Establishing a Crypto Asset Business in the EU (A comprehensive guide on the EU’s Markets in Crypto Assets Regulations)

The European Union’s Regulation (EU) 2023/1114 on Markets in Crypto-Assets (MiCA or Regulation), was set to bring big changes to the crypto industry across Europe. With MiCA now fully in effect since December 30, 2024, it has become crucial for crypto businesses to comply with its provisions. MiCA aims to bring much-needed clarity to a space that’s often been confusing and uncertain.

This article will break down what MiCA means for everyone involved in crypto, from enthusiasts to industry players, and even those just curious about the future of digital assets in Europe. It offers a detailed breakdown of MiCA, covering almost all of its provisions. It’s designed to help you understand the key points of MiCA and how it might affect you, offering a clear and straightforward guide to this important new regulation.

If you want the clearest and most comprehensive look at MiCA, you’ve come to the right place.

1. Timeframes of MiCA

MiCA officially entered into force on June 9, 2023, as outlined in Article 149, following its publication in the Official Journal of the EU. However, the regulation’s provisions are implemented in phases:

• June, 2023: MiCA’s entry into force-initiated rules for additional regulatory guidance, including the development of technical standards and guidelines by EU regulators.
• June 30, 2024: Rules for asset-referenced tokens (ARTs) and e-money tokens (EMTs), came into effect, as stipulated in Titles III and IV of MiCA.
• December 30, 2024: The full range of MiCA provisions, including those for issuers of other crypto-assets and crypto-asset service providers (CASPs), became applicable, as detailed in Titles I, II, V, VI, and VII.

Besides, Article 143 of MiCA provides transitional measures to facilitate a smooth transition from national regulations to the new EU-wide framework:

• “Grandfathering” clause: CASPs that were operating under national laws before December 30, 2024, may continue their operations until July 1, 2026, or until a decision on their MiCA authorization is made. This is detailed in Article 143(3), allowing for a gradual transition to the MiCA regime.
• Simplified Authorization: Member States can apply a simplified authorization procedure for CASPs that were authorized under national laws as of December 30, 2024. This applies to applications submitted between December 30, 2024, and July 1, 2026, as outlined in Article 143(6).

According to Article 143, Member States had the discretion to adjust the transitional period, potentially shortening it. They were required to notify the European Commission and ESMA by June 30, 2024, if they chose to do so.

 

So, by July 2026, all entities operating under national law must secure MiCA authorization or discontinue their crypto-asset services.

2. Scope of MiCA Regulations

Subject Matter

The MiCA Regulation lays down uniform requirements for the offer to the public and admission to trading on trading platforms of crypto-assets. This includes:

• crypto-assets other than asset-referenced tokens and e-money tokens, as well as
• asset-referenced tokens (ARTs) and
• e-money tokens (EMTs) themselves.

Crypto-asset – a digital representation of a value or of a right that is able to be transferred and stored electronically using distributed ledger technology or similar technology.
Crypto-assets other than asset-referenced tokens and e-money tokens – any crypto-assets that fall under the scope of the Regulation but do not qualify as EMT or ART.	Asset-referenced token (ART) – a type of crypto-asset that is not an electronic money token and that purports to maintain a stable value by referencing another value or right or a combination thereof, including one or more official currencies.	Electronic money token or E-money token (EMT) – a type of crypto-asset that purports to maintain a stable value by referencing the value of one official currency.

Additionally, the Regulation sets requirements for crypto-asset service providers.

The Regulation mandates transparency and disclosure obligations for the issuance, public offering, and admission to trading of crypto-assets. These requirements aim to enhance the transparency of the crypto-assets market and ensure that investors have access to necessary information to make informed decisions.

Moreover, MiCA outlines specific requirements for the authorization and supervision of crypto-asset service providers, issuers of asset-referenced tokens, and issuers of e-money tokens. These provisions cover their operational conduct, organizational structure, and governance, ensuring that these entities operate within a well-defined regulatory framework.

To protect holders of crypto-assets, the Regulation establishes requirements that apply during the issuance, public offering, and admission to trading of crypto-assets. These measures are designed to safeguard investors’ interests and ensure a fair and transparent market environment.

Client protection is another critical aspect of the MiCA Regulation. It specifies requirements to protect clients of crypto-asset service providers, ensuring that their rights and interests are adequately safeguarded.

To maintain market integrity, the Regulation includes measures to prevent insider dealing, unlawful disclosure of inside information, and market manipulation related to crypto-assets. These provisions are crucial for ensuring the integrity and stability of the crypto-assets market.

Scope

MiCA applies to natural and legal persons and certain other undertakings engaged in the issuance, public offering, and admission to trading of crypto-assets, or that provide services related to crypto-assets within the Union. However, there are specific exemptions to its applicability.

The Regulation does not apply to persons providing crypto-asset services exclusively for their parent companies, subsidiaries, or other subsidiaries of their parent companies. It also exempts liquidators or administrators acting in the course of an insolvency procedure, except for specific purposes outlined in the Regulation.

Furthermore, the Regulation does not apply to the European Central Bank (ECB), central banks of Member States when acting in their capacity as monetary authorities, or other public authorities of the Member States. Other exemptions include the European Investment Bank and its subsidiaries, the European Financial Stability Facility, the European Stability Mechanism, and public international organizations.

MiCA also excludes crypto-assets that are unique and not fungible with other crypto-assets.

Additionally, it does not apply to:

• crypto-assets that qualify as financial instruments,
• deposits (including structured deposits),
• funds (except if they qualify as e-money tokens),
• securitization positions,
• non-life or life insurance products,
• pension products recognized under national law,
• occupational pension schemes,
• individual pension products requiring employer contributions by law, and
• certain social security schemes.

3. Crypto-Assets Other Than Asset-Referenced Tokens Or E-Money Tokens

Offers to the Public of Crypto-Assets Other than Asset-Referenced Tokens or E-Money Tokens

To make a public offer of crypto-assets other than asset-referenced tokens or e-money tokens, the offeror must:

• be a legal person;
• prepare a crypto-asset white paper compliant with article 6;
• notify the white paper as per article 8;
• publish the white paper following article 9;
• draft and publish marketing communications according to articles 7 and 9;
• adhere to requirements for offerors laid down in article 14.

Certain offers are exempt from the requirements to prepare, notify, and publish a white paper, as well as publish marketing communications. These exemptions apply to:

• offers to fewer than 150 natural or legal persons per member state acting on their own account;
• offers where the total consideration over 12 months does not exceed eur 1,000,000 or equivalent;
• offers addressed solely to qualified investors where the crypto-asset can only be held by such investors.

The Title does not apply to offers of crypto-assets if:

• the crypto-asset is offered for free;
• the crypto-asset is automatically created as a reward for maintaining the distributed ledger or validating transactions;
• the offer concerns a utility token providing access to a good or service that exists or is in operation;
• the crypto-asset can be used only in exchange for goods and services within a limited network of merchants with contractual arrangements with the offeror.

Notably, a crypto-asset is not considered offered for free if personal data or any fees, commissions, or other benefits are exchanged for the crypto-asset. If an offer exceeds EUR 1,000,000 in total consideration within 12 months, the offeror must notify the competent authority and justify the exemption.

The above exemptions do not apply if the offeror, or their representative, announces an intention to seek trading admission for a non-asset-referenced or non-e-money token crypto-asset.

Authorization under Article 59 is not required for providing custody, administration, or transfer services for exempt crypto-assets unless:

• there is another public offer of the same crypto-asset not benefiting from the exemption, or
• the crypto-asset is admitted to a trading platform.

Offers involving utility tokens for goods and services not yet available must not exceed 12 months from the white paper publication date.

Subsequent public offers of the crypto-asset other than ART or EMT are treated as new offers and must comply with paragraph 1, unless covered by paragraphs 2 or 3. No additional white paper is required if an existing one has been published and the author consents to its reuse.

If a white paper is voluntarily prepared for an exempt crypto-asset, all regulations of this Title apply.

Admission to Trading

To seek admission to trading of a crypto-asset other than asset-referenced tokens or e-money tokens, the following conditions must be met:

• The applicant must be a legal person.
• A compliant crypto-asset white paper must be drawn up, notified, and published.
• Marketing communications, if any, must be drafted and published.
• Compliance with requirements for persons seeking admission to trading laid down in Article 14.

If a trading platform operator initiates the admission to trading and no white paper has been published, the operator must comply with the requirements. Alternatively, the operator and the person seeking admission to trading may agree that the operator will fulfill all or part of the requirements.

Certain derogations apply:

• If the crypto-asset is already admitted to trading on another platform within the Union.
• The white paper must be compliant with Article 6 and updated per Article 12, with consent for its use from the person responsible for its preparation.

Content and Form of the Crypto-Asset White Paper

The white paper must include detailed information, as further specified in Annex I, about:

• the offeror or the person seeking admission to trading

(name, legal form, registered address, date of registration, legal entity identifier, contact details, management body information, business activity, and financial condition),

• the issuer if different from the offeror

(similar details as stated above), and

• the operator of the trading platform if they are responsible for preparing the document

(identification details, reasons for drafting the white paper, and business activities).

Additionally, the white paper must cover all pertinent aspects of the crypto-asset project, including:

• the specifics of the offer to the public or the admission to trading

(project name, description, involved persons, key features of goods/services (for utility tokens), milestones, and resource allocation; purpose, target amounts, issue price, subscription goals, phases of the offer, safeguarding arrangements, payment methods, right of withdrawal, and potential conflicts of interest),

• detailed information about the crypto-asset itself

(type, characteristics, functionality, and classification data), and

• the rights and obligations attached to it

(description of rights and obligations, modification conditions, future offers, transferability restrictions, protection schemes, and applicable laws).

It must also provide:

• insights into the underlying technology

(technology details, consensus mechanisms, incentive mechanisms, distributed ledger technology, and audit outcome),

• associated risks

(risks related to the offer, issuer, crypto-asset, project implementation, technology, and mitigation measures), and

• the principal adverse impacts on the climate and environment due to the consensus mechanism used for issuing the crypto-asset.

All information must be presented in a fair, clear, and non-misleading manner, without any material omissions, and should be concise and comprehensible.

The first page of the white paper must prominently state: ‘This crypto-asset white paper has not been approved by any competent authority in any Member State of the European Union. The offeror of the crypto-asset is solely responsible for the content of this crypto-asset white paper.’

The white paper must not contain any assertions about the future value of the crypto-asset. Instead, it should include a clear statement that:

• the crypto-asset may lose its value in part or in full,
• may not always be transferable,
• may not be liquid, and,
• in the case of utility tokens, may not be exchangeable for the promised goods or services, especially if the project fails.

It should also clarify that the crypto-asset is not covered by investor compensation or deposit guarantee schemes.

A statement from the management body must confirm compliance with MiCA and ensure that the information is fair, clear, and complete. Following this, a non-technical summary must be provided, offering key information to help prospective holders make informed decisions. This summary should include a warning that it is only an introduction to the full white paper and that any purchase decision should be based on the entire document.

The white paper must include the date of its notification and a table of contents. It should be written in the official language of the home Member State or a language customary in international finance. If the crypto-asset is offered in another Member State, the white paper must also be available in the official language of that host Member State or a language customary in international finance. Furthermore, the white paper must be available in a machine-readable format.

Marketing Communications

Marketing communications related to the public offer or trading admission of crypto-assets must adhere to specific criteria. They must be:

• clearly identifiable as marketing material, and
• the information must be fair, clear, and not misleading.

The content should be consistent with the information in the white paper and must state that the white paper has been published, including contact details for further inquiries.

A disclaimer must contain a clear and prominent statement: ‘This crypto-asset marketing communication has not been reviewed or approved by any competent authority in any Member State of the European Union. The offeror of the crypto-asset is solely responsible for the content of this crypto-asset marketing communication.’

Marketing communications cannot be disseminated before the white paper is published. However, the ability of the offeror, the person seeking admission to trading, or the platform operator to conduct market soundings remains unaffected. Competent authorities in the Member State where the communications are disseminated will assess compliance and may collaborate with the home Member State’s competent authority. Any supervisory actions taken by the host Member State’s authority must be communicated to the home Member State’s authority without undue delay.

Notification of the Crypto-Asset White Paper and Marketing Communications

Offerors, persons seeking admission to trading, or platform operators must notify their crypto-asset white paper to the competent authority of their home Member State. Upon request, marketing communications must also be notified to the competent authorities of the home and host Member States.

Competent authorities do not require prior approval of the white paper or marketing communications before their publication. The notification must include an explanation of why the crypto-asset should not be classified as a financial instrument, e-money token, or asset-referenced token. Notifications must be made at least 20 working days before the publication date of the white paper.

Offerors and persons seeking admission to trading must inform their home Member State’s authority of the Member States where they intend to offer or seek admission, and the starting date of the offer or admission. The home Member State’s authority will communicate relevant information to ESMA, which will make the white paper available in its register by the start date of the offer or admission.

Publication of the Crypto-Asset White Paper and Marketing Communications

Offerors and persons seeking admission to trading must publish their white papers and marketing communications on a publicly accessible website before the offer or admission starts. These documents must remain available for as long as the crypto-assets are held by the public. Published documents must be identical to the versions notified to the competent authority or the modified versions if applicable.

