The EU legislator has, at last, published into the EU Official Journal the final – and perhaps most eagerly awaited – piece of the Digital Finance Strategy legislation puzzle, the Markets in Crypto-Assets Regulation 2023/1114(MiCAR)[1].
MiCAR, establishes a specific regulatory framework for crypto-assets that are not currently covered by existing European financial services legislation. These assets are categorized into three main groups: asset-referenced tokens (ART), e-money tokens (EMT), which aim to maintain a stable value by referencing the value of one official (fiat) currency, and other Crypto-Assets. However, crypto-assets regulated by other EU legislative acts on financial services (such as MIFID II or PSD II) are outside the scope of MiCAR, regardless of the technology used for their issuance or their transfer, as the EU legislature is guided by the principles of ‘same activities, same risks, same rules’ and of technology neutrality.
MiCAR establishes various conditions that must be met when making offers to the public of crypto-assets, such as the requirement to be a legal person, drafting a crypto-asset white paper, notifying and publishing the white paper, complying with marketing communication rules, and meeting the requirements for issuers.
The requirements imposed on issuers of crypto-assets vary based on this classification. For instance, all tokens necessitate the submission of a white paper, while prior approval is only mandatory for ART and EMT issuers.
MiCAR-Crypto-Asset Service Providers (CASPs), much like investment firms subject to MiFID II, are defined as approved legal entities or undertakings whose occupation or business involves providing one or more crypto-asset services to clients on a professional basis. CASPs must obtain authorization from the competent authority in their home Member State and adhere to the operational conditions outlined in MiCAR. Once authorized, CASPs can offer their services throughout the European Union through a passporting regime. The reverse solicitation principle will however apply to third-country providers.
MiCAR encompasses the following crypto-asset services:
- Custody and administration of crypto-assets on behalf of third parties: This involves securely storing private keys or other essential means that grant third parties access to crypto-assets.
- Operation of a trading platform for crypto-assets: This refers to managing a platform that facilitates the buying and selling of crypto-assets.
- Exchange of crypto-assets for fiat currencies: This involves converting crypto-assets into legal tender.
- Exchange of crypto-assets with other crypto-assets: This entails swapping one type of crypto-asset for another.
- Execution of orders for crypto-assets on behalf of third parties.
- Placing crypto-assets: This involves marketing and selling newly issued crypto-assets to investors.
- Reception and transmission of orders for crypto-assets: This pertains to accepting and relaying orders related to the buying or selling of crypto-assets on behalf of a third party.
- Provision of advice on crypto-assets: This refers to offering personalized recommendations regarding the utilization of crypto assets and/or services.
- Portfolio management of crypto-assets: This involves managing a client’s portfolio of crypto-assets.
- Operation of an organized trading facility for crypto-assets: This refers to operating a system that brings together multiple third-party interests in buying and selling crypto-assets.
Similar to financial institutions, in order to acquire a MiCAR authorization CASPs must demonstrate a proper and adequate business organization. Crypto-asset service providers must have their registered office located within the EU. They are also required to disclose comprehensive information about their company and its owners, as well as the intended members of the management body, who must pass under a fit and proper assessment. A proper business organisation also includes establishing internal control mechanisms, contingency plans, secure IT systems, robust risk management, and a compliance organization to prevent money laundering. Furthermore, they must have a professional complaint management system in place and strictly segregate client funds and crypto-assets from their own assets. It should be noted that interplay is expected to take place between MiCAR and Digital Operational Resilience Act (DORA) – Regulation (EU) 2022/2554, regarding ICT mechanisms.
Certain entities already holding a regulated status, such as credit institutions, investment firms, electronic money institutions and central securities depositories, can provide specific services on crypto-assets (i.e. EMTs) by submitting a simple notification.
MiCAR provisions related to the authorization and supervision of ART/EMT will be applicable as of 30 June 2024. Subject to certain exceptions, the remaining provisions, particularly those concerning CASPs, MiCAR will apply from 30 December 2024.
Amid the crack-down of crypto-assets exchanges – and certain crypto-assets for that matter- by the US Regulator in recent days, the adoption of MiCAR, even if late by some, marks the distinctly different approach taken by the EU legislator with respect to crypto-assets.
Although the success of this initiative will be measured by its implementation by market participants, the application of MiCAR will contribute to legal certainty and the protection of consumers, and is expected to create added value through the offer of products and services regulated by MiCAR by an innovative and, potentially, less expensive route.
[1] Regulation (EU) 2023/1114 of the European Parliament and of the Council of 31 May 2023 on markets in crypto-assets, and amending Regulations (EU) No 1093/2010 and (EU) No 1095/2010 and Directives 2013/36/EU and (EU) 2019/1937.
