Navigating the EU Regulatory Landscape: Comprehensive Guide to CASP Compliance

Discover how the EU’s MiCA and MiFID II regulations impact the crypto industry. Learn about compliance requirements, regulatory frameworks, and practical steps for crypto businesses to navigate the evolving regulatory landscape.

Stay informed

Catch Zodia Markets in the latest news.

Share

Introduction

The dynamic landscape of digital assets has brought continuous changes to the crypto industry. As this sector expands, the lack of well-defined regulatory frameworks poses significant global challenges. To address these issues and protect investors and consumers, the European Union developed a comprehensive regulatory framework to mitigate the risks associated with the issuance and trading of crypto assets within its jurisdiction. This regulatory framework includes the new Markets in Crypto-Assets (MiCA) Regulation designed to integrate the existing rules established by the Markets in Financial Instruments Directive (MiFID II). These regulations together aim to improve compliance criteria, ensure market integrity, and protect consumers in the digital age. As the industry prepares to comply with these new MiCA rules by the end of 2024, what changes can crypto businesses expect? What practical considerations should they keep in mind to be prepared to comply?

It is worth noting the broad support the proposals and subsequent clarity that the regulatory technical standards (RTSs) have received from industry as the MiCA Regulation is set to be implemented later this year. The RTSs have been consulted on by the European Supervisory Authorities (ESAs) over the past few months and are a crucial first step in delivering clarity to the market. Throughout the consultations on the RTSs, industry has had the opportunity to deliver feedback to the ESAs to help mitigate risks, and tackle challenges ahead of the jurisdictional implementation by National Competent Authorities (NCAs).

Global Digital Finance (GDF) and Zodia Markets both value this engagement as a transparent feedback-loop between regulators and industry participants, which enables knowledge sharing and, we believe, will contribute to the development of better informed and future-proof regulatory frameworks. Furthermore, cross-industry collaboration also plays an important role in encouraging best-practice across industry and preparing market participants for compliance with MiCA, as well as fostering a broader understanding of existing EU frameworks such as MiFID II. GDF and Zodia Markets aim to work cooperatively with regulators, other associations, and firms to achieve the highest levels of compliance and consistent standards across the industry.

This article compares MiCA with MiFID II and analyses how principles of transparency, market integrity, and investor protection are being adapted to the unique challenges posed by digital assets. The goal is to equip readers with the knowledge and tools needed to achieve and sustain compliance, ensuring preparedness for both current and future regulatory requirements. This will be achieved by discussing how the regulatory regimes will apply, and the critical regulatory focus areas for both digital natives and institutions.

Challenges and the Evolution of Regulation

Cryptocurrency, which was initially introduced as a novel financial technology, has over the past fifteen years become increasingly embedded within the existing financial system, while also challenging previous ways of working and bringing new efficiencies and processes to traditional systems. As crypto assets and distributed ledger technology are adopted by the broader financial services industry, it is crucial for this nascent industry to implement appropriate transparency measures and safeguards against fraud and market abuse to support sustainable scaling. Such improvements aim to enhance market confidence, which both new innovative market players and traditional institutional participants depend on.

The complexity of digital asset operations presents its own regulatory and enforcement challenges, which may vary depending on both the type of crypto or digital asset employed, as well as the business model of the firm. Consequently, the European Commission acknowledged the necessity of assessing the EU regulatory approach to crypto assets in its 2018 Fintech Plan, recognising the need for regulation. This resulted in the development of the MiCA Regulation, designed to improve the resilience and stability of global financial systems and facilitate the integration of crypto assets into traditional finance, thereby ensuring the protection of consumers and investors.

MiCA Proposal and Objectives

The European Commission issued the MiCA proposal on September 24, 2020, as part of the Digital Finance Package. MiCA has four main objectives: 1) ensuring legal clarity, 2) fostering innovation, 3) safeguarding consumer and investor interests, and 4) upholding market integrity. The regulation aims to mitigate potential market failures and externalities that pose risks to financial stability.

In support of these objectives MiCA focuses on four key areas:

  • Establishing a common taxonomy of crypto assets.
  • Defining rules for public offers of crypto assets in the EU.
  • Creating a harmonised authorisation framework for Crypto Asset Service Providers (CASPs).
  • Regulating stablecoins.