Result of the Offer to the Public and Safeguarding Arrangements

MiCA stipulates that offerors of crypto-assets other than asset-referenced tokens or e-money tokens must publish the results of their public offer. For offers with a time limit, the results must be published on the offeror’s website within 20 working days after the end of the subscription period. For offers without a time limit, the number of units in circulation must be updated and published monthly on the website.

Offerors with time-limited public offers are required to have effective arrangements to monitor and safeguard the funds or other crypto-assets raised. These funds or assets must be kept in custody by either a credit institution (if funds are raised) or a crypto-asset service provider offering custody and administration services. When the public offer has no time limit, these safeguarding arrangements must be maintained until the retail holder’s right of withdrawal expires, as per Article 13.

Rights of Offerors and Persons Seeking Admission to Trading

After publishing the crypto-asset white paper in compliance with Article 9, and any modifications per Article 12, offerors may publicly offer crypto-assets other than asset-referenced tokens or e-money tokens across the EU. These crypto-assets may also be admitted to trading on EU trading platforms. Once the white paper and any necessary modifications are published, offerors and persons seeking admission to trading are not subject to additional information requirements regarding the public offer or trading admission of the crypto-asset.

Modification of Published Crypto-Asset White Papers and Marketing Communications

Offerors, persons seeking admission to trading, or trading platform operators must modify their published crypto-asset white papers and marketing communications if a significant new factor, material mistake, or inaccuracy arises that could affect the assessment of the crypto-assets. This requirement applies throughout the duration of the public offer or as long as the crypto-asset is admitted to trading.

The modified documents, along with the intended publication date and reasons for modification, must be notified to the competent authority of the home Member State at least 7 working days before publication. On the publication date, or earlier if required, the public must be informed via the offeror’s website, including a summary of the modification reasons.

The structure of the modified white paper and marketing communications must remain consistent with the original documents published under Article 9. Within 5 working days of receiving the modified documents, the home Member State’s competent authority will notify the host Member States’ authorities and ESMA, which will then make the modified white paper available in the register.

Offerors, persons seeking admission to trading, or trading platform operators must publish the modified white paper and marketing communications on their website, ensuring they are time-stamped and marked as the applicable versions. These documents must remain available for as long as the crypto-assets are held by the public. Changes in the modified white paper for utility tokens providing access to non-existent or non-operational goods and services must not extend the 12-month time limit specified in Article 4(6).

Older versions of the white paper and marketing communications must remain publicly accessible on the offeror’s website for at least 10 years, with a warning indicating they are no longer valid and a hyperlink to the most recent versions.

Right of Withdrawal

MiCA grants retail holders a right of withdrawal when purchasing crypto-assets other than asset-referenced tokens and e-money tokens. This right allows retail holders to withdraw from their purchase agreement without incurring any fees or costs and without needing to provide reasons. The withdrawal period is 14 calendar days from the date of the purchase agreement.

All payments received, including any charges, must be reimbursed within 14 days from the notification of withdrawal. Reimbursement should be carried out using the same means of payment unless otherwise agreed by the retail holder, ensuring no additional fees or costs.

Offerors must inform retail holders of their right of withdrawal in the crypto-asset white paper. However, this right does not apply if the crypto-assets have been admitted to trading before purchase or if the withdrawal period exceeds the subscription period end date set by the offeror.

Obligations of Offerors and Persons Seeking Admission to Trading

Offerors and those seeking admission to trading of crypto-assets other than ARTs or ERTs must adhere to several obligations to ensure transparency, fairness, and security in their operations. They must:

• act honestly, fairly, and professionally;
• communicating in a clear, fair, and non-misleading manner with holders and prospective holders;
• identifying, preventing, managing, and disclosing any conflicts of interest is crucial;
• additionally, they must maintain systems and security protocols in line with Union standards.

Acting in the best interests of crypto-asset holders and treating them equally is mandatory unless preferential treatment is disclosed in the white paper and, if applicable, in marketing communications. If a public offer is cancelled, the offeror must return any collected funds to holders or prospective holders within 25 calendar days of cancellation.

Liability for Information in the Crypto-Asset White Paper

Offerors, persons seeking admission to trading, and operators of trading platforms are liable for any loss incurred by holders due to incomplete, unfair, unclear, or misleading information in the crypto-asset white paper or its modifications. Any attempt to exclude or limit this liability contractually is void.

If the trading platform operator prepares the white paper and marketing communications, the person seeking admission to trading is also responsible for providing accurate information to the operator.

Holders must present evidence showing that the offeror, person seeking admission, or platform operator provided misleading or incomplete information that impacted their decision to purchase, sell, or exchange the crypto-asset.

However, the offeror, person seeking admission, or platform operator is not liable for losses based on information in the summary, except where the summary is misleading, inaccurate, inconsistent, or fails to provide key information when read with the rest of the white paper. Besides, this liability clause does not preclude any other civil liabilities under national law.

4. Asset-Referenced Tokens: Authorisation and Requirements

Authorisation to Offer ARTs to the Public and to Seek Their Admission to Trading

A person must not offer asset-referenced tokens to the public or seek their admission to trading within the EU unless they are the issuer of that asset-referenced token. The issuer must be:

• either a legal person or an undertaking established in the Union and authorised by the competent authority of their home Member State, or
• a credit institution that complies with the specific requirements set out in Article 17.

With the issuer’s written consent, other persons may also offer or seek the admission to trading of the asset-referenced token, provided they comply with certain provisions, including transparency and anti-money laundering measures.

For other undertakings to issue asset-referenced tokens, their legal form must ensure equivalent protection for third-party interests and be subject to appropriate prudential supervision.

Certain offers are exempt from these authorisation requirements. These include situations where the average outstanding value of the asset-referenced token does not exceed EUR 5,000,000 over a 12-month period and the issuer is not linked to a network of exempt issuers, or when the offer is addressed solely to qualified investors who can exclusively hold the tokens. However, issuers must still draw up a crypto-asset white paper and notify it to the competent authority of their home Member State.

Once authorised by the competent authority, the authorisation is valid across the entire Union, allowing issuers to offer the asset-referenced token publicly or seek its admission to trading throughout the EU. Similarly, the approval of the crypto-asset white paper by the competent authority is also valid across the Union.

Requirements for Credit Institutions

Credit institutions issuing asset-referenced tokens must meet specific requirements:

• they must prepare a crypto-asset white paper and submit it for approval to the competent authority of their home Member State.
• they must notify the competent authority at least 90 working days before issuing the token for the first time, providing detailed information, including a program of operations, a legal opinion on the token’s qualification, and descriptions of governance arrangements, internal controls, and risk management procedures.

If the credit institution has previously submitted this information for another asset-referenced token, it need not resubmit identical information, provided it confirms that the previously submitted information is still up-to-date.

The competent authority has 20 working days to assess whether the information is complete, with a provision to request additional information if needed.

Credit institutions issuing asset-referenced tokens are exempt from certain articles of the MiCA Regulation (Articles 16, 18, 20, 21, 24, 35, 41 and 42), focusing on more significant regulatory obligations.

The competent authority must communicate the complete information to the European Central Bank (ECB) and, where applicable, to the central bank of the Member State if the token references a non-euro currency. The ECB and relevant central bank have 20 working days to issue an opinion on the information. If the ECB or central bank raises concerns about risks to payment systems, monetary policy transmission, or monetary sovereignty, the competent authority must prevent the credit institution from offering or seeking admission to trading for the token.

The competent authority will also communicate necessary information to ESMA, which will make it available in the register by the starting date of the public offer or trading admission. In cases of authorisation withdrawal, the competent authority must promptly inform ESMA to update the register.

Application for Authorisation

Legal persons or undertakings intending to offer or seek trading admission for ARTs must apply for authorisation to the competent authority of their home Member State. The application must include detailed information about:

• the address and legal entity identifier of the applicant issuer;
• if applicable, the articles of association;
• a detailed program of operations outlining the business model intended to be followed by the applicant issuer;
• a legal opinion confirming that the ART does not qualify as a crypto-asset excluded from the regulation’s scope or as an EMT;
• a thorough description of the applicant issuer’s governance arrangements as stipulated in Article 34(1);
• for issuers with cooperation arrangements with crypto-asset service providers, a detailed description of internal control mechanisms to ensure compliance with anti-money laundering and counter-terrorist financing obligations under Directive (EU) 2015/849;
• identity and qualifications of the management body members, proving their good repute and competence;
• proof that direct or indirect shareholders or members with qualifying holdings are of sufficiently good repute;
• a crypto-asset white paper as per Article 19;
• policies and procedures related to governance, contractual arrangements with third-party entities, business continuity, internal controls, risk management, and data safeguarding as outlined in Article 34.
• description of complaints-handling procedures as per Article 31.
• a list of host Member States where the asset-referenced token is intended to be offered or traded, if applicable.

Issuers already authorized for one ART are not required to resubmit identical information for another token. They must confirm that previously submitted information is still current when submitting new applications.

Competent authorities must promptly acknowledge the receipt of an application within 2 working days, providing written confirmation to the applicant issuer.

Issuers must provide proof for the following:

• management body: absence of criminal records or penalties related to commercial law, insolvency law, financial services law, anti-money laundering, counter-terrorism financing, fraud, or professional liability.
• collective expertise: the management body collectively possesses the necessary knowledge, skills, and experience, and members dedicate sufficient time to their duties.
• shareholders and members: absence of criminal records and penalties similar to those required for the management body.

Content and Form of the Crypto-Asset White Paper for Asset-Referenced Tokens

The white paper should include detailed information specified in Annex II, which encompasses several critical areas.

The white paper must provide comprehensive information about:

• the issuer of the ART

(name, legal form, registered address date of registration, legal entity identifier, parent company (if applicable), management body: identities, business addresses, and functions; business activity: description of the issuer and its parent company (if applicable); financial condition: review of the past three years, including material changes; governance arrangements, authorisation details: competent authority for asset-referenced token issuance; other crypto-assets activities: connections with distributed ledger technology);

• the specifics of the asset-referenced token itself

(name and abbreviation/ticker, characteristics and classification data, operationalisation team: advisors, development team, and service providers; third-party roles and responsibilities, project plans: past and future milestones and allocated resources);

• the offer to the public or admission to trading

(offer or trading indication, fundraising goals and subscription details, total units offered/admitted to trading, targeted holders and restrictions, reimbursement conditions: refund timeline if goals are unmet; offer phases and discount details, subscription period for time-limited offers, payment and redemption methods, transfer schedule of purchased tokens, technical requirements for purchasers, placement and trading platforms: names and access details; expenses and conflicts of interest, applicable law and competent court);

• the rights and obligations attached to the ART

(token characteristics and functionality, purchaser rights and obligations: exercise procedures; modification conditions for rights and obligations, future offers: information on retained units; transferability restrictions; supply protocols: mechanisms in response to demand; protection and compensation schemes, redemption details: methods and conditions; applicable law and competent court);

• the underlying technology

(technology used: distributed ledger technology, protocols, and standards; consensus mechanism and incentives, audit outcomes);

• the risks

(reserve asset risks, issuer risks, offer and trading risks, token-specific and operational risks, technology risks and mitigation measures);

• the reserve of assets

(alignment mechanism: reserve value and token claims; composition and issuance/redemption mechanisms, investment policy for reserve assets, custody arrangements: segregation and custodians);

• the principal adverse impacts on the climate and environment due to the consensus mechanism used.

The white paper must also identify any person, other than the issuer, offering to the public or seeking admission to trading, and explain why they are doing so. If the white paper is not created by the issuer, it must include the identity and reason for the person who drafted it.

All information must be fair, clear, and not misleading. The white paper should be concise and comprehensible, without material omissions.

The white paper should not contain any assertions about the future value of the crypto-assets, except for a specific required statement. The white paper must include a clear statement that the ART may:

• lose its value in part or in full;
• not always be transferable;
• not be liquid;
• not be covered by investor compensation schemes (Directive 97/9/EC);
• not be covered by deposit guarantee schemes (Directive 2014/49/EU).

In addition, the crypto-asset white paper shall contain statement from the management body of the issuer confirming the compliance of the white paper with this Title and the accuracy of its content should.

The crypto-asset white paper shall also contain a concise, non-technical summary providing key information about the public offer or intended trading admission. It should be easy to read and understand, including a warning that:

• it is an introduction to the white paper;
• decisions should be based on the entire white paper, not just the summary;
• the offer does not constitute an offer or solicitation to purchase financial instruments unless done by a prospectus or other legal documents;
• the white paper is not a prospectus under Regulation (EU) 2017/1129 or any other legal document;
• the summary must also state that holders of the tokens have a right of redemption and outline the conditions for such redemption.

Additional requirements to White Paper:

• it should contain the date of notification and a table of contents;
• it must be in an official language of the home Member State or a customary international finance language, and also in the host Member State’s official language if applicable;
• it must be available in a machine-readable format.

Assessment of the Application for Authorization

Upon receiving an application for authorization under Article 18, competent authorities have 25 working days to assess whether the application, including the crypto-asset white paper outlined in Article 19, contains all necessary information. They must notify the applicant issuer immediately if any information is missing and set a deadline for its submission.

