Objective of the EU regulatory framework for crypto assets
It seeks to establish an EU legal framework for crypto assets which essentially aims to expand and encourage the use of transformative technologies in the financial sector, especially with regard to distributed ledger technology (DLT).
Aside from creating legal certainty and security regarding crypto assets, the focus is on promoting innovation and fair competition in the European financial market while ensuring a high level of consumer protection and market integrity. In addition, this legislative proposal aims to eliminate regulatory arbitrage through fragmented regulation within EU member states. The specific objectives derived from this are presented in figure 1.
Types of tokens as defined by the MiCAR
The MiCAR intends to create a harmonized framework for those crypto assets which are currently not covered by existing financial services regulations (such as MiFID II or PSD II) and to advance the testing of DLT. This latter aspect is addressed specifically by the accompanying proposal for a regulation on a pilot regime for market infrastructures based on DLT. The DLT pilot regime aims to promote the development of a secondary market, allowing a greater exploitation of the potential benefits of DLT in the future.
MiCAR also refers to specific requirements for e-money tokens, (non‑)asset-referenced tokens and utility tokens. The differences between these types of tokens are described in figure 2.
Significant asset-referenced tokens
The MiCAR stipulates that significant asset-referenced tokens or e-money tokens are to be subject to stricter supervisory control to protect financial stability and monetary policy.
The European Banking Authority (EBA) classifies these tokens as significant if they meet at least three of the following criteria:
- the customer base of the holders of the token or the shareholders of the issuer of the token or of a third party company entrusted with the administration, investment, custody and, if applicable, sales of the reserve assets (more on this topic below) amounts to over two million individuals and/or legal entities,
- the value of the issued tokens or their market capitalization is more than EUR 1 billion,
- the number and value of token transactions exceed 50,000 transactions or EUR 100 million per day,
- the volume of the token issuer’s reserve assets exceeds EUR 1 billion,
- the token is used in at least seven EU member states,
- the token is extensively interconnected with the financial system according to the EBA’s assessment.
It is envisaged that the supervision of the issuers of significant asset-referenced tokens will be the responsibility of the EBA, while the supervision of issuers of significant e-money tokens will be the responsibility of both national authorities and the EBA.
Crypto-asset services and their authorization
Special requirements apply for crypto-asset service providers. Services are differentiated based on the categories shown in figure 3.
Crypto-asset service providers are subject to supervisory authorization and are to be listed by ESMA in a register. CRR credit institutions that are authorized in accordance with Directive 2013/36/EU should not need another authorization for the provision of crypto-asset services. The same applies to investment firms that already provide one or more investment services within the meaning of MiFID II, provided that these investment services are comparable to the planned crypto-asset services. This is presented in more detail in the following:
- For the “operation of a trading platform for crypto-assets” according to the MiCA regulation another authorization is not needed, provided that the operators are “authorised to operate an MTF” under the terms of MiFID II.
- The “exchange of crypto-assets for fiat currency” according to the MiCA regulation does not require another authorization, if the crypto-asset service providers already “deal on own account” under the terms of MiFID II.
- For “the execution of orders for crypto-assets on behalf of third parties” according to the MiCA regulation another authorization is not needed, if the “execution of orders on behalf of clients” under the terms of MiFID II is already provided.
- The “placing of crypto-assets” according to the MiCA regulation does not require another authorization, if the “underwriting of financial instruments and/or placing of financial instruments on a firm commitment basis” and the “placing of financial instruments without a firm commitment basis” are already provided.
- The “reception and transmission of orders for crypto-assets on behalf of third parties” according to the MiCA regulation do not require another authorization, provided that the “reception and transmission of orders in relation to one or more financial instruments” under the terms of MiFID II are already provided.
- “Providing advice on crypto-assets” according to the MiCA regulation does not require another authorization, if “investment advice” is already provided under the terms of MiFID II.
