24/07/23
New technologies in the banking and payments fields gave rise to new services as well as new business models while challenging financial institutions and introducing new market players. As a response to these changes, the European Commission adopted, on 24 September 2020, a digital finance legislative package in order to encourage a competitive and ambitious European financial sector dealing with innovative digital products all at the same time ensuring protection for financial players and maintaining the European financial stability[1] (the “EU Financial Package”).
The EU Financial Package consists of the European financial strategy and three legislative proposals relating to, amongst others, (i) digital operational resilience[2], (ii) markets in crypto-assets, (iii) a pilot regime for market infrastructures based on distributed ledger technology[3] (“DLT”) and (iv) a directive to amend certain EU rules regarding financial services[4].
MiCa which is not a self-standing initiative but is inherent to the wider EU Financial Package has finally been adopted by the European Parliament on 20 April 2023 after two years of debates and discussions[5]. MiCa aims to set out an ambitious EU-wide harmonised regulatory framework in order to (i) provide greater legal certainty, (ii) support innovation and fair competition in the European Union (“EU”), (iii) ensure a higher level of consumers’ and investors’ protection and (iv) guaranty the market integrity and stability all in compliance with the existing EU financial regulations[6].
MiCa is the response to a large number of legal reports and public consultations, identifying risks and opportunities to promote innovation, to ensure safety for investors and the overall EU economy[7]and to reduce fragmentation within the EU legal framework. By taking the form of a regulation instead of a directive, MiCa is directly applicable in all EU member states without the need for any implementation process. As such, the EU regulator allows for a greater degree of harmonization by avoiding the risk of national legal discrepancies and introduces an EU passporting regime for crypto-assets and services related.
The below is a brief overview of the scope of MiCa and the prudential regime applicable to the various players in the crypto-assets industry and their activities.
MiCa is not limited to natural or legal persons established in the EU but extends to any natural or legal person, and certain other undertakings, regardless of their location, that are engaged in the issuance, offer to the public and/or admission to trading of crypto-assets or that provide services relating to crypto-assets in the EU[8].
MiCa’s scope encompasses all types of crypto-assets, except those already subject to EU legislation or regulation, in particular under European financial laws[9]. Crypto-assets that fall within the definition of categories already regulated, such as for examples, “financial instruments” as described under MiFID II[10], “electronic money” as defined in the E-Money Directive[11] or “securitisation” as defined in the Securitisation Regulation[12], are falling outside of the scope of MiCa and the corresponding relevant legislation in force will continue to apply.
Also excluded from the scope of MiCa are, among others, persons providing crypto-assets services exclusively for their parent companies, for their own subsidiaries or for other subsidiaries of their parent companies[13].
MiCa broadly defines a crypto-asset as “a digital representation of value or of a right that is able to be transferred and stored electronically, using distributed ledger technology or similar technology”[14]. The following crypto-assets fall within the scope of MiCa: (i) assets-referenced tokens (“ARTs”)[15], (ii) electronic money tokens (“EMTs”)[16] and (iii) crypto-assets other than ARTs and EMTs (e.g., utility token).
As a result, the regulation aims at clarifying the distinction between, on the one hand, crypto-assets qualifying as “financial instruments” thus falling under the existing financial service regulatory framework, notably MiFID II and on the other hand, tokens qualifying as “crypto-assets” under MiCa. The classification depends on the inherent terms of the instrument and not on the underlying technology (substance over form approach).
The European Securities and Markets Authority (“ESMA”) is expected to issue guidelines for the purpose of ensuring a clear delineation of crypto-assets covered by MiCa and financial instruments, which classification will have to be done on a case-by-case basis. To promote a common approach towards classification of crypto-assets, the European Banking Authority (“EBA”), the ESMA and the European Insurance and Occupational Authority (“EOIPA”) as well as competent authorities should promote discussions on classification[17].
An issuer of crypto-assets is defined as a natural or legal person, or other undertaking, offering to the public any type of crypto-assets or seeking the admission of such crypto-assets to a trading platform[18].
MiCa imposes disclosure requirements on issuers of all types of crypto-assets falling under its scope. However, since ARTs and EMTs are considered as “stablecoins”, i.e. a crypto-asset where the value is supposed to be linked to a stable reference asset (e.g. a fiat money, exchange-traded commodities or other cryptocurrency), they are subject to more stringent requirements than other crypto-assets as they might disturb the stability of the European markets.
4.1. Issuers of crypto-assets other than ARTs or EMTs
4.1.1. Requirements
Only legal entities can offer tokens to the public in the EU or seek their admission to trading[19] (the “Registration”).
