The New EU Markets in Crypto-Assets Regulation (“MiCAR”)
On 16 May 2023, the European Union (EU) has adopted the long-awaited Regulation (EU) 2023/1114 on Markets in Crypto-Assets (“MiCAR” or “Act”), which establishes an overall framework for markets in crypto-assets within the Union.
At global level, the MiCAR constitutes the most advanced legislation on crypto-assets to date. The Act lays down a comprehensive set of requirements for the prudential and conduct regulation of issuers and offerors of crypto-assets along with providers of crypto-asset services. It also provides extensive regulatory powers to supervisory authorities to ensure financial stability vis-à-vis the inherent volatility of markets in crypto-assets.
The MiCAR has been an essential part of the EC Digital Finance Package, a set of policies and legislative measures adopted by the European Commission back in September 2020, with the aim to (i) boost Europe’s competitiveness and innovation in the financial sector; (ii) give consumers and businesses more choice in financial services and modern payment solutions; and (iii) ensure consumer protection and financial stability.
The Act aims to support innovation and fair competition, while ensuring a high level of protection of retail holders and the integrity of markets in crypto-assets. To this end, it is expected to enable crypto-asset service providers to scale up their businesses on a cross-border basis and facilitate their access to banking services to enable them to run their activities smoothly.
1. Scope
The subjective scope of the MiCAR includes:
- Natural or legal persons who issue crypto-assets (“issuers”);
- Natural or legal persons who offer crypto-assets to the public (“offerors”);
- Natural or legal persons who provide one or more of the following services on a professional basis: (i) the custody and administration of crypto-assets on behalf of third parties; (ii) the operation of a trading platform for crypto-assets; (iii) the exchange of crypto-assets for funds; (iv) the exchange of crypto-assets for other crypto-assets; (v) the execution of orders for crypto-assets on behalf of third parties; (vi) the placing of crypto-assets; (vii) the transfer of crypto-assets on behalf of third parties; (viii) the reception and transmission of orders for crypto-assets on behalf of third parties; (ix) the provision of advice on crypto-assets; (x) the provision of portfolio management on crypto-assets (“crypto-asset service providers”).
The objective scope of the MiCAR extends to the following categories of crypto-assets:
- The general category of crypto-assets, i.e. (i) digital representations of a value or of a right, (ii) able to be transferred and stored electronically, (iii) using distributed ledger technology or similar technology;
- Utility Tokens, i.e. crypto-assets intended to provide access exclusively to a good or a service supplied by their issuers;
- E-Money Tokens (“EMTs”), i.e. crypto-assets that purport to maintain a stable value by referencing the value of one official currency;
- Asset-Referenced Tokens (“ARTs”), i.e. crypto-assets that are not EMTs and purport to maintain a stable value by referencing another value or right or a combination thereof, including one or more official currencies;
The MiCAR does not apply to (i) crypto-assets that qualify as financial instruments, deposits, funds or scuritisation positions; (ii) non-fungible tokens’ (“NFTs”); (iii) intra-group crypto-asset services; and (iv) crypto-assets issued by central banks or public authorities.
The regulatory framework of the MiCAR is structured in the following way:
- Regulation of issuers of crypto-assets other than EMTs & ARTs (Title II of the Act);
- Regulation of issuers of ARTs (Title III of the Act);
- Regulation of issuers of EMTs (Title IV of the Act);
- Regulation of issuers of significant ARTs & EMTs (Titles III & IV of the Act);
- Authorisation and regulation of crypto-asset service providers (Title V of the Act);
- Prevention and prohibition of market abuse involving crypto-assets (Title VI of the Act);
- Framework of supervision of the Act (Title VII of the Act);
2. Regulation of Issuers of Crypto-Assets Other Than EMTs & ARTs
Under the MiCAR, the offering to the public within the EU of crypto-assets that do not constitute EMTs or ARTs or their admission to trading on a trading platform for crypto-assets is subject to the following main requirements:
- The public issuance of a white paper in accordance with content and form requirements set out in MiCAR and its notification to supervisory authorities;
- conduct regulation requirements as well as additional obligations regarding commercial communications;
- inclusion in the white papers of information on the main adverse effects of the crypto-asset on the climate and the environment;
- transparency obligations when advertising the public offering or trading of the crypto-asset;
- obligation of issuers to address the right of retail holders within 14 days to withdraw from holding the crypto-asset;
- obligations to act honestly, fairly, professionally, act to the best interest of the crypto-asset retail holders, without conflict of interest, and maintain all systems and security access protocols according to appropriate EU standards.
