Papers must address financial, operational, and market risks associated with the token, including how funds are safeguarded and the rights of token holders in different scenarios.

See the section on single currency stablecoins below for information on the additional obligations for EMTs.

Exempt Offerings

The White Paper requirements apply to a wide range of crypto-assets however there are exemptions for a range of crypto-assets, including:

Offers to fewer than 150 persons per Member State.
Offers with a total consideration below €1 million over 12 months.
Offers addressed solely to qualified investors (see FAQ below).
Offers of crypto-assets given away for free (airdrops).
Crypto-assets automatically created as rewards for network maintenance.
Utility tokens providing access to existing goods or services within a limited network.
Tokens representing financial instruments under MiFID II or a unit in a fund under UCITS or AIFMD as they are already subject to regulatory regimes.

Utility Tokens

Utility tokens that fall under MiCAR’s regulatory requirements generally:

Represent Access to Goods or Services That Aren’t Operational: If the goods or services the utility token provides access to are not yet operational at the time of the token issuance, the token is considered within MiCAR’s scope. This applies to tokens intended for future access to platforms, networks, or applications that are still under development.
Offer Broad Market Access: Utility tokens that can be bought and sold on trading platforms and are not restricted to a specific user base are likely in scope, as they pose potential risks similar to other tradeable crypto-assets.
Promise Yield or Profit: Utility tokens with features that resemble financial investments, such as the potential to earn profit or yield (even indirectly), would typically be in scope under MiCAR

However, certain utility tokens are exempt from MiCAR’s requirements if they meet specific criteria:

Limited Network or Closed-Loop Tokens: Utility tokens that provide access to goods or services within a closed or limited network may be exempt. For instance, tokens that can only be used within a company’s ecosystem (e.g., loyalty points for a specific retailer) are generally out of scope.
Non-Transferable Tokens: Tokens designed solely for access within a restricted group or that aren’t transferable to the general public are excluded. This applies to tokens that can only be redeemed with the issuer and are not intended for secondary market trading.
Intra-group Issuances: MiCAR exempts tokens issued and used solely within a corporate group or by subsidiaries for internal functions, as these pose limited market risks.

Examples of MiCAR Exemptions for Utility Tokens:

Prepaid Gift Tokens: Tokens acting similarly to prepaid vouchers for specific goods or services, without any potential resale or trading function, would generally be considered out of scope.
Network Maintenance Rewards: Utility tokens distributed as rewards for network maintenance (e.g., to miners or validators for system upkeep) may be exempt, provided they do not imply broad market trading potential or investment characteristics.

MiCAR aims to balance consumer protection with flexibility for utility-focused projects, particularly those operating within limited, non-transferable networks.

ESMA and EBA guidance will provide further clarity and assist to understand the law in respect of borderline cases, to ensure consistency across EU markets.

Airdrops

Airdrops are freely distributed crypto-assets or NFTs.

“a crypto-asset shall not be considered to be offered for free where purchasers are required to provide, or to undertake to provide, personal data to the offeror in exchange for that crypto-asset, or where the offeror of a crypto-asset receives from prospective holders of that crypto-asset any fees, commissions, or monetary or non-monetary benefits in exchange for that crypto-asset.”

Under MiCAR, whether airdrops are in scope is determined by various factors including the type of asset, the conditions attached to the distribution or use, and whether there is a public offering or secondary market for the asset. Airdrops are within the scope of MiCAR if they meet any of the following conditions:

Secondary Market Trading Potential: If the airdropped crypto-assets are intended for trading on a secondary market, they generally fall within MiCAR’s scope, as they could create financial risk and require consumer protections.
Part of a Public Offering: Airdrops connected to public offerings (even if the tokens are distributed for free) are in scope if they serve as part of a larger promotional or distribution effort to attract investment or increase the token’s circulation.
Part of a Fundraising Scheme: Airdrops used in conjunction with a fundraising model (like an Initial Coin Offering or ICO) are generally considered part of a public offering under MiCAR, and the associated crypto-assets are subject to MiCAR’s White Paper, disclosure, and marketing requirements.
Conditional Airdrops: When airdrops require users to complete certain tasks, such as staking or by promoting the token on social media, they are more likely to be in scope, especially if these tasks imply a form of investment or commitment from recipients. Requiring holders personal data as a condition could make the airdrop be considered not free and so in-scope.

Airdrops should be out of scope if they are:

Truly Free and Without Conditions: Airdrops that involve no expectation of payment, investment, or future financial return and do not intend for the tokens to be traded on a secondary market are generally out of scope.
No speculative value: Purely promotional airdrops with no speculative value and no secondary market ambitions are unlikely to fall under MiCAR.
Used as Rewards for Network Activity: If airdrops serve as rewards for network maintenance (e.g., validators receiving tokens for their technical contribution), they may be exempt, provided they do not have a resale or trading focus.
Closed Networks: Tokens that are distributed as airdrops but can only be used within a closed or limited network (sometimes called closed loop) may also be out of scope.

Single Currency Stablecoins (E-Money Tokens)

Purportedly stablecoins

Single Currency Stablecoins (E-Money Tokens) under MiCAR

Overview

Single currency stablecoins are very popular in the crypto markets and can be used for a wide range of interesting financial applications in the DeFi space and also in the traditional financial services markets (smart contract automated loan margin calls, lending etc). MiCAR requires that such stablecoins can only be offered within Europe by banks and e-money institutions (EMIs).

What is an e-money token?

Definition of E-Money Tokens (EMTs)

EMTs are defined as:

“a type of crypto-asset that purports to maintain a stable value by referencing the value of one official currency”

This definition covers any crypto-asset that references (aims to stabilise their price against) a single international official currency like GBP sterling, Japanese yen, US dollar and the euro.