To offer crypto-assets other than ATRs or EMTs to the public or to have them admitted on a trading platform in the EU, issuers must prepare and publish a crypto-assets’ white paper (the “White Paper”)[20] which content and form must comply with article 6 and Annex I of MiCa. Any information disclosed in the White Paper must be fair, clear and not misleading.
The White Paper shall contain, amongst others, the following information relating to:
Besides from the White Paper, all marketing communications[21] relating to the offer or the admission to trading of such crypto-assets need to comply with certain requirements as set on article 7 of MiCa e.g. marketing communications must be clearly identifiable, information in the marketing communications has to be consistent with the information in the White Paper, etc.
Finally, the White Paper and, where applicable, the marketing communications shall be notified to the relevant competent authority of the EU home Member State[22] of the offeror and be published on the offeror’s website to make it publicly available before the starting date of, the offer or the admission to trading of those crypto-assets[23]. The White Paper and, where applicable, the marketing communications, shall remain available as long as the crypto-assets are held by the public. Failure to meet these standards will be sanctioned[24]. The White Paper does not need to be approved by a competent national authority, but the latter still has the power to suspend or prohibit the issuance of crypto-assets that do not fulfil MiCa’s requirements[25].
Similar to the Regulation (EU) 2017/1129 of the European Parliament and of the Council of 14 June 2017 on the prospectus to be published when securities are offered to the public or admitted to trading on a regulated market (as amended)[26] (the “Prospectus regulation”), the White Paper aims to provide all relevant and detailed information on to activities and identity of the offeror, the issuer and/or the person seeking admission to trading. It must contain all the information an investor needs before making an investment decision.
Accordingly, the White Paper aims to ensure that adequate and equivalent disclosure standards are in place in all EU Member States and that all investors may benefit from the same level of information to ensure a minimum protection for investors.
4.1.2. Exemptions to drawing a White Paper
Drafting a White Paper will involve pluri-disciplinary expertise such as legal, financial and information technology. However, a White Paper is not required when (i) the offering is considered as small i.e. to less than 150 persons per EU Member State or for a total consideration of less than 1,000,000 EUR on a 12-months period and/or (ii) the crypto-assets are offered to qualified investors i.e. professional investors[27].
In addition, a White Paper is not required when, among others, (i) crypto-assets are offered for free, (ii) crypto-assets are automatically created as reward for the maintenance of the DLT or the validation of transactions, (iii) the offer concerns a utility token providing access to a good or service that exists or is in operation and (iv) the holder of the crypto-assets has the right to use it only in exchange for goods and services in a limited network of merchants with contractual arrangements with the offeror[28].
4.1.3. Liability for information given in White Paper
Offerors of crypto-assets, person seeking admission to trading or operator of the trading platform as well as any member of their administrative, management or supervisory body must ensure to provide complete, fair, clear and not misleading information[29] in the White Paper and shall be liable to a crypto-assets’ holder for any loss incurred due to that infringement[30].
Moreover, the offerors and persons seeking for admission to trading of crypto-assets have to identify, prevent, manage and disclose any conflicts of interest that may arise and have to maintain all of their systems and security access protocols in conformity with the appropriate EU standards[31]. It should also be noted that, in order to ensure a maximum level of consumer protection, article 13 of MiCa imposes a right of withdrawal. Retail holders who purchased crypto-assets either directly from an offeror or from crypto-assets providers placing crypto-assets on behalf of that offeror, have the right to withdraw their token purchase within 14 calendar days.
4.2. Issuers of “stablecoins” (ARTs or EMTs)
4.2.1. Requirements
ARTs issuers in the EU must be authorised by the competent authority of their home Member State to make an offer to the public of ART or to have them admitted to trading[32] (the “ARTs Authorisation”). The application for ARTs Authorisation must comply with the requirements set out under article 18 of MiCa and should include, among others, an assessment of the issuer’s own capital, the draft White Paper, the issuer’s business model soundness, the crypto-assets features and security protocols in place.
Moreover, no authorisation is needed when (i) the offering is solely addressed to qualified investors, or (ii) the average outstanding value of the ART does not exceed 5,000,000 EUR over a period of 12 months, calculated at the end of each calendar day[33].
The relevant competent national authority has the final say and can withdraw any ARTs Authorisation it has granted[34]. The authorisations granted by the relevant national competent authority shall be valid in the entire EU and entitle ARTs and EMTs issuers to offer to the public or to seek admission to trading of crypto-assets in all EU member states[35].