There are eight types of CASP that will be regulated by MiCA:

As a regulation, MiCA replaces national frameworks with a standardised set of rules for crypto asset suppliers and issuers, mitigating threats to financial stability and monetary policy effectiveness. Unlike MiFID II, which requires transposition into national laws, MiCA will be immediately applicable across all EU Member States yet is important to note that each NCA will need to integrate MiCA with its existing national legislation.

Regulatory Focus

From an overall regulatory perspective, MiCA aims to provide a tailored regulatory framework for the crypto market, focusing on creating a common taxonomy, defining rules for public offers of crypto assets, establishing a harmonised authorisation framework for Crypto Asset Service Providers (CASPs), and regulating stablecoins. As opposed to MiCA, MIFIDII is primarily concerned with traditional financial markets, ensuring transparency, investor protection, and market integrity for financial instruments, including those that may involve crypto assets. For example, to support its mandate of consumer and investor protection, MiCA specifically addresses the unique risks associated with crypto assets, aiming to protect consumers and investors by establishing clear rules and standards for transparency and conduct for CASPs. Conversely, MiFID II provides comprehensive protections for investors in financial instruments, including requirements for transparency, disclosure, suitability assessments, and conduct of business rules. Moreover, in relation to Market Integrity and Stability, MiCA seeks to mitigate potential threats to the stability of the financial system and the effectiveness of monetary policy posed by digital assets. It aims to create a resilient and stable environment for the crypto market whereas MiFID II focuses on maintaining market integrity and stability in traditional financial markets, applying these principles to crypto assets that qualify as financial instruments.

Interaction Between MiCA and MiFID II

MiCA and MiFID II overlap in regulating certain aspects of crypto assets. For instance, MiCA seeks to establish regulations for all categories of crypto assets, except for those that meet the criteria of being financial instruments. Electronic money, unless it meets the criteria of being an electronic money token (e-money token), deposits, structured deposits, and securities (including those in tokenised form) will all still fall under MiFID II, the current financial legislation of the European Union. MiFID II, as a directive, supersedes any national frameworks that currently apply to these crypto assets, and must also be complied with in advance of any MiCA Regulations. Additionally, it establishes a standardised set of regulations for suppliers and issuers of crypto assets. The purpose is to mitigate possible threats to the stability of the financial system and the effectiveness of monetary policy that may arise from digital assets, which could gain widespread acceptance and potentially have a systemic impact. Given the complexity of the classification of digital assets for regulatory purposes, the European Securities and Markets Authority (ESMA) has been assisting service providers, NCAs, and market participants, by providing draft guidelines to clarify the conditions and criteria for the qualification of crypto assets as financial instruments, as defined in the MIFID II. The guidelines address the delineation between the respective scopes of application of MiCA and MiFID II, ensuring consistent approaches at the national level regarding which crypto assets should be considered financial instruments and subject to sectoral regulatory frameworks, particularly the MiFID II framework. It is important to note that before exclusively applying MiCA, firms must ensure that they do not fall under any aspect of the MiFID framework. Additionally, firms can fall under both MiCA and MiFID II if they offer products that fall under each framework respectively.

From the MIFID II perspective, the classification of crypto assets as financial instruments depends on the specific characteristics and nature of such crypto assets. ESMA believes that the circumstances must be considered on a case-by-case basis in order to legally qualify crypto assets. For this purpose, a “substance over form” approach should be followed in determining what constitutes a financial instrument. Crypto assets that are to be qualified as financial instruments should be treated as such from a regulatory standpoint regardless of the technology applied to such tokens.

Instruments regulated under MiFID II include:

  • Transferable securities,
  • Money-market instruments,
  • Units of collective investment undertakings,
  • Various derivative contracts, and
  • Emission allowances.

