As the popularity of virtual assets and cryptocurrencies increases for both retail and professional investors, the European Council recently reached provisional agreement on the Markets in Crypto-Assets Regulation ("MiCA"). MiCA aims to increase investor protection and improve financial stability, without stifling innovation in the crypto-asset sector.
In this update, we consider a number of aspects of MiCA, including timeline for implementation, the key aspects of the proposal and how the legislation will impact operators in the crypto-sphere.
The initial proposal for MiCA was made on 24 September 2020 as a part of a wider EU digital finance package. The negotiation period for MiCA began on 24 November 2021 and the final period of negotiation between the European Trilogue, started on 31 March 2022, has ended on 30 June 2022.
It is expected that the MiCA framework will be formally adopted in 2024. Once adopted, MiCA should generally apply 18 months later, except certain provisions related to e-money tokens and asset-referenced tokens will apply immediately.
Who is in scope?
Issuers of crypto-assets and asset-referenced tokens will be subject to MiCA. For the purposes of MiCA, 'crypto-assets' means digital representations of value or rights which may be transferred and stored electronically, using technology that supports the distributed recording of encrypted data, known as 'distributed ledger technology', or similar. This definition therefore includes cryptocurrencies that are linked to decentralised finance protocols, as they are digital representations of rights or values capable of transfer. 'Asset-referenced tokens' are those crypto-assets that maintain a stable value by referring to the value of several fiat currencies, several commodities, several crypto-assets, or a combination of all three.
MiCA sets out requirements that will apply to issuers of crypto-assets and crypto-asset service providers ("CASPs"). CASPs are entities that provide: custody and administration services; operate trading platforms; operate fiat-to-crypto or crypto-to-crypto exchanges, or offer services relating to the execution, or reception and transmission of, orders for crypto-assets on behalf of third parties.
However, there are a number of financial institutions and technologies that will not be subject to the MiCA regime, given that alternative legislative regimes already apply to these technologies. For example, electronic money under the Electronic Money Directive will not be subject to MiCA, except where this electronic money constitutes an 'electronic money token', defined under MiCA as a type of crypto-asset the main purpose of which is to be used as a means of exchange and that purports to maintain a stable value by referring to the value of a fiat currency that is legal tender.
MiCA reflects the core requirements in other financial services regimes such as the Markets in Financial Instruments Directive ("MiFID"), including an authorisation regime, investor protection, organisational and conduct requirements, etc.
Regulators have long been concerned that trading in crypto-assets lacks a sufficient degree of transparency, protection and redress for consumers or retail investors. Therefore, one of the fundamental goals of MiCA is to protect consumers against some of the risks associated with the investment in crypto-assets, and avoid fraudulent schemes.
MiCA sets out rules to create a uniform approach across the EU with regard to the following:
- Transparency and disclosure requirements for the issuance and admission to trading of crypto-assets. These requirements will be continuous and ongoing, including disclosing the amount of tokens in circulation and the composition of reserve assets on at least a monthly basis;
- The authorisation and supervision of CASPs, issuers of asset-referenced tokens, and issuers of electronic money tokens by the competent authority;
- The uniformity of operational, organisational and governance arrangements of issuers of asset-referenced tokens, issuers of electronic money tokens and crypto-asset service providers;
- Consumer protection rules for the issuance, trading, exchange and custody of crypto-assets, including becoming liable to consumers on the event that they lost their crypto-assets; and
- Implementation of measures to prevent market abuse to ensure the integrity of crypto-asset markets.
The above are expected measures to be implemented under MiCA, as issuers of crypto-assets will be subject to similar disclosure requirements as other regulated financial institutions. However, it is important to note that CASPs will also be subject to ongoing supervision by relevant competent authority(ies), and prudential safeguards such as own funds and specific insurance requirements.
It is also expected that actors in the crypto-asset market will be required to declare information on their environmental and climate footprint, in a requirement similar to ongoing environmental and sustainable initiatives in the EU. However, the exact nature of these disclosures is not yet known, as they will be implemented by the European Securities and Markets Authority after implementation.
The final text – what has changed?
As noted above, digital representations of rights and values will be caught under MiCA. However, one prominent digital representation of rights or values now excluded from MiCA will be Non-Fungible Tokens ("NFTs"). NFTs have grown in popularity, though both the European Council and Parliament sought to exclude NFTs from the scope of MiCA as now drafted, at least in some part. MiCA specifically excludes crypto-assets that are considered "unique and not fungible with other crypto-assets", and so NFTs as unique codes of ownership would be excluded. However, should NFTs be fractionable, or grant rights in relation to crypto-assets as defined above, they could nonetheless be caught under the MiCA regime.
Depending on the services offered, a provider could be a CASP (for the purposes of MiCA) and a virtual asset service provider ("VASP") (for the purposes of the AML / CFT regime). MiCA will, however, afford authorised providers passporting rights unlike the VASP regime.
Central Bank of Ireland Sets Out Expectations for Successful VASP Registrations
We previously issued an update setting out the domestic regime for registration as a Virtual Asset Service Providers ("VASPs") .
The Central Bank of Ireland ("CBI") recently issued an AML / CFT Bulletin highlighting weaknesses it has identified in the AML / CFT measures employed by firms seeking registration as VASPs under the domestic regime which was introduced last year. To date, no VASPs have been registered in Ireland. The CBI is concerned there is a lack of understanding of the AML / CFT obligations placed on VASPs, and identified other significant control weaknesses in the AML / CFT frameworks described by VASP applicants in their applications. The CBI has confirmed it received a large number of VASP registration applications but will not authorise VASPs unless it is satisfied that applicants can meet their AML / CFT obligations and have robust frameworks in place as required by the Criminal Justice (Money Laundering and Terrorist Financing) Act 2010.
The CBI has issued a guidance note for completing applications, as well as guidelines for VASPs to consider when applying for authorisation but does not prescribe specific organisational requirements successful applicants will need because that will depend on the nature, scale and complexity of the business, the proposed customers and services.
MiCA is still only a provisional agreement subject to approval by both the European Parliament and Council, before going to the formal adoption phase. However, transitional arrangements have been included in the text of MiCA as currently drafted.
It is important to note that MiCA will not apply to crypto-assets as defined immediately on adoption where they were offered to the public prior to MiCA's entry into force. This limitation will not, however, apply to asset-referenced tokens, and e-money tokens.
Similarly CASPs which operate in the EU under a relevant Member State law prior to entry into force of MiCA will not be obliged to comply with its requirements until they are granted authorisation by a relevant competent authority such as the CBI. However this authorisation will need to be obtained within 18 months of entry into force, as from that point compliance will be required, regardless of authorisation status. It is anticipated that a simplified authorisation procedure will be in place for authorisation applications submitted by legally valid CASPs within this 18-month period.
How can we help?
Our dedicated Financial Services Group works with different operators in the crypto sector, including advising on recent applications for registration as VASPs, and how other regulatory regimes may apply to the operation of crypto platforms and marketing / sale of crypto-assets.
We can provide tailored support and solutions for companies which will come within MiCA's scope, including preparing disclosures for investors, agreements, policies and procedures, passporting applications and implementing the regime to ensure a robust compliance framework appropriate to the company's services.
Separately, our Irish Funds & Investment Management practice has advised on a number of innovative Irish fund projects involving the use of crypto technology, including the very first Irish regulated fund to be approved by the CBI to invest in crypto-assets.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.