Detailed Explanation of the EU MiCA Regulatory Framework: Asset Classification, Issuance, Trading, Custody, DeFi, Investor Protection

On March 17, 2025, OKX announced that it would suspend the DEX aggregator service of its Web3 wallet to comply with regulatory authorities. Previously, Bloomberg reported that hackers attacking Bybit used the DEX services provided by the OKX Web3 wallet to launder $1.5 billion in illicit funds, drawing the attention of regulatory agencies. OKX officially obtained the EU MiCA license in February this year, and may therefore face penalties from the EU.

This incident has once again sparked industry attention on EU cryptocurrency regulation. Starlabs Consulting's latest issue of "Global Policy" will systematically review the EU's "Regulation on Markets in Crypto-Assets" (MiCA) framework.

History of EU Cryptocurrency Regulation

When it comes to EU regulation, the first thing that comes to mind is MiCA. But before introducing MiCA, let's briefly review the history of EU regulation.

1. Fifth and Sixth Anti-Money Laundering Directives

The EU's regulation of cryptocurrencies can be traced back to the Fifth Anti-Money Laundering Directive (5AMLD), which came into effect in January 2020. This directive requires cryptocurrency service providers (CASPs, including exchanges, wallets, and custodial service providers) to comply with AML (anti-money laundering) and CTF (counter-terrorist financing) regulations, implement KYC (know your customer) measures, and ensure that their activities are transparent and traceable. Through 5AMLD, the EU placed cryptocurrency services on the same regulatory level as traditional banks and financial services.

In July 2021, the EU issued the Sixth Anti-Money Laundering Directive (6AMLD), further strengthening regulation, including:

• Expanding the definitions of money laundering and terrorist financing to include more activities potentially related to cryptocurrencies;

• Increasing penalties for non-compliance;

• Imposing stricter due diligence requirements on CASPs.

2. Introduction of MiCA

5AMLD is a "directive" type of secondary legislation in the EU, which is not directly applicable and has led to inconsistencies in cryptocurrency registration and licensing systems across countries, making it very difficult for businesses to operate cryptocurrency activities within the EU, as they have to deal with different regulations in each country.

To establish a unified regulatory framework for the crypto asset market, the European Parliament officially passed MiCA on April 20, 2024, which will come into effect in June 2024, and set a transition period of 12 to 18 months for different member states, giving businesses the necessary time to comply with the new regulations.

MiCA is the most comprehensive regulatory framework for digital assets to date, covering 27 EU member states and 3 additional countries in the European Economic Area (EEA) (Norway, Iceland, Liechtenstein). Once a company obtains a MiCA license in one country, it can provide licensed services across the entire EEA market of 30 European countries through a "passporting" system. This significantly reduces the compliance costs for CASPs, as they only need to comply with one framework to meet regulatory requirements.

Additionally, as the first jurisdiction in the world to adopt comprehensive crypto regulations, MiCA is likely to have a demonstrative effect on cryptocurrency legislation in other sovereign countries or regions.

Scope and Regulatory Authorities of MiCA

2.1 Scope of MiCA

Although MiCA is a comprehensive set of rules, its scope is limited.

Applicable to:

• Natural persons, legal entities, and certain other businesses engaged in the issuance, public offering, and trading of crypto assets, or providing services related to crypto assets within the EU.

MiCA essentially covers all forms of token issuance, stablecoin issuance, crypto asset services (such as trading and custody), as well as "market abuse" rules applicable to the entire industry. Unlike the U.S., which negotiates separate stablecoin and centralized market operator bills, the EU places these concepts under the same legislative framework.

Not applicable to:

• Legal entities providing crypto asset services to their parent companies, subsidiaries, or other subsidiaries of the parent company;

• Liquidators or administrators in bankruptcy proceedings (except as provided in Article 47 of this law);

• Public organizations (such as the European Central Bank, national central banks and other public authorities, the European Investment Bank and its subsidiaries, the European Financial Stability Facility, the European Stability Mechanism, public international organizations, etc.).

🌃 Note:

• MiCA does not cover anti-money laundering rules for cryptocurrency businesses discussed in the "EU Anti-Money Laundering Regulation" (AMLR), nor the anti-money laundering rules established by the "Funds Transfer Regulation" (TFR).

• Crypto assets (or crypto asset services) that have been classified as securities are covered by the "Markets in Financial Instruments Directive" (MiFID), and those wishing to trial securities trading and settlement on the blockchain are subject to the "Distributed Ledger Technology (DLT) Pilot Regime," which is not regulated by MiCA.