Within 60 working days of receiving a complete application, authorities will evaluate compliance with the Title’s requirements and draft a fully reasoned decision to grant or refuse authorization. They may request additional information during this period and collaborate with anti-money laundering and counter-terrorist financing authorities, financial intelligence units, or other public bodies.

The assessment period is suspended between the date of request for additional information and the receipt of the issuer’s response, up to a maximum of 20 working days. The competent authorities will transmit their draft decision and the application to the EBA, ESMA, and the ECB after the period of 60 working days. If the issuer is in a non-euro Member State or references a non-euro currency, the draft decision and application will also be sent to the central bank of that Member State.

EBA and ESMA will provide their opinions on the legal aspects within 20 working days, while the ECB or relevant central bank will assess risks to financial stability, payment systems, monetary policy transmission, and monetary sovereignty. These opinions are non-binding but must be considered by the competent authorities.

Grant or Refusal of the Authorization

Competent authorities have 25 working days from receiving the opinions to make a final decision on the authorization, notifying the applicant within 5 working days.

Authorization is refused if:

• the management body poses a threat to effective management;
• members do not meet suitability criteria;
• shareholders and members, whether direct or indirect, that have qualifying holdings lack good repute;
• the issuer fails to meet requirements, or
• the business model poses significant risks to market integrity, financial stability, the smooth operation of payment systems or exposes risks to money laundering and terrorist financing.

Authorization will also be refused if the ECB or relevant central bank raises concerns about risks to financial stability or monetary policy.

Once authorization is granted, the competent authorities will inform host Member States, ESMA, EBA, the ECB, and relevant central banks within 2 working days, and ESMA will update the register accordingly. All refusals and their reasons will be communicated to EBA, ESMA, and relevant central banks.

Reporting on Asset-Referenced Tokens

Issuers of ARTs valued over EUR 100,000,000 must report quarterly to the competent authority, providing information on:

• the number of holders;
• the token value and reserve size;
• average daily transaction numbers and values, and
• estimates of transactions as a means of exchange within a currency area.

Transactions are defined as any change of the natural or legal person entitled to the asset-referenced token as a result of the transfer of the asset-referenced token from one distributed ledger address or account to another.

Transactions with the issuer or a crypto-asset service provider are not considered uses of the asset-referenced token as a means of exchange unless there is evidence of its use in settling other crypto-asset transactions.

The competent authority may extend this reporting requirement to tokens valued below EUR 100 000 000.

Crypto-asset service providers must supply necessary transaction information to the issuer. The competent authority will share reports with the ECB and relevant central banks, which may provide their estimates of transactional use within a currency area.

Restrictions on Issuance of ART, used widely as a means of exchange

If an ART exceeds a quarterly average of 1 million transactions and EUR 200 000 000 in aggregate value per day within a single currency area, the issuer must:

• stop issuing that token;
• submit a plan to the competent authority within 40 working days to reduce transactions below the specified thresholds.

The competent authority will use data from the issuer, its own estimates, or estimates from the ECB or relevant central bank to determine if the thresholds are exceeded.

For tokens issued by multiple issuers, the competent authority will aggregate data from all issuers to assess compliance.

The issuer’s plan to reduce transaction volume must be approved by the competent authority, which may require modifications to ensure compliance.

Issuance can resume only when the competent authority verifies that the transaction volume is below the specified thresholds (lower than 1 million transactions and EUR 200 000 000 respectively).

Withdrawal of the authorization

Authorisation can be withdrawn by competent authorities if the issuer:

• ceases business for 6 months or does not use the authorisation for 12 months;
• obtains authorisation by irregular means;
• fails to meet the conditions for authorization;
• seriously infringes ARTs’ provisions;
• is subject to a redemption plan;
• renounces authorisation or ceases operations;
• poses a serious threat to market integrity, financial stability, the smooth operation of payment systems, or exposes the sector to serious risks of money laundering and terrorist financing.

Authorisation will also be withdrawn if the ECB or relevant central bank determines that the token poses a serious threat to payment systems, monetary policy transmission, or monetary sovereignty.

Competent authorities may limit the amount issued or impose a minimum denomination if the ECB or central bank identifies a threat.

Relevant authorities must notify the issuer’s competent authority if:

• a third-party entity loses its authorization as a credit institution, a crypto-asset service provider, a payment institution, or as an electronic money institution;
• members of the issuer’s management or significant shareholders violate national laws.

Competent authorities must withdraw authorisation if paragraph 4 of this Article situations affect the issuer’s management or shareholders’ reputation, or if there’s a failure in governance or internal controls per Article 34. Upon withdrawal, the issuer must follow Article 47 procedures.

Competent authorities must notify ESMA within 2 working days of withdrawing authorisation, and ESMA will update the register accordingly.

Modification of published crypto-asset white papers for ARTs

Issuers must notify the competent authority of their home Member State at least 30 working days before any intended changes to their business model that could significantly influence the purchase decisions of current or prospective holders of ARTs. Significant changes include, but are not limited to:

• governance arrangements, including reporting lines and risk management frameworks;
• reserve assets and their custody;
• rights granted to token holders;
• mechanisms for token issuance and redemption;
• protocols for transaction validation;
• functioning of proprietary distributed ledger technology;
• liquidity mechanisms, including policies and procedures for significant tokens;
• arrangements with third parties for managing reserves and distributing tokens;
• complaints-handling procedures;
• money laundering and terrorist financing risk assessments and related policies.

Upon notification, issuers must draft a modified crypto-asset white paper, ensuring consistency with the original document’s information order. The draft must be submitted to the competent authority, which will acknowledge receipt within 5 working days. The authority will approve or reject the draft within 30 working days, requesting additional information if needed. The review period resets upon receipt of this information.

If modifications potentially affect payment systems, monetary policy, or sovereignty, the competent authority will consult the ECB and, if applicable, the relevant central bank, EBA, and ESMA. These bodies will provide their opinions within 20 working days.

Upon approval, the competent authority may impose conditions to protect token holders, address market integrity concerns, and ensure financial stability and smooth payment system operations. If the ECB or central bank proposes corrective measures, the authority will enforce them, combining measures if needed, and adopting the more stringent requirement if necessary.

The competent authority must communicate the approved modified white paper to ESMA, host Member State contacts, EBA, ECB, and relevant central banks within 2 working days. ESMA will promptly update the register with this information.

Liability of Issuers of ARTs for the Information given in a Crypto-Asset White Paper

Issuers and their management bodies are liable for losses incurred by token holders if the information in the crypto-asset white paper or its modifications is incomplete, unclear, misleading, or not fair.

Any contractual attempts to exclude or limit civil liability for such infringements are legally void.

Token holders must provide evidence that misleading or incomplete information in the white paper influenced their decision to purchase, sell, or exchange the tokens.

Issuers and their management bodies are not liable for losses based on the summary provided in the white paper, unless:

• the summary is misleading, inaccurate, or inconsistent with the full document, or
• fails to provide key information.

This article does not affect any additional civil liabilities under national law.

Obligation to Act Honestly, Fairly, and Professionally

Issuers of ARTs must act with honesty, fairness, and professionalism. Communications with holders and prospective holders must be fair, clear, and not misleading.

Issuers must act in the best interests of token holders and treat them equally. Any preferential treatment must be disclosed in the crypto-asset white paper and, if applicable, in marketing communications.

Publication of the Crypto-Asset White Paper

Issuers must publish the approved crypto-asset white paper on their website by the start date of the public offer or trading admission. The white paper, including any modifications, must remain available for as long as the token is held by the public.

Marketing Communications

Requirements for Marketing Communications relating to an offer to the public of an ART, or to the admission to trading of such ART:

• must be clearly identifiable as marketing communications;
• information must be fair, clear, and not misleading;
• information must be consistent with the crypto-asset white paper;
• must state that a crypto-asset white paper has been published and provide the issuer’s website address, telephone number, and email address for contact.

Marketing communications must clearly state that holders have a right of redemption against the issuer at any time.

Marketing communications and any modifications must be published on the issuer’s website.

Competent authorities cannot require prior approval of marketing communications before publication.

Marketing communications must be notified to competent authorities upon request.

No marketing communications shall be disseminated before the publication of the crypto-asset white paper, though market soundings by the issuer are allowed.

Ongoing Information to Holders of ARTs

Issuers must disclose the number of tokens in circulation and the value and composition of the reserve of assets on their website. This information must be updated at least monthly.

Issuers must publish a summary and the full audit report related to the reserve of assets on their website as soon as possible.

Issuers must promptly disclose any events likely to significantly affect the token’s value or the reserve of assets on their website in a clear, accurate, and transparent manner.

Complaints-Handling Procedures

Issuers of ARTs must establish and maintain effective, transparent procedures for promptly handling complaints from token holders and other interested parties, including consumer associations. These procedures must be published. If tokens are distributed by third-party entities, issuers must facilitate complaint handling between token holders and those entities.

Complaints can be filed free of charge with the issuer or the relevant third-party entities. Issuers must provide a template for filing complaints and keep records of all complaints received and the measures taken in response. Complaints must be investigated in a timely and fair manner, with outcomes communicated to token holders within a reasonable period.

Identification, Prevention, Management, and Disclosure of Conflicts of Interest

Issuers of ARTs must implement and maintain effective policies and procedures to identify, prevent, manage, and disclose conflicts of interest with their shareholders, members, management body, employees, token holders, or third-party service providers.

Issuers must take appropriate steps to handle conflicts of interest arising from managing and investing the reserve of assets. Disclosures of these conflicts must be made prominently on the issuer’s website, detailing their nature, sources, and the steps taken to mitigate them. This information must be precise enough for prospective holders to make informed decisions.

Notification of Changes to Management Body

Issuers of ARTs must immediately notify their competent authority of any changes to their management body and provide all necessary information to assess compliance with Article 34 (2).

Governance Arrangements

Issuers of ARTs must maintain robust governance arrangements, including a clear organizational structure with well-defined, transparent responsibilities, effective risk management processes, and adequate internal control mechanisms.

Members of the management body must be of good repute, possessing the necessary knowledge, skills, and experience to perform their duties, with no convictions for relevant offenses. They must also demonstrate the capability to commit sufficient time to their duties. The management body must periodically review the effectiveness of policy arrangements and procedures related to Chapters 2, 3, 5, and 6 of this Title, addressing any deficiencies. Shareholders with qualifying holdings must also be of good repute, free from relevant convictions.

Issuers must adopt effective policies and procedures ensuring compliance with this Regulation, covering areas such as the:

• reserve of assets;
• custody arrangements;
• rights granted to token holders;
• issuance and redemption mechanisms;
• transaction validation protocols;
• distributed ledger technology operations;
• liquidity mechanisms;
• arrangements with third parties;
• written consent for others to offer or seek trading admission of tokens;
• complaints-handling.

Third-party arrangements must be formalized in contracts specifying roles, responsibilities, and obligations, with clear choices of applicable law for cross-jurisdictional implications.

Issuers must employ systems, resources, and procedures proportionate to ensure continued and regular performance of services, maintaining systems and security access protocols according to Union standards. A business continuity policy must be in place to preserve essential data and functions during ICT interruptions.

Issuers must have internal control mechanisms and risk management procedures, including ICT systems control and safeguards, monitored and evaluated regularly for adequacy. Data availability, authenticity, integrity, and confidentiality must be safeguarded according to relevant Union regulations.

Regular audits by independent auditors are required, with results communicated to the management body and made available to the competent authority.

Own Funds Requirements

Issuers of ARTs must maintain own funds at all times, calculated as the highest of:

• EUR 350,000;
• 2% of the average amount of the reserve of assets (Article 36);
• a quarter of the fixed overheads of the preceding year.

The average amount of the reserve is calculated based on daily figures over the preceding six months. For issuers offering multiple ARTs, the required amount is the sum of the average reserves for each token. The fixed overhead amount is reviewed and calculated annually.

Own funds must consist of Common Equity Tier 1 items and instruments as defined in Articles 26-30 of Regulation (EU) No 575/2013, after full deductions pursuant to Article 36, excluding threshold exemptions in Articles 46(4) and 48 of that Regulation.

Competent authorities may require an issuer to hold up to 20% more own funds where an assessment of any of the following indicates a higher degree of risk:

• the issuer’s risk-management and internal control mechanisms;
• the quality and volatility of the reserve of assets;
• the rights granted to token holders;
• risks from the investment policy of the reserve assets;
• aggregate value and number of transactions in the token;
• the importance of markets where the token is offered;
• the market capitalization of the token.

Competent authorities may impose requirements from Article 45 on non-significant issuers if necessary, to address identified risks.

Issuers must conduct regular stress testing considering severe financial and operational scenarios. Based on these tests, competent authorities can mandate issuers to hold 20%-40% more own funds as a buffer.

Reserve of Assets Obligations

Issuers of ARTs must maintain a reserve of assets at all times to cover risks associated with referenced assets and address liquidity risks from redemption rights. The reserve must be legally segregated from the issuer’s estate and other reserves, ensuring creditor protection, particularly in insolvency. The reserve must also be operationally segregated from the issuer’s estate and other token reserves.

Issuers offering multiple ARTs must manage segregated pools of reserves for each token. Multiple issuers of the same token must maintain a single reserve pool.