3. Regulation of Issuers of ARTs & EMTs
The offering of ARTs or EMTs to the public or seeking their admission to a trading platform in the EU is in principle subject to prior authorization.
The authorization is granted by the national supervisory authorities of the registered seat of the offeror within three (3) months from submission of the application.
Such authorisation is valid for the entire Union and allows issuers of an ART or EMT to offer to the public, throughout the Union, the token or to seek its admission to trading.
Similarly to the issuance of crypto-assets other than EMTs or ARTs, the offering to the public within the EU of EMTs or ARTs or their admission to trading on a trading platform for crypto-assets is subject to the public issuance of a white paper in accordance with content and form requirements set in MiCAR and notification to supervisory authorities about its content and publish it along with other marketing communications.
In addition, issuers of EMTs or ARTs are required to:
- act in good faith, refrain from misleading practices and, in general, act in the best interest of the crypto-asset retail holders;
- make their marketing communications identifiable and consistent with the white paper;
- publish on their website their approved crypto-asset white paper and their marketing communications;
- disclose on their website, at least every month, the amount of tokens in circulation and the value and composition of the reserve assets;
- address the right of retail holders within 14 days to withdraw from holding the crypto-asset;
- set up internal complaint handling procedures;
- set up procedures to prevent, identify and disclose conflicts of interests;
- notify their competent authorities of any changes to their management body;
- have robust governance arrangements such as clear organisational structure, competent members in management, business continuity policy etc;
- refrain from granting interest to retail holders;
- have in place redemption plans to compensate retail holders, in case of insolvency.
Issuers of EMTs or ARTs are also subject to prudential requirements of maintaining (i) own funds at least equal to (a) EUR 350.000; or, (b) 2% of the average amount of the reserve assets, or (c) a quarter of the fixed overheads of the preceding year, whichever is higher; and (ii) (i) reserves of assets legally and operationally segregated from their estate, as well as from the reserve of assets of other tokens, and managed under specific custody policies, procedures and contractual arrangements.
Due to the fact that EMTs are considered electronic money within the meaning of the Electronic Money Directive (“EMD”) and fall within its scope, the MiCAR provides for additional obligations for issuers of EMTs, which act as lex specialis vis-à-vis the EMD. In specific, under the MiCAR:
- issuers must be authorized as electronic money institutions under EMD or as credit institutions;
- the issuance of EMTs is required to be conducted at par value on the receipt of funds;
- holders may at any time redeem the value of the EMT in cash or by credit transfer;
- the redemption of e-money tokens shall not be subject to a fee;
- funds received in exchange of EMTs shall only be invested in secure, low risk assets or deposited in a separate account of a credit institution. At least 30% of the funds must be deposits.
4. Regulation of Issuers of Significant ARTs & EMTs
The European Banking Authority (“EBA”) is empowered to designate ARTs or EMTs as significant on the basis, among others, of certain criteria, such as (i) the number of token holders; (ii) the number and value of transactions; (iii) the value of the tokens issued; (iv) significance of activities; (v) their connectivity with the financial system.
In such case, the issuers of significant ARTs or EMTs will be subject to the following additional prudential requirements under the MiCAR:
- liquidity management policy and stress-tests;
- adoption of a remuneration policy that promotes effective risk management;
- guarantee that tokens can be held in custody by different crypto-asset service providers;
- enhanced supervision by the European Banking Authority (EBA) and national competent authorities.
5. Authorisation and Regulation of the Operation of Crypto-Asset Service Providers
Crypto-asset services shall only be provided within the EU by legal entities that have a registered office in a Member State of the Union and have been granted with relevant authorisation by the competent supervisory authority of their registered seat.
During the authorisation process, Crypto-Asset Service Providers (“CASPs”) must provide comprehensive information about their operations and internal structures (i.e. internal risk control mechanisms, AML compliance etc).
Following their authorisation, CASPs may lawfully provide their services to other member states through the passporting regime of MiCAR upon the provision of a required set of information to the supervisory authority of their home member state.
All categories of CASPs have the following general obligations under the MiCAR:
- obligation to behave honestly, fairly and professionally in the interest of their clients;
- obligation to have, at all times, precautionary safeguards equal to an amount of at least the higher of the following: a) amount of the permanent minimum capital requirements set out by the MiCAR, or (b) one quarter of the previous year's fixed overheads, reviewed annually;
- disclosure of information on the main adverse effects of crypto-assets on the climate and the environment;
- establishment of a governance framework, especially in relation to management executives and policies and procedures that ensure the compliance with the Act;
- obligation for the safe custody of crypto-assets and customer funds;
- establishment of internal complaint handling procedures;
- identification, prevention, management and disclosure of conflicts of interest;
- obligations for the management of outsourcing agreements;
- redemption plans in case of insolvency;
- obligations in relation to the acquisition of crypto-asset service providers;
CASPs are also required to retain records of all activities, orders and transactions for a period of five years and provide information to clients and authorities. In addition, they must share information about legal persons holding qualifying stakes in the CASP, IT system security arrangements in place and the business continuity policy.