EMTs issuers must (i) be authorised as an electronic money institution under the E-Money Directive or as a credit institution[36] and (ii) submit a White Paper to the relevant competent national authority[37] (the “EMTs Publication Obligations”). EMTs issuers may be exempted from the obligation to qualify as an electronic money institution or a credit institution to the extent they fall under article 1§4, 1§5 and article 9§1 of the E-Money Directive (i.e. already exempted or not falling into the scope of the E-Money Directive). However, even if exempted, the EMTs issuers have to comply with the EMTs Publication Obligations[38].
All EMTs issuers (even established in a third country) must notify their relevant EU Member State competent national authority where the crypto-assets are intended to be offered or where the admission to trading is firstly intended[39].
4.2.2. White Paper and marketing communications
Both ARTs and EMTs offrerors have to publish a White Paper and, where applicable, marketing communication as set out in MiCa[40]. No White Paper exemption applies regardless of the size, value or offering’s target[41].
All the information required to be included in the White Paper is listed in Annex II for ARTs and Annexe III for EMTs.
4.2.3. Additional requirements for significant ARTs and EMTs
ARTs and EMTs may be classified as “significant” due to their large scale and the greater risk they represent to the EU financial stability in which case they will need to comply with more stringent requirements [42].
When ARTs or EMTs are considered as significant by the competent national authority, issuers’ supervision will be done by the EBA[43]. Under MiCa, the crypto-assets are classified as significant when three of the following conditions are met, namely:
The appropriateness of the thresholds to classify ARTs or EMTs as “significant” should be reviewed by the European Commission in the future[44].
CASPs are defined as “any person whose occupation or business is the provision of one or more crypto-assets services to third parties on a professional basis”[45]. The type of services covered mainly relate to, amongst others, the custody and administration of crypto-assets on behalf of third parties, the operation of a trading platform for crypto-assets, advising on crypto-assets, etc[46].
CASPs have to be authorised by the relevant competent authority of one of the EU Member State to offer crypto-assets services within the EU[47] (the “CASPs Authorisation”). No license is needed if the CASPs are approached by prospective clients based on the reverse solicitation principle[48]. In this respect, a non-EU CASP cannot solicit and/or prospect clients in the EU or even promote such services and activities without a CASPs Authorisation. Depending on the type of crypto-assets services, the application for a CASPs Authorisation must include specific additional information[49].
The CASPs Authorisation is a passport allowing all CASPs to extend their activities across the EU without acquiring additional national licenses[50]. However, authorised CASPs must have a registered office in an EU Member State where they carry at least part of their crypto-assets services as well as their effective management and one of the directors has to be resident in the EU[51].
CASPs have to act honestly, fairly and professionally in the best interests of their clients[52] and comply with prudential requirements by demonstrating sufficient capital[53], good governance and internal control obligations[54].
MiCa also provides a tailored-made regime for specific crypto-assets services [55] as well as for significant CASPs, i.e. CASPs who in one year have at least 15,000,000 active users on average in the EU[56].
6.1. AML/CFT purposes and crypto-assets transfers traceability
With the crucial encouragement of the financial action task force (“FATF”) establishing AML/CFT standards, the EU is making it more and more difficult for criminals to misuse financial assets for AML/CFT purposes. A short time ago, FATF recommendation n°16 relating to wire transfers extended the “travel rule” to a range of new cryptocurrency products and services[57]. The recommendation required that countries have to collect, hold and exchange identifying information from the originators and beneficiaries of domestics and cross-border wire transfers to create a suitable AML/CFT audit trail[58].
Indeed, the speed and global spread of the crypto-assets as well as the anonymity behind it raise obvious risks of use for criminal purposes, especially cybercrime[59].
With regards to the above, the regulation implementing the AML/CFT “travel rules” for crypto-assets was adopted on 20 April, 2023[60] (the “Transfer of Funds Regulation”)[61]. By updating rules on information accompanying the transfers of funds[62] and extending the scope of the rules to transfers of crypto-assets, the EU regulator aims to ensure financial transparency on exchange of crypto-assets and provides the EU with a solid harmonised legal framework to fight against AML/CFT.
The Transfer of Funds Regulation will highly impact all EU crypto-assets and particularly CASPs. These rules implement identification and verification of clients in crypto-assets transfers[63]. The companies that allow the transfer of funds now have to identify and declare the originator and the beneficiary for AML/CFT purposes regardless of whether they are domestic or cross-border[64]. In brief, the information relating to the source of the crypto-assets and its beneficiaries will have to travel along the transaction and be registered on both sides of the transaction. The Transfer of Funds Regulation sets up a due diligence requirement for CASPs as they now have to consider their counterparties‘ risk exposure and their ability to safeguard data, even personal identifiable information (the “Know-Your-Counterparty Requirement”).
