.png)
What is the Markets in Crypto-Assets Regulation?
The Markets in Crypto-Assets Regulation - universally known as MiCA - is a landmark piece of European Union legislation that establishes the world's first comprehensive, harmonized legal framework for the issuance of and service provision related to crypto-assets across all 27 EU member states.
Adopted on May 31, 2023 and published in the Official Journal of the EU, MiCA entered into force on June 30, 2023. It represents a decisive shift away from the fragmented, jurisdiction-by-jurisdiction approach that had characterized EU crypto regulation since the emergence of Bitcoin, replacing a patchwork of national rules with a single, passportable rulebook operative throughout the entire Single Market.
At its core, MiCA does two things: it regulates the issuance of certain categories of crypto-assets (through white paper obligations, marketing standards, and issuer requirements), and it regulates the provision of services related to crypto-assets (through a new licensing category called Crypto-Asset Service Providers, or CASPs).
"MiCA is not merely a compliance requirement - it is a market infrastructure that, for the first time, grants crypto-asset businesses passporting rights equivalent to those enjoyed by traditional financial institutions across the EU."
- Web3 Legal Consulting Practice Analysis, 2025
- Official name: Regulation (EU) 2023/1114
- Published: Official Journal of the EU, June 9, 2023
- Full applicability: December 30, 2024 (CASP provisions)
- Supervised by: National Competent Authorities (NCAs) + ESMA + EBA
- Applies to: Issuers of crypto-assets and providers of crypto-asset services in the EU
- Key principle: "Same activity, same risk, same rule"
Who Does MiCA Apply To?
MiCA applies to any natural or legal person, or other undertaking, that issues, offers to the public, or seeks admission to trading of crypto-assets, or that provides crypto-asset services in the European Union - regardless of where the entity is legally established.
This extraterritorial reach is one of MiCA's most significant features. A company incorporated in the Cayman Islands, Singapore, or the United States is still subject to MiCA if it actively markets to EU customers or provides services accessible to EU-based users. Our web3 legal consulting team consistently advises clients not to assume offshore structuring eliminates MiCA exposure.
What Falls Outside MiCA's Scope?
- Financial instruments already covered by MiFID II
- Deposits and structured deposits (covered by banking law)
- Funds and securitizations regulated under AIFMD/UCITS
- Unique, non-fungible tokens (NFTs) - with caveats
- Central Bank Digital Currencies (CBDCs)
- Intragroup transactions
- Limited network tokens (closed ecosystem use only)
- Asset-Referenced Tokens (ARTs) - multi-asset stablecoins
- E-Money Tokens (EMTs) - single fiat-pegged stablecoins
- All other crypto-assets (utility tokens, governance tokens, etc.)
- Crypto-Asset Service Providers (CASPs)
- Exchange operators, custodians, brokers, advisors
- Crypto-asset portfolio management services
- Transfer services for crypto-assets
MiCA's Three Token Categories
MiCA creates a tiered regulatory framework built around three distinct categories of crypto-assets, each carrying different obligations for issuers. Understanding which category your token falls into is the first and most critical step in any MiCA compliance analysis.
Asset-Referenced Tokens (ARTs)
Crypto-assets that maintain stable value by referencing several currencies, commodities, other crypto-assets, or a basket thereof. Traditional multi-collateral stablecoins fall here.
E-Money Tokens (EMTs)
Crypto-assets designed to stabilise their value by referencing the value of one official currency. In effect, these are blockchain-native electronic money instruments.
Other Crypto-Assets
A catch-all category covering crypto-assets that are neither ARTs nor EMTs. This includes utility tokens, payment tokens not pegged to a single fiat currency, and most governance tokens.
Crypto-Asset Service Provider (CASP) Licensing
Any entity providing crypto-asset services to EU clients on a professional basis must obtain authorisation as a Crypto-Asset Service Provider (CASP) from the relevant National Competent Authority in its EU member state of establishment. This authorisation, once granted, can be passported across all 27 member states.
The 10 Regulated CASP Services
MiCA defines ten distinct crypto-asset services, each requiring a separate line of authorisation or included within a broader CASP licence:
Custody & Administration
Safekeeping and administration of crypto-assets on behalf of clients, including private key management.