Apart from the foregoing, the MiCAR provides for additional obligations for providers (i) providing custody and administration of crypto-assets on behalf of clients; (ii) operating a trading platform for crypto-assets; (iii) providers exchanging crypto-assets for funds or other crypto-assets; (iv) executing orders for crypto-assets on behalf of clients; (v) placing crypto-assets; (vi) receiving and transmitting orders for crypto-assets on behalf of clients; (vii) providing advice on crypto-assets or providing portfolio management of crypto-assets; and (viii) providing transfer services for crypto-assets on behalf of clients.
CASPs having in the Union at least 15 million active users, on average, in one calendar year, are considered as significant CASPs and are required to notify their competent authorities within two months of reaching the foregoing number of active users. The MiCAR subjects significant CASPs to advanced powers of investigation and supervision by competent authorities.
6. Prevention and Prohibition of Market Abuse Involving Crypto-Assets
According to the MiCAR, issuers, offerors and persons seeking admission to trading shall, as soon as possible, post and maintain on their website, for a period of at least five years, all inside information required to be publicly disclosed and shall not combine the disclosure of inside information to the public with the marketing of their activities.
Furthermore, the Act prohibits insider dealing practices or use inside information about crypto-assets to acquire, or dispose of, those crypto-assets, directly or indirectly, whether for that person’s own account or for the account of a third party. It also prohibits disclosure of inside information to any other person, except where such disclosure is made in the normal exercise of an employment, a profession or duties.
In addition, the Act prohibits market manipulation in the form of entering into a transaction, placing an order to trade or engaging in any other behaviour which is misleading in respect of the supply, demand or price of a crypto-asset, or affects the price of a crypto-asset, while employing a fictitious device or any other form of deception or contrivance, or in the form of publicly disseminating misleading information.
Along these lines, any person professionally arranging or executing transactions in crypto-assets shall have in place effective arrangements, systems and procedures to prevent and detect market abuse and notify any reasonable suspicion regarding such abuse to the competent authority of the Member State of its registered seat.
7. Supervision & Enforcement
National authorities for the supervision of the MiCAR shall be designated by virtue of the Greek law supplementing the Act. Customers, retail holders, consumer associations and any other interested pary may submit complaints before competent authorities regarding the violation of the Act.
National supervisory authorities shall have the power to carry out on-site inspections or investigations, take precautionary measures, require offerors to amend their crypto-asset white paper or suspend or prohibit crypto-asset offers, order the cessation of unlawful practices or conduct, prevent directors from exercising management over CASPs or even refer matters for criminal investigation.
In case of violation of the Act, National supervisory authorities may also impose administrative sanctions to supervised entities of at least twice the amount of the profits gained or losses avoided or administrative sanctions of up to 12,5% of the total annual turnover, or even revoke their authorisation.
The ESMA and EBA facilitate and coordinate the cooperation between national supervisory authorities. Furthermore, they have the power to issue technical standards and guidelines, take appropriate precautionary measures to protect customers and retail holders, temporarily intervene in crypto markets at EU level, take measures in relation to the circulation, trading and sale of cryptocurrencies at EU level and exercise advanced supervisory powers in relation to significant offerors and CASPs.
National supervisory authorities shall notify (a) crypto-asset white papers for crypto-assets other than ARTs or EMTs; (b) issuers of asset-referenced tokens; (c) issuers of e-money tokens; and (d) crypto-asset service providers before the ESMA, which shall maintain a relevant register at EU level and make it publicly available.
8. Timeline
The MiCAR shall come in force on the 20th day from the date of its publication at the official journal of the EU and shall apply 18 months after the date of its entry into force.
The European Commission shall adopt delegated acts within 36 months from the entry into force of the Act. The EBA and ESMA shall also adopt technical standards specifying requirements of the Act within certain time-frames.
According to the transitional provisions of the Act, its requirements regarding offers of crypto-assets shall not apply for crypto-assets offered or traded before MiCAR enters in force. In addition, CASPs that provided services in accordance with applicable law before MiCAR, may continue to do so until they are authorized or for a maximum of18 months from its application.
The Regulation (EU) 2023/1114 on Markets in Crypto-Assets is available here.