6.2. MAR
MiCa introduces a set of rules to prevent and prohibit market abuse behaviours involving crypto-assets and applying to acts carried out by any person concerning crypto-assets that are admitted to trading or in respect of which a request for admission has been done[65]. This legal framework follows the main features as the current regime applicable to traditional players in the financial market[66].
The entry into application of MiCa is expected to take place for issuers, of ARTs and EMTs, 12 months after its entry into force and will fully be applicable, 18 months after its entry into force[67]. MiCa was published in the Official Journal of the European Union on 9 June 2023 and launched the ticking clock for the forthcoming application.
ESMA, in close cooperation with the EBA, EIOPA and the European Central Bank shall develop draft regulatory technical standards on the content, methodologies, and presentation in order to ensure consistent and harmonized disclosures by issuers of crypto-assets and CASPs within the EU while taking into account their sustainability impacts. Moreover, the consultation work has already begun by the recent publication in July 2023 of the first package (three packages will be published until Q1 2024) in order to collect feedbacks from the public as soon as possible to elaborate these awaited technical standards[68].
Crypto-assets providers and service providers should begin considering MiCa’s implications on their businesses in order to operate a smooth transition.
The technology always has a head start on law and develops at a blistering pace. However, we must acknowledge the important step forward made by the European regulator in its meaningful race to regulate borderless, decentralized and constantly evolving environment. MiCa takes credit for its hard work towards an EU harmonised regulatory framework to provide a “friendly” environment for crypto actors and to maintain the EU financial stability. This long-awaited regulation consists in a balance between preventing norms, protecting crypto stakeholders and promoting innovation. The work has just begun, and the next steps require the input of all market players involved with the aim to promote an innovative financial success.
Notes:
[1] European Council of the European Union, European Digital Strategy, timeline available on https://www.consilium.europa.eu.
[2] Regulation (EU) 2022/2554 of the European Parliament and of the Council of 14 December 2022 on digital operational resilience for the financial sector (“DORA”) available on https://eur-lex.europa.eu .
[3] Regulation (EU) 2022/858 of the European Parliament and of the Council of 30 May 2022 on a pilot regime for market infrastructures based on distributed ledger technology (“DLT Pilot Regime”) available on https://eur-lex.europa.eu.
[4] European Commission, Digital Finance Package dated 24 September 2020 available on https://finance.ec.europa.eu and Digital Finance: Amending Directive regarding Digital Operational Resilience requirements available on https://www.europarl.europa.eu.
[5] European Parliament legislative resolution of 20 April 2023 on the proposal for a regulation of the European Parliament and of the Council on Markets in Crypto-assets available on https://www.europarl.europa.eu and European Parliament, Crypto-assets: Green lights to the new rules for tracing transfers in EU, press release available on https://www.europarl.europa.eu.
[6] Recital n°6 of MiCa.
[7] European Banking Authority, Report with advice for the European Commission on crypto-assets, 9 January 2019 available on https://www.eba.europa.eu and European Securities and Markets Authority, Initial Coin offerings and Crypto-Assets, 9 January 2019 – ESMA50-157-1391 available on https://www.esma.europa.eu.
[8] Article 2 §1 of MiCa.
[9] Article 2 §4 of MiCa.
[10] Directive 2014/65/EU of the European Parliament and of the Council of 15 May 2014 on markets in financial instruments (“MiFID II”), spec. article 4 §1 (15) available on https://eur-lex.europa.eu.
[11] Directive 2009/110/EC of the European Parliament and of the Council of 16 September 2009 on the taking up, pursuit and prudential supervision of the business of electronic money institutions amending Directives 2005/60/EC and 2006/48/EC and repealing Directive 2000/46/EC available on https://eur-lex.europa.eu (“E-Money Directive”).
[12] Regulation (EU) 2017/2402 of the European Parliament and of the Council of 12 December 2017 laying down a general framework for securitisation and creating a specific framework for simple, transparent and standardised securitisation, and amending Directives 2009/65/EC, 2009/138/EC and 2011/61/EU and Regulations (EC) No 1060/2009 and (EU) No 648/2012 available on https://eur-lex.europa.eu.
[13] Article 2 §2 of MiCa.
[14] Article 3 §1 (5) of MiCa.
[15] Article 3 §1 (6) of MiCa.
[16] Article 3 §1 (7) of MiCa.
[17] Recital n°14 of MiCa.
[18] Article 3 §1 (5) and (10) of MiCa.
[19] Articles 4 and 5 of MiCa.
[20] Ibidem.
[21] Article 7 of MiCa.
[22] Article 3 §1 (33) and article 8 of MiCa.