Popular stablecoins like USDC and USDT (Tether) fall within the category of an EMT since they clearly purport to maintain stability against the US dollar even though some stablecoins are backed by assets other than USD on deposit with a bank (e.g. in Tethers’s case corporate bonds, crypto-assets, loans precious metals and short duration cash equivalents).

The effect of the rules is that single currency stablecoins are E-Money Tokens and so must be issued by authorised e-money issuers, backed by the narrow range of assets permitted under MiCAR (see below) and offered in accordance with the public offer rules.

E-money Tokens Versus Asset Referenced Tokens

Stablecoins, that are backed by other crypto assets or a basket of assets (including currencies) will likely fall within the definition of an Asset Referenced Token (i.e. an ART):

“‘asset-referenced token’ means a type of crypto-asset that is not an electronic money token and that purports to maintain a stable value by referencing another value or right or a combination thereof, including one or more official currencies”.

The European Supervisory Authorities (ESAs) consist of the European Banking Authority (EBA), European Securities and Markets Authority (ESMA) and the European Insurance and Occupational Pensions Authority (EIOPA). The ESAs have set out in draft Guidelines a standardised test for the classification of crypto-assets. This includes templates for lawyers on the content and form of the legal opinion and explanation required under MiCAR for classification purposes:

“Does the crypto-asset purport to maintain a stable value by referencing only the value of a single official currency?
If so, it is to be classified as an EMT pursuant to Title IV of Regulation (EU) 2023/1114.
If the crypto-asset does not purport to maintain a stable value by referencing the value of a single official currency, does it purport to maintain a stable value by reference to another value or right (or combination thereof), including one or more official currencies? If so, it is to be classified as an ART pursuant to Title III of Regulation (EU) 2023/1114.
If the crypto-asset does not purport to maintain a stable value by referencing another value or right (and is therefore not an ART or EMT) it is to be classified as a crypto-asset pursuant to Title II of Regulation (EU) 2023/1114.”

Given that EMTs function similarly to traditional electronic money, which is issued electronically in exchange for a fiat currency and is used for open network (open loop) payment transactions, MiCAR treats EMTs differently from other types of crypto-assets, recognising them as a digital extension of e-money (which is already regulated at issuer level and can only be undertaken by banks and EMIs) rather than a new form of asset requiring the issuer to be independently authorised under MiCAR.

Note: Recital 18, which makes clear that any token backed by a basket of assets will be an ART:

“The second type of crypto-assets concerns ‘asset-referenced tokens’, which aim to stabilise their value by referencing another value or right, or combination thereof, including one or several official currencies. That second type covers all other crypto-assets, other than e-money tokens, whose value is backed by assets, so as to avoid circumvention and to make this Regulation future-proof.”

Legal Requirements for Issuing EMTs

Under MiCAR, only authorised credit institutions (banks) and EMIs can issue e-money tokens. This restricts EMT issuance to entities already subject to stringent regulatory oversight and capital adequacy, ensuring that only financially robust and well-regulated institutions are involved in this market. This contrasts with asset-referenced tokens (ARTs), which can be issued by other types of EU entities subject to the requirements of MiCAR.

For banks and EMIs wishing to issue EMTs, the key legal requirements include:

Authorisation: Banks and EMIs must be authorised by their national regulatory authority within the EU. For EMIs, this aligns with existing electronic money regulations, but MiCAR adds specific rules regarding EMT issuance.
Redemption Rights: Issuers of EMTs must guarantee that token holders can redeem their EMTs at any time at a 1:1 ratio with the referenced fiat currency without redemption fees (see below).
Prudential Requirements: Issuers must comply with capital, reserve, and liquidity requirements to ensure they can meet redemption requests and maintain the stability of the tokens.
Consumer Protection: Issuers must provide clear and transparent information to token holders about the risks and characteristics of EMTs, including details on redemption rights and the operational model of the tokens.

Significant EMTs

If an e-money token meets specific thresholds, such as a large customer base or high market capitalisation, the EBA may classify it as “significant”.

A token becomes classified as “significant” if it meets at least three of the following criteria:

Users: Over 10 million users hold the token.
High value: The total value of the tokens issued is over 5 billion euros, OR the market capitalisation is over 5 billion euros, OR the reserve assets backing the token are worth over 5 billion euros.
High trading volume: On average, there are more than 2.5 million transactions per day, worth over 500 million euros.
Issued by a “gatekeeper”: The issuer is a major player in the digital platform world (like a big tech company such as Meta, Google or Microsoft) and is designated as a “gatekeeper” under separate EU rules.
International importance: The token is used a lot for payments and transfers across borders.
Strong links to the financial system: The token or its issuer has close connections to traditional finance e.g., it is being used in the traditional finance sector for securitisation, margin management or payment purposes.
Issuer is involved in other crypto activities: The issuer also issues other types of digital tokens or provides crypto-asset services.

For issuers of significant e-money tokens, supervision moves from their NCA to the European Banking Authority (EBA).

EMI’s issuing significant EMTs are subject to:

Higher Capital & Stricter Custody Requirements: More stringent own capital (for example one of the ongoing capital thresholds becomes 3% of e-money outstanding – instead of 2% as per EMD2) and custody requirements than those issuing non-significant EMTs, aligning with the increased potential risks associated with wider adoption.

Interoperability: Issues must ensure the tokens can be held by a wide range of custodian CASPs in a non-discriminatory manner.

Audit: Audits of reserves must be conducted on a 6 monthly basis from the date of classification as “significant”.

Liquidity Management: Issuers must establish a robust liquidity management policy to ensure they can meet redemption requests, even under stressed market conditions. This policy should address the specific liquidity risks inherent to EMTs, such as potential mass redemptions.

