MiCA Regulatory Developments and Market Impact in H1 2025

Executive Summary

The first half of 2025 marks a critical implementation phase for the Markets in Crypto-Assets (MiCA) Regulation (EU) 2023/1114. The European Supervisory Authorities (ESAs), including ESMA and the EBA, have released a significant volume of Level 2 and Level 3 measures, primarily in the form of Regulatory Technical Standards (RTS), Implementing Technical Standards (ITS), and guidelines. This report provides a technical analysis of these developments, focusing on their direct impact on the operational, compliance, and strategic frameworks for Crypto-Asset Service Providers (CASPs), issuers, and other financial market participants engaging with digital assets.

1. CASP Authorisation and Prudential Oversight: A Harmonised, High-Standard Regime

The authorisation framework for CASPs under Title V of MiCA has been substantially detailed, establishing a stringent, harmonised gateway to the EU market.

• Supervisory Expectations and Substance: The ESMA supervisory briefing on authorisation of CASPs (January 2025) sets a high supervisory bar. Under Article 62 of MiCA, applications must demonstrate robust governance, including a clear organisational structure, effective risk management processes, and business continuity plans. ESMA has explicitly warned against "letter-box" entities, requiring genuine substance and management presence within the authorising Member State.

• 'Fit and Proper' Assessments: In line with the joint EBA and ESMA guidelines, National Competent Authorities (NCAs) will conduct rigorous assessments of the suitability of management body members and qualifying shareholders. These assessments are comprehensive, scrutinising integrity, experience, and potential conflicts of interest, with past regulatory infringements in any jurisdiction being a critical factor.

• AML/CFT Integration: Authorisation is intrinsically linked to AML/CFT compliance. Applicants must demonstrate robust internal control mechanisms to mitigate money laundering and terrorist financing risks, aligning with the 5th Anti-Money Laundering Directive (AMLD5) and the Transfer of Funds Regulation (TFR). NCAs will consult with Financial Intelligence Units (FIUs) as part of the authorisation process.

• Outsourcing Controls: While Article 73 of MiCA permits outsourcing, the ESMA briefing clarifies that critical functions cannot be outsourced to the extent that the CASP becomes an empty shell. Firms retain full responsibility and must ensure that outsourcing arrangements, particularly to third-country entities, do not impair risk management or the NCA's supervisory capacity.

2. Conflicts of Interest: Granular Requirements for CASPs and Issuers

The European Commission has adopted delegated regulations specifying the conflict of interest regimes, mandating a structured approach to identification, prevention, management, and disclosure.

• CASPs (Article 72, MiCA): Commission Delegated Regulation (EU) 2025/1142 specifies the requirements for CASPs' conflict of interest policies. Firms must implement detailed procedures covering, inter alia, personal account dealing by staff, remuneration policies that could create misaligned incentives, information barriers between different business lines (e.g., proprietary trading vs. custody), and the management of conflicts arising from underwriting or providing advice on crypto-assets. Disclosure to clients must be specific, timely, and sufficient to allow for an informed decision.

• ART Issuers (Article 32, MiCA): Similarly, Commission Delegated Regulation (EU) 2025/1141 details the conflict of interest policies for issuers of Asset-Referenced Tokens. These rules focus on disputes between the issuer's interests and those of the token holders, particularly concerning the management of the reserve assets, relationships with custodians or other service providers, and decisions regarding the composition or redemption of the reserve.

3. Market Abuse Regime (MAR for Crypto): Surveillance and Reporting Obligations

Title VI of MiCA establishes a market abuse framework analogous to the Market Abuse Regulation (MAR). The ESMA final report on guidelines and the Commission's Delegated Regulation on RTS for market abuse operationalise these requirements.

• Scope and Prohibitions: The regime prohibits insider dealing (Article 89), unlawful disclosure of inside information (Article 90), and market manipulation (Article 91). The definition of "inside information" under Article 87 is broad, covering any precise information that, if made public, would be likely to have a significant effect on the price of a crypto-asset.