Management bodies must ensure effective reserve management, matching issuance and redemption with reserve adjustments. Reserve assets must be valued using market prices, ensuring the aggregate reserve value equals or exceeds claims against the issuer.

Issuers must have a detailed stabilization policy, including asset lists, risk assessments, issuance and redemption procedures, and investment policies. Issuers must mandate independent audits of the reserve every six months to ensure compliance with Chapter 3. Issuers must notify competent authorities of audit results within six weeks and publish results within two weeks. Authorities may delay publication to protect economic interests or prevent adverse financial effects.

Market price valuations (mark-to-market) should use quality market data. If unavailable, conservative mark-to-model valuations must be used, excluding the amortized cost method.

Custody of Reserve Assets

Issuers of ARTs must establish custody policies ensuring reserve assets are unencumbered, accessible for redemption, and avoid concentration risks.

Issuers issuing multiple tokens must have separate custody policies for each reserve. Different issuers of the same token must maintain a single custody policy.

Reserve assets must be held by qualified custodians within 5 working days of token issuance, including crypto-asset service providers, credit institutions, or investment firms.

Issuers must exercise due diligence in selecting custodians, ensuring they have the necessary expertise and reputation, and protect reserve assets from custodian creditors’ claims. Custody policies must outline criteria for selecting and reviewing custodians, including monitoring their financial conditions and overall exposures.

Custodians must ensure:

• credit institutions hold funds in segregated accounts;
• financial instruments are registered in segregated accounts;
• crypto-assets are held securely by crypto-asset service providers;
• ownership of other assets is verified and recorded.

Custodian appointments must be evidenced by contractual arrangements regulating necessary information flows. Custodians must act honestly, fairly, professionally, independently, and in the interest of issuers and token holders.

Custodians must avoid conflicts of interest, ensuring functional and hierarchical separation of custody tasks from other potentially conflicting activities.

Custodians must compensate for the loss of financial instruments or crypto-assets unless the loss results from an uncontrollable external event.

Investment of the Reserve of Assets

Issuers of ARTs may invest reserve assets only in highly liquid financial instruments with minimal risks, ensuring rapid liquidation with minimal adverse effects.

Units in undertaking for collective investment in transferable securities (UCITS) are deemed minimal risk assets if the UCITS invests solely in specified assets, and concentration risk is minimized.

Invested reserve assets must be held in custody in accordance with Article 37.

All investment-related profits, losses, and risks are borne by the issuer.

Right of Redemption

Holders of ARTs have a right to redeem at any time against the issuer or the reserve assets if the issuer fails to meet obligations. Issuers must implement detailed policies for this right.

Issuers must redeem ARTs either by paying funds equivalent to the token’s market value or by delivering the referenced assets. issuers’ policies must detail:

• conditions for redemption, including thresholds and timeframes;
• procedures to ensure redemption, even in stressed market conditions or during recovery plans;
• valuation principles for tokens and reserve assets;
• conditions for settling redemptions;
• measures to manage reserve asset changes to avoid market impact.

Issuers accepting non-electronic money payments for ARTs must offer redemption in the same currency.

Redemptions must be fee-free, excluding scenarios outlined in Article 46.

Prohibition of Granting Interest

Issuers cannot grant interest on ARTs. Crypto-asset service providers cannot grant interest when providing services related to ARTs.

Interest includes any remuneration or benefit related to the duration of holding ARTs, such as net compensation or discounts akin to interest, directly or indirectly from the issuer or third parties.

Assessment of Proposed Acquisitions of Issuers of ARTs

Individuals or entities intending to acquire or increase a qualifying holding in an ART issuer to specified thresholds (20%, 30%, 50%, or majority control) must notify the competent authority with required information.

Those deciding to dispose of a qualifying holding must notify the competent authority, indicating the holding’s size and any reduction below specified thresholds. The competent authority must acknowledge receipt of the acquisition notification within 2 working days. The competent authority has 60 working days from acknowledgment to assess the proposed acquisition, informing the acquirer of the assessment period’s end date.

The authority may request additional information within 50 working days, suspending the assessment period up to 20 working days, extendable by 30 days for non-EU acquirers. If opposing the acquisition, the authority must notify the acquirer within 2 working days of the decision, providing reasons.

If the authority does not oppose within the assessment period, the acquisition is deemed approved. The authority may set and extend a maximum period to conclude the acquisition.

Content of the Assessment of Proposed Acquisitions of Issuers of ARTs

The competent authority evaluates:

• reputation of the proposed acquirer;
• reputation, knowledge, skills, and experience of persons directing the issuer’s business;
• financial soundness of the acquirer;
• compliance with Title provisions;
• potential for money laundering or terrorist financing risks.

The authority may oppose the acquisition if criteria are unmet or information provided is incomplete or false. Member States cannot impose prior conditions on qualifying holdings or assess acquisitions based on market economic needs.

Classification of ARTs as Significant ARTs

An ART is classified as significant if it meets at least 3 of the following criteria:

• over 10 million holders;
• market capitalization, issued value, or reserve assets exceed EUR 5 000 000 000;
• daily transaction average exceeds 2.5 million transactions or EUR 500 000 000;
• issuer is a designated gatekeeper under Regulation (EU) 2022/1925;
• significant international activity, including use for payments and remittances;
• interconnectedness with the financial system;
• issuer also issues another ART or EMT and provides at least 1 crypto-asset service.

The EBA will classify an ART as significant if the criteria are met during the first reporting period post-authorization or after 2 consecutive reporting periods.

When multiple issuers issue the same ART, the criteria are assessed using aggregated data from all issuers.

Competent authorities must report relevant data to the EBA and ECB at least twice a year. This includes data from non-eurozone Member States and Member States whose currency is referenced by the ART.

If the EBA determines an ART meets the criteria, it will draft a decision and notify the issuer, competent authority, ECB, and relevant central banks. They have 20 working days to respond with observations. The EBA will finalize its decision within 60 working days and notify the issuer and competent authority.

Once classified as significant, supervisory responsibility transfers from the competent authority to the EBA within 20 working days. The EBA and competent authority will ensure a smooth transition. The EBA will reassess the classification annually. If an ART no longer meets the criteria, the EBA will draft a decision to declassify it and notify relevant parties. Observations can be submitted within 20 working days before a final decision is made. The EBA will finalize declassification within 60 working days and notify relevant parties. If declassified, supervisory responsibility reverts to the competent authority within 20 working days, with cooperation to ensure a smooth transition.

Voluntary Classification of ARTs as Significant

Issuers of ARTs may request classification as significant in their authorization application or white paper notification. The competent authority will notify the EBA, ECB, and relevant central banks immediately. The issuer must demonstrate through a detailed operations program that it is likely to meet at least 3 of the criteria in Article 43(1).

Within 20 working days of notification, the EBA will draft a decision based on the operations program and notify relevant parties, who have 20 working days to provide observations. The EBA will finalize the decision within 60 working days and notify the issuer and competent authority. If classified as significant, supervisory responsibility transfers to the EBA upon authorization or white paper approval.

Specific Additional Obligations for Issuers of Significant ARTs

Issuers of significant ARTs must implement a remuneration policy that promotes effective risk management and avoids incentives to reduce risk standards. Issuers must ensure their tokens can be held in custody by various authorized crypto-asset service providers on a fair, reasonable, and non-discriminatory basis, including those outside the issuer’s group. Issuers must assess and monitor liquidity needs to meet redemption requests and maintain a liquidity management policy ensuring a resilient liquidity profile under stress scenarios.

Regular liquidity stress testing is required, covering all activities if multiple tokens or services are offered. EBA may enhance liquidity requirements based on test outcomes.

For significant ARTs, the reserve requirement is set at 3% of the average reserve assets.

The obligations apply to each issuer of the same significant ARTs and to issuers offering multiple tokens if any are classified as significant.

Recovery Plan

Issuers of ARTs must have a recovery plan detailing measures to restore compliance with reserve requirements and ensure service continuity and timely operations recovery during significant disruptions. The plan must include:

• liquidity fees on redemptions;
• daily redemption limits;
• redemption suspension.

Issuers must notify the recovery plan to the competent authority within 6 months of authorization or white paper approval. Amendments may be required for proper implementation, with a 40-working-day notification period for issuer compliance. Parallel notification to resolution and prudential supervisory authorities is required.

If issuers fail to meet reserve requirements or face a rapidly deteriorating financial condition, the competent authority can enforce the recovery plan or its update within a specified timeframe.

The competent authority may temporarily suspend redemptions if it benefits token holders and financial stability. The competent authority must notify relevant resolution and prudential supervisory authorities of any recovery measures taken.

Redemption Plan

Issuers of ARTs must have an operational plan for the orderly redemption of tokens if the issuer is unable or likely unable to fulfill obligations, including insolvency, resolution, or authorization withdrawal. The plan must ensure equitable treatment and timely payment to token holders using remaining reserve assets.

The redemption plan must demonstrate the issuer’s ability to redeem tokens without causing economic harm or market instability and include:

• contractual arrangements and procedures;
• systems to ensure continuity of critical activities.

Issuers must notify the redemption plan to the competent authority within 6 months of authorization or white paper approval. Amendments may be required, with a 40-working-day compliance period for the issuer. Regular review and updates are necessary. The competent authority must notify the redemption plan to the issuer’s resolution and prudential supervisory authorities. The resolution authority can recommend changes to avoid impacts on resolvability.

5. E-Money Tokens: Authorisation and Requirements

Requirements for the offer to the public or admission to trading of e-money tokens

A person cannot offer to the public or seek the admission to trading of an e-money token (EMT) within the Union unless they are the issuer and:

• authorized as a credit institution or an electronic money institution, and
• have notified a crypto-asset white paper to the competent authority and published it per Article 51.

Other persons may offer or seek the admission to trading of the EMT with the issuer’s written consent, complying with Articles 50 and 53.

E-money tokens are deemed electronic money.

Tokens referencing an official currency of a Member State are considered offered to the public in the Union.

Titles II and III of Directive 2009/110/EC apply to EMTs unless stated otherwise in this Title. Exemptions:

• paragraph 1 does not apply to issuers exempted under Article 9(1) of Directive 2009/110/EC;
• this Title, except for paragraph 7 and Article 51, does not apply to EMTs exempt per Article 1(4) and (5) of Directive 2009/110/EC.

Issuers must notify their competent authority at least 40 working days before offering EMTs to the public or seeking their admission to trading.

Issuers exempted under the abovementioned exemptions must prepare and notify a crypto-asset white paper to the competent authority according to Article 51.

Issuance and Redeemability of EMTs

Issuers of EMTs must follow this Article for issuance and redeemability, diverging from Article 11 of Directive 2009/110/EC.

Holders of EMTs have a claim against the issuers.

EMTs must be issued at par value upon receipt of funds.

Upon a holder’s request, issuers must redeem EMTs at par value, paying the monetary value in funds other than electronic money.

Conditions for redemption must be prominently stated in the crypto-asset white paper as per Article 51(1), first subparagraph, point (d).

Redemption of e-money tokens must be fee-free, notwithstanding Article 46.

Prohibition of granting interest

Issuers of EMTs cannot grant interest related to these tokens, overriding Article 12 of Directive 2009/110/EC.

Crypto-asset service providers are also prohibited from granting interest when providing services related to EMTs.

Any remuneration or benefit tied to the duration a holder keeps EMTs is considered interest. This includes net compensation or discounts equivalent to interest, directly from the issuer or third parties, associated with the e-money token or related product remuneration/pricing.

Content and Form of the Crypto-Asset White Paper for EMTs

A crypto-asset white paper for an e-money token must include the following details, as further elaborated in Annex III:

• information about the issuer of the EMT

(name and legal form, registered address, registration date, legal identifier, contact details with response time, parent company (if applicable), management body members’ identities and functions, business activities, conflicts of interest, other crypto-assets issued and technology connections, financial condition for the past three years or since registration, authorisation details and granting authority (if not exempt));

• information about the EMT

(name and abbreviation, description of characteristics and classification data, details of involved persons including advisors, development team, and service providers);

• information regarding the public offer or admission to trading of the EMT

(indication of public offer or trading admission, total number of units to be offered or admitted (if applicable), names of trading platforms (if applicable), applicable law, and competent court);

• rights and obligations attached to the EMT

(description of rights and obligations including redemption at par value and conditions for exercising rights, modification conditions, rights upon issuer default including in recovery and redemption plans, complaint handling procedures, protection or compensation schemes (if applicable), applicable law, and competent court);

• details on the underlying technology

(description of technology used including ledger and protocols, technical requirements for purchasers, consensus mechanism, incentives and fees, detailed description if issued, transferred, and stored using a ledger operated by issuer or third party, outcome of any technology audit (if available));

• associated risks

(descriptions of risks associated with the issuer, EMT, and underlying technology, mitigation measures (if any));

• principal adverse impacts on the climate and other environment-related adverse impacts of the consensus mechanism used to issue the EMT.

Additionally, the white paper must identify any person other than the issuer who offers the EMT to the public or seeks its admission to trading and explain the reasons for such actions.

All provided information must be fair, clear, and not misleading. The white paper should not omit any material information and must be presented concisely and comprehensibly.