Notification and White Paper Requirements

Although exempt from authorisation under MiCAR, banks and EMIs must still notify their competent authority of their intention to issue e-money tokens and provide a crypto-asset whitepaper at least 40 working days before their intended offering date.

The whitepaper must contain comprehensive information, in a format determined by ESMA, including:

Details about the issuer, including identity, legal form, registered address, and information about the management body.
A description of the e-money token, its characteristics, rights and obligations attached to the token, the underlying technology, and associated risks.
A clear warning on the first page as follows:“This crypto-asset white paper has not been approved by any competent authority in any Member State of the European Union. The issuer of the crypto-asset is solely responsible for the content of this crypto-asset white paper.’”
A clear warning that the EMT is not covered by the investor compensation schemes under Directive 97/9/EC or the deposit guarantee schemes under Directive 2014/49/EU.
Information about the offer to the public, including applicable law and competent court.
Details about the consensus mechanism, incentive mechanisms, and any applicable fees.
The identity of any third party placing the EMT or distributing the EMT on behalf of the issuer.
Notification and Publication: The whitepaper needs to be notified to the local regulator at least 20 days before publication and then published on the issuer’s website.

ESMA and the EBA are required to develop draft regulatory technical standards which include assessment of adverse impacts on the climate and other environment‐related adverse impacts based on the various types of consensus mechanisms used to validate transactions in crypto-assets, their incentive structures and the use of energy, renewable energy and natural resources, the production of waste, and greenhouse gas emissions. ESMA published its Final Report on Draft Technical Standards (second package) in July 2024.

Capital Requirements & Safeguarding

Capital and reserve requirements on banks and EMIs issuing EMTs are covered by the underlying regulatory frameworks (i.e. the Capital Requirements Directive and Regulation for banks and EMD2 for EMIs). These ensure that they maintain sufficient financial resources to meet their regulatory obligations and cash flow requirements (including redemption requirements).

MiCAR permits banks to continue to manage their EMT obligations as they manage other regulated liabilities (i.e. permitting fractional reserve management). However, EMI’s are subject to the following additional requirements which overrule the safeguarding requirements in EMD2:

30% of all funds received in respect of EMTs must be deposited with EU banks;
The remainder must be invested in secure low risk highly liquid assets (Highly Liquid Financial Instruments) in the same currency as the EMT.

Highly Liquid Financial Instruments

The EBA is tasked with determining which assets qualify as Highly Liquid Financial Instruments. EMD2 already determines the types of assets that are considered suitable for backing traditional e-money liabilities. Under EMD2, such investments must have a risk capital charge of no greater than 1.6% which in effect means qualifying short dated securities and bonds (or UCITS related to the same) issued by central banks, governments and international organisations like the IMF.

For EMTs the EBA has issued its draft technical guidelines on Highly Liquid Financial Instruments (EBA/RTS/2024/11):

“Article 38(5) requires highly liquid financial instruments to have minimal market risk, credit risk and concentration risk. Haircuts reflect credit and liquidity risk of liquid assets in the LCR as illustrated by Article 418(1) CRR. The Basel standards on the LCR refers to the haircuts to compensate for market, credit and liquidity risk. Caps on specific liquid assets in the LCR liquidity buffer represent limits for assets of lower quality. Considering the required minimal credit risk and market risk, minimum volatility and maximum price stability, including under stress, the EBA considers that the highest quality liquid assets in the LCR, i.e., 0% haircut and uncapped level 1 assets, seem to be the most appropriate category of assets to be included as eligible highly liquid financial instruments only.
This basically includes financial instruments in the form of sovereign bonds, regional government/local authorities/PSE bonds that are assimilated to sovereign bonds, central bank assets, promotional bonds and bonds issued by multilateral development banks and by other specific international organisations.
…In addition to this the EBA considers that level 1 extremely high-quality covered bonds in the LCR should be included as highly liquid financial instruments in the reserve of assets, capped at 35% of the reserve of assets…This is in order to ensure that issuers of tokens referenced to official currencies other than EUR can meet the minimum required amount of reserve of assets considering their limited access to only one or very limited number of issuers of level 1 government bonds in the LCR as well as taking into account the required currency matching between the reserve of assets and the assets referenced and concentration limits by issuer following the mandate to the EBA.”

Definition of Level 1 Assets: Level 1 assets are defined under the Capital Requirements Regulation (CRR) as assets that fulfil specific liquidity requirements, including:

Being highly liquid.
Having a low credit risk.
Being traded in active markets.

Covered bonds are debt securities backed by a pool of assets, typically mortgages or public sector loans. They are considered “extremely high-quality” when they:

Are issued by credit institutions.
Have strong credit ratings.
Provide dual recourse: both to the issuer and the cover pool.

The inclusion of up to 35% reserve backing by covered bonds enables EMT issuers greater access to returns on liabilities held and safeguarded.

Exemptions and Distributors

MiCAR and EMD2 provide exemptions from authorisation for certain limited networks, transactions by electronic communications providers, and small-scale electronic money issuers. However, even exempt issuers must still prepare and notify a white paper if they wish to issue an out-of-scope EMT.

While only authorised institutions can issue in-scope EMTs, as with traditional e-money, other persons can distribute EMTs on behalf of issuers with the EMI’s written consent and subject to the distributor being notified to the relevant regulator and the EMI being responsible for ensuring they comply with all AML/CTF obligations of the EMI.

Impact on Business Models and Operations

MiCAR’s requirements will have a profound impact on the business models and operations of stablecoin issuers. While MiCAR provides opportunities for banks and EMIs to expand into the crypto-asset market, it also imposes significant additional compliance and operational burdens to their existing authorisation regimes, particularly for EMIs.