Whereas instruments regulated under MiCA include:

  • Asset-referenced tokens (ARTs) (Art. 3 (1) No. (3) MiCA),
  • Electronic money tokens (EMT) (Art. 3 (1) No. (4) MiCA),
  • Crypto assets that are not considered ARTs or EMTs (Art. 3 (1) No. (5) MiCA)

While intended to be distinct, there are some points of convergence. For example, MiCA establishes regulations for individuals or entities offering crypto assets and those seeking admission to trade them, as well as for issuers of asset-referenced tokens and e-money tokens. In addition to this, MiCA establishes operational, organisational, and prudential requirements at the EU level that are applicable to crypto asset service providers, in parallel with these similar requirements which exist for traditional financial instruments. Moreover, certain financial firms that are already regulated in the EU should be permitted to offer all or a portion of crypto asset services without the need to obtain an authorisation as a CASP under MiCA if the activities which they participate in are already covered under existing regulation. For instance, banks are permitted to offer any of the crypto asset services; however, investment firms are restricted to offering only crypto asset services that are deemed to be equivalent to the investment services and activities for which they are already authorised under MiFID II.

The structure of this classification does not include hybrid tokens, which include tokens of decentralised financing initiatives (DeFi tokens), and decentralised assets, such as cryptocurrencies. It is worth noting that current MiCA Regulation does not cover aspects of DeFi Markets such as non-fungible tokens (NFTs) and staking. The EU has chosen to wait to develop a regime for these aspects of the digital asset market to ensure it is future proof, as they believe these aspects have not yet sufficiently evolved. However, this does not mean that regulation will not come. It is likely that additional frameworks and requirements will be developed over time, and market participants engaging in these activities should continue to work with the public sector as new policies are developed.

Practical Considerations for Compliance

For businesses operating in the digital asset space, determining which regulatory framework applies is crucial. The classification of the crypto assets, products, and services they offer will dictate the applicable rules and compliance requirements. Whether MiCA, MiFID II, or both apply depends on the type of business conducted and the assets provided. This classification guides the applicable governance, risk, and operational requirements. In relation to governance and compliance strategies, crypto companies which are CASP-classified under MiCA can start preparing by implementing various internal and external measures to align with regulatory requirements by following these steps:

  1. Conduct an assessment of the current operations and services they provide. The goal is to define the firms’ current standing coupled with an internal regulatory check-in concerning existing policies and procedures.
  2. For potential CASP firms, delineate which of their current policies and procedures are overseen by existing regulations and which will need to meet further requirements imposed by the new regulatory provisions.
  3. Craft a well-defined implementation plan on how the firm will address those gaps by implementing internal and external strategies, thereby complying with the new regulatory framework.

Throughout this process, firms should also consider how to develop the appropriate risk management practices that address financial and operational risks. Additionally, they should engage with stakeholders by collaborating with regulators, customers, and industry bodies to ensure comprehensive compliance.

Practical Examples Illustrating MiCA and MiFID II Regulation

Example 1: Crypto Firm Regulated Under MiCA

An example of crypto firm that will be regulated under MiCA is a custodial wallet. This type of company provides a secure digital wallet service for storing, sending, and receiving various cryptocurrencies, including Bitcoin and Ethereum. Since focuses exclusively on crypto assets and offers custody and transaction services, it falls within the regulatory scope of the MiCA framework.

In this case, the compliance steps that this company needs to undertake are as follows:

  • Assessment: Conduct a comprehensive assessment of current operations and services against MiCA requirements.
  • Gap Analysis: Identify regulatory gaps and areas needing improvement to meet MiCA standards.
  • Implementation Plan: Develop a detailed implementation plan to address compliance gaps, including policy updates, security enhancements, and employee training.
  • Engagement: Engage with regulators, industry bodies, and stakeholders to ensure compliance and stay informed about regulatory updates.

Example 2: Financial Firm Regulated under MIFID II

A different example is the case of a financial firm regulated under MiFID II. Consider a financial advisory firm that offers investment management services, including portfolio management, investment advice, and trading of traditional financial instruments such as stocks, bonds, and derivatives. Suppose this firm has expanded its service offering to include investment products that include cryptoassets. Some of these cryptoassets qualify as financial instruments under MiFID II, while others fall under the new MiCA regulation.

The compliance steps for this firm might include the following:

  • Assessment: Review all cryptoassets offered to determine which fall under MiFID II and which fall under MiCA. Conduct a comprehensive assessment of existing operations and services against both MiFID II and MiCA requirements.
  • Gap Analysis: Identify regulatory gaps in compliance with MiFID II for financial instruments, including qualifying crypto assets. Identify gaps in compliance with MiCA for other cryptoassets and CASP activities.
  • Implementation Plan: Develop a detailed plan addressing gaps in compliance with MiFID II, including updates to transparency, disclosure, and market integrity policies. Create an implementation plan to meet MiCA requirements, including obtaining necessary authorisations and enhancing consumer protection measures.