The first page of the white paper must contain the following statement prominently:

“This crypto-asset white paper has not been approved by any competent authority in any Member State of the European Union. The issuer of the crypto-asset is solely responsible for the content of this crypto-asset white paper.”

The white paper must clearly state that:

• The EMT is not covered by investor compensation schemes under Directive 97/9/EC.
• The EMT is not covered by deposit guarantee schemes under Directive 2014/49/EU.

A statement from the management body of the issuer must confirm compliance with MiCA, ensuring that the white paper is complete, fair, clear, and not misleading, with no significant omissions.

A brief, non-technical summary must follow the management statement, providing key information about the EMT’s public offer or intended trading admission. The summary should be understandable, clearly formatted, and include warnings that:

• it is an introduction to the white paper;
• purchase decisions should be based on the entire white paper, not just the summary;
• the public offer does not constitute a solicitation to purchase financial instruments;
• the white paper is not a prospectus under Regulation (EU) 2017/1129 or other Union/national laws.

The summary must also state the holders’ right to redeem the EMT at any time and at par value, including redemption conditions.

The white paper must include the notification date and a table of contents.

The white paper must be written in the official language of the home Member State or in a language customary in international finance. If the EMT is offered in another Member State, the white paper should also be available in the official language of that host Member State or a language customary in international finance.

The white paper must be available in a machine-readable format.

Issuers must notify their competent authority of the white paper at least 20 working days before its publication. Prior approval of the white paper by competent authorities is not required. Any significant new factor, material mistake, or inaccuracy affecting the EMT’s assessment must be described in a modified white paper, notified to competent authorities, and published on the issuer’s website.

Issuers must publish the white paper on their website before offering the EMT to the public or seeking its trading admission in the Union.

Upon notification, the issuer must provide the competent authority with the information referred to in Article 109(4) (regarding necessary points for the register). The competent authority will then communicate this information to ESMA within 5 working days. ESMA will update the information in the register under Article 109(4).

Liability Of Issuers Of EMT For The Information Given In A Crypto-Asset White Paper

Issuers of EMTs and their administrative, management, or supervisory body members are liable to holders for any losses incurred due to providing incomplete, unfair, unclear, or misleading information in their crypto-asset white paper or modified versions thereof.

Any contractual attempt to exclude or limit civil liability as described above is legally ineffective.

Holders must present evidence showing the issuer’s infringement of Article 51 by providing misleading information that influenced their decision to purchase, sell, or exchange the EMT.

Issuers and their administrative, management, or supervisory body members are not liable for losses due to reliance on the summary provided under Article 51 (6), unless the summary is misleading, inaccurate, or inconsistent with the rest of the white paper or lacks key information needed by prospective holders.

This Article does not affect any other civil liabilities under national law.

Marketing Communications

Requirements for Marketing Communications relating to an offer to the public of an EMT, or to the admission to trading of such EMT:

• marketing communications must be clearly identifiable as such;
• the information must be fair, clear, and not misleading;
• information must be consistent with the crypto-asset white paper;
• they must state that a crypto-asset white paper has been published, providing the issuer’s website address, telephone number, and email address.

Marketing communications must clearly state that holders have a right of redemption against the issuer at any time and at par value. All marketing communications and modifications must be published on the issuer’s website.

Competent authorities do not need to approve marketing communications before publication. Marketing communications must be notified to competent authorities upon request. Marketing communications cannot be disseminated before the publication of the crypto-asset white paper. This does not restrict market soundings by the issuer.

Investment Of Funds Received In Exchange For EMTs

Funds received in exchange for EMTs and safeguarded in accordance with Article 7(1) of Directive 2009/110/EC must comply with the following:

• at least 30% of the funds must be deposited in separate accounts in credit institutions;
• the remaining funds must be invested in secure, low-risk assets qualifying as highly liquid financial instruments with minimal market risk, credit risk, and concentration risk, as per article 38(1), and denominated in the same official currency referenced by the EMT.

Recovery and Redemption Plans

Title III, Chapter 6 (the same as for ARTs) of MiCA applies to issuers of EMTs with necessary adjustments.

Issuers must notify the competent authority of their recovery plan within 6 months of the public offer or trading admission date, diverging from Article 46(2). Similarly, the redemption plan must be notified within 6 months of the public offer or trading admission date, differing from Article 47(3).

Classification of EMTs as Significant EMTs

The EBA classifies EMTs as significant if at least 3 of the criteria in Article 43(1) are met (the same as for ARTs):

• during the first reporting period after the public offer or trading admission;
• during at least two consecutive reporting periods.

If multiple issuers issue the same EMT, criteria fulfillment is assessed by aggregating data from all issuers.

Competent authorities of the issuer’s home Member State must report relevant information to EBA and the ECB at least twice a year. If the issuer is based in a non-euro Member State or the token references a non-euro currency, the information must also be sent to the relevant central bank.

If EBA determines that an e-money token meets the criteria, it will prepare a draft decision to classify the token as significant. This draft decision is notified to the issuer, the competent authority of the issuer’s home Member State, the ECB, and, if applicable, the central bank of the concerned Member State. These entities have 20 working days to provide observations and comments, which EBA must consider before making a final decision.

EBA must finalize its decision within 60 working days of the draft notification and immediately notify the issuer and the competent authority. Once classified as significant, the supervisory responsibilities shift from the home Member State’s competent authority to EBA within 20 working days of notification.

For significant EMTs denominated in a non-euro currency where at least 80% of holders and transactions are concentrated in the home Member State, supervisory responsibilities do not transfer to EBA.

The competent authority must annually report to EBA on such cases. EBA will reassess the classification annually. If an EMT no longer meets the criteria, EBA prepares a draft decision to reclassify the token and follows a similar notification and observation process before making a final decision. EBA must finalize the reclassification decision within 60 working days of notification and inform the issuer and the competent authority.

When an EMT is no longer classified as significant, supervisory responsibilities return to the home Member State’s competent authority within 20 working days of notification. EBA and the competent authority must cooperate to ensure a smooth transition.

Voluntary Classification of EMTs as Significant EMTs

Issuers can request classification as significant. The competent authority must notify EBA, the ECB, and the relevant central bank if applicable. The issuer must demonstrate, via a detailed operations program, that it is likely to meet at least 3 criteria from Article 43 (1) (the same as for ARTs).

EBA prepares a draft decision within 20 working days and notifies the competent authority, the ECB, and the central bank. They have 20 working days to provide observations and comments, which EBA considers before making a final decision.

EBA must finalize the decision within 60 working days of notification and inform the issuer and the competent authority. Supervisory responsibilities transfer from the competent authority to EBA within 20 working days of the decision.

Supervisory responsibilities for significant EMTs in non-euro currencies, where at least 80% of holders and transactions are concentrated in the home Member State, remain with the competent authority. Annual reporting to EBA is required.

Specific Additional Obligations for Issuers of EMTs

Electronic money institutions issuing significant EMTs must comply with:

• Articles 36, 37, 38, and 45(1) to (4) of this Regulation, instead of Article 7 of Directive 2009/110/EC;
• Articles 35(2), (3), and (5) and 45(5) of this Regulation, instead of Article 5 of Directive 2009/110/EC.

Independent audits must occur every 6 months after classification.

Competent authorities may require non-significant EMT issuers to comply with the significant token requirements to address specific risks, such as liquidity, operational, or reserve management risks.

Articles 22, 23, and 24(3) apply to EMTs denominated in non-Member State currencies.

6.  Crypto-Asset Service Providers: Authorisation and Operating Conditions

Definition of  ‘crypto-asset service provider’ means a legal person or other undertaking whose occupation or business is the provision of one or more crypto-asset services to clients on a professional basis, and that is allowed to provide crypto-asset services in accordance with Article 59. The following crypto-asset services fall within the scope of MiCA:

1. providing custody and administration of crypto-assets on behalf of clients;

• operating a trading platform for crypto-assets;

1. exchange of crypto-assets for funds;

• exchange of crypto-assets for other crypto-assets;

1. execution of orders for crypto-assets on behalf of clients;
2. placing of crypto-assets;

• reception and transmission of orders for crypto-assets on behalf of clients;
• providing advice on crypto-assets;

1. providing portfolio management on crypto-assets; and
2. providing transfer services for crypto-assets on behalf of clients.

Authorisation

Individuals or entities must not provide crypto-asset services within the EU unless:

• they are authorised as a crypto-asset service provider (CASP) under Article 63, or
• they are a financial entity such as a credit institution, central securities depository, investment firm, market operator, electronic money institution, UCITS management company, or alternative investment fund manager allowed to provide crypto-asset services under Article 60.

Authorised CASPs must have a registered office in an EU Member State where they perform at least part of their services, with their effective management in the EU, and at least one director resident in the EU.

Non-legal entities may provide crypto-asset services if their legal form ensures equivalent third-party protection and prudential supervision as legal entities. Authorised crypto-asset service providers must continuously meet their authorisation conditions. Unauthorised persons must not imply or suggest they are crypto-asset service providers to avoid confusion.

Competent authorities must specify the crypto-asset services authorised providers are allowed to offer.

CASPs can operate across the EU without needing a physical presence in each host Member State.

Providers seeking to add services must request an extension from the competent authorities, updating their information under Article 62, with the request processed as per Article 63.

Provision of crypto-asset services by certain financial entities

Credit institutions must notify their home Member State’s competent authority at least 40 working days before offering crypto-asset services.

Central Securities Depositories authorised under Regulation (EU) No 909/2014, must notify their home Member State’s competent authority 40 working days prior to offering custody and administration of crypto-assets. Providing custody and administration of crypto-assets on behalf of clients is deemed equivalent to providing, maintaining or operating securities accounts in relation to the settlement service referred to in Section B, point (3), of the Annex to Regulation (EU) No 909/2014.

Investment firms must notify their home Member State’s competent authority 40 working days before providing services equivalent to their authorised investment services under Directive 2014/65/EU. For the purposes of this paragraph:

• providing custody and administration of crypto-assets on behalf of clients is deemed equivalent to the ancillary service referred to in Section B, point (1), of Annex I to Directive 2014/65/EU;
• the operation of a trading platform for crypto-assets is deemed equivalent to the operation of a multilateral trading facility and operation of an organised trading facility referred to in Section A, points (8) and (9), respectively, of Annex I to Directive 2014/65/EU;
• the exchange of crypto-assets for funds and other crypto-assets is deemed equivalent to dealing on own account referred to in Section A, point (3), of Annex I to Directive 2014/65/EU;
• the execution of orders for crypto-assets on behalf of clients is deemed equivalent to the execution of orders on behalf of clients referred to in Section A, point (2), of Annex I to Directive 2014/65/EU;
• the placing of crypto-assets is deemed equivalent to the underwriting or placing of financial instruments on a firm commitment basis and placing of financial instruments without a firm commitment basis referred to in Section A, points (6) and (7), respectively, of Annex I to Directive 2014/65/EU;
• the reception and transmission of orders for crypto-assets on behalf of clients is deemed equivalent to the reception and transmission of orders in relation to one or more financial instruments referred to in Section A, point (1), of Annex I to Directive 2014/65/EU;
• providing advice on crypto-assets is deemed equivalent to investment advice referred to in Section A, point (5), of Annex I to Directive 2014/65/EU;
• providing portfolio management on crypto-assets is deemed equivalent to portfolio management referred to in Section A, point (4), of Annex I to Directive 2014/65/EU.

Electronic Money Institutions authorised under Directive 2009/110/EC, must notify their home Member State’s competent authority 40 working days prior to offering custody and administration of crypto-assets and transfer services for e-money tokens.

UCITS Management Companies and Alternative Investment Fund Managers must notify their home Member State’s competent authority 40 working days before providing equivalent portfolio management and non-core services. For the purposes of this paragraph:

• the reception and transmission of orders for crypto-assets on behalf of clients is deemed equivalent to the reception and transmission of orders in relation to financial instruments referred in Article 6(4), point (b)(iii), of Directive 2011/61/EU;
• providing advice on crypto-assets is deemed equivalent to investment advice referred to in Article 6(4), point (b)(i), of Directive 2011/61/EU and in Article 6(3), point (b)(i), of Directive 2009/65/EC;
• providing portfolio management on crypto-assets is deemed equivalent to the services referred to in Article 6(4), point (a), of Directive 2011/61/EU and in Article 6(3), point (a), of Directive 2009/65/EC.

Market Operators, authorised under Directive 2014/65/EU, must notify their home Member State’s competent authority 40 working days before operating a trading platform for crypto-assets.

For the purposes of abovementioned paragraphs, entities must provide:

• A programme of operations detailing intended services and marketing strategies.
• Descriptions of internal control mechanisms, risk assessment frameworks, business continuity plans, ICT systems, security arrangements, client asset segregation procedures, custody policies, trading platform operating rules, non-discriminatory commercial policies, execution policies, personnel expertise, and service types.

Competent authorities have 20 working days to assess notification completeness, with a deadline for providing missing information. The service provider must not begin services until the notification is complete.

Entities referred to in the abovementioned paragraphs are not required to resubmit any previously submitted information that remains identical and up-to-date. When submitting information, these entities must expressly state that previously submitted information is still current.