The requirements on EMTs severely restrict the offer of discounts or benefits by issuers:

EMTs can not be offered with interest or benefits related to the length of time funds are held
EMT’s must be issued and redeemed at par value
EMT’s must have 1:1 matching approved assets backing the liabilities (this obligation is for EMIs only)
EMTs can not be subject to redemption fees (unlike EMD2 which permits some redemption fees in certain circumstances).

The additional obligations for significant EMT’s, such as popular asset backed stabelcoins, mean that we are likely to see changes to the market cap of the most popular stablecoins, or EU specific stablecoins by issuers like Tether which are non-compliant with their current stablecoin and so are being delisted from EU exchanges. We shall see whether Tether will be able to establish an EMI or work with an EU EMI or bank to create a MiCAR compliant Tether stablecoin.

“The market share of MiCAR-compliant EUR stablecoins, including Circle’s EURC and Société Générale’s EURCV, reached an all-time high of 67% last week. This shift was primarily driven by Coinbase, which overtook Binance as the leading market for EUR-stablecoins in August. Meanwhile, Binance has been mainly promoting non-compliant euro stablecoins for non-european users through its zero-fee model.”

Interplay with Existing Regulatory Frameworks

For banks and EMIs, MiCAR’s requirements will need to be considered in the context of existing regulatory frameworks, including the Electronic Money Directive (EMD2) and Payment Services Directive (PSD2). MiCAR’s regulation of EMTs is designed to complement these existing frameworks, but there may be areas of overlap or divergence that institutions will need to navigate.

For example, EMT issuers will need to comply with both MiCAR’s rules on crypto-assets and EMD2’s requirements for electronic money issuance, including prudential requirements and safeguarding of customer liabilities (i.e. funds). In cases where MiCAR’s rules are more stringent, banks and EMIs will need to ensure that their operations meet the higher standards.

MiCAR also interacts with broader financial regulation, such as banking regulations under the CRD/CRR and market integrity rules under the Markets in Financial Instruments Directive (MiFID II). Banks and EMIs will need to ensure that their EMT issuance does not conflict with these regulatory frameworks and that they maintain compliance with all applicable rules.

AML/KYC Requirements

MiCAR itself does not directly impose stringent Anti-Money Laundering (AML) and Counter-Terrorism Financing (CTF) obligations on EMT issuers. These are already covered by existing EU regulations, particularly Directive (EU) 2015/849 (AMLD5) and 2024/1640 (AMLD6) which will repeal AMLD5 when it comes into force by 2027.

MiCAR references these existing AML laws, meaning EMY issuers must comply with the AMLD obligations:

Internal Control Mechanisms: CASPs must have robust internal controls to manage money laundering (ML) and terrorist financing (TF) risks. This includes developing policies, procedures, and systems for risk assessment and mitigation, and ensuring compliance with reporting obligations.
Customer Due Diligence (CDD): Perform comprehensive CDD, including identity verification, monitoring transactions, and assessing risk based on customer profiles.
Ongoing Monitoring: Continuously monitor transactions for suspicious activity and report any such activity to Financial Intelligence Units (FIUs).
Suitability of Controllers: Both AMLD and MiCAR place requirements on the fitness and propriety of CASP management. Those in charge of EMt issuers must be of good repute and free from convictions related to ML/TF.
Risk-Based Approach: The risk-based approach is fundamental to AML compliance, and EMY issuers must apply measures proportionate to the risk level posed by specific customers, products, countries and transactions.
Travel Rule: Requirements to provide payer/payee (originator and beneficiary payment information) are applicable across the EEA.

Implementation Timeline

MiCAR implementation is phased. The most relevant date is 30 June 2024 when the public offering requirements for EMTs and ARTs (Title III & Title IV) came into force.

Future outlook

MiCAR presents opportunities for banks and EMIs to expand into the growing crypto-asset market by offering stablecoins that leverage their existing infrastructure, regulatory expertise and permissions. This could enable them to position themselves as more trustworthy issuers of fiat stablecoins (i.e. EMTs) and to provide products built around EMTs (such as secured loans collateralised using smart contracts), providing a more secure alternative to unregulated stablecoins.

EMTs offer a unique opportunity for innovation in digital payments, allowing banks and EMIs to offer new payment solutions that combine the efficiency of blockchain technology with the stability of traditional fiat currency. EMTs could be used in various applications, including cross-border payments, remittances, traditional market finance and margin products as well as for DeFi platforms and DApps. This gives banks and EMIs new revenue streams and business opportunities.

As with traditional e-money products, banks currently have an advantage over EMI’s in that they are less restricted in how they safeguard customer liabilities and can lend against their balance sheets (unlike EMIs). However, we hope that at some point in the future, EMI’s will be able to directly deposit customer liabilities with central banks directly. This could make EMI issued stablecoins even more attractive and lower risk than bank issued ones.

Allowing EMIs direct access to central bank accounts could significantly enhance their competitiveness in the stablecoin market. It would address a key disadvantage they currently face compared to banks. This could lead to:

Increased innovation: More players in the market could drive innovation and improve stablecoin offerings. Smart contract zero credit risk stablecoins could be linked to a wide range of traditional financial products.
Greater competition: Increased competition could benefit consumers through lower costs, more choices, and better services.
Faster adoption: More efficient and secure stablecoins could accelerate their adoption for everyday payments.
System Derisking: The Global Financial Crisis highlighted the overreliance on banks as custodians and the overly close relationships between the regulators, credit agencies and financial institutions that were supposed to be being monitored. These risks gave rise to Bitcoin. Permitting stores of value without credit risk is an obvious way in which users could derisk from a new financial crisis and also ensure that central banks and Governments are less exposed to banking failures.

Frequently Asked Questions About MiCAR

FAQ: Frequently Asked Questions about MicAR

Offers & CASPs

Are all crypto related activities in scope of MiCAR?

In principle, most activities are in scope unless exempted (see exempt offerings, exempt CASPs and out-of scope assets – such as NFT).

