The EU and the UK are developing significant changes to their regulatory frameworks to reflect the growing importance of the cryptoasset sector in Europe. We discuss a major EU development—the proposed Markets in Cryptoassets Regulation (MiCA)—immediately below and significant UK regulatory initiatives in the following section.
On June 30, 2022 the Parliament and Council of the EU reached provisional political agreement in relation to MiCA. MiCA aims to introduce a harmonized legal framework for certain cryptoassets and cryptoasset market participants in the EU.
MiCA will apply in respect of cryptoassets that are not “financial instruments” under the EU Markets in Financial Instruments Directive (MiFID),1 bank deposits, structured bank deposits, or e-money under existing EU financial services legislation.
In-scope cryptoassets are divided into three sub-categories, to which proportionately more onerous obligations will apply depending on the systemic importance of the relevant sub-category:
- Utility tokens, the lowest risk category: a type of cryptoasset that is intended to provide digital access to a good or service, available on Distributed Ledger Technology (DLT), and is only accepted by the issuer of that token;
- Stablecoins, the next-highest risk category:
- Asset-referenced tokens (A-RTs): a type of cryptoasset that purports to maintain a stable value by referring to the value of several fiat currencies that are legal tender, one or several commodities or one or several cryptoassets, or a combination of such assets, excluding algorithmic stablecoins and central bank digital currencies; and
- E-money tokens: a type of cryptoasset—the main purpose of which, is to be used as a means of exchange and that purports to maintain a stable value by referring to the value of a single fiat currency that is legal tender; and
- Significant A-RTs tokens and e-money tokens, the highest risk category: these tokens that the European Commission considers pose significant risks for financial stability and consumer protection. MiCA will mandate the European Banking Authority to issue guidance on the meaning of “significant” for these purposes.
It is anticipated that non-fungible tokens (NFTs), which are typically unique, non-divisible tokens that represent underlying digital assets (e.g., digital art, music, and videos), will not be in scope of MiCA unless they fall into a category of in-scope cryptoasset. The European Commission will consider in due course whether an NFT-specific regulatory regime is warranted.
MiCA will apply to issuers of the in-scope cryptoassets described above and to cryptoasset service providers (CASPs). CASPs are firms that provide services to third parties on a professional basis in respect of cryptoassets, including custodian wallet providers, cryptoasset exchanges, and cryptoasset trading platforms.
Summary of Requirements
MiCA will impose a broad range of obligations on issuers and CASPs, including a bespoke market abuse regime, change in control requirements for acquirers and vendors, and certain mandatory environmental disclosures. Other key points of the proposal include:
- Offerings and marketing to the public, and admission to trading of cryptoassets, other than A-RTs, and e-money tokens.
- Broadly speaking, this applies to utility tokens. Subject to limited exemptions, in order to offer relevant cryptoassets to the public in the EU or seek admission to trading for that asset on a crypto trading platform (admission to trading), issuers will be required to provide their home Member State2 regulatory authority with copies of marketing communications and a “white paper” (in effect, a scheme of operations relating to the cryptoasset), and make that white paper publicly available at or before launch. Once an issuer has complied with those obligations, they will be permitted to offer the relevant cryptoasset throughout the EU and seek admission to trading without further disclosure requirements.
- Issuers of cryptoassets, other than A-RTs and e-money tokens, will also be subject to a range of fair dealing obligations. Those requirements, which are similar to comparable standards under MiFID, include obligations to: 1) act honestly, fairly, and professionally; 2) communicate in a fair, clear, and not misleading manner; 3) prevent, identify, manage, and disclose any conflicts of interest that may arise; and 4) maintain all systems and security access protocols to appropriate EU standards. Issuers will also be required to act in the “best interests” of holders of such cryptoassets.
- It is anticipated that these requirements will not apply in respect of proof-of-work crypto-assets (e.g., Bitcoin and Ethereum) on the basis that they do not have a single issuer.
- Issuers of cryptoassets, other than A-RTs and e-money tokens, issued before MiCA enters into force will, in principle, be able to rely on grandfathering provisions that exempt them from the obligations described above.
- Offerings and marketing to the public and admission to trading of A-RTs and e-money tokens.
- In order to offer A-RTs to the public in the EU or to seek admission to trading, issuers will be required to obtain authorization from their home Member State3 regulatory authority, albeit that EU credit institutions (i.e., banks) will be exempt from that requirement. Issuers must be a legal entity established in the EU and must comply with conduct requirements that are materially similar to those outlined above, including in relation to disclosure, conflicts of interest, governance arrangements, complaints handling, and certain prudential requirements relating to, among other obligations, the maintenance and segregation of reserve assets and the orderly wind-down of their activities.
- Subject to limited exemptions, issuers of e-money tokens must be authorized either as credit institutions or e-money institutions under existing EU banking and e-money regulation.4 They must also issue a white paper before offering their tokens to the public in the EU. E-money token issuers will also be subject to requirements relating to the issuance and redeemability of e-money tokens and marketing communications, among other obligations, and to potential liability from holders of tokens for losses caused by deficiencies in the issuer’s white paper.
