ARTICLE
1 October 2025

ESMA Issues New Rules For Non-EU Crypto Firms Engaging EU Clients

MG
Maples Group

Contributor

Maples Group logo
The Maples Group is a leading service provider offering clients a comprehensive range of legal services on the laws of the British Virgin Islands, the Cayman Islands, Ireland, Jersey and Luxembourg, and is an independent provider of fiduciary, fund services, regulatory and compliance, and entity formation and management services.
Explore Firm Details
ESMA's final guidelines on reverse solicitation under the Markets in Crypto Assets Regulation ("MiCA") define how non-EU crypto firms (the "Firms") may interact with EU clients.
Ireland Technology
Stephen Carty,Lorna Smith, and Philip Keegan
Your Author LinkedIn Connections
Stephen Carty’s articles from Maples Group are most popular:
  • with readers working within the Banking & Credit and Technology industries
Maples Group are most popular:
  • within Technology, Accounting and Audit and Privacy topic(s)

ESMA's final guidelines on reverse solicitation under the Markets in Crypto Assets Regulation (“MiCA”)1 define how non-EU crypto firms (the “Firms”) may interact with EU clients. With the rules taking effect from 27 April 2025, it's recommended that Firms complete a review of their EU-facing activities to ensure compliance.

What You Need to Know

ESMA's guidance narrows the reverse solicitation exemption and broadens what qualifies as solicitation, meaning most marketing, brand-building and even educational activities that reach EU audiences may be captured regardless of intent. The exemption applies only to services provided at the client's own exclusive initiative and within the original context, with no follow-on marketing permitted—even for the same service. National regulators will actively police compliance using online tools, social media and whistleblower reports. Firms should act immediately by implementing geoblocking, removing EU app store access, reviewing all marketing and affiliate channels and maintaining robust records evidencing client initiative.

ESMA Key Focus Areas

  • Solicitation: Broad and Technology-Neutral – Any promotion, advertisement or offer that can reach EU clients may be considered solicitation:
    • Websites, mobile apps, social media, influencers, sponsorships, emails, phone calls, face-to-facet meetings and more.
    • Even general brand advertising may be caught if it reaches EU audiences.
  • Educational Content: No Safe Harbour – Educational materials are not exempt if they promote access to the Firm's If the content links to the platform, provides onboarding, distributes brochures, collects client details or otherwise promotes the Firm, it is likely to be treated as solicitation.
  • Who Solicits? It Doesn't Matter –  Solicitation by the Firm, its group, affiliates, influencers or anyone acting “on behalf of” or with close links to the Firm all need to be considered. While payment is a strong indicator of a link between the person soliciting and the Firm, it is not required. In addition, EU-regulated entities must not redirect clients to Firms, even within the same group.
  • Reverse Solicitation: Strictly Limited – Services must be provided solely at the client's exclusive initiative; disclaimers alone are insufficient. Follow-on marketing, even for the same type of service, is not permitted outside the original transactional context and same-type options may only be presented during the client-initiated transaction, but not weeks or months later.
  • “Same Type” – A Narrow Approach  – a Firm may market crypto-assets or services of the “same type” in the context of the relationship started at the own exclusive initiative of a given client. This is a narrow exemption and requires a case-by-case review whether the crypto-assets or services belong to the same type, taking into account elements such as the category or risks attached to the crypto-asset or service.

Red Flags and Examples: What to Watch For

ESMA's guidelines include a non-exhaustive list of red flags. If any of these apply, the Firm's activities may be considered solicitation:

  • Using country-code domains (.fr, .es, .at), EU language subdirectories (/fr, /es) or geotargeted search engine optimisation / link-building to attract EU clients;
  • Running geotargeted ads to EU users or sponsoring sporting events resulting in the Firm's brand or services being promoted to EU audiences;
  • Maintaining EU-language websites without a clear non-EU rationale;
  • EU affiliate sites displaying the logo or backlinks or blurring the distinction between EU-authorised and third-country offerings;
  • Engaging EU-based influencers to promote services or brand;
  • Sending push notifications to EU clients after onboarding, encouraging further trading or promoting different asset types;
  • Offering bundled services when a client requested a single service; or
  • Responding to an EU-based enquiry about non-MiCA services, then using it to market MiCA-covered crypto services.

Conclusion

Given the increased focus on this, Firms are advised to review their global outreach and interactions with EU clients. Firms should move now to ringfence EU access, tighten marketing and affiliates and document client-initiated engagements to mitigate enforcement risk.

Footnote

1. Regulation (EU) 2023/1114 of the European Parliament and of the Council of 31 May 2023 on markets in crypto-assets, and amending Regulations (EU) No 1093/2010 and (EU) No 1095/2010 and Directives 2013/36/EU and (EU) 2019/1937

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.

Authors
Photo of Stephen Carty
Stephen Carty
Photo of Lorna Smith
Lorna Smith
Photo of Philip Keegan
Philip Keegan
Your Author LinkedIn Connections
See More Popular Content From

Mondaq uses cookies on this website. By using our website you agree to our use of cookies as set out in our Privacy Policy.

Learn More