On 9 June 2023, Regulation (EU) 2023/1114 on markets in crypto-assets (“MiCA”) was published in the Official Journal of the European Union. MiCA brings crypto-assets, crypto-asset issuers and crypto-asset service providers (“CASPs”) under a pan-EU regulatory framework.
The MiCA framework introduces common rules for the crypto industry, which aim to protect investors and ensure market integrity, whilst allowing for innovation in the sector. It also contains safeguards for environmental protection and the prevention of financial crime and market abuse. MiCA is accompanied by the Regulation on information accompanying transfers of funds and certain crypto-assets (here), which concerns crypto-assets in the context of anti-money laundering rules.
Crypto-assets have grown in a short space of time, leaving a legal and regulatory gap behind them. Some crypto-assets currently fall under existing regulatory requirements, such as those qualifying as financial instruments under the Markets in Financial Instruments Directive 2014 (Directive 2014/65/EU) (“MiFID II”). However, several high-profile implosions of crypto firms highlighted the inadequacies of existing rules, the dangers of a lack of regulation and the risks to individuals and financial stability. The EU took the view that it was essential that all crypto-assets were regulated by a bespoke crypto regulation in order to protect competition in the EU and safeguard investors.
MiCA began life in 2020 as a European Commission proposal comprised within the EU digital finance strategy (here). Since then, other aspects of that strategy have also become law, such as the Digital Operational Resilience Act (“DORA” – see our briefing here)1 and the Regulation on a pilot regime for market infrastructures based on distributed ledger technology (“DLT Pilot Regime Regulation”)2.
MiCA in summary – what does it do?
MiCA deals with three types of crypto-asset:
- asset-referenced tokens (“ARTs”),
- electronic money tokens (“e-money tokens” or “EMTs”) and
- crypto-assets other than ARTs or e-money tokens, such as utility tokens.
ARTs and EMTs are types of stablecoin. An ART purports to maintain a stable value by referencing another value or right or combination thereof, such as a basket of currencies. An EMT purports to maintain a stable value by referencing an official currency.
MiCA prescribes uniform requirements for the offering and admitting to trading of these types of crypto-assets and prescribes requirements for CASPs. These requirements include transparency and disclosure requirements for the admission to trading of crypto-assets, authorisation and supervision requirements, requirements for the protection of holders of crypto-assets and the clients of CASPs, and measures to prevent market abuse such as insider dealing or market manipulation.
MiCA applies to persons and entities that are engaged in the issuance, offer to the public and admission to trading of crypto-assets or that provide services related to crypto-assets in the EU.
MiCA does not apply to crypto-assets that “are unique and not fungible with other crypto-assets”, i.e. non-fungible tokens (“NFTs”) or to crypto-assets that also qualify as one or more of:
- financial instruments as defined in MiFID II;
- deposits, including structured deposits, as defined in the Deposit Guarantee Scheme Directive3;
- funds, except if they qualify as e-money tokens, as defined in the Payment Services Directive (“PSD2”)4;
- securitisation positions;
- non-life or life insurance products or reinsurance and retrocession contracts; or
- certain pension products, social security schemes and officially recognised occupational pension schemes.
There are certain entities to whom MiCA does not apply including persons who provide crypto-asset services exclusively for their parent companies or subsidiaries, a liquidator or an administrator acting in the course of an insolvency procedure, the European Central Bank and the European Investment Bank.
Key provisions on crypto-assets
The MiCA framework includes several important definitions:
- A crypto-asset is defined as “a digital representation of a value or of a right that is able to be transferred and stored electronically using distributed ledger technology or similar technology”.
- A CASP is defined as “a legal person or other undertaking whose occupation or business is the provision of one or more crypto-asset services to clients on a professional basis, and that is allowed to provide crypto-asset services in accordance with Article 59”5. This will include crypto exchanges and custody providers.
- A crypto-asset service means any one of a list of services and activities relating to crypto-assets such as, for example, providing custody and administration of crypto-assets, operating a trading platform for crypto-assets, providing advice on crypto-assets and providing portfolio management on crypto-assets.
An ART is defined as “a type of crypto-asset that is not an electronic money token and that purports to maintain a stable value by referencing another value or right or a combination thereof, including one or more official currencies”.