Operation of a Trading Platform
Running a multilateral system or organised trading facility that matches buy and sell orders in crypto-assets.
Exchange (Crypto-to-Fiat)
Exchanging crypto-assets for fiat currency that is legal tender, including OTC desks.
Exchange (Crypto-to-Crypto)
Exchanging one crypto-asset for another on a proprietary account basis using own capital.
Execution of Orders
Acting on behalf of clients to purchase or sell crypto-assets, including best execution obligations.
Placing of Crypto-Assets
Marketing and distributing newly issued crypto-assets to purchasers on behalf of an issuer.
Reception & Transmission of Orders
Receiving orders from clients and transmitting them to another entity for execution.
Portfolio Management
Discretionary management of crypto-asset portfolios on a client-by-client basis.
Advice on Crypto-Assets
Personalised recommendations relating to one or more crypto-assets, similar to investment advice.
Transfer Services
Providing services for the transfer of crypto-assets from one distributed ledger address to another on behalf of a client.
CASP Authorisation Requirements
To obtain a CASP licence, applicants must satisfy the following core requirements. These are assessed by the National Competent Authority of the member state in which the entity has its registered office:
Legal Form
The entity must be a legal person established in the EU (or a branch in some cases). Natural persons and offshore-only entities cannot directly hold a CASP licence.
Minimum Own Funds
Minimum capital ranges from €50,000 to €150,000 depending on the services provided, plus a professional indemnity insurance option. Issuers of significant ARTs face substantially higher requirements.
Management Body
Directors and management must demonstrate sufficient good repute, knowledge, and experience. The "fit and proper" assessment is a core part of the authorisation process.
AML/CFT Compliance Programme
A fully documented anti-money laundering framework, including FATF Travel Rule implementation for transfers, KYC procedures, and transaction monitoring systems.
Client Asset Safeguarding
Clear segregation of client crypto-assets and funds from the CASP's own assets. Custodians face enhanced requirements including liability for loss of crypto-assets held.
ICT & Business Continuity
Robust IT systems, cybersecurity controls, and a documented business continuity plan. MiCA references DORA (Digital Operational Resilience Act) for ICT requirements.
The MiCA White Paper: Content & Liability
Unlike traditional prospectuses under the Prospectus Regulation, the MiCA white paper is not subject to prior NCA approval for most crypto-assets (the exception being ARTs and - to some extent - EMTs). However, this does not diminish its significance: the white paper carries statutory civil liability, meaning issuers can be sued by investors who suffer losses attributable to misleading, inaccurate, or incomplete content.
Mandatory White Paper Contents
Issuer Information
Identity, legal form, registered office, group structure, management body members, and any conflicts of interest.
Project & Technology
Detailed description of the project, underlying DLT or protocol, the technology used, and known risks.
Token Description
Number of tokens, token type, rights and obligations attached, transfer restrictions, and smart contract audit results.
Offer Details
Issuance price, allocation methodology, subscription conditions, how proceeds will be used, and minimum subscription amount.
Risk Factors
All material risks related to the issuer, the crypto-asset, the project, the technology, and the regulatory environment - presented clearly and concisely.
Reserve Assets (ARTs)
For ARTs: full description of reserve assets, custody arrangements, redemption policies, and liquidity management.
Principal Adverse Impacts
Description of the consensus mechanism and environmental/energy footprint, particularly where proof-of-work is used.
Responsible Persons
Signed statement from management that white paper information is accurate, compliant, and not misleading.
MiCA's Implementation Timeline
MiCA's rollout was phased to give industry time to prepare. Understanding the key dates is critical for compliance planning - particularly for businesses that were operating under prior national regimes.
MiCA Adopted by EU Council
Final adoption by the Council of the European Union following the European Parliament vote on April 20, 2023.
Published in Official Journal
Regulation (EU) 2023/1114 published in the Official Journal of the European Union. Entry into force: June 29, 2023.