- Authorization of CASPs.
- CASPs will be required to be authorized under MiCA. The relevant authorization requirements include having their registered office in the EU. Credit institutions will be exempt from this authorization requirement, as will MiFID investment firms where they provide cryptoasset services equivalent to the investment services and activities for which they are authorized under MiFID.
- Once authorized, CASPs will be permitted to provide their services across the EU on a cross-border basis (i.e., they may “passport” their services). They will also be subject to certain conduct and prudential requirements including an obligation to act honestly, fairly, and professionally in the best interests of client, prudential capital requirements, organizational requirements, rules on safekeeping of clients’ cryptoassets and funds, obligation to establish a complaint handling procedure, and requirements relating to conflicts of interest and outsourcing.
- MiCA will impose certain service-specific obligations on CASPs, including in relation to custody and administration, the operation of a trading platform or a crypto exchange, arranging and executing orders, and placing and advisory services.
- CASPs that provided their services “in accordance with applicable law” prior to the date that MiCA comes into force will be permitted to continue to operate without authorization under MiCA for 18 months from the date that MiCA comes into force or until the date the CASP becomes authorized under MiCA, whichever is sooner. Member States will also be permitted to offer a simplified authorization procedure during that 18-month period for CASPs that were previously authorized under national law to provide cryptoasset services.
What Does This Mean for Firms?
Firms that are already authorized as credit institutions or MiFID investment firms will be permitted to operate as CASPs if they notify their home Member State regulatory authorities before providing their CASP services for the first time. Similarly, credit institutions and e-money institutions will not be required to obtain authorization as e-money token issuers. Firms should seek to understand the general compliance obligations under MiCA that they will become subject to when operating as CASPs or as issues (as applicable).
The potential impact on firms that are not so authorized may be profound, depending on the nature of the business they carry on. Firms that intend to take advantage of grandfathering and transitional provisions in MiCA should use any transitional period to prepare for authorization (including by building appropriate systems and controls).
For non-EU firms, it is important to note that MiCA does not contain a third country regime. Non-EU firms will therefore be required to establish a physical presence in an EU Member State in order to apply to become authorized under MiCA if they wish to promote their services to clients in the EU.
MiCA represents the latest step in the development of an EU framework for the regulation of cryptoassets, an area that the UK is also developing in parallel. Indeed, on July 5, 2022, the Bank of England (the BoE) stated the case for significant new regulation for cryptoasset firms.5 The extreme volatility in cryptoasset markets in recent times, the BoE noted, “underscores the need for enhanced regulatory and law enforcement frameworks to address developments in these markets and activities.” This was particularly the case, the BoE argued, in relation to stablecoins that are “used as money-like instruments in systemic payment chains,” which “should meet equivalent standards to commercial bank money in relation to stability of value, robustness of legal claim and the ability to redeem at par in fiat.“
The BoE’s announcement comes off the back of HM Treasury confirming its intention to introduce significant new UK regulation for cryptoasset firms.6 The changes would include, in particular:
- a requirement that issuers of certain stablecoins (i.e., those that refer to fiat currencies) and providers of related services (e.g., custodial wallets) obtain authorization from the UK Financial Conduct Authority (the FCA) under the UK’s e-money framework;
- bringing systemically important stablecoin activities (e.g., certain stablecoin payment systems) under the direct supervision of the BoE and the FCA; and
- extending UK competition / anti-trust law to ensure that stablecoin-based payment systems are subject to regulation by the UK Payment Systems Regulator.
HM Treasury and the FCA are also planning to amend UK rules on the promotion of financial services and products to include certain “qualifying cryptoassets” (e.g., utility and exchange tokens) and certain activities carried out in relation to them (e.g., dealing, arranging deals in, managing and advising on, qualifying cryptoassets). In summary, this change will prohibit the promotion of certain fungible and transferable cryptoassets and related services unless the promotion is made, or approved, by an FCA or PRA-authorised firm.
It is anticipated that the proposed expansion of UK authorization and financial promotion requirements will be finalized and come into effect during 2022-23.
Publication of the final text of MiCA is anticipated in H2 2022, with the final Regulation expected to apply from 2024. One important caveat to the summary above is that, because the agreed text of MiCA has not yet been published, the full extent and nuance of MiCA may not become apparent for some time.
Cryptoasset issuers and service providers operating in the EU and/or the UK should note the direction of travel under the proposals and reassess their position once the relevant requirements are finalized.
 Directive 2014/65/EU.
 The EU Member State where: (i) the issuer has its registered office or a branch; (ii) if the issuer has no registered office in the EU but two or more branches in the EU, the branch Member State chosen by the issuer; and (iii) if the issuer has no registered office or branches in the EU, the Member State in which the offering or admission to trading is first made.
 The EU Member State where the issuer has its registered office.
 Regulation (EU) No 575/2013 and Directive 2009/110/EC, respectively.
 The Bank of England, Financial Stability Report, July 5, 2022.
 HM Treasury, UK regulatory approach to cryptoassets, stablecoins and distributed ledger technology in financial markets: Response to the consultation and call for evidence, April 4, 2022.