MiCA – Regulation of Crypto-asset Service Providers


MiCA – Regulation of Crypto-asset Service Providers

1 – Crypto-Asset Service Providers

Crypto-asset service providers (CASPs) are companies that help users control, trade or store their crypto-assets. Examples include Luxembourg based Blockchain.com, a virtual cryptocurrency wallet provider responsible for facilitating 28% of global bitcoin transactions, Bitpanda, an Austrian based exchange enabling the purchase and sale of crypto-assets as well as providing payment services with such assets, and Bitstamp, a Luxembourg based trading platform allowing fiat to crypto exchange and offering institutional clients liquidity, order executions and real-time data streams to enable banks, brokers and fintechs to incorporate crypto-trading services for their clients. These and more are the types of companies that the MiCA CASP provisions encompass.

2 – Authorization Procedure Overview

CASPs perform an important function within the crypto industry. Whether these entities take on the role of providing custody for clients’ digital assets, operating crypto trading platforms, offering transfer services, or offering portfolio management or investment advice on DLT products, CASPs deliver the means for investors to obtain and exercise control over their crypto holdings. Therefore, it will be no exaggeration to state that CASPs are the ‘gatekeepers’ to crypto markets. As such they are subject to authorization under MiCA and will have to ensure that they deal solely with issuers who comply with MiCA. In order to be granted authorization, service providers will need to be registered as a legal entity with offices in at least one Member State and draw up an application, demonstrating sufficient capital, good governance arrangements capable of preventing market manipulation and abuse, and internal control systems that guarantee services will be provided in a manner that promotes the best interest of their clients. As is the case with token issuers, CASPs’ authorization under MiCA carries ‘passporting’ rights, meaning that their licenses will be legally recognizable throughout the Union.

3 – Capital Requirements

One of the big changes that MiCA introduces is imposing prudential requirements on CASPs, in which case CASPs have to demonstrate to national competent authorities (NCAs) that at any time they have own funds in place ready to absorb losses. The capital size necessary to satisfy NCAs will be the higher of either a minimum amount adjusted for each crypto-asset service as set out in Annex IV, ranging between € 50,000 and € 150,000, or one quarter of the service provider’s fixed overheads for the preceding year, such as office rental charges and staff salaries. CASPs’ own capital must be held separate from investors’ assets and consist of either Common Equity Tier 1 items (e.g. common stock and subordinate loans) or an insurance policy with coverage against a number of carefully detailed risks, such as loss of documents, misrepresentations, and errors leading to breach of duties owed to clients as well as gross negligence in safeguarding crypto-asset funds. The rationale behind this measure is to protect investors and the stability of the overall financial system during economic downturns, by ensuring that CASPs can afford to sustain operating losses, while still honoring withdrawal requests.

4- Governance Arrangements

In addition to sufficient capital reserves, service providers will also have to demonstrate that they meet certain organizational standards. One of the key conditions to satisfy is the appointment of a management body with sufficient integrity, professional qualifications, and experience for the performance of its duties. CASPs’ shareholders who have qualifying holdings in the applicant CASP must also prove that they are of good repute and have never been convicted of financial offences, such as money laundering, terrorist financing, etc. Besides assembling a team of individuals without a criminal record, service providers will need to prepare a business continuity plan aimed at ensuring that the performance of their services would not be disrupted due to external interferences and that even in worst case scenarios there are systems and procedures in place to safeguard the confidentiality of sensitive information. Records of all orders and transactions must be stored and be readily available for NCAs that will need such information in order to perform their supervisory functions. And finally, CASPs will have to establish mechanisms for monitoring and detecting instances of market abuse committed by clients. Measures that could be taken in that regard shall range from soft policies like promoting better education on what types of behavior are likely to constitute market abuse and manipulation to the implementation of market surveillance systems, such as trade pattern analysis tools. These latter policies, often automated, metrics for tracking abnormal price movements must be customized to the parameters of the particular crypto markets under review. The range of expected volatility need to be taken into account, or the built-in alert triggers might produce impractical results.