What are exempt offerings?

The White Paper requirements apply to a wide range of crypto-assets however there are exemptions for a range of crypto-assets, including:

Offers to fewer than 150 persons per Member State.
Offers with a total consideration below €1 million over 12 months.
Offers addressed solely to qualified investors.
Offers of crypto-assets given away for free (known as airdrops).
Crypto-assets automatically created as rewards for network maintenance.
Utility tokens providing access to existing goods or services within a limited network.

Which types of CASP are exempt?

Key exemptions include:

Agents of a Principal: CASPs acting as agents for licensed entities may avoid direct licensing, as long as they do not hold client funds or crypto-assets, operating under the authority of their principal.
Borrowing and Lending: The borrowing and lending of crypto-assets is governed by other EU and national laws and is outside of scope.
Public Entities Exemption: MiCAR excludes crypto-assets issued by central banks or public authorities in a sovereign capacity from its scope. This exemption also applies to services related to these assets, like administration or transfer.
Existing Regulated Entities:
- Financial Institutions: Entities already regulated under other EU laws (e.g., MiFID) may provide certain related crypto services without additional authorisation, using a streamlined “top-up” licensing process as permitted under their Home State rules.
- E-Money Issuers: Token issuers that are classified as e-money issuers (banks and EMIs) under the E-Money Directive (EMD2) fall under existing e-money regulations for authorisation purposes rather than MiCAR however EMTs issued by them are in-scope of MiCAR and subject to additional rules.
Intra-Group Services: CASPs providing services only within a corporate group may be exempt from licensing, provided the group is under consolidated supervision.
NFTs: Issuers and service providers involved with the NFT market. See NFT FAQ.
Reverse Solicitation: Under Article 61 of MiCAR, CASPs from outside the EU can provide unsolicited services to EU clients without needing a licence, provided the client initiates the request (but this exemption is very narrowly construed).
Small Scale Exemptions: CASPs with limited scope or transaction volumes may qualify for exemptions to be defined by national regulators.
Limited Network Tokens (LNTs): Issuers and persons involved in LNT activities, see LNT FAQ.

Is reverse solicitation permitted under MiCAR?

Only under the strictest of conditions.

ESMA is mandated to issue guidelines on the scope of the reverse solicitation exemption under Article 61. They issued draft guidelines in a consultation paper in January 2024 which make clear that:

“ESMA would like to stress that Article 61 of MiCA should be understood as applying in very limited and narrow circumstances. Article 61 of MiCA, although often referred to as the reverse solicitation exemption, is actually a prohibition: a prohibition for third-country firms to solicit clients established or situated in the Union, unless the crypto-asset service was requested at the own exclusive initiative of the client. “

In effect, they suggest the scope is limited to the following scenarios:

it must be initiated exclusively by the client.
only crypto-assets of the same type can then be offered to the client.
the third-country firm is not allowed to subsequently offer the client further crypto-assets or services, even if such crypto-asset or service is of the same type as the one originally requested, unless they are offered in the context of the original transaction within a limited period.

ESMA state:

“Although the draft guidelines do not provide any definite time window during which the exemption may be used, the lapse of a month or even a couple of weeks between the provision of the crypto-asset service based on a request made at the… initiative of the client and a subsequent offer by the third-country firm would exclude the application of Article 61.”

What are crypto-assets of the same type?

The guidance suggests the following as examples of crypto-assets which are not of the same type:

utility tokens, asset-referenced tokens or electronic money tokens;
crypto-assets not stored or transferred using the same technology;
electronic money tokens not referencing the same official currency;
asset-referenced tokens based mostly on FIAT currencies and asset-referenced tokens having significant crypto-currency ponderations;
liquid and illiquid crypto-assets;
crypto-assets other than asset-reference tokens and electronic money tokens with a non-identifiable-offeror and crypto-assets other than asset-reference tokens and electronic money tokens with an identifiable offeror.

Conclusion

The effect of this guidance is that it would be practically impossible for a non-European crypto business to maintain a database of European customers (other than qualified investors) for future solicitation/promotional purposes whilst seeking to rely on the Article 61 reverse solicitation exemption for in-scope crypto-assets.

I am outside of Europe, how does it affect me?

If you make a public offer of crypto-assets within the EEA (including seeking admission for a token to an EEA exchange) or provide in-scope services to EEA customers then you will need to comply with MiCAR.

What are the applicable sanctions for breach of MiCAR?

Significant Penalties: MiCAR is designed to ensure compliance with its regulations through the potential for substantial penalties. This is in line with its aims of consumer protection and market integrity within the crypto-asset space.

Scope of Infringements:

It covers a wide range of infringements across different areas of MiCAR, including:

Issuance and offering of crypto-assets
Authorisation and operation of CASPs
Asset-Referenced Tokens rules
E-Money Tokens and electronic money issuer rules
Market abuse
Failure to cooperate with authorities

General Penalties (applicable to most infringements):

Public statements identifying the offender and the infringement (name and shame).
Cease-and-desist orders.
Fines: Up to twice the profits gained or losses avoided.
For individuals: Fines up to €700,000 (or equivalent).

Penalties for Legal Persons:

Fines vary depending on the type of infringement:
- Up to €5,000,000 (or equivalent) for general infringements.
- Up to 3% of annual turnover for infringements related to the public offer of crypto-assets (i.e. public issuance or placing).
- Up to 5% of annual turnover for infringements related to certain core CASP obligations.
- Up to 12.5% of annual turnover for infringements related to certain some CASP activities, E-Money Tokens or Asset-Referenced Tokens.
Additional Penalties for Market Abuse:
- Withdrawal or suspension of authorisation for CASPs.
- Temporary or permanent bans on individuals from management positions in CASPs.
- Temporary bans on individuals from trading.
- Higher fines for individuals (up to €5,000,000) and legal persons (up to €15,000,000 or 15% of turnover).