Title III & IV: ART & EMT Rules Apply
The provisions governing Asset-Referenced Tokens and E-Money Tokens became applicable 12 months after publication. Issuers needed authorization or to cease operations.
Full MiCA Applicability - CASP Rules Live
All remaining provisions - including the full CASP licensing framework - became applicable 18 months after publication. The entire MiCA framework is now fully operative across all 27 EU member states.
Grandfathering Period (National Regimes)
Entities already licensed under prior national crypto-asset regimes (e.g., France's PSAN, Germany's BaFin crypto custody licence, Lithuania's VASP) may continue operating for up to 18 months while obtaining a MiCA-compliant CASP authorisation. Member states may reduce this period.
ESMA Level 2 & Level 3 Measures
ESMA and EBA continue publishing Regulatory Technical Standards (RTS), Implementing Technical Standards (ITS), and supervisory guidelines that flesh out operational requirements across all MiCA provisions. Ongoing monitoring is essential.
MiCA's Impact on the Web3 Ecosystem
MiCA fundamentally reshapes the operating environment for Web3 businesses targeting European markets. Our web3 legal consulting team identifies both significant opportunities and challenges for different categories of market participants.
- Legal Certainty: For the first time, crypto businesses operating in the EU have a clear, predictable regulatory framework to build around.
- Passporting: A single CASP licence covers all 27 member states - 450 million people - eliminating the need for 27 separate national licences.
- Market Confidence: Institutional capital is more likely to enter a clearly regulated market. MiCA may unlock significant institutional flows into regulated crypto assets.
- Competitive Moat: Compliant businesses gain a credibility advantage over unregulated competitors who cannot access EU markets.
- Stablecoin Growth: EMT issuers with proper e-money licences can now scale euro-denominated stablecoins with legal clarity across Europe.
- Compliance Costs: Licensing, legal, IT, and operational costs are significant - potentially prohibitive for early-stage projects without institutional backing.
- Stablecoin Caps: Significant ARTs and EMTs face transaction volume caps (€200M/day) designed to prevent systemic risk, limiting scalability for large stablecoin issuers.
- DeFi Uncertainty: The exclusion of "fully decentralised" protocols from MiCA leaves DeFi projects in an ambiguous position. ESMA is monitoring the space closely.
- Innovation Pace: The speed of regulatory technical standards development may lag behind the pace of Web3 innovation, creating gaps and uncertainties.
- Market Fragmentation Risk: Despite harmonization goals, NCAs retain discretion in certain areas, potentially creating regulatory arbitrage between member states.
MiCA and the Grey Zones: DeFi, NFTs, and Staking
Perhaps the most commercially significant aspect of MiCA for many Web3 operators is what the regulation does not clearly cover - and how it treats the boundaries of inclusion.
Decentralised Finance (DeFi)
MiCA explicitly states that it does not apply to crypto-asset services provided in a "fully decentralised manner without any intermediary." However, the regulation acknowledges that this boundary is conceptually difficult to draw and that ESMA is mandated to report on the treatment of DeFi by December 2024.
In practice, our web3 legal services team advises that most DeFi protocols are not truly intermediary-free - front-end operators, DAO governance multisig holders, liquidity providers with special rights, and protocol fee recipients may all constitute intermediaries capable of triggering MiCA obligations.
"The 'fully decentralised' carve-out in MiCA is not a safe harbour - it is a factual assessment that must be undertaken protocol by protocol, function by function."
- Web3 Legal Consulting Practice, MiCA Compliance Advisory 2025
Non-Fungible Tokens (NFTs)
NFTs that are genuinely unique and non-fungible fall outside MiCA. However, MiCA expressly states that the substance of a token, not its label, determines its classification. Large-scale NFT collections with fractional ownership features, revenue-sharing rights, or significant fungibility in practice may be re-characterized. ESMA has been tasked with issuing guidance specifically on this boundary.
Staking and Yield Products
MiCA does not directly regulate staking services in the same manner as financial instruments. However, where staking yields are structured or marketed as investment returns, or where liquid staking tokens are traded as financial instruments, there is material risk of classification as securities under MiFID II rather than - or in addition to - MiCA. The regulatory treatment of liquid staking derivatives is actively evolving across EU member states.