[23] Article 9 of MiCa.
[24] Article 15 of MiCa.
[25] Articles 111 and following of MiCa.
[26] Regulation (EU) 2017/1129 of the European Parliament and of the Council of 14 June 2017 on the prospectus to be published when securities are offered to the public or admitted to trading on a regulated market, as amended and available on https://eur-lex.europa.eu.
[27] Article 4 §2 of MiCa.
[28] Article 4 §3 of MiCa.
[29] Article 6 §2 of MiCa.
[30] Article 15 of MiCa.
[31] Article 14 of MiCa.
[32] Article 16 of MiCa.
[33] Article 16 §2 of MiCa.
[34] Article 24 of MiCa.
[35] Article 16 §3 and 48 §2 of MiCa.
[36] As described under article 3 §1 (28) of MiCa and Article 4 §1 (2) of the Regulation (EU) No 575/2013 of the European Parliament and of the Council of 26 June 2013 on prudential requirements for credit institutions and investment firms (“CRR”), as amended and available on https://eur-lex.europa.eu.
[37] Article 48 of MiCa and Article 2 (1) of the E-Money Directive.
[38] Article 48 §7 of MiCa.
[39] Article 48 §6 of MiCa.
[40]Articles 19, 29, 51, 53 of MiCa.
[41] Articles 16 §2 and 48 §7 of MiCa.
[42] Articles 43 and 56 of MiCa.
[43] Articles 43 and 56 of MiCa.
[44] Recital n°59 of MiCa.
[45] Article 3 §1 (15) of MiCa.
[46] Article 3 §1 (16) of MiCa: a connection can be made between the list of crypto-asset services made under MiCa and the list of investment services provided for in Annex I of MiFID II.
[47] Articles 59 and following - Titre V “Authorisation and operating conditions for crypto-asset services providers” of MiCa.
[48] Article 61 of MiCa.
[49] Article 62 of Mica and recital n°83 of MiCa.
[50] Article 59 §7 of MiCa: CASPs Authorisation is valid throughout EU, under either the right of establishment or through the freedom to provide services.
[51] Article 59 §2 of MiCa.
[52] Article 66 of MiCa.
[53] Article 67 and Annexe IV of MiCa.
[54] Article 68 of MiCa.
[55] Article 75 and following - Chapter 3 “Obligations in respect of specific crypto-asset services” of MiCa.
[56] Article 85 of MiCa.
[57] FATF, Updated Guidance for a Risk-Based Approach to Virtual Assets and Virtual Asset Service Providers, October 2021 available on https://www.fatf-gafi.org and FATF, Targeted update on implementation of the FATF standards on virtual assets and virtual asset services providers, June 2022 available on https://www.fatf-gafi.org.
[58] Ibidem.
[59] European Parliament, Legislative Train Schedule : proposal for a regulation on information accompanying transfer funds and certain crypto-assets available on https://www.europarl.europa.eu/legislative-train/schedule and recital n°4 and n°8 of the Transfer of Funds Regulation.
[60] European Parliament, Crypto-assets: green light to new rules for tracing transfers in the EU, 20 April 2023 available on https://www.europarl.europa.eu and Regulation (EU) 2023/1113 of the European Parliament and of the Council of 31 May 2023 on information accompanying transfers of funds and certain crypto-assets available on https://eur-lex.europa.eu.
[61] Information accompanying transfer of funds and certain crypto-assets available on https://www.europarl.europa.eu.
[62] The Transfer of Funds Regulation is a recast of Regulation (EU) 2015/847 of the European Parliament and of the Council of 20 May 2015 on information accompanying transfers of funds (“Regulation 2015/847”) available on https://eur-lex.europa.eu.
[63] Article 2 of the Transfer of Funds Regulation.
[64] Article 1 of the Transfer of Funds Regulation.
[65] Article 86 and following – Titre VI “Prevention and prohibition of market abuse involving crypto-assets” of MiCa.
[66] Regulation (EU) No 596/2014 of the European Parliament and of the Council of 16 April 2014 on market abuse, as amended, available on https://eur-lex.europa.eu.
[67] Article 149 of MiCa.
[68] ESMA, ESMA’s Activities, Digital Finance and Innovation - MiCa Implementing Measures, available on https://www.esma.europa.eu.
Partner, Avocat à la Cour au Barreau de Luxembourg, PwC Legal
Tel: +352 26 48 42 35 60
Senior Associate, Avocat à la Cour au Barreau de Luxembourg, PwC Legal
Tel: +352 26 48 42 35 59
Associate, Avocat à la Cour au Barreau de Luxembourg, PwC Legal
Tel: +352 26 48 42 35 55