• MiCA also does not cover deposits as defined by the EU Deposit Guarantee Schemes Directive.

• Fully decentralized DeFi protocols are not bound by MiCA requirements.

2.2 Enforcement and Regulatory Authorities of MiCA

The regulatory authorities at the EU level for MiCA are the European Banking Authority (EBA) and the European Securities and Markets Authority (ESMA). The local regulatory responsibilities of each member state are mainly shared by national market regulators and central banks. For example:

• France: The Financial Markets Authority (AMF) and the Prudential Supervision and Resolution Authority (ACPR) are responsible;

• Croatia: The National Bank and the Financial Supervisory Authority (HANFA) are planned to take on the responsibilities;

• Countries like Slovakia and Hungary: Without financial regulatory authorities, the implementation of MiCA is the responsibility of the central bank.

Detailed Rules of MiCA

3.1 Asset Classification

MiCA defines crypto assets as: a digital representation of value or rights that can be transferred and stored electronically using distributed ledger technology or similar technology.

I. Electronic Money Tokens (EMT): Pegged to a single fiat currency, serving as an electronic alternative to cash for payments or transfers. For example: USDC, USDT, BUSD, or EUROC.

For stablecoins, MiCA requires issuers to establish sufficient liquidity reserves at a 1:1 ratio and apply for licensing and registration with the EBA.

Additionally, MiCA restricts non-euro-backed stablecoins to a maximum of 1 million transactions and €200 million in transaction amounts per day. Otherwise, the issuer must cease the issuance of that token. This is mainly due to concerns about the EU's monetary sovereignty.

Due to the inability to meet MiCA regulatory standards, Binance announced that it would delist trading pairs for USDT, FDUSD, TUSD, USDP, DAI, AEUR, UST, USTC, and PAXG stablecoins from the EEA market starting April 1, 2025, while trading pairs that meet MiCA standards (such as USDC and EURI) and fiat currency pairs (EUR) will remain available and unchanged. Additionally, platforms like Kraken, OKX, and Uphold have taken similar actions.

🌃 Note: USDC has obtained EMI licensing in France.

II. Asset-Referenced Tokens (ART): Stabilizing their value by referencing a basket of currencies, commodities, crypto assets, or other non-fiat assets. This concept originated from the original Libra 1.0 stablecoin, which was pegged to a basket of fiat currencies similar to the IMF's Special Drawing Rights.

For ARTs and EMTs, MiCA also introduces the concept of "significance," where "significant" ARTs and EMTs are those that reach a certain acceptance threshold and must meet higher prudential, governance, and liquidity requirements.

III. Other Crypto Assets: Crypto assets that do not fall into the above two categories, including most cryptocurrencies and utility tokens (such as BTC, ETH). Utility tokens are defined as "used solely to provide access to goods or services offered by their issuer," with relatively loose requirements for issuing such tokens.

🌃 Note: MiCA does not specifically use the term NFT, but its text refers to NFTs, defining them as unique and non-fungible crypto assets.

MiCA's regulation of NFTs is relatively lenient, requiring compliance with general rules on marketing communication, information disclosure, and technical security, without the need to submit a white paper or apply for a license. However, if NFTs involve copyright, intellectual property, or other legal issues, they must comply with relevant legal provisions.

Furthermore, if NFTs are issued in the form of "large series or collections," they may be deemed not "non-fungible" in practice and must comply with MiCA requirements.

3.2 Requirements for Crypto Asset Issuers

I. Other Crypto Asset Issuers

MiCA stipulates that crypto asset issuers other than ARTs and EMTs must meet the following conditions; otherwise, they may not offer such crypto assets to the public in the EU or seek permission for such crypto assets to be traded on trading platforms:

• The issuer is a legal entity (which can reside inside or outside the EEA);

• For issuers established in third countries, jurisdiction belongs to the competent authority of the member state intending to provide crypto assets or first seek to trade on a trading platform;

• Draft a crypto asset white paper in accordance with Article 5 of MiCA (excluding utility tokens and small-scale crypto assets). The white paper includes information about the project, the issuer, the risks involved, the technology used, the economic design of the tokens, and the environmental impact of the token consensus mechanism (mainly concerning PoW tokens);

• Notify the competent authority of the white paper and publish it. Issuers must notify the competent authority (e.g., BaFin in Germany) at least 20 days before the white paper is published; MiCA does not require explicit approval, but relevant authorities can prohibit the issuance of that crypto asset;

• Ensure that the funds provided for crypto asset products are protected;

• Comply with the basic conduct rules of business as stipulated in Article 13 of MiCA.