In summary, the evolving regulatory landscape requires crypto businesses to comply with new standards by adapting to new frameworks. By understanding the differences and overlaps between MiCA and MiFID II, companies can ensure they meet the regulatory requirements and contribute to the stability and integrity of the financial system.

GDF and Zodia would note that of course, MIFID II is not the only European regulation firms should be aware of. The European Supervisory Authorities also recently published draft guidelines on templates for explanations and opinions, and the standardised test for the classification of crypto-assets. While these are still under consultation it is important for firms to continue to monitor the full spectrum of regulation and guidance which they may fall under when operating in the EU.  

Conclusion

In summary, it is crucial for firms to determine their position within the EU regulatory framework for crypto assets and the broader regulatory framework for financial services. By discussing the key features of the EU’s approach to regulating crypto and digital assets through both MiCA and MiFID II, this article higlights the importance of firms being prepared. It emphasises the need to adapt transparency, market integrity, and investor protection practices to the unique challenges posed by digital assets.

As the EU finalises its approach and prepares to implement MiCA, firms must be ready to achieve and sustain compliance, carefully considering how different regulatory regimes will apply.

GDF and Zodia Markets remain committed to supporting the industry in developing a holistic approach to compliance. We continueto engage with the public sector to promote broader knowledge sharing and improve outcomes across the ecosystem. Ongoing dialogue between public and private sectors, alongside cross-industry collaboration remains crucial for maintaining high standards and best-practices across the industry. GDF and Zodia Markets look forward to continued collaboration with regulators, other associations, and firms to achieve the highest levels of compliance and consistent standards, as well as to support the growth and scaling of new technologies across financial services.


Resources

More insights
  • Meet our new sales team: Adam Parnell and Ran Wei
  • Harnessing AI – Use Cases and Applications in Compliance, Regulatory and Legal Functions
  • Bitcoin’s supply reduction: What does Bitcoin’s fourth halving mean, and why does it matter?
Authors
Elise SoucieElise Soucie, GDF
Lucia della VenturaLucia della Ventura
Table of contents
More insights
  • Meet our new sales team: Adam Parnell and Ran Wei
  • Harnessing AI – Use Cases and Applications in Compliance, Regulatory and Legal Functions
  • Bitcoin’s supply reduction: What does Bitcoin’s fourth halving mean, and why does it matter?

Related articles

  • Digital Déjà Vu – Voyager Digital and Knickerbocker Trust

    Digital Deja Vu Voyager Digital and Knickerbocker Trust 1

    This story covers three topics. First, as markets evolve, they often see a wave of new entrants who are subject to lower regulatory requirements than the incumbents, sometimes known as ‘regulatory arbitrage’.

    Read more: Digital Déjà Vu – Voyager Digital and Knickerbocker Trust
  • Digital Déjà Vu – ICOs and 17th Century Treasure Hunters

    Digital Deja Vu – ICOs and 17th Century Treasure Hunters 1

    Cryptoasset markets are often thought of as innovative, which is true in some cases, but not all. Slow processes and regulation can certainly be frustrating, but market participants should always be careful to not be blinded by neophilia, or a love of novelty.

    Read more: Digital Déjà Vu – ICOs and 17th Century Treasure Hunters
  • Responsibility and Sustainability in a Decentralised Environment: The ETH Merge

    Responsibility and Sustainability in a Decentralised Environment The ETH Merge 1

    The Ethereum merge, completed in September, transitioned the blockchain’s consensus mechanism from an energy-intensive proof-of-work (POW) to a proof-of-stake (POS) protocol. This has reduced energy consumption by more than 99.9%.1

    Read more: Responsibility and Sustainability in a Decentralised Environment: The ETH Merge
  • Zodia Markets signs Armed Forces Covenant

    Zodia Markets signs Armed Forces Covenant 1

    Zodia Markets is proud to announce its signing of the Armed Forces Covenant, demonstrating its commitment to treat fairly those who serve, or have served in the military, and their families, and emphasising the company’s dedication to fulfilling its social responsibilities.

    Read more: Zodia Markets signs Armed Forces Covenant

Latest