MiCA provides that asset-referenced tokens can only be offered to the public by entities authorised by the competent authority or a credit institution that meets certain requirements. This authorisation is valid across the EU and will allow the issuer of the ART to offer the ART to the public across the EU or to seek admission to trading of the ART. ART issuers must have strong governance procedures and lines of responsibility. They must prepare a recovery plan outlining measures to be taken to restore compliance with reserve of assets requirements. ART issuers must have a registered office in the EU. Significant ART issuers will also be subject to higher capital requirements and oversight by the European Banking Authority (“EBA”).
Issuers of ARTs must draw up a white paper and the white paper must contain certain specified information about: the issuer, the ART, the rights and obligations attached to the ART, the underlying technology, the risks, the reserve of assets and the principle adverse impacts on the climate and other environment-related adverse impacts of the consensus mechanism used to issue the ART. The white paper must be approved by the national competent authority (“NCA”) and published on its website.
An EMT is defined as a “crypto-asset that purports to maintain a stable value by referencing the value of one official currency”.
Issuers of EMTs must be authorised as a credit institution or an electronic money institution. Issuers must issue EMTs at par value and grant holders redemption rights at par value and cannot grant interest on EMTs. It will be necessary for a white paper to be published and notified to the NCA when offering the crypto-assets to the public or seeking their admission to trading. However, unlike for an ART, the EMT white paper will not be subject to approval by the NCA.
Significant EMTs will be subject to higher capital requirements and oversight by the EBA.
It is notable too that the European Commission published on 28 June 2023 a proposal for a new directive on payment services and electronic money services (“PSD3”). This proposal states that EMTs are a form of crypto-asset which can scale up significantly in size and pose risks affecting financial stability, monetary sovereignty and monetary policy. The European Commission further stated in that PSD3 proposal that a package of proposed amendments to MiCA is currently under discussion by the EU co-legislators.
Other crypto-assets such as utility tokens
MiCA also provides for the regulation of crypto-assets other than ARTs and EMTs, including utility tokens. A utility token refers to “a type of crypto-asset that is only intended to provide access to a good or a service supplied by its issuer”. These other crypto-assets have less onerous requirements. Crucially, an issuer of this type of crypto-asset, such as a utility token, is not required to hold a regulatory authorisation. However, it will be necessary for a white paper to be published and notified to the NCA when offering the crypto-assets to the public or seeking their admission to trading. As with an EMT, the white paper does not need to be approved by the NCA.
Key provisions for CASPs
Under MiCA, CASPs are entities that provide crypto-asset services to clients on a professional basis. They must be authorised by an NCA in order to operate in the EU. Importantly, certain financial services providers that are authorised under existing legislation can also provide crypto-asset services without separately obtaining authorisation as a CASP under MiCA, provided they fulfil certain requirements. This applies to credit institutions, central securities depositories, investment firms, market operators, electronic money institutions, UCITS management companies, and alternative investment fund managers.
A CASP must have a registered office in an EU member state where it carries out at least part of its crypto-asset services. The CASP also must have its place of effective management in the EU and must have at least one director resident in the EU.
One of the benefits of MiCA’s harmonised rules is that CASPs can provide crypto-asset services throughout the EU by passporting, either through the right of establishment (including through a branch) or through the freedom to provide services. CASPs that provide crypto-asset services on a cross-border basis will not be required to have a physical presence in the territory of a host Member State.
Entities that intend to provide crypto-asset services must submit their application for an authorisation as a CASP to the competent authority of their home Member State (being the Central Bank of Ireland in Ireland’s case). This application must contain certain information, such as:
- the CASP’s name, contact details, website, physical address, and legal form;
- a programme of operations outlining the types of crypto-asset services intended to be provided;
- proof that it meets the requirements for prudential safeguards set out in Article 67 of MiCA;
- a description of governance arrangements, and proof that the members of its management body have appropriate knowledge, skills and experience to manage the provider and are in good repute;
- the identity of any direct or indirect shareholders with qualifying holdings; and
- the type of crypto-asset to which the crypto-asset service relates.
CASPs have numerous regulatory requirements under MiCA, including governance arrangements, obligations regarding the disclosure of conflicts of interest, marketing requirements and prudential safeguarding requirements.
A CASP will be deemed to be ‘significant’ for the purposes of MiCA (and hence subject to EBA direct supervision) if it has at least 15 million active users in the EU, on average, in one calendar year.