Strategic Considerations for Web3 Businesses
For founders and legal teams navigating MiCA, our web3 legal consulting practice recommends a structured approach to compliance strategy that goes beyond simply checking regulatory boxes.
Token Classification Analysis
Before anything else: understand definitively what category your token falls into under MiCA. This single determination cascades into every other compliance decision. Engage qualified web3 legal services counsel to conduct a written classification opinion that can be shared with NCAs.
Home Member State Selection
Choose your EU home member state for CASP authorisation strategically. Consider NCA responsiveness, local ecosystem support, regulatory clarity, cost of establishment, and the NCA's track record with crypto applicants. Early leaders include Germany (BaFin), France (AMF), Ireland (CBI), and Lithuania (LB).
White Paper Drafting
Commission your MiCA white paper early. It is a legal document with civil liability consequences - not a marketing document. Ensure alignment between your white paper, smart contract code, and tokenomics documentation. Our web3 legal consulting team advises treating the white paper as a live compliance instrument.
Operational Infrastructure
Build AML/KYC systems, ICT frameworks, client safeguarding arrangements, and governance structures before submitting your application. NCAs expect operational readiness - not just documented intentions - at the time of application review.
Monitor Level 2 & 3 Developments
MiCA Level 1 (the regulation itself) is only the beginning. ESMA and EBA are continuously publishing RTS, ITS, Q&As, and supervisory guidance that refine and operationalise MiCA requirements. Maintain active regulatory monitoring as part of your ongoing compliance programme.
Frequently Asked Questions on MiCA
Yes. MiCA has extraterritorial reach. A non-EU company that actively markets crypto-asset services to EU residents or provides services accessible in the EU is generally subject to MiCA. This is sometimes referred to as the "effects doctrine." Offshore structuring alone does not eliminate MiCA exposure - a detailed jurisdictional analysis from our web3 legal services team is strongly recommended for non-EU entities targeting EU markets.
For most crypto-assets (Category 3 - "other crypto-assets"), the white paper must be notified to the NCA but does not require pre-approval. Issuers can publish 20 working days after notification. For ARTs, the white paper requires explicit NCA authorization before the offering can proceed. For EMTs, the issuer (a credit institution or EMI) notifies the relevant NCA but does not require white paper pre-approval. Despite the absence of prior approval in most cases, civil liability for misleading content applies to all MiCA white papers.
Not directly - MiCA requires CASP applicants to be legal persons established in the EU. An unincorporated DAO cannot hold a CASP licence. In practice, DAOs that wish to provide regulated services to EU clients typically establish a legal entity (e.g., a foundation, LLC, or association) in the EU that acts as the regulated front-end, while the protocol itself operates in a more decentralised manner. Careful legal structuring is essential, and our web3 legal consulting team advises on optimal DAO-adjacent legal architectures.
MiCA sets out minimum supervisory powers and administrative sanctions that NCAs must have available. These include: public warnings, orders to cease conduct, withdrawal of authorisation, temporary bans on management, administrative fines of up to €5,000,000 for natural persons, and up to €15,000,000 or 15% of annual turnover (whichever is higher) for legal persons - in the most serious breaches. Individual member states may impose higher sanctions under national law. ESMA also has direct supervisory powers over significant ART and EMT issuers.
MiCA explicitly excludes crypto-assets that qualify as financial instruments under MiFID II. The two regimes are designed to be mutually exclusive. If your token constitutes a transferable security (e.g., a token conferring equity-like rights, debt rights, or derivatives exposure), it falls under MiFID II - not MiCA - and is subject to the Prospectus Regulation, MAR, and other financial markets legislation. The boundary between MiCA and MiFID II remains one of the most practically significant classification questions in European crypto law, and one our web3 legal services team addresses in every token advisory engagement.
MiCA Compliance Advisory from Our Web3 Legal Consulting Team
Whether you're a token issuer, exchange, custodian, DeFi protocol, or institutional investor navigating MiCA obligations, our web3 legal services team provides structured, actionable compliance guidance - from initial classification analysis through full CASP authorisation.