Minimum Sanctions:

Member States can choose to apply criminal penalties instead of administrative penalties for some infringements.
In many cases, administrative fines can be set at a multiplier (e.g. 3 times – x3) of the amount of the profits gained or losses avoided because of the infringement, where those can be determined, even if it exceeds the maximum fines above.
Member States can also impose higher penalties or additional measures than those listed in Article 111.

Out of Scope Tokens

What types Limited Network Tokens are exempt?

Limited Network Tokens (LNTs) are potentially excluded from full MiCAR regulation. These tokens are used in a closed system or network, such as loyalty points, store credits, or tokens used within a specific ecosystem (e.g., within a store or chain of stores ), and cannot be widely exchanged for other goods or services beyond this network.

Reporting Requirements: If the value of LNT transactions exceeds €1 million over a 12-month period, issuers must notify the national competent authority (NCA). While the tokens might be exempt from full MiCAR regulation, this reporting ensures transparency and oversight.
No Wide Circulation: The key distinction between LNTs and regulated crypto-assets is that LNTs are not intended for general public use or transferability beyond the network. If the tokens are deemed to be transferable beyond the limited network or are interchangeable for value, they may fall under MiCAR’s broader regulatory scope.
Specific Exemptions: Issuers of LNTs should also ensure that the tokens do not resemble e-money tokens (EMTs) or asset-referenced tokens (ARTs). If a token functions similarly to an EMT or ART, it would trigger MiCAR’s regulatory requirements.
Surpassing the threshold: The offeror would need to explain why the exemption should still apply. The NCA then decides if the activity qualifies for the exemption. If the exemption is revoked, the issuer might be required to comply with the full set of requirements for crypto-asset issuances under MiCAR, such as:
- Publishing a crypto-asset white paper meeting detailed content requirements.
- Potentially seeking authorisation from the relevant competent authority.
- Complying with ongoing disclosure requirements, such as reporting the number of tokens in circulation.

Are Non-Fungible Tokens (NFTs) exempt?

Article 2(3) of MiCAR generally excludes unique and non-fungible crypto-asset tokens (NFTs) from its scope of application. However, this exclusion is not automatic and represents a significant area of current regulatory scrutiny. To qualify as excluded, the crypto-asset must meet specific legal and economic criteria:

it must not be readily exchangeable, and
its value must not be determinable by comparing it with an existing market or an equivalent asset.

Operators involved in the sale of genuine NFTs may not be directly covered by MiCAR (as NFTs are not necessarily “crypto-assets”). However, if an NFT platform allows the use of cryptocurrencies for buying, selling, or trading NFTs, the platform may be considered a CASP since they facilitate transactions using regulated crypto-assets. In addition if the NFT’s have an investment function or nature that would make them a crypto-asset and may also bring them into scope of other EU laws.

NCAs, such as the Austrian Financial Market Authority (FMA), have stressed that merely allocating a unique technical identifier to a crypto-asset is insufficient to qualify it as unique and non-fungible under MiCAR. The classification hinges on a comprehensive, case-by-case assessment that prioritises the economic function and legal substance of the asset over its technical designation.

There is also risk associated with issuing digital assets in a “large series or collection,” which regulators interpret as a strong indicator of fungibility, thereby bringing the asset into MiCAR scope.

What is the status of regulated security tokens?

Security Tokens: Tokens that qualify as financial instruments under the Markets in Financial Instruments Directive (MiFID II)—for instance, those that represent shares, bonds, derivatives, or other transferable securities—are regulated under MiFID II and fall outside MiCAR as these already have an established regulatory framework.
Fund Units and Fund-Related Tokens: Tokens representing units or shares in regulated investment funds, such as UCITS or AIFs (Alternative Investment Funds), are excluded from MiCAR. These fund-related tokens are regulated under the UCITS Directive and AIFMD (Alternative Investment Fund Managers Directive) frameworks, which establish investor protections, disclosure obligations, and fund management requirements.
Central Bank Digital Currencies (CBDCs): Tokens issued directly by central banks (CBDCs) are out of MiCAR’s scope, as they are governed by central bank regulations and monetary policy frameworks.

Are Airdrops out of scope of MiCAR?

Airdrops are freely distributed crypto-assets or NFTs.

“a crypto-asset shall not be considered to be offered for free where purchasers are required to provide, or to undertake to provide, personal data to the offeror in exchange for that crypto-asset, or where the offeror of a crypto-asset receives from prospective holders of that crypto-asset any fees, commissions, or monetary or non-monetary benefits in exchange for that crypto-asset.”

Secondary Market Trading Potential: If the airdropped crypto-assets are intended for trading on a secondary market, they generally fall within MiCAR’s scope, as they could create financial risk and require consumer protections.
Part of a Public Offering: Airdrops connected to public offerings (even if the tokens are distributed for free) are in scope if they serve as part of a larger promotional or distribution effort to attract investment or increase the token’s circulation.
Part of a Fundraising Scheme: Airdrops used in conjunction with a fundraising model (like an Initial Coin Offering or ICO) are generally considered part of a public offering under MiCAR, and the associated crypto-assets are subject to MiCAR’s White Paper, disclosure, and marketing requirements.
Conditional Airdrops: When airdrops require users to complete certain tasks, such as staking or by promoting the token on social media, they are more likely to be in scope, especially if these tasks imply a form of investment or commitment from recipients. Requiring holders personal data as a condition could make the airdrop be considered not free and so in-scope.

