ESMA's final guidelines on reverse solicitation under the Markets in Crypto Assets Regulation (“MiCA”)1 define how non-EU crypto firms (the “Firms”) may interact with EU clients. With the rules taking effect from 27 April 2025, it's recommended that Firms complete a review of their EU-facing activities to ensure compliance.
What You Need to Know
ESMA's guidance narrows the reverse solicitation exemption and broadens what qualifies as solicitation, meaning most marketing, brand-building and even educational activities that reach EU audiences may be captured regardless of intent. The exemption applies only to services provided at the client's own exclusive initiative and within the original context, with no follow-on marketing permitted—even for the same service. National regulators will actively police compliance using online tools, social media and whistleblower reports. Firms should act immediately by implementing geoblocking, removing EU app store access, reviewing all marketing and affiliate channels and maintaining robust records evidencing client initiative.
ESMA Key Focus Areas
- Solicitation: Broad and
Technology-Neutral – Any promotion,
advertisement or offer that can reach EU clients may be considered
solicitation:
- Websites, mobile apps, social media, influencers, sponsorships, emails, phone calls, face-to-facet meetings and more.
- Even general brand advertising may be caught if it reaches EU audiences.
- Educational Content: No Safe Harbour – Educational materials are not exempt if they promote access to the Firm's If the content links to the platform, provides onboarding, distributes brochures, collects client details or otherwise promotes the Firm, it is likely to be treated as solicitation.
- Who Solicits? It Doesn't Matter – Solicitation by the Firm, its group, affiliates, influencers or anyone acting “on behalf of” or with close links to the Firm all need to be considered. While payment is a strong indicator of a link between the person soliciting and the Firm, it is not required. In addition, EU-regulated entities must not redirect clients to Firms, even within the same group.
- Reverse Solicitation: Strictly Limited – Services must be provided solely at the client's exclusive initiative; disclaimers alone are insufficient. Follow-on marketing, even for the same type of service, is not permitted outside the original transactional context and same-type options may only be presented during the client-initiated transaction, but not weeks or months later.
- “Same Type” – A Narrow Approach – a Firm may market crypto-assets or services of the “same type” in the context of the relationship started at the own exclusive initiative of a given client. This is a narrow exemption and requires a case-by-case review whether the crypto-assets or services belong to the same type, taking into account elements such as the category or risks attached to the crypto-asset or service.
Red Flags and Examples: What to Watch For
ESMA's guidelines include a non-exhaustive list of red flags. If any of these apply, the Firm's activities may be considered solicitation:
- Using country-code domains (.fr, .es, .at), EU language subdirectories (/fr, /es) or geotargeted search engine optimisation / link-building to attract EU clients;
- Running geotargeted ads to EU users or sponsoring sporting events resulting in the Firm's brand or services being promoted to EU audiences;
- Maintaining EU-language websites without a clear non-EU rationale;
- EU affiliate sites displaying the logo or backlinks or blurring the distinction between EU-authorised and third-country offerings;
- Engaging EU-based influencers to promote services or brand;
- Sending push notifications to EU clients after onboarding, encouraging further trading or promoting different asset types;
- Offering bundled services when a client requested a single service; or
- Responding to an EU-based enquiry about non-MiCA services, then using it to market MiCA-covered crypto services.
Conclusion
Given the increased focus on this, Firms are advised to review their global outreach and interactions with EU clients. Firms should move now to ringfence EU access, tighten marketing and affiliates and document client-initiated engagements to mitigate enforcement risk.
Footnote
1. Regulation (EU) 2023/1114 of the European Parliament and of the Council of 31 May 2023 on markets in crypto-assets, and amending Regulations (EU) No 1093/2010 and (EU) No 1095/2010 and Directives 2013/36/EU and (EU) 2019/1937
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.