If the issuer fails to fulfill the corresponding disclosure rules, they will be liable for non-disclosure and misrepresentation under Article 14 of MiCA.

It is worth noting that MiCA provides retail holders participating in token sales with the right to withdraw within 14 days (without any fees).

II. Asset-Referenced Token (ART) Issuers

Unlike "standard" crypto assets, publishing an ARTs white paper requires explicit prior approval from the national competent authority, and such tokens must be traded on crypto trading platforms.

Entities issuing ARTs must be registered in the EU, meet certain prudential "own funds" requirements (2% of ART supply), comply with reserve management standards (isolation, custody, investment, etc.), and establish risk clearing and resolution solutions.

III. Electronic Money Token (EMT) Issuers

Only certified electronic money institutions (EMIs) or credit institutions can issue EMTs in the EU. Unlike ART issuers, the competent authority only needs to be notified regarding EMTs white paper matters.

EMTs have strict redemption obligations, are prohibited from providing interest to holders, and generally have similar "own funds" (2% of supply) and reserve management requirements as ART issuers (e.g., only allowing investments in high-quality liquid assets).

Additionally, as mentioned earlier, "significant" ARTs and EMTs issuers will be bound to higher standards (e.g., 3% own funds, as well as additional interoperability, liquidity, and governance requirements). Moreover, the EBA (rather than the financial authorities of member states) will be responsible for supervising these entities.

🌃 Note: The chapters on ARTs and EMTs occupy a significant portion of MiCA, primarily targeting the then-existing Libra/Diem. With the termination of the Libra/Diem project, there are almost no popular tokens that can be classified as ARTs.

3.3 Requirements for Crypto Asset Service Providers (CASPs)

MiCA establishes a detailed licensing system for crypto asset traders, who need to obtain a crypto asset service provider (CASP) license from the competent authority of the member state.

All CASPs must comply with requirements regarding governance, asset custody, complaint handling, outsourcing, clearing plans, information disclosure, and permanent minimum capital. The specific requirements for different CASPs are as follows:

• Custodians: Must establish custody policies and regularly report on the status of clients' assets.

• Trading platforms: Must implement market manipulation detection and reporting systems, or publicly disclose current buy and sell prices and trading depth.

• Exchanges and brokers: Must establish non-discrimination policies and execute orders to achieve the best possible results and prices.

Crypto asset services (CAS) refer to any services and activities related to crypto assets, including:

• Custody and management of crypto assets on behalf of third parties;

• Operation of crypto asset trading platforms;

• Engaging in exchanges between crypto assets and fiat currencies;

• Engaging in exchanges between crypto assets;

• Executing crypto asset orders on behalf of third parties;

• Storage of crypto assets;

• Receiving and transmitting crypto asset orders on behalf of third parties;

• Providing consulting services related to crypto assets.

From the above, it can be seen that MiCA defines the scope of CASP relatively broadly. Anyone providing services defined as CAS in this regulation for commercial purposes will be classified as a CASP and will need to obtain authorization to operate. Only legal entities with a registered office in one of the EU member states and authorized by the relevant national competent authority under MiCA can provide CAS services. This indicates that individuals located outside the EU jurisdiction who wish to actively promote and/or advertise their services to EU customers must obtain full authorization.

Additionally, MiCA imposes two important requirements on CASPs:

Prudential Requirements: CASPs must maintain sufficient capital to meet prudential requirements. At all times, they must have funds ≥ any one of the following:

• Meet the minimum capital requirements specified in the regulation based on the CAS services provided;

• One-quarter of fixed management fees from the previous year, reviewed annually.

Organizational Requirements: Members of the management body of CASPs should possess the necessary good reputation and capability in terms of qualifications, experience, and skills to effectively fulfill their duties and demonstrate their ability to devote sufficient time to perform their roles effectively.

3.4 MiCA's Regulation of DeFi

MiCA requires DeFi protocols to comply with the same licensing and KYC requirements as traditional financial service companies (which may be a burden that many DeFi protocols cannot or are unwilling to bear). This puts DeFi protocols in a dilemma: either shift towards a somewhat centralized "hybrid finance" (HyFi) model to comply with MiCA requirements, or remain fully decentralized.