Airdrops should be out of scope if they are:

Truly Free and Without Conditions: Airdrops that involve no expectation of payment, investment, or future financial return and do not intend for the tokens to be traded on a secondary market are generally out of scope.
No speculative value: Purely promotional airdrops with no speculative value and no secondary market ambitions are unlikely to fall under MiCAR.
Used as Rewards for Network Activity: If airdrops serve as rewards for network maintenance (e.g., validators receiving tokens for their technical contribution), they may be exempt, provided they do not have a resale or trading focus.
Closed Networks: See LNTs.

Exempt Clients (Qualified Investors)

Are any types of clients exempt?

There are no general exemptions for professional or qualified investors. MiCAR applies to all clients and investors, irrespective of their professional or retail status. However, there are a number of specific exemptions to the broader public offering rules for offers made to qualified investors.

MiFID II categorises clients into three main categories: Retail, Professional, and Eligible Counterparties. “Qualified investors” fall under the Professional client category of MiFID II.

Professional clients are assumed to possess the experience, knowledge, and expertise to make their own investment decisions and properly assess the risks involved. This allows them to be exempt from certain investor protection measures that are designed for retail clients.

Annex II of MiFID II outlines the specific types of clients that are considered professional clients by default:

Entities authorised or regulated to operate in financial markets: This is a broad category that includes a wide range of financial institutions, such as banks, investment firms, insurance companies, and pension funds. These entities are subject to their own regulatory requirements and are considered to have a high level of financial sophistication.
Large undertakings meeting specific size requirements: This captures large companies that meet certain criteria relating to their balance sheet total, net turnover, and own funds. Entities that satisfy at least two of the following:
- Balance sheet total of at least €20 million
- Net turnover of at least €40 million
- Own funds of at least €2 million
These size thresholds are designed to identify companies with significant financial resources and expertise.
National and regional governments, central banks, and public debt bodies: This includes entities like the European Central Bank, national governments within the EU, and international institutions like the World Bank. These entities are considered to have a high level of financial sophistication and understanding of market risks.
Other institutional investors whose main activity is investing in financial instruments: This covers entities like investment funds, hedge funds, and private equity firms whose primary business is investing in financial instruments. They are expected to have a deep understanding of financial markets and risk management.
Investor protection: MiFID II aims to ensure that investors receive appropriate levels of protection based on their knowledge and experience.

Note: MiFID II allows certain clients to elect to be treated as professional clients. This is not applicable for MiCAR purposes as they are outside of the scope of Section 1, (1)-(4) of Annex II.

EBA and ESMA Issued Guidance on MiCAR

MiCAR Guidance Issued

Over the past two years, the European Securities and Markets Authority (ESMA) and the European Banking Authority (EBA) have been actively shaping the regulatory landscape for crypto-assets by developing comprehensive guidance for the Markets in Crypto-Assets Regulation (MiCAR). This guidance, disseminated through consultation papers and technical standards, focuses on key areas to ensure a secure, transparent, and sustainable crypto market within the EU.

ESMA’s Focus:

White Papers and Disclosure Standards: ESMA aims to harmonise information disclosure across the EU, issuing consultations on white paper requirements for various crypto-asset types, including asset-referenced tokens (ARTs) and e-money tokens (EMTs). These standards ensure consistency and transparency regarding projects and risks, sustainability factors and environmental impact. This aims to provide investors with clear, comparable information to make informed decisions.
Market Integrity and Anti-Abuse Mechanisms: To maintain market integrity, ESMA is developing robust standards for detecting and reporting suspected market abuse. This guidance includes reporting procedures for crypto-asset service providers (CASPs) and policies to enhance transparency and protect client rights in transfer services.
Consumer Protection and Suitability Standards: Investor protection is a core principle of MiCAR. ESMA’s technical standards emphasise suitability requirements for services like portfolio management, ensuring that consumers receive personalised information and appropriate services tailored to their needs. This includes providing periodic statements in a clear and understandable format.
Operational and ICT Resilience: ESMA is dedicated to strengthening operational resilience. The guidance specifies standards for cybersecurity and ICT resilience, enabling CASPs to effectively manage market volatility and cyber threats, safeguarding investor assets and market stability.
Sustainability and Environmental Disclosures: Aligned with the EU’s commitment to environmental, social, and governance (ESG) factors, ESMA is developing rules on sustainability indicators in crypto-assets. This includes mandatory reporting on the adverse environmental impacts of different validation mechanisms, such as Proof of Work, promoting responsible innovation in the crypto space.

ESMA papers:

03 July 2024, ESMA published a final report on the Draft Technical Standards specifying certain requirements of the Markets in Crypto Assets Regulation (MiCAR) – second package which includes information on trade price transparency, sustainability indicators, public disclosure of inside information, CASP record keeping obligations and continuity of service for CASPs.
06 June 2024, the EBA published Draft Regulatory Technical Standards on conflicts of interest for issuers of ARTs
25 March 2024, ESMA published Draft technical standards specifying requirements for cooperation, exchange of information, and notification between competent authorities, European Supervisory Authorities (ESAs), and third countries under the Markets in Crypto Assets Regulation (MiCAR)
25 March 2024, ESMA published the Final Report a final report on the Draft Technical Standards specifying certain requirements of the Markets in Crypto Assets Regulation (MiCAR) – first package which includes information on seeking authorisation as a CASP and the Consultation Paper on the Technical Standards specifying certain requirements of MiCA (3rd package) dealing with Market Abuse, investor protection and operational resilience.
29 January 2024, ESMA published draft guidance in a consultation on the reverse solicitation exemption and the Consultation Paper on the draft Guidelines on the conditions and criteria for the qualification of crypto-assets as financial instruments.