Entities providing crypto-asset services under the abovementioned paragraphs are exempt from Articles 62, 63, 64, 67, 83, and 84.

The right to provide crypto-asset services will be revoked upon the withdrawal of the relevant authorisation that allowed the entity to provide these services without needing authorisation under Article 59.

Competent authorities must communicate information to ESMA, which will include it in the register.

Provision of Crypto-Asset Services at the Exclusive Initiative of the Client

A third-country firm is exempt from authorisation under Article 59 if a Union-based client initiates the provision of a crypto-asset service or activity. This exemption includes any relationship related to that specific service or activity.

However, if a third-country firm, or any entity acting on its behalf or closely linked to it, solicits clients in the Union, this service will not be considered client-initiated, regardless of the communication method used for solicitation, promotion, or advertising. The previous subparagraph overrides any contractual clause or disclaimer suggesting otherwise, including any clause stating the services are provided at the client’s exclusive initiative.

A client-initiated service does not permit the third-country firm to market new types of crypto-assets or services to the client.

Application for Authorisation as a Crypto-Asset Service Provider

Entities intending to provide crypto-asset services must apply for authorisation to the competent authority in their home Member State.

The application must include:

1. • name, including legal and commercial names, legal entity identifier, website, contact email, phone number, and physical address.
   • legal form of the applicant.
   • articles of association, if applicable.
   • programme of operations detailing the types of services to be provided and their marketing strategy.
   • proof of meeting prudential safeguards under Article 67.
   • description of governance arrangements.
   • proof of the good repute, knowledge, skills, and experience of management body members.
   • identity and reputation of shareholders with qualifying holdings.
   • internal control mechanisms, policies, and procedures for risk management, including money laundering and terrorist financing risks, and business continuity plan.
   • technical documentation of ICT systems and security arrangements.
   • procedure for the segregation of clients’ crypto-assets and funds.
   • complaints-handling procedures.
   • description of custody and administration policy for client assets.
   • operating rules for trading platforms and procedures to detect market abuse, if applicable.
   • commercial policy and pricing methodology for exchanging crypto-assets.
   • execution policy for executing orders on behalf of clients.
   • proof of expertise for individuals providing advice or managing portfolios.
   • information on transfer services for crypto-assets, if applicable.
   • type of crypto-asset service to be provided.

Proof members of the management body/shareholders must be provided for:

1. • the absence of criminal records or penalties for management body members and significant shareholders;
   • collective knowledge, skills, and experience of the management body;
   • sufficient commitment of management body members to their duties.

Competent authorities cannot require resubmission of already received information if it is still up-to-date and has been submitted under prior authorisation procedures in accordance with Directive 2009/110/EC, 2014/65/EU, or (EU) 2015/2366, or national laws applicable to crypto-asset services prior to 29 June 2023.

Assessment of the Application for Authorisation and Grant or Refusal of Authorisation

Competent authorities must acknowledge receipt of an application within 5 working days.

Within 25 working days, competent authorities must assess if the application is complete based on the information required in Article 62 (2). If incomplete, they will set a deadline for the applicant to provide the missing information. Applications that remain incomplete after the deadline may be refused by the competent authorities. Once an application is deemed complete, authorities will promptly notify the applicant.

Prior to granting or refusing authorisation, competent authorities must consult authorities of another Member State if the applicant is a subsidiary, a subsidiary of a parent undertaking, or controlled by the same persons as an entity authorised in that Member State. Authorities may consult anti-money laundering (AML) and counter-terrorist financing (CFT) bodies and must ensure compliance with related national laws for applicants operating in high-risk third countries.

Authorisation will only be granted if close links with other persons do not hinder supervisory functions. Authorisation will be refused if third-country laws governing linked persons prevent effective supervision.

Within 40 working days of receiving a complete application, authorities must decide whether to grant or refuse authorisation, taking into account the nature, scale, and complexity of the services. The applicant must be notified within 5 working days of the decision.

Authorisation will be refused if:

1. • the management body poses a threat to effective, sound, and prudent management;
   • management does not meet the criteria set out in Article 68 (1);
   • shareholders or members with qualifying holdings do not meet the criteria of sufficiently good repute;
   • the applicant fails to meet or is likely to fail any requirements of this Title.

Authorities may request further information during the assessment period. This request must be made by the 20th working day, and the assessment period will be suspended until the requested information is received, not exceeding 20 working days.

Within 2 working days of granting authorisation, authorities must communicate relevant information to ESMA and notify them of any refusals. ESMA will update the register accordingly.

Withdrawal of Authorisation of a Crypto-Asset Service Provider

Authorisation will be withdrawn if the service provider:

1. • does not use its authorisation within 12 months;
   • renounces its authorisation;
   • ceases to provide services for 9 consecutive months;
   • obtained authorisation by irregular means;
   • fails to meet authorisation conditions and does not take remedial action;
   • lacks effective AML/CFT systems;
   • seriously infringes this Regulation.

Authorities may withdraw authorisation if the provider infringes national AML/CFT laws or loses other related authorisations and fails to remedy the situation within 40 calendar days. Authorities must notify ESMA and host Member States’ contact points without delay when authorisation is withdrawn. ESMA will update the register. Authorisation withdrawal may be limited to specific services.

Before withdrawal, authorities must consult with the competent authority of another Member State if the provider is a subsidiary or controlled by an entity authorised in that state. Authorities may consult AML/CFT supervisory bodies before withdrawing authorisation.

EBA, ESMA, or host Member States’ authorities may request a reassessment of compliance with authorisation conditions.

Providers must ensure timely and orderly transfer of clients’ crypto-assets and funds when authorisation is withdrawn.

Cross-Border Provision of Crypto-Asset Services

Providers intending to offer services in multiple Member States must submit:

1. • a list of Member States where services will be provided;
   • the types of services to be provided cross-border;
   • the intended start date;
   • a list of other activities not covered by this Regulation.

The home Member State authority must communicate the submitted information to the host Member States’ contact points, ESMA, and EBA within 10 working days. The home Member State authority must inform the provider of this communication without delay.

Providers may begin offering services in another Member State from the date of communication receipt or at the latest 15 days after submitting the required information.

Obligation to Act Honestly, Fairly, and Professionally in the Best Interests of Clients

CASPs must act honestly, fairly, and professionally, prioritizing the best interests of their clients and prospective clients. They are required to furnish information that is fair, clear, and not misleading. Marketing communications must be clearly identified as such and should not mislead clients about the advantages of any crypto-assets.

CASPs must warn clients about the risks associated with crypto-asset transactions. When operating a trading platform, exchanging crypto-assets, providing advice, or managing portfolios, they must provide hyperlinks to any relevant crypto-asset white papers.

CASPs must make their policies on pricing, costs, and fees publicly available on their website.

CASPs must disclose information related to the adverse impacts on the climate and other environmental aspects of the consensus mechanism used to issue each crypto-asset. This information can be sourced from the crypto-asset white papers.

Prudential requirements

CASPs must maintain prudential safeguards equal to the higher of the permanent minimum capital requirements indicated in Annex IV or one quarter of the fixed overheads of the preceding year, reviewed annually.

Annex IV
Minimum capital requirements for crypto-asset service providers

Crypto-asset service providers	Type of crypto-asset services	Minimum capital requirements under Article 67(1), point (a)
Class 1	Crypto-asset service provider authorised for the following crypto-asset services: — execution of orders on behalf of clients; — placing of crypto-assets; — providing transfer services for crypto-assets on behalf of clients; — reception and transmission of orders for crypto-assets on behalf of clients; — providing advice on crypto-assets; and/or — providing portfolio management on crypto-assets.	EUR 50 000
Class 2	Crypto-asset service provider authorised for any crypto-asset services under class 1 and: — providing custody and administration of crypto-assets on behalf of clients; — exchange of crypto-assets for funds; and/or — exchange of crypto-assets for other crypto-assets.	EUR 125 000
Class 3	Crypto-asset service provider authorised for any crypto-asset services under class 2 and: — operation of a trading platform for crypto-assets.	EUR 150 000

CASPs in business for less than 1 year must use projected fixed overheads for the first 12 months of service provision for their prudential safeguards calculation.

CASPs must calculate fixed overheads by subtracting discretionary bonuses, profit shares, variable remuneration, and non-recurring expenses from the total expenses after profit distribution in their most recent audited financial statements.

Prudential safeguards can be in the form of own funds (Common Equity Tier 1 items and instruments referred to in Articles 26 to 30 of Regulation (EU) No 575/2013) or an insurance policy covering the Union territories where services are provided.

The insurance policy must have a minimum term of 1 year, a 90-day notice period for cancellation, be taken out with an authorized insurer, and be provided by a third-party entity. It must be publicly disclosed on the provider’s website. The insurance policy must cover risks such as document loss, misrepresentation, legal and regulatory breaches, confidentiality obligations, conflicts of interest, business disruptions, system failures, gross negligence in safeguarding client assets, and liability to clients.

Governance arrangements

Members of CASPs’ management body must be of good repute, possess appropriate knowledge, skills, and experience, and not have convictions related to money laundering or terrorist financing. They must also commit sufficient time to perform their duties effectively. Shareholders and members with qualifying holdings must also be of good repute and free of relevant convictions.

CASPs must adopt effective policies and procedures to ensure compliance with this Regulation. They must employ personnel with the necessary knowledge, skills, and expertise for their responsibilities. The management body must periodically review the effectiveness of policy arrangements and procedures and address any deficiencies.

CASPs must ensure continuity and regularity in service performance, including resilient ICT systems, business continuity policies, and recovery plans.

CASPs must have mechanisms and procedures for risk assessment and compliance with national laws on anti-money laundering and counter-terrorist financing, and must monitor and address any deficiencies regularly.

CASPs must keep records of all services, activities, orders, and transactions for at least 5 years, extendable to 7 years if requested by the competent authority.

Information to competent authorities

CASPs must notify their competent authority without delay of any changes to their management body and provide necessary information to ensure compliance with Article 68.

Safekeeping of Clients’ Crypto-Assets and Funds

CASPs must establish adequate arrangements to safeguard clients’ ownership rights over their crypto-assets, particularly in the event of the provider’s insolvency. They must prevent the use of clients’ crypto-assets for their own purposes.

When holding clients’ funds other than EMTs, CASPs must ensure proper arrangements to protect clients’ ownership rights and prevent the use of these funds for their own account.

CASPs must deposit clients’ funds other than EMTs with a credit institution or central bank by the end of the business day following receipt. These funds must be held in an account that is separately identifiable from the providers’ own accounts.

CASPs themselves, or through a third party, may offer payment services related to their crypto-asset services if authorized under Directive (EU) 2015/2366. They must inform clients about the nature, terms, and conditions of these services, and whether the services are provided directly or by a third party.

The requirements in paragraphs 2 and 3 do not apply to electronic money institutions, payment institutions, or credit institutions.

Complaints-Handling Procedures

CASPs must establish and maintain effective and transparent procedures for handling complaints from clients. These procedures must be publicly described.

Clients must be able to file complaints with providers free of charge. CASPs must inform clients about the possibility of filing complaints, provide a template for complaints, and keep records of all complaints and any measures taken in response.

CASPs must investigate all complaints in a timely and fair manner, communicating the outcomes to clients within a reasonable period.

Identification, Prevention, Management, and Disclosure of Conflicts of Interest

CASPs must implement and maintain effective policies and procedures to identify, prevent, manage, and disclose conflicts of interest between themselves and their shareholders, members, control-linked entities, management, employees, clients, or between different clients.

CASPs must disclose the general nature and sources of conflicts of interest and the steps taken to mitigate them, prominently on their website. The disclosure must be electronic and detailed enough to enable clients to make informed decisions about the services in the context of which conflicts arise.

CASPs must assess and review their conflict of interest policy at least annually and address any deficiencies.

Outsourcing

CASPs outsourcing services or activities to third parties must take all reasonable steps to avoid additional operational risks. They remain fully responsible for their obligations under this Title and must ensure:

1. • outsourcing must not delegate the CASPs’ responsibilities;
   • the relationship and obligations towards clients must remain unchanged;
   • outsourcing must not alter the conditions under which CASPs were authorized;
   • third parties must cooperate with the competent authority of the CASPs’ home Member State, ensuring that outsourcing does not impede supervisory functions, including on-site access to necessary information;
   • CASPs must retain the expertise and resources necessary to evaluate and supervise outsourced services, and manage associated risks continually;
   • CASPs must have direct access to relevant information concerning the outsourced services;
   •  third parties must adhere to Union data protection standards, which must be explicitly included in the written outsourcing agreements.

CASPs must establish a comprehensive outsourcing policy, including contingency plans and exit strategies, tailored to the scale, nature, and range of services provided.

CASPs must formalize outsourcing arrangements in written agreements, clearly defining the rights and obligations of both parties. These agreements must include provisions allowing CASPs to terminate the outsourcing arrangements.

CASPs and third parties involved in outsourcing must provide, upon request, all necessary information to competent and other relevant authorities to assess compliance with this Title’s requirements.

Orderly Wind-Down of Crypto-Asset Service Providers

CASPs offering services as defined in Articles 75 to 79 must have an appropriate wind-down plan to ensure an orderly cessation of activities under applicable national law. This plan should ensure the continuity or recovery of any critical activities performed by the CASP and demonstrate the ability to execute an orderly wind-down without causing undue economic harm to clients.