5 – Internal Controls

As part of their ‘gatekeeping’ role, CASPs will have to not only protect the integrity of the financial system, but act in regard to the best interest of their clients at the same time. To this effect, MiCA stipulates that service providers have to have internal control systems in place that can detect and prevent the misuse of data regarding clients’ standing orders. Anyone with access to delicate information, including employees, could exploit this information for the purposes of market abuse and market manipulation. A CASPs’ ability to demonstrate that they can effectively isolate such risks is crucial for their authorization. By the same logic, service providers must take measures and adopt appropriate policies to avoid conflicts of interest arising between their shareholders, managers, staff members and even between different clients. Establishing a designated oversight committee and internal channels for anonymous reporting to encourage whistleblowing are all good starting points. And lastly, CASPs will be obliged to create and maintain complaint handling procedures available to clients free of charge. The information contained in all communications released to the public must be clear, accurate and non-misleading, containing warnings of the risks related to purchasing digital property. In addition, CASPs must publish their pricing policies on their websites so that investors are fully aware of any fixed costs and applicable calculation methods for adjustable expenditures. Complaints handling procedures aim to ensure that such requirements are never neglected and that any disagreements arising with customers can be investigated internally and be resolved without interference from the judicial system.

6 – Service Specific Provisions

Outside of its authorization regime, MiCA will establish a legal framework tailored around the various activities that service providers may engage in. For instance, in relation to the offering of custody and administration for crypto-assets, MiCA’s provisions stipulate that CASPs will have to regularly send out balance statements to clients, keep their own capital segregated from client funds, and bear full liability for any loss of crypto-assets as a result of malfunctions or hacks, which essentially gives rise to a statutory guarantee that investors who store DLT assets with a licensed provider will never lose the market value of their property. In the interest of keeping crypto markets operational and functional, operators of crypto trading platforms must admit only crypto-assets that have a published whitepaper, reject all tokens with inbuilt anonymity functions that prevent identifying holders and tracking their transaction histories, and ensure that crypto-asset trades are settled and recorded on the DLT network, following their execution on the exchange. CASPs engaged in exchange of crypto-assets on their own account will have to publish in advance a non-discriminatory commercial policy in advance, indicating the conditions that clients must meet in order to be accepted and informing about the method employed in determining the price of crypto-assets. As to providing investment advice or portfolio management, MiCA obliges such entities to assess the compatibility of crypto-assets with prospective clients’ objectives, the ability to bear losses, client’s past investing experience and their knowledge of crypto markets. Service specific provisions of this nature will necessitate some compliance customization by CASPs, depending on their business, but would add to the overall level of consumer protection offered by MiCA.

7 – Expected Effects

The ‘passporting’ effects of authorization under MiCA will eliminate the need for cross-border service providers to apply for licensing separately in each Member State with a bespoke crypto regime. Although the authorization requirements entail one-off as well as on-going compliance costs that may initially impact CASPs’ profit margins, MiCA’s implementation deals with regulatory fragmentation and enhance compliance efficiency. Furthermore, the increased investors’ confidence, resulting from prudential requirements and governance standards imposed on CASPs, is expected to attract more capital to the crypto industry in the long run. As competition among providers intensifies at the European level, the benefits of improved services and lower costs will be passed down to EU consumers. The measures discussed throughout this whitepaper will also safeguard the stability of the overall financial system if and when crypto markets grow exponentially in the future, which is a very likely scenario given the great potential they have demonstrated so far. While most crypto-assets in circulation today operate on the premise of enabling digital peer-to-peer exchange of value without the need for financial intermediation, the majority of their users rely on the ‘gatekeeping’ function fulfilled by CASPs. Hence, through the regulation of service providers, financial authorities will be able to monitor the points at which traditional financial systems interact with emerging crypto markets and address the risks associated with digital finance prior to their spill over into the regulated economy.

Series of blogs ‘MiCA’

The draft Markets in Crypto-Assets (MiCA) Regulation was released by the European Commission in September 2020. As with most markets-focused regulations, one of MiCA’s priorities is to limit the potential risks to the consumer. But the EC’s proposal also aims to address certain issues that it sees as hindering the EU crypto-asset sector.

Watsonlaw will publish a series of blogs about MiCA over the coming weeks.

The following topics are covered:

MiCA – Introduction to the Markets in Crypto-Assets Regulation
MiCA – Reasons and Objectives
MiCA – Choice of Legislative Instrument and Scope
MiCA – Offering of Crypto-Assets and Admission to Trading
MiCA – Offering and Admission to Trading of Asset-referenced and E-money Tokens
MiCA – Regulation of Crypto-asset Service Providers
MiCA – Market Abuse Prevention under MiCA


If you have any questions about the MiCA, please contact new tech expert Willem-Jan Smits or Camiel Vermeulen. Our cryptoteam has extensive knowledge of the crypto- asset sector and are ready to help you.