• Surveillance Obligations: Persons Professionally Arranging or Executing Transactions (PPAETs), which include most CASPs, are mandated under Article 92 to establish and maintain adequate arrangements, systems, and procedures to prevent and detect market abuse. This requires both on-chain and off-chain surveillance capabilities.

• Suspicious Transaction and Order Reporting (STORs): PPAETs must report any reasonable suspicion of market abuse to their NCA without delay. The RTS provide a standardised template for these STORs, ensuring consistent and actionable reporting across the EU.

4. Prudential Treatment and Reporting Standards

• Prudential Backstop for Credit Institutions: The EBA's consultation on draft RTS under Article 501d(5) of the Capital Requirements Regulation (CRR) is a critical development for banks. These RTS will define the calculation of exposure values for crypto-assets, implementing the transitional provisions in CRR3. The approach aims for alignment with the Basel Committee's standard on crypto-asset exposures, likely resulting in high-risk weightings for unbacked crypto-assets and specific treatments for qualifying ARTs and EMTs.

• CASP Record-Keeping and Reporting: A suite of delegated acts establishes extensive reporting and record-keeping obligations. Notably, Commission Delegated Regulation (EU) 2025/1140, implementing Article 68(10) of MiCA, sets forth detailed RTS on the records to be kept by CASPs for all services, activities, orders, and transactions. This necessitates significant investment in data infrastructure to ensure compliance and facilitate supervisory access.

5. Analysis of Regulatory Overlap: MiCA and PSD2

The interaction between MiCA and PSD2 has been a key area of legal uncertainty, particularly for e-money tokens (EMTs), which are "deemed to be electronic money" under Article 48(2) of MiCA.

• EBA Opinion and "No Action" Letter: The EBA's opinion (June 2025) clarifies its position. It considers that certain crypto-asset services involving EMTs, such as transfer services and the provision of custodial wallets that allow transfers to third parties, constitute "payment services" under PSD2.

• Supervisory Forbearance: To prevent a burdensome dual-authorisation requirement in the immediate term, the EBA has advised NCAs to apply supervisory forbearance and not enforce a separate PSD2 authorisation for these activities until a long-term legislative solution is enacted. This is a temporary measure, not a legal exemption.

• Long-Term Legislative Solution: The EBA has explicitly recommended that this overlap be resolved within the forthcoming legislative proposals for the Payment Services Directive 3 (PSD3) and Payment Services Regulation (PSR), likely by integrating the relevant prudential and conduct requirements directly into an enhanced MiCA framework for firms dealing in EMTs.

6. Strategic Considerations for Market Participants

The granular requirements established in H1 2025 necessitate immediate and strategic action from all firms within the MiCA ecosystem.

• Compliance Framework Remediation: Firms must conduct a detailed technical gap analysis against the final RTS and guidelines. This should result in a time-bound remediation plan to upgrade policies, procedures, and internal control frameworks to meet the new, higher standards.

• Investment in RegTech and Data Infrastructure: The requirements for market abuse surveillance (Article 92) and transaction record-keeping (Article 68) mandate significant technological investment. Firms should evaluate and implement advanced regulatory technology (RegTech) solutions for surveillance, monitoring, and reporting.

• Capital and Liquidity Planning: Credit institutions must model the capital impact of the new CRR rules for crypto-exposures. Issuers of ARTs and EMTs must implement robust liquidity management policies and stress-testing programmes as specified in the relevant EBA RTS.

• Strategic Review of Business Models: The regulatory framework, particularly the rules on conflicts of interest, outsourcing, and the MiCA/PSD2 overlap, may require firms to review and potentially restructure their business models, service offerings, and legal entity structures to ensure both compliance and operational efficiency.

• Proactive Regulatory Engagement: Firms should establish a clear strategy for engaging with their respective NCAs. This includes maintaining an open dialogue throughout the authorisation process (or transitional period) and demonstrating a sophisticated understanding of and commitment to the new regulatory paradigm.

#MiCARegulation #DigitalAssets #CryptoCompliance #RegTech #ESMA #EBA #FinancialRegulation #LegalTech #RiskManagement