Both the related crypto custody business within the meaning of Section 1 (1a) (2) (6) of the German Banking Act and crypto securities registry services within the meaning of Section 1 (1a) (2) (8) of the German Banking Act remain unaffected by this. The reason for this is that they do not constitute investment services within the meaning of the German Securities Trading Act (WpHG) nor within the meaning of MiFID II. In addition, crypto-asset services should be classified as “financial services” within the meaning of Directive 2002/65/EC of the European Parliament and of the Council in order to ensure free trading in the European single market.
The following are the essential obligations for crypto-asset service providers that are required, among other things, to obtain authorization to provide crypto-asset services:
- Meeting the professional suitability and qualification requirements of senior management with respect to compliance & AML / terrorist financing,
- Meeting the professional suitability and experience requirements of senior management and staff to properly perform their functions,
- Drawing up a liquidation plan,
- Introduction of control and risk assessment mechanisms,
- Introduction of documentation and record-keeping requirements,
- Implementation of a market abuse detection system,
- Compliance with minimum regulatory capital requirements:
- EUR 50,000 for the acceptance and transmission of orders for third parties and/or advice on crypto assets and/or execution of orders for third parties and/or placement of crypto assets,
- EUR 125,000 for the custody and management of crypto assets for third parties,
- EUR 150,000 for exchanging crypto assets for fiat currencies that are legal tender and/or exchanging crypto assets for other crypto assets and/or operating a trading platform for crypto assets,
- Compliance with regulatory capital requirements (for issuers of asset-referenced tokens at least EUR 350,000 or 2% of the average amount of the reserve assets or 3% for issuers of significant asset-referenced tokens).
Information obligations towards investors:
- Creation of risk notes on the offered crypto assets,
- Establishment of a transparent pricing policy for the crypto-asset services offered,
- Establishment of an investor grievance procedure and disclosure of the grievance process,
- Establishment and disclosure of a conflict of interest policy,
- Continuous provision of information on the tokens offered via the website (especially the circulating supply and the value and composition of the reserve assets when offering asset-referenced tokens),
- Information about any event that is likely to have a material impact on the performance of the tokens or on the reserve assets.
Need for action by market participants
When the MiCAR comes into force, there will be various positioning opportunities – for both established market participants and young fintech companies – as crypto-asset service providers within a regulated framework at the European level. In addition to setting up or purchasing the technical infrastructure to create such a service, it is especially important to train the relevant employees in order to carry out the new business activities properly.
Specific needs for action also arise in risk management, where, among other things, an ongoing calculation of the risk from positions held in crypto assets is essential as a basis for controlling position limits and, if necessary, the creation of reserve assets, which act as collateral and risk cover for issuers of asset-referenced tokens.
In addition, issuers must establish liquidity management policies to maintain reserve assets at all times. In this context, the reserve assets may only be invested in highly liquid financial instruments with minimal market and credit risk. This allows the issuer to be in a position to liquidate the reserve at any time and to react to short-term market fluctuations.
In the case of a public offering of crypto assets for trading on a trading platform, issuers must provide the supervisory authority with a crypto-asset white paper and ongoing information on the crypto assets/tokens offered via their website. This requires additional capacity in the context of reporting and disclosure as well as in data management. Here, current market data must be obtained, aggregated and calculated in order to make such data usable for the provision of information. Finally, issuers of asset-referenced tokens and e-money tokens need to access market data on the underlying assets and/or the associated fiat currency in order to calculate the equivalent price of the corresponding (e-money) token.
It therefore remains interesting to see how the regulatory requirements from the MiCAR are to be implemented by market participants in concrete terms and how the European crypto market will develop in the future. Market participants should therefore follow regulatory developments closely in order to find their “sweet spot” in the crypto world at an early stage and to be able to realize earnings potential in a regulatory-compliant manner. After all, at the end of a transitional period of 18 months following its entry into force, the MiCAR will be binding in its entirety in every EU member state.