EBA’s Role:

While ESMA focuses on market-level issues and conduct, the EBA plays a crucial role in authorisation and supervision:

Authorisation and Supervision: The EBA is focused in developing guidance for the authorisation and supervision of CASPs, particularly those deemed significant in size or impact. This ensures that CASPs meet rigorous standards for operational resilience, risk management, and consumer protection
AML/CFT Compliance: The EBA leads the development of guidelines to ensure CASPs comply with anti-money laundering and countering the financing of terrorism (AML/CFT) regulations, safeguarding the integrity of the financial system.
Guidelines and Q&A: The EBA provides detailed guidelines and answers to frequently asked questions (FAQs) on MiCAR implementation, offering practical support to CASPs and clarifying regulatory expectations: https://www.eba.europa.eu/regulation-and-policy/asset-referenced-and-e-money-tokens-micar There is also a Q&A section.

Collaboration and Implementation:

Both ESMA and the EBA are working closely with national competent authorities across the EU to ensure the consistent and effective application of MiCAR.

Joint Papers:

27 June 2024, EBA and ESMA published joint guidelines on the suitability of members of the management body, and on the assessment of shareholders and members with qualifying holdings for issuers of ARTs and crypto-asset service providers (CASPs). It provides a common methodology to assess the suitability of the shareholders and members with direct or indirect qualifying holdings for the purpose of granting authorisation as issuers of ARTs or as CASPs, and for carrying out the prudential assessment of proposed acquisitions.

EBA Papers:

04 July 2024, the EBA published guidelines on the ‘travel rules’.
19 June 2024, EBA published a package of technical standards and guidelines under MiCA on the topics of reporting, liquidity stress testing and supervisory colleges.
On 13 June 2024, EBA published a package of technical standards and guidelines on prudential matters including own funds, liquidity requirements, and recovery plans. The package includes:
- final draft RTS specifying adjustment of own funds requirement and minimum features of stress testing programmes of issuers of ARTs and of e-money tokens (EMTs) subject to such requirements,
- final draft RTS specifying the procedure and timeframe for an issuer to adjust the amount of its own funds to 3% of the average amount of the reserve of assets
- final draft RTS further specifying the liquidity requirements of the reserve of assets
- final draft RTS to specify the highly liquid financial instruments
- final draft RTS to specify the minimum content of the liquidity management policy and procedures, and
- guidelines on the requirements for recovery plans.

MiCAR Delegated Acts

The Commission has the power to adopt delegated acts referred to in Articles 3(2), 43(11), 103(8), 104(8), 105(7), 134(10) and 137(3) of MiCAR for a period of 36 months from 29 June 2023.

List of Published Implementing or Delegated Acts:

Link to Latest Implementing/Delegated Acts (Adopted or in Force)

News & Insights

December 29, 2025

European Crypto Assets
Law & Regulation

Markets in Crypto Assets (MiCAR)

MiCAR allows firms to passport their authorisation across Europe

Markets in Crypto Assets Regulation

MiCAR General

Notes:

(November 2025)

(November 2025)

Comparative Matrix (November 2025)

MiCAR for Crypto Asset Service Providers (CASPs)

MiCAR for Crypto Asset Service Providers (CASPs)

(November 2025)

(November 2025)

Public Offer Rules for Crypto-Assets under MiCAR

MiCAR applies to the public offer of crypto-assets in Europe (EEA)

MiCAR for Crypto Asset Issuers

Mandatory Information for ARTs, EMTs and other crypto-assets

Additional Obligations other than for EMTs

Content Requirements

Consistency with Marketing Communications

Single Currency Stablecoins (E-Money Tokens)

Purportedly stablecoins

Single Currency Stablecoins (E-Money Tokens) under MiCAR

Definition of E-Money Tokens (EMTs)

Frequently Asked Questions About MiCAR

FAQ: Frequently Asked Questions about MicAR

Offers & CASPs

Out of Scope Tokens

Exempt Clients (Qualified Investors)

EBA and ESMA Issued Guidance on MiCAR

MiCAR Delegated Acts

News & Insights

The Ever Expanding Regulatory Perimeter: Outsourcing, Resilience & Supply Chains

Gibraltar E-Commerce & VAT

Bank Of England Proposed Regulation of Systemic Stableocins

MiCAR Implementation Update

Our Crypto Asset & DLT Team

Meta

European Crypto Assets Law & Regulation

Markets in Crypto Assets (MiCAR)

MiCAR allows firms to passport their authorisation across Europe

Markets in Crypto Assets Regulation

MiCAR General

Notes:

(November 2025)

(November 2025)

Comparative Matrix (November 2025)

MiCAR for Crypto Asset Service Providers (CASPs)

MiCAR for Crypto Asset Service Providers (CASPs)

(November 2025)

(November 2025)

Public Offer Rules for Crypto-Assets under MiCAR

MiCAR applies to the public offer of crypto-assets in Europe (EEA)

MiCAR for Crypto Asset Issuers

Mandatory Information for ARTs, EMTs and other crypto-assets

Additional Obligations other than for EMTs

Content Requirements

Consistency with Marketing Communications

Single Currency Stablecoins (E-Money Tokens)

Purportedly stablecoins

Single Currency Stablecoins (E-Money Tokens) under MiCAR

Definition of E-Money Tokens (EMTs)

Frequently Asked Questions About MiCAR

FAQ: Frequently Asked Questions about MicAR

Offers & CASPs

Out of Scope Tokens

Exempt Clients (Qualified Investors)

EBA and ESMA Issued Guidance on MiCAR

MiCAR Delegated Acts

News & Insights

The Ever Expanding Regulatory Perimeter: Outsourcing, Resilience & Supply Chains

Gibraltar E-Commerce & VAT

Bank Of England Proposed Regulation of Systemic Stableocins

MiCAR Implementation Update

Our Crypto Asset & DLT Team

Peter Howitt

Managing Director

Heather Adamson

Head of Fiduciary

David Borge

Practice Director

Nicholas Borge

Director

Tyrene Edwards

Trainee Lawyer

Meta

European Crypto Assets
Law & Regulation