As cryptocurrency usage increases, so do cryptocurrency regulations around the world. The crypto landscape is constantly evolving and keeping up to date with the rules and regulations in different countries.
Over the past few years, we have seen European Union (EU)-Member states introduce their own regimes for cryptoassets, interpreting and implementing the requirements very differently – from the licensing regime in Germany, the relatively robust registration requirements in the Netherlands and Ireland, to the lighter-touch regimes in Lithuania and Malta.
On October 10, 2022, the European Parliament, signed off on the comprehensive Markets in Crypto-Assets (MiCA) regulation (“Regulation”) – landmark legislation that hopes to regulate the digital asset space within the union. On October 13, 2022, we shared our previous article on MiCA, now we created a step-by-step guide to help crypto businesses to navigate through this comprehensive document.
The final vote on the MiCA was postponed to April 2023. This is the second time that the final vote has been delayed. Latest delay happened due to a technical problem translating a 400-page document into various EU languages. These legal documents, which are written in English, must follow the regulations of the EU and be published in all 24 official languages of the union.
Who does MiCA apply to?
MiCA applies to natural or legal persons, engaged in one of the following activities:
A) Issues or offers access to trade cryptoassets to the public
B) Provides services related to crypto assets in the EU;
C) Any business activity that is linked to cryptoassets will fall under MiCA.
Who is exempted under MiCA: A) Supranational and national organizations such as the European Central Bank (ECB), national central banks of member states; the European Investment Bank including its subsidiaries; the European Financial Stability Facility and the European Stability Mechanism.
B) Firms providing cryptoasset services exclusively for their parent companies, subsidiaries or for other subsidiaries of their parent companies and liquidators and administrators acting in the course of an insolvency procedure.
What types of cryptoassets are in the scope of MiCA?
MiCA applies concerning “cryptoassets,” which are defined very broadly as “a digital representation of a value or a right that uses cryptography for security and is in the form of a coin or a token or any other digital medium which may be transferred and stored electronically, using distributed ledger technology or similar technology.”
This definition is aimed at capturing not only cryptocurrencies, such as Bitcoin and Ethereum, but also stablecoins and utility tokens.
What is not covered by MiCA?
MiCA does not apply to:
- Security tokens would qualify as transferable securities and other cryptoassets that qualify as financial instruments for MiFID II, deposits, securitization positions, insurance, or pension products.
- Decentralized Financial instrument (DeFi) protocols and crypto-assets that are unique and not fungible with other crypto-assets, such as non-fungible tokens (NFTs), are outside the current scope.
Obligations for all crypto asset service providers (CASPs)
MiCA sets out obligations that apply to all CASPs:
- Act honestly, fairly, professionally, and in clients’ best interests.
- Duty to disclose information relating to the principal adverse environmental and climate-related impact of the consensus mechanism used
- Prudential requirements for CASPs, which are measures to protect a firm’s financial solvency. A CASP will always be required to hold the higher of:
- Its minimum capital requirement; and
- A quarter of its fixed overheads.
- The minimum capital requirement starts at €50,000, and rises to €125,000 euros for custodians and CASPs providing the exchange services and to €150,000 for operators of trading platforms;
- The management body of the CASP must be of good repute, must possess the knowledge, experience and skills requisite to run the business and must be capable of committing sufficient time to the running of the business.
- CASPs will also be subject to a safekeeping obligation, which will apply when the CASP is holding cryptoassets on behalf of its clients. The main consideration is that the clients’ ownership rights must be safeguarded, especially in the event of the CASP’s insolvency.
- In addition, when a CASP is holding a client’s funds, those funds must be placed with either a central bank or an authorized credit institution before the end of the business day following the day they were received.
Several activities in MiCA cover the different ways in which exchange services can be offered, and they come with very different obligations:
- Operation of a trading platform for cryptoassets
- Exchange of cryptoassets against funds or exchange of cryptoassets against other cryptoassets
- Execution of orders for cryptoassets on behalf of clients
- Reception and transmission of orders on behalf of third parties
The “custody and administration of cryptoassets” is defined in MiCA as the safekeeping or controlling, on behalf of third parties, cryptoassets or the means of access to such cryptoassets, where applicable in the form of private cryptographic keys.
Providers of custody and administration services are subject to detailed additional rules in relation to custody agreements, recordkeeping, segregation and return of crypto-assets, and liability.
MiCA states that if a MiCA-licensed custodian uses another provider for the custody of third-party cryptoassets, another provider must be a MiCA-licensed entity. This means that custody arrangements with a sub-custodian outside the EU are impossible.
MiCA-licensed custodians are subject to segregation or safeguarding requirements. This means that the cryptoassets held in custody must be separated from the custodian’s own assets, protecting the customer from the bankruptcy of the custodian, with creditors of such custodians not having any recourse to these cryptoassets.
How will MiCA impact crypto exchanges?
The key requirement of MiCA is that a legal entity cannot provide crypto asset services in the EU unless it’s either:
A) Authorized as a crypto asset service provider (a “CASP”); or
B) Allowed to provide crypto asset services because it’s already licensed either as
- a credit institution,
- a CSD (Central Securities Depositories),
- a MiFID firm (“Investment firm” under the Markets in Financial Instruments Directive (MiFID)),
- a market operator,
- an e-money institution,
- an AIFM (Alternative investment fund managers)
- a UCITS ManCo.
MiCA sets out a specific notification requirement for each of these already-licensed entities. It is important to note that not all of the crypto asset services will be open to all of these entities: for example, a MiFID firm can only provide crypto asset services which are equivalent to the investment services for which it is licensed, whereas a CSD will only be permitted to provide the service of custody and administration of cryptoassets.
For firms that are required to be licensed under MiCA, the firm must have its Registered
Office and at least one director in the EU, to show its pace of effective management in the EU.
Regarding the temporary licensing regime, do I need a license?
MiCA introduces and allows a special transitional regime for crypto-asset services providers, which are already licensed, are in business before the MiCA came into force and offer their services in accordance with applicable national law. Those cryptoasset services providers will have a maximum of 18 months after the MiCA comes into force or until they are granted permission under MiCA. Suppose Member states think that they need stricter requirements. In that case, they have, under national regulations, the opportunity to choose whether to apply these transitional measures or reduce the transitional period.
Crystal’s Regulatory & Compliance experts are helping you transform regulations into adequate risk management. Stay ahead of the change and the coming regulatory frameworks and sanctions with the help of our compliance team. For any compliance-related questions, please get in touch with us at: firstname.lastname@example.org