Fully decentralized protocols are not bound by MiCA requirements. As stated in Article 22 of MiCA, "If crypto asset services are provided in a fully decentralized manner, without any intermediary, they are not subject to the provisions of this regulation."

However, how much decentralization (in terms of technology, governance, legal aspects, etc.) is required to be considered "fully decentralized"? It is currently difficult to say, but to close any potential regulatory loopholes, the threshold is expected to be high, and there may be future enforcement and litigation cases involving this issue.

If DeFi projects cannot prove "fully decentralized," they must operate under the principle of reverse consultation, meaning they do not target EU customers. This means that projects operating outside the EU, having EU legal entities, or providing euro-pegged stablecoins will face challenges.

3.5 Market Abuse Rules

In addition to the rules for crypto asset issuers and CASPs, MiCA also introduces rules against market manipulation and insider trading. Profiting from trading activities using insider information will be illegal, and any activities that provide false or misleading signals regarding the supply, demand, or price of crypto assets will also be deemed illegal.

For example, expressing opinions about crypto assets in the media (social media or other media) without disclosing the owner's position and conflicts of interest, and subsequently profiting from the impact of these opinions on crypto asset prices, will be considered market manipulation.

Impact of MiCA on the Crypto Industry

4.1 Impact on the EU Crypto Industry

In the context of global regulatory ambiguity, the EU has taken the lead in establishing regulatory clarity, which can effectively attract capital, talent, and companies from other parts of the world, especially those looking to issue tokens. With the implementation of MiCA, offshore non-regulated companies will no longer be able to actively offer services to EU consumers, which will help increase the market share of MiCA-regulated businesses in the EEA.

However, it should also be noted that although MiCA is an EU-level regulation, the technical standards that countries can implement may vary slightly. For some EU countries that have already chosen to internally regulate cryptocurrencies through strict systems (such as Germany and France), the transition to the MiCA era may not bring significant changes. But for other countries, this change may impose new burdens on member state authorities. For instance, Rosvaldas Krušna, an advisor to the Board of the Bank of Lithuania, stated that given that Lithuania has about 580 CASPs, requiring cryptocurrency companies to obtain approval under the new MiCA regulations will pose significant challenges for the central bank responsible for licensing matters.

Marina Markezic, co-founder of the European Crypto Initiative (EUCI), stated:

The implementation of MiCA will prompt EU member states to compete to become the most attractive business and investment destination. Jurisdictions that can efficiently adopt MiCA and provide a business-friendly environment are likely to become important cryptocurrency centers, with Germany and France being strong competitors. At the same time, countries like Estonia, Malta, or Portugal may also leverage their flexible regulatory processes and competitive tax policies to attract global participants.

EUCI expects that by 2025, Europe will form a "more mature and regulated cryptocurrency market," providing legal certainty and confidence for institutional and retail investors while promoting the adoption of blockchain technology.

Of course, the actual impact of MiCA on the market will ultimately depend on the enforcement practices of regulatory agencies. Marina Markezic anticipates that MiCA may cause "quite a bit of confusion" during its implementation. She pointed out that since the 27 EU member states may interpret the regulations differently, this will pose challenges for regulatory consistency. There is also significant uncertainty in determining which projects and assets fall under MiCA's regulatory scope, especially regarding which can be considered "fully decentralized." Additionally, there is no consensus within the industry on the definition of NFTs, which also leads to ambiguity regarding whether certain tokens are subject to MiCA regulation.

The aforementioned "ambiguity" may impose burdens and risks on industry participants, potentially leading to teams and resources relocating out of the EU.

4.2 Impact on the Global Crypto Industry

The EU is the largest single internal market in the world, with 450 million relatively affluent consumers. With its large market size, MiCA will persuade many companies worldwide to adopt MiCA operational standards, and it may even be adopted internationally to maintain global integrated operations and products. This has been referred to as the "Brussels Effect" by Anu Bradford, a professor at Columbia Law School.

At the same time, for regulators in other jurisdictions (especially those with little financial regulatory experience, such as China), MiCA may serve as a reference for them to develop regulatory frameworks for crypto assets. For example, the Financial Stability Board (FSB) recommendations for crypto service providers and "global stablecoin arrangements" have introduced many concepts from MiCA.

Of course, this also depends on whether MiCA ultimately proves successful. If MiCA is ultimately shown to be beneficial for the industry, consumers, and regulators, it will become a "model law" for global crypto regulation. Otherwise, other jurisdictions may choose a completely different policy path.

Source: Starlabs Consulting