October 24, 2023

Crypto Regulation in Europe: ESMA Statement Clarifies process for the Transition to MiCA

On 17 October 2023, the European Securities and Markets Authority (ESMA) published a statement (the Statement) clarifying the timeline for implementation of the Regulation on Markets in Cryptoassets ((EU) 2023/1114) (MiCA) and encouraging market participants and EU member state national competent authorities (NCAs) to begin preparation for the transition to MiCA.

The Statement discusses how the implementation procedure will affect, and can be aided by the cooperation of, issuers, crypto-asset service providers (CASPs), NCAs, holders of crypto-assets, and clients of CASPs.

The Statement preceded the latest set of consultations on the regulatory technical standards (RTS) under MICA on 19 October 2023 (which close on 22 January 2024):

  • The draft RTS on the approval process for white papers for asset-referenced tokens (ARTs) issued by credit institutions (EBA/CP/2023/21), which deals with the requirements for a cryptoasset white paper for the ART (WP) to be prepared and submitted for approval by the competent authority of its home member state and aims to harmonise the different steps and timeframes for approval of a WP.
  • The Draft RTS on the minimum content of the governance arrangements on the remuneration policy (EBA/CP/2023/22), which sets out the main governance processes regarding the adoption and maintenance of the remuneration policy and the issues that should be addressed in the policy.
  • The Draft Guidelines on the minimum content of the governance arrangements for issuers of asset-referenced tokens (EBA/CP/2023/23) which addresses, amongst other things, the role of the issuer's management body, risk culture and business conduct, and the internal control framework and mechanisms.

MiCA: A reminder

As noted in our previous alerts “Marketing Crypto-Assets in and Into Europe: MiCAR, the EU’s New Uniform Crypto Code” and “Doing Crypto Business in Europe: MiCA, the EU’s New Uniform Crypto Code – Part 2,” MiCA was published in the Official Journal of the European Union on 9 June 2023. MiCA is a major step toward an EU-wide uniform code governing crypto-assets, such as BTC, ETH, and stablecoins.

Although MiCA came into force on 29 June 2023. Various provisions will come in effect over time, including:

  • The provisions governing certain stablecoins will apply from 30 June 2024.
  • The provisions governing the remaining crypto-assets will apply from 30 December 2024.

However, as pointed out in the Statement, EU member states have the option of granting entities already providing crypto-asset services in their jurisdictions up to an additional 18-month “transitional period” during which they may continue to operate without a MiCA license (also referred to as a grandfathering clause).

As an EU regulation and unlike an EU directive, MiCA will bind EU businesses directly without the need for individual EU member states to implement laws to put it into effect. Individual EU member state authorities will be responsible for enforcing MiCA in their respective territories.

MiCA addresses the following:

  • The issuance and marketing/offering of crypto-assets, to which MiCA applies
  • The performance of activities/offering of services connected with crypto-assets, such as the custody and administration of crypto-assets on behalf of third parties, the operation of a trading platform for crypto-assets, and the exchange of crypto-assets for fiat currency or other crypto-assets
  • The prevention of market abuse involving crypto-assets

What does the Statement say to holders of crypto-assets and clients of CASPs?

The Statement serves as a warning to holders of crypto-assets and clients of CASPs that the full protections under MiCA will not apply during the implementation phase of MiCA. Provisions of MiCA may not be fully implemented until as late as 1 July 2026 if member states make use of the grandfathering provisions for existing issuers and CASPs.

Prior to this date, the Statement warns holders of crypto-assets and clients of CASPs that the existing, less comprehensive regime will continue to apply. Existing regulation of crypto-assets in the EU is fragmented, with each EU member state having its own regulatory regime for the regulation of crypto-assets that are not financial instruments within the meaning of the Markets in Financial Instruments Directive (MiFID). The fifth EU Money Laundering Directive (MLD5) does, however, require EU member states to impose anti-money-laundering and counterterrorist financing requirements on businesses providing custodian wallet services or fiat-to-crypto exchange services. MLD5 also requires these types of firm to be registered with their home state national competent authority.

Unlike MiCA, MLD5 does not impose any requirements on crypto businesses that advise on or offer placing services. This has left scope for significant variation between the regimes of different member states. For example, Germany follows a strict approach to regulation, requiring some firms to be fully authorized, whereas countries such as Denmark and the Netherlands do not have any specific regulation beyond the requirements of MLD5.

The Statement urges holders of crypto-assets and clients of CASPs to be aware of the recourse mechanisms and protections currently available in their jurisdiction prior to the full implementation of MiCA. In addition to this, the Statement recommends taking into account the following considerations prior to investing in crypto-assets or related products and services:

  • Can you afford to lose all the money you are planning to invest?
  • Are you ready to take on high risks to earn the advertised returns?
  • Do you understand the features of the crypto-asset or related products and services?
  • Are the firms/parties you are dealing with reputable?
  • Are the firms/parties you are dealing with blacklisted by the relevant national authorities?
  • Are you able to effectively protect the devices you use to buy, store, or transfer crypto-assets, including your private keys?

What does the Statement say to issuers and CASPs?

The Statement encourages all market participants to make adequate preparations reducing the risk of disruptive business model adjustments. This should include:

  • Responding to public consultations
  • Early dialogue with NCAs and clients to inform them of their transition plans, including in relation to questions on the perimeter of MiCA and the application of the framework to their current activities
  • Informing clients about the regulatory status of the crypto-assets and/or services they are offering, clarifying whether they are offering crypto-asset services using the grandfathering clause, the type of authorisation they hold, and the country from which they operate
  • If they are authorised under other sectoral regulations, clarifying the regulatory status of the products and/or services they are offering to avoid confusion with respect to their regulated offerings
  • Anticipating MiCA’s entry into application by aligning their practices to comply with incoming requirements
  • Applying for a MiCA authorisation as soon as possible

The Statement also provides further detail on the “reverse solicitation” provision, which allows crypto-asset services to be provided by a third-country firm in cases where such service is initiated at the own exclusive initiative of the client. ESMA notes that this exemption will be subject to further guidance and will be “very narrowly framed.”

What does the Statement say to NCAs?

The Statement also calls for coordinated actions by NCAs prior to the full implementation of MiCA to:

  • Facilitate information exchange on authorisation requests and supervisory cases
  • Encourage the application of MiCA rules as early as possible
  • Engage in consultation with the European Commission to provide common understanding on MiCA provisions that may require further clarity

Importantly, ESMA calls for “consistent, effective and forceful supervision (and enforcement where necessary) in the EU from the outset.” The Statement lists a number of actions that NCAs should take as part of this supervision process, including (amongst others):

  • Preventing the establishment of “letter-box” entities, i.e., when EU-based crypto-asset service providers rely extensively on non-EU entities for the performance of services for clients based in the EU
  • Subjecting entities engaging in unlawful provision of crypto-asset services before application and during the transitional phase of MiCA to enforcement action where possible under national applicable law
  • Establishing authorisation procedures and fostering dialogue with potential applicants as soon as possible

To discuss the contents of this alert, please contact the authors or your usual Goodwin contact.