Under new rules contained in Regulation (EU) 2023/1113 (the “Recast Transfer of Funds Regulation”) on information accompanying transfers of funds and certain crypto-assets , CASPs are obliged to collect and make accessible certain information about the sender and beneficiary of the transfers of crypto-assets they operate, regardless of the amount of crypto-assets being transacted. This ensures the traceability of crypto-asset transfers to more easily identify possible suspicious transactions and block them. The Recast Transfer of Funds Regulation expressly recognises that certain transfers of crypto-assets entail specific high-risk factors for money laundering, terrorist financing and other criminal activities, in particular transfers related to products, transactions or technologies designed to enhance anonymity, including privacy wallets, mixers or tumblers. The EBA is tasked with issuing guidelines to specify the enhanced due diligence measures that may be necessary for CASPs to deploy in such circumstances, including possibly the use of distributed ledger technology (DLT) analytic tools to detect the origin or destination of crypto-assets.
MiCA also introduces rules that prohibit market abuse regarding any form of crypto-asset transaction or service. This includes unlawful disclosure of inside information, insider trading and actions that are likely to lead to disruption or manipulation of crypto-assets.
Following approval by the Council of the EU and the European Parliament, MiCA was published in the Official Journal on 9 June 2023 and entered into force on 29 June 2023. MiCA will mostly apply from 30 December 2024 but the requirements relating to ARTs and EMTs will apply from 30 June 2024.
As an EU Regulation having direct application in Member States, no national transposition measure is required under Irish law. However, there are certain national discretions that are left to be implemented by each Member State and other ancillary matters which will require some supplementary Irish law measures, most likely in the form of regulations made by the Minister for Finance.
MiCA contains transitional measures for CASPs already operating in accordance with national law before 30 December 2024. Such CASPs are permitted to provide their services until 1 July 2026 or until they are granted or refused authorisation under MiCA, whichever is sooner. A Member State may decide not to apply this transitional regime or to reduce its duration where the relevant national regulatory framework is less strict than under MiCA.
Ireland as a jurisdiction of choice for MiCA business
MiCA presents an excellent opportunity for Ireland to become a jurisdiction of choice for CASPs to establish here as a base from which to access the EU market. Ireland already has a thriving FinTech ecosystem, building on the country’s many advantages in finance and technology. Ireland’s credible and robust financial services regulatory framework is key to underpinning this ecosystem.
The Central Bank of Ireland has repeatedly emphasised its commitment to being open and engaged with respect to FinTech, and this is demonstrated through engagement with industry. The enhancements to the Central Bank of Ireland’s Innovation Hub, expected later in 2023, will undoubtedly reinforce this commitment. Tangibly, the Central Bank of Ireland’s process for registering virtual asset service providers (VASPs) is now well established and the Central Bank of Ireland recently took the important step of permitting a type of regulated fund under Irish law (a qualifying investor alternative investment fund or ‘QIAIF’) to hold exposures to crypto of up to 20% for open-ended funds and up to 50% for close-ended funds.
Ultimately though, the approach of a regulator in any jurisdiction should only be one of many considerations when firms are considering which EU jurisdiction should be the ‘home’ Member State for regulatory purposes. Other considerations such as the availability of talent, professional services, language, tax etc. should be equally relevant. Speaking at a recent Blockchain Ireland event on 30 May 2023, Gerry Cross, Director of Regulation, Policy & Risk at the Central Bank of Ireland emphasised the need to ensure, at EU level, that national regulators do not engage in regulatory arbitrage. Interestingly, he observed a parallel with the choice of EU jurisdiction by UK firms following Brexit (here). He noted that, during the Brexit-related migrations, the European Securities and Markets Authority (ESMA) established a very effective Supervisory Coordination Network to drive consistency and there would be real merit in the EBA establishing a similar mechanism for crypto-related applications during the current period leading up to MiCA implementation.
MiCA represents a resounding achievement for the EU. Following years of unregulated development, culminating in several high-profile collapses, it was necessary for the EU to lead the way in regulating this emerging technology. MiCA lays down strong markers that the EU is serious in its intent to bring crypto-assets into the regulatory mainstream – by allowing for their orderly development in a manner that adequately mitigates risk.
It must be acknowledged that there are some issues left unresolved by MiCA. For example, NFTs are excluded from its scope, leaving uncertainty in this area. So too, fully decentralised finance (de-fi) using automated processes with no intermediaries (e.g. decentralised exchanges) is outside the scope of MiCA. MiCA requires the European Commission to report to the European Parliament on developments in both of these areas by 30 December 2024, if appropriate, accompanied by a legislative proposal.