Providing Custody and Administration of Crypto-Assets on Behalf of Clients

CASPs providing custody and administration of crypto-assets on behalf of clients must formalize an agreement with clients outlining their duties and responsibilities. The agreement must include:

1. • identity of the parties;
   • nature and description of the crypto-asset service provided;
   • custody policy;
   • means of communication, including client authentication;
   • security systems description;
   • applicable fees, costs, and charges;
   • governing law.

CASPs must maintain a register of client positions, detailing each client’s rights to the crypto-assets. Any client-instructed movements should be recorded promptly and verified through internal procedures.

CASPs must establish a custody policy with internal rules ensuring the safekeeping or control of client crypto-assets or access means, minimizing risks of loss due to fraud, cyber threats, or negligence. A summary of this policy must be available to clients electronically.

CASPs must assist in exercising rights attached to crypto-assets and record any changes or events affecting client rights immediately in the client’s register of positions. Clients are entitled to newly created crypto-assets or rights based on their positions at the time of such changes, unless otherwise agreed.

CASPs must provide clients with an electronic statement of their positions at least once every 3 months, detailing crypto-asset identification, balance, value, and transfers during the period. Additionally, they must inform clients of any operations requiring their response.

CASPs must ensure procedures are in place to return client-held crypto-assets or access means as soon as possible.

CASPs must segregate client crypto-assets from their own, ensuring separate identification on the distributed ledger. Crypto-assets held in custody must be legally and operationally segregated from the CASP’s estate, protecting client interests in insolvency scenarios.

CASPs are liable for the loss of crypto-assets or access means due to incidents attributable to them, capped at the market value of the lost crypto-asset at the time of loss. Incidents not attributable to the CASP include events beyond their control, such as issues inherent to the distributed ledger.

If CASPs use other CASPs for custody services, they must ensure those providers are authorized under Article 59 and inform their clients accordingly.

Operation of a Trading Platform for Crypto-Assets

CASPs operating trading platforms must establish clear and transparent rules covering:

1. • approval processes and customer due diligence;
   • exclusion categories for non-admitted crypto-assets;
   • admission policies, procedures, and fees;
   • non-discriminatory participation rules;
   • fair and orderly trading criteria;
   • conditions for maintaining trading accessibility;
   • suspension conditions;
   • efficient settlement procedures.

Before admitting a crypto-asset to trading, CASPs must ensure compliance with platform rules and assess the crypto-asset’s suitability, including technical reliability and potential illicit associations.

Rules must prevent the admission of crypto-assets with inbuilt anonymization functions unless holders and transaction histories are identifiable by the platform operator. Operating rules must be in an official language of the home Member State or a language customary in international finance. If provided in another Member State, rules must be in an official language of the host Member State or a language customary in international finance.

CASPs cannot deal on their own account on their trading platforms.

Allowed only with client consent, CASPs must provide information on matched principal trading to the competent authority, ensuring it does not create conflicts of interest.

CASPs must ensure their trading systems are resilient, have sufficient capacity, ensure orderly trading under stress, reject erroneous orders, have effective business continuity arrangements, are able to prevent or detect market abuse and are sufficiently robust to prevent their abuse for the purposes of money laundering or terrorist financing. CASPs must prevent or detect market abuse and inform the competent authority of any detected cases.

CASPs must publicize bid and ask prices, trading interests, and transaction details as close to real-time as possible, making this information available on a reasonable commercial basis and free of charge after 15 minutes after publication in a machine-readable format and it shall remain published for at least 2 years.

CASPs must initiate final settlement of transactions within 24 hours or by the close of the day for off-ledger transactions.

CASP fee structures must be transparent, fair, and non-discriminatory.

CASPs must maintain resources and have back-up facilities in place to report to the competent authority at all times and keep records of all orders for at least 5 years, providing access to the order book for monitoring purposes.

Exchange of Crypto-Assets for Funds or Other Crypto-Assets

CASPs engaged in exchanging crypto-assets for funds or other crypto-assets must establish a commercial policy that is non-discriminatory. This policy should clearly state the types of clients they will transact with and the conditions those clients must meet.

CASPs must publish a firm price for the crypto-assets they offer to exchange or provide a method for determining the price. Additionally, any limits on the amount to be exchanged should be clearly stated.

CASPs must execute client orders at the prices displayed when the order is finalized. Clients must be informed about the conditions under which their orders are considered final.

CASPs must publish information on concluded transactions, including transaction volumes and prices.

Execution of Orders for Crypto-Assets on Behalf of Clients

CASPs executing orders for crypto-assets on behalf of clients must take all necessary steps to achieve the best possible result for clients. Factors to consider include price, costs, speed, likelihood of execution and settlement, size, nature, custody conditions, or any other relevant considerations. However, if executing orders according to specific client instructions, CASPs are not required to take these steps.

CASPs must establish and implement effective arrangements for order execution. This includes creating an order execution policy to ensure compliance with the best execution requirements. The policy should ensure prompt, fair, and expeditious execution of client orders and prevent misuse of client order information by CASP employees.

CASPs must provide clients with clear, detailed information about their order execution policy and any significant changes to it. This information must be easy for clients to understand. CASPs must obtain prior consent from clients regarding the order execution policy.

CASPs must be able to demonstrate to clients, upon request, that their orders have been executed according to the order execution policy. CASPs must also be able to demonstrate compliance with this article to the competent authority upon request.

If the order execution policy allows for client orders to be executed outside a trading platform, CASPs must inform clients of this possibility and obtain their prior express consent before proceeding. Consent can be obtained through a general agreement or with respect to individual transactions.

CASPs must monitor the effectiveness of their order execution arrangements and policy, correcting any deficiencies as necessary. This includes regularly assessing whether the execution venues provide the best possible results for clients and making changes if needed. Clients with ongoing relationships must be notified of any material changes to the execution arrangements or policy.

Placing of Crypto-Assets

Before entering into an agreement with the offeror, the person seeking admission to trading, or any third party acting on their behalf, CASPs placing crypto-assets must communicate the following information:

1. • the type of placement under consideration, including whether a minimum amount of purchase is guaranteed;
   • an indication of the amount of transaction fees associated with the proposed placing;
   • details on the likely timing, process, and price for the proposed operation;
   • information about the targeted purchasers.

CASPs must obtain agreement from the issuers of the crypto-assets or any third party acting on their behalf regarding the information listed above before placing the crypto-assets.

The rules on conflicts of interest, as referred to in Article 72(1), must include specific and adequate procedures to identify, prevent, manage, and disclose conflicts of interest arising from:

1. • CASPs placing crypto-assets with their own clients;
   • overestimation or underestimation of the proposed price for placing crypto-assets;
   • incentives, including non-monetary incentives, paid or granted by the offeror to the CASPs.

Reception and Transmission of Orders for Crypto-Assets on Behalf of Clients

CASPs receiving and transmitting orders for crypto-assets on behalf of clients must establish and implement procedures and arrangements to ensure the prompt and proper transmission of client orders. This may be for execution on a trading platform for crypto-assets or to another CASP.

CASPs receiving and transmitting orders for clients must not receive any remuneration, discount, or non-monetary benefit in return for routing client orders to a particular trading platform or another CASP.

CASPs must not misuse information related to pending client orders. They must take all reasonable steps to prevent the misuse of such information by any of their employees.

Providing Advice on Crypto-Assets and Providing Portfolio Management of Crypto-Assets

CASPs providing advice on crypto-assets or managing crypto-asset portfolios must assess the suitability of crypto-asset services or assets for clients or prospective clients. This includes evaluating their knowledge and experience in investing in crypto-assets, investment objectives and risk tolerance, and financial situation including the ability to bear losses.

Before providing advice, CASPs must inform prospective clients whether the advice is:

1. • provided on an independent basis;
   • based on a broad or more restricted analysis of different crypto-assets, including whether the advice is limited to assets issued or offered by entities with close links to the CASP or other legal/economic relationships.

CASPs claiming to provide independent advice must:

1. • assess a diverse range of market crypto-assets to meet client objectives without being limited to their own issued assets or those from linked entities, or crypto-assets from entities with close legal or economic ties to the CASP;
   • avoid accepting fees, commissions, or benefits from third parties related to the service provided to clients, except for minor non-monetary benefits that enhance service quality and are disclosed to the client.

CASPs must provide clients with comprehensive information on all costs and charges, including the cost of advice, recommended crypto-assets, and payment methods for the assets, including any third-party payments.

CASPs managing crypto-asset portfolios must not accept fees or benefits from issuers, offerors, or third parties related to the portfolio management service.

For non-independent advice, CASPs may receive inducements if:

1. • the payment or benefit enhances the service quality to the client;
   • it does not impair the CASP’s obligation to act honestly, fairly, and professionally in the client’s best interests;
   • the nature and amount of the inducement or its calculation method are disclosed to the client comprehensively before the service is provided.

CASPs must ensure that individuals providing advice or information about crypto-assets possess the necessary knowledge and competence. Member States will publish criteria for assessing this knowledge and competence.

CASPs must collect necessary information from clients about their knowledge, experience, investment objectives, risk tolerance, financial situation, and understanding of crypto-asset risks. This information enables CASPs to recommend suitable crypto-assets and services.

CASPs must warn clients about:

1. • potential fluctuations in crypto-asset values;
   • possible full or partial losses;
   • liquidity risks;
   • where applicable, lack of coverage by investor compensation schemes (Directive 97/9/EC);
   • lack of coverage by deposit guarantee schemes (Directive 2014/49/EU).

CASPs must establish and implement policies to collect and assess client information for suitability assessments. They must ensure the reliability of the information collected. If clients do not provide necessary information or if the CASP deems the service or crypto-assets unsuitable, they must not recommend or provide the service or assets.

CASPs must review the suitability assessment for each client at least every 2 years. After conducting a suitability assessment, CASPs must provide clients with an electronic report detailing the advice given and how it meets the client’s preferences, objectives, and characteristics. This report must include:

• updated information on the suitability assessment;
• an outline of the advice given.

CASPs providing portfolio management must provide clients with quarterly electronic statements detailing portfolio management activities, performance, and updated suitability assessments. If clients have online access to up-to-date portfolio valuations and suitability assessments, and the CASP has evidence of quarterly access, this may substitute the quarterly statement.

Providing Transfer Services for Crypto-Assets on Behalf of Clients

CASPs offering transfer services for crypto-assets must enter into an agreement with their clients detailing their duties and responsibilities. This agreement must include:

1. • identification of the parties involved;
   • description of the transfer service modalities;
   • security systems used by the CASP;
   • applicable fees;
   • applicable law.

Assessment of Proposed Acquisitions of Crypto-Asset Service Providers

Any natural or legal person intending to acquire or increase a qualifying holding in a CASP to reach or exceed 20%, 30%, or 50%, or to make it a subsidiary, must notify the competent authority in writing, indicating the size of the intended holding and required information as per regulatory technical standards.

Any natural or legal person planning to dispose of a qualifying holding must notify the competent authority in writing before doing so, indicating the holding size. This notification is also required if the holding is reduced below 10%, 20%, 30%, or 50%, or if the service provider ceases to be a subsidiary.

The competent authority must acknowledge receipt of such notifications within 2 working days. The competent authority will assess the proposed acquisition within 60 working days from the acknowledgment date. The proposed acquirer will be informed of the assessment period’s expiry date. During the assessment, the competent authority may consult AML and CTF authorities and consider their views.

Additional information may be requested from the proposed acquirer within 50 working days of the acknowledgment date. The assessment period is suspended until this information is received, with a maximum suspension of 20 working days. Further requests will not extend the assessment period, except for up to 30 additional working days for non-EU acquirers or those regulated by third-country laws.

If the competent authority opposes the acquisition, it must notify the proposed acquirer within 2 working days and before the assessment period expires, providing reasons for the opposition. If there is no opposition by the end of the assessment period, the acquisition is deemed approved. The competent authority may set and extend a maximum period for concluding the proposed acquisition.

Content of the Assessment of Proposed Acquisitions of Crypto-Asset Service Providers

When assessing a proposed acquisition under Article 83(4), the competent authority will evaluate the suitability of the proposed acquirer and the financial soundness of the acquisition against the following criteria:

1. • the reputation of the proposed acquirer;
   • the reputation, knowledge, skills, and experience of any individual who will direct the business of the CASP post-acquisition;
   • the financial soundness of the proposed acquirer, particularly in relation to the type of business planned for the CASP;
   • the ability of the CASP to comply and continue to comply with the provisions of this Title;
   • any reasonable grounds to suspect that the acquisition is connected with money laundering or terrorist financing, or that it could increase such risks.

The competent authority may oppose the proposed acquisition if there are reasonable grounds based on the criteria in paragraph 1 or if the information provided is incomplete or false.

Member States must not impose prior conditions on the level of qualifying holding required for acquisition, nor should their competent authorities assess the acquisition based on the economic needs of the market.

Identification of Significant Crypto-Asset Service Providers

A CASP is considered significant if it has at least 15 million active users within the Union, calculated as the average daily number of active users over the previous calendar year.

CASPs must notify their competent authorities within 2 months of reaching the threshold of active users specified in paragraph 1. Upon verification, the competent authority will notify ESMA.

Competent authorities must provide ESMA’s Board of Supervisors with annual updates on supervisory developments concerning significant CASPs, including:

1. • ongoing or concluded authorisations under Article 59;
   • ongoing or concluded processes of withdrawal of authorisations under Article 64;
   • the exercise of supervisory powers as specified in Article 94(1).

The competent authority may provide more frequent updates or notify ESMA prior to decisions related to authorisations, withdrawals, or supervisory actions. The updates provided may prompt an exchange of views within ESMA’s Board of Supervisors. Where necessary, ESMA may exercise its powers under Articles 29, 30, 31, and 31b of Regulation (EU) No 1095/2010.

7. Prevention and Prohibition of Market Abuse

Scope of the Rules on Market Abuse

These rules apply to actions involving crypto-assets that are either admitted to trading or for which trading has been requested. They cover transactions, orders, or behavior related to these crypto-assets, regardless of whether they occur on or off trading platforms. The rules apply to actions and omissions both within the Union and in third countries.

Inside Information

Inside information includes:

1. • non-public, precise information that directly or indirectly relates to issuers, offerors, or persons seeking admission to trading or crypto-assets and that could significantly affect crypto-asset prices if made public;
   • for persons charged with the execution of orders for crypto-assets on behalf of clients, precise information from clients about pending orders that could impact crypto-asset prices.

Information is considered precise if it indicates specific circumstances or events that could influence prices. Intermediate steps in a process can be classified as inside information if they meet the criteria of being precise.

Information likely to significantly impact prices is that which a reasonable holder would use for investment decisions.

Public Disclosure of Inside Information

Issuers, offerors, and those seeking trading admission must promptly disclose inside information in a manner that ensures fast and accurate public access and must maintain this information on their website for 5 years.

Disclosure can be delayed if:

1. • immediate disclosure would harm legitimate interests of the issuers, offerors or persons seeking admission to trading;
   • the delay does not mislead the public;
   • confidentiality of the information is maintained.

When disclosure is delayed, the issuer, offeror, or person seeking admission to trading must inform the competent authority with a written explanation immediately after the information is made public. Member States may require this explanation only upon the authority’s request.

Prohibition of Insider Dealing

Insider dealing occurs when someone with inside information uses it to buy or sell crypto-assets, either for themselves or a third party. This also includes canceling or amending orders placed before obtaining the information, as well as submitting, modifying, or withdrawing bids. No one should engage in or attempt insider dealing, nor use inside information to acquire or dispose of crypto-assets, directly or indirectly. Recommending or inducing others to engage in insider dealing is also prohibited.

Anyone with inside information should not recommend or induce others to:

1. • buy or sell the relevant crypto-assets;
   • cancel or amend orders related to those crypto-assets.

Utilizing a recommendation or inducement based on inside information constitutes insider dealing if the person knows or should know it’s based on inside information.

This rule applies to anyone who has inside information due to:

1. • membership in administrative, management, or supervisory bodies of the issuer, offeror, or person seeking admission to trading;
   • holding capital in the issuer, offeror, or person seeking admission to trading;
   • accessing information through employment, profession, duties, or their role in distributed ledger technology;
   • involvement in criminal activities.

It also applies to anyone who knows or should know they possess inside information under other circumstances.

For legal entities, this rule applies to natural persons involved in decisions to acquire, dispose of, cancel, or amend orders for the legal entity’s account.

Prohibition of Unlawful Disclosure of Inside Information

No one possessing inside information should unlawfully disclose it to others, except when it’s part of normal employment, profession, or duties. Sharing recommendations or inducements based on inside information constitutes unlawful disclosure if the person knows or should know the information’s origin.

Prohibition of Market Manipulation

Engaging in or attempting market manipulation is prohibited.

Market manipulation includes:

1. • transactions or behaviors that give or are likely to give false or misleading signals about the supply, demand, or price of a crypto-asset, or secure an abnormal or artificial price level;
   • transactions or activities affecting crypto-asset prices using fictitious devices or deception;
   • disseminating false or misleading information through any medium, knowing it is false or misleading.

Specific behaviors considered as market manipulation:

1. • securing a dominant position over a crypto-asset’s supply or demand, impacting prices or creating unfair trading conditions;
   • placing orders that disrupt trading platforms or create misleading signals about crypto-assets;
   • using media access to voice opinions on crypto-assets to benefit from price impacts without disclosing conflicts of interest.

Prevention and Detection of Market Abuse

Those professionally arranging or executing crypto-asset transactions must have systems to prevent and detect market abuse. They must report any suspicious orders or transactions to their competent authority without delay. The competent authority should immediately inform relevant trading platforms.

8. Competent Authorities: Their Powers and Additional Packages of Documents. Penalties

Competent authorities

Member States must designate competent authorities for enforcing MiCA. If multiple authorities are designated, one must be the single point of contact for cross-border cooperation.

Competent authorities have the following powers:

• require information and documents relevant to their duties;
• suspend or prohibit crypto-asset services if regulatory infringements are suspected;
• mandate disclosure of material information affecting crypto-asset services;
• publicize non-fulfillment of obligations by service providers;
• require transfer of contracts if authorization is withdrawn, with client consent;
• conduct inspections and investigations at business premises;
• require amendments to white papers and marketing communications;
• temporarily prohibit or restrict marketing, distribution, or sale of crypto-assets;

Role of EBA and ESMA

According to MiCA, the European Banking Authority (EBA) is primarily responsible for overseeing significant ARTs and EMTs. The EBA’s roles can be categorized as follows:

1. • ensuring measures by competent authorities are justified and proportionate;
   • delegating supervisory tasks to competent authorities with consultation and scope definition;
   • collaborating with ESMA to develop standards for information exchange and cooperation among authorities;
   • overseeing investigations and supervisory activities related to ARTs and EMTs;
   • imposing supervisory measures and fines for non-compliance;
   • conducting investigations and on-site inspections of significant ARTs and EMTs issuers;
   • administering penalty payments and reviewing decisions on fines etc.

Besides, supervisory activities related to ARTs and EMTs:

1. • EBA formulates standards and guidelines for ARTs and EMTs;
   • facilitates information exchange and collaboration among supervisory bodies;
   • issues opinions on financial requirements, recovery plans, and supervisory actions;
   • has authority to limit or ban the marketing and sale of ARTs and EMTs under certain conditions under Article 104 of MiCA;
   • determines if ARTs and EMTs qualify as significant under MiCA criteria.
   • works with other European Supervisory Authorities on classifying crypto-assets.
   • works closely with the European Commission, ESMA, EIOPA, and ESRB.

The EBA is also tasked with developing guidelines and technical standards to clarify the requirements for ARTs and EMTs.

EBA’s Guidelines:

• The Final versions:
• Joint EBA and ESMA Guidelines on the suitability assessment of the members of the management body of issuers of ARTs and of CASPs;
• Joint EBA and ESMA Guidelines on the suitability assessment of shareholders and members with qualifying holdings in issuers of ARTs and in CASPs;
• Guidelines on internal governance arrangements for issuers of ARTs;
• Guidelines on recovery plans;
• Guidelines on liquidity stress testing;
• ESAs Guidelines on templates for explanations and opinions, and the standardised test for the classification of crypto-assets under MiCAR (Art 97(1));
• Guidelines on templates to assist competent authorities in performing their supervisory duties regarding issuers’ compliance;

Guidelines on redemption plans;

EBA’s Regulatory Technical Standards (RTS):

• The Final versions of RTS:
• RTS on requirements for policies and procedures on conflicts of interest for issuers of ARTs;
• RTS to specify the highly liquid financial instruments in the reserve of assets;
• RTS further specifying the liquidity requirements of the reserve of assets;
• RTS to specify the minimum contents of the liquidity management policy and procedures;
• RTS to specify the adjustment of own funds requirements and stress testing of issuers of ARTs and of EMTs;
• RTS on the procedure and timeframe to adjust own funds requirements for ‘significant’ issuers;
• RTS on the use of ARTs and EMTs denominated in a non-EU currency as a means of exchange;
• RTS on supervisory colleges;
• Implementing Technical Standards (TS) on the reporting on ARTs and EMTs denominated in a non-EU currency;
• RTS on the minimum content of the governance arrangements on the remuneration policy;
• RTS on the procedure for the approval of white papers of ARTs issued by credit institutions;
• RTS on information for assessment of a proposed acquisition of qualifying holdings in issuers of ARTs;
• TS on information for authorisation as issuers of ARTs.
• Under development:
• RTS on complaints handling procedures for issuers of ARTs.
• Under consultation:
• RTS on the calculation and aggregation of crypto exposure values

The responsibilities of the European Securities and Markets Authority (ESMA) under MiCA are extensive, covering regulatory standards, supervisory convergence, and maintaining crucial registers. Here are the key areas of ESMA’s role:

• publishes a list of competent authorities designated by Member States.
• collaborates with EBA to develop RTS;
• maintains a register of crypto-asset white papers, issuers of ARTs and EMTs, CASPs, and non-compliant entities;
• issues opinions on supervisory and regulatory matters;
• facilitates cooperation between competent authorities and third countries.

The ESMA has released the following regulatory materials:

• Final Report on the Technical Standards specifying certain requirements of MiCA (1st package), which includes:
• Article 60(13): RTS on content of notification from selected entities to NCAs;
• Article 60 (14): ITS on forms and templates for notification from entities to NCAs;
• Article 62(5): RTS on the content of the application for authorisation for CASPs;
• Article 62 (6): ITS on forms and templates for CASP authorisation application;
• Article 71(5): RTS on complaint handling procedure;
• Article 72(5): RTS on management and prevention, disclosure of conflict of interest;
• Article 84(4): RTS on intended acquisition information requirements.
• Final Report on the Technical Standards specifying certain requirements of MiCA (2nd package), which includes:
• Draft RTS pursuant to Article 6(12), 19(11), 51(15) & 66(6);
• Draft RTS pursuant to Article 68(10);
• Draft RTS pursuant to Article 76(16)(a);
• Draft RTS pursuant to Article 68 (10)(b);
• Draft RTS pursuant to Article 76 (16)(b);
• Draft ITS pursuant to Articles 6, 19 & 51;
• Draft RTS pursuant to Article 109(8);
• Draft ITS pursuant to Article 88(4).Final Report on the Guidelines specifying certain requirements of MiCA on investor protection – third package ;
• Final Report on the Guidelines on reverse solicitation;
• Final Report on the Guidelines specifying Union standards on the maintenance of systems and security access protocols for offerors and persons seeking admission to trading of crypto-assets other than asset referenced tokens and e-money tokens;
• Final Report on the Draft technical Standards specifying certain requirements in relation to the detection and prevention of market abuse;
• Final Report on the Guidelines on the conditions and criteria for the qualification of crypto-assets as financial instruments;
• Statement on MiCA Transitional Measures;
• Final Report on the Technical Standards specifying requirements for cooperation, exchange of information, and notification between competent authorities, ESAs, and third countries, which includes 2 draft RTS and 2 ITS relating to:
• the exchange of information between competent authorities;
• procedures, forms and templates for the exchange of information between competent authorities;
• procedures, forms and templates for exchange of information between competent authorities and ESMA/EBA;
• the template for cooperation with third-country authorities.

Penalties

Under the MiCA, Member States are required to empower competent authorities to impose appropriate administrative penalties and other administrative measures for specific infringements. These powers exist alongside any criminal penalties and the supervisory and investigative powers outlined in Article 94.

The regulation identifies several categories of infringements where administrative penalties are applicable: General Infringements:

• violations of key provisions ranging from Articles 4 to 14, and other specified articles, including those related to market conduct, white papers, and the operation of CASPs;
• specific infringements related to white papers, ARTs, EMTs, and CASPs (Articles 48–51, 53–55);
• breaches of requirements concerning service provision, authorization, and ongoing obligations (Articles 59–83);
• failure to cooperate with investigations, inspections, or information requests as per Article 94(3).

Member States must ensure that competent authorities have the power to impose the following penalties and measures:

• For Natural Persons:

1. • public statements identifying the responsible individual and nature of the infringement;
   • orders to cease and desist from the infringing conduct;
   • fines up to EUR 700,000, or double the profits gained/losses avoided due to the infringement, if calculable.

• For Legal Persons:

1. • maximum fines up to EUR 5 million or a percentage of total annual turnover, depending on the type of infringement:

1. • • 3% for general infringements;
     • 5% for more severe infractions;
     • 12.5% for breaches related to specific obligations;

1. • public disclosure of non-compliance;
   • orders to amend or cease certain activities;
   • temporary suspension of operations or management functions.

Enhanced penalties for severe infringements:

1. • for repeated or particularly egregious violations (e.g., insider dealing, market manipulation), fines can reach EUR 15 million or 15% of total annual turnover;
   • permanent or long-term bans from management roles in the sector.

Special provisions:

• Competent Authorities may impose temporary bans on management personnel for severe breaches;
• Authorities can order the return of profits gained from illegal activities;
• Member States can grant authorities broader powers beyond those outlined, including higher penalty limits.

9. MiCA Implementation Schedule