The MiCAR regulation is coming

The new EU Markets in Crypto-Assets Regulation (MiCAR) was published in the Official Journal of the European Union on June 9, 2023 and entered into force on June 29, 2023 in force. However, most of the provisions will only be applicable after a transitional period of 12 to 18 months. Nevertheless, market participants should already familiarize themselves with the new rules and prepare for their implementation now.in Germany, MiCAR is being implemented through two new laws: the Financial Markets Digitization Act (FinmadiG) and the Crypto Markets Supervision Act (KMAG). The FinmadiG accompanies the implementation of MiCAR and makes the necessary amendments to existing laws, such as the Money Laundering Act and the Banking Act, while the KMAG also regulates the supervisory activities of the competent authorities. It designates the Federal Financial Supervisory Authority (BaFin) as the competent supervisory authority for MiCAR regulations in Germany. In future, BaFin will be responsible for monitoring the MiCAR regulations and will be given the necessary powers to do so, such as intervening against unauthorized transactions.The KMAG is currently still in the legislative process and has not yet come into force. However, the “MiCAR Application Ordinance” is intended to enable companies to submit applications under MiCAR before the The FinmadiG also introduces a new Crypto Markets Supervision Act (KMAG) in order to be able to provide crypto asset services under the new legal framework in good time. In contrast to the term “crypto assets” in MiCAR, the previous “crypto assets” in the German Banking Act (KWG) have been renamed “cryptographic instruments”. The KWG crypto custody business becomes a “qualified crypto custody business”. The German Money Laundering Act (GwG) includes providers of crypto asset services within the meaning of MiCAR as obligated parties under money laundering law.

What does MiCAR regulate?

MiCAR creates the first comprehensive regulatory and supervisory framework for previously unregulated crypto assets in the European Union. The uniform licensing and conduct rules apply to a broad spectrum of market participants:

• Natural and legal persons involved in the issuance, public offering and admission to trading of crypto assets. These include, for example, companies that issue and publicly offer crypto assets such as utility tokens, value-referenced tokens (ARTs) or e-money tokens (EMTs).
• “Certain other entities” such as decentralized autonomous organizations (DAOs) and other decentralized finance (DeFi) operators to the extent that they are at least partially involved in the provision of crypto services. In contrast, purely decentralized DeFi activities without any intermediaries are not covered by MiCAR.
• Crypto-asset service providers (CASPs) such as the custody and management of crypto-assets for clients, the operation of trading platforms for crypto-assets, the exchange between crypto-assets and fiat currencies or the execution of orders for crypto-assets on behalf of clients.

In future, all these players will be subject to harmonized EU-wide requirements in terms of licensing, business organization, consumer protection, market integrity and supervision if they issue crypto assets, offer them to the public or provide crypto services in the EU. This is intended to create a level playing field, prevent regulatory arbitrage and strengthen investor protection, while central banks, public authorities of the Member States, the European Investment Bank and its subsidiaries as well as certain already regulated financial institutions such as credit institutions and investment firms are excluded from the scope of MiCAR insofar as they provide crypto services exclusively to group companies.

Which crypto assets fall under MiCAR?

MiCAR distinguishes between three categories of tokens that are not currently covered by existing regulatory frameworks:

1. Asset-referenced tokens (ARTs): ARTs are tokens that are intended to maintain a stable value in relation to an underlying reference value such as currencies, commodities or other crypto assets. They serve as a means of payment or store of value without having the status of legal tender. Examples of ARTs are stablecoins linked to fiat currency baskets or commodities. Issuers of ARTs must meet special requirements, including authorization by the competent authority, the publication of a white paper, liquidity and capital requirements as well as requirements for the custody of the reference assets.
2. E-money tokens (EMTs): EMTs are tokens designed to maintain a stable value in relation to a single fiat currency such as the euro or US dollar. They qualify as e-money within the meaning of the Second E-Money Directive (EMD2). Issuers of EMTs require an e-money license and must meet the requirements of EMD2 as well as additional MiCAR requirements, e.g. for custody of the reference currency and redemption of the tokens.
3. Utility token: Utility tokens are crypto assets that are only used to grant digital access to a good or service provided by the issuer. They do not confer any other rights on the holders vis-à-vis the issuer. Utility tokens are subject to the lowest requirements under MiCAR. Issuers only have to publish a white paper and comply with certain information and marketing rules.

However, MiCAR does not cover, for example

• Security tokens that are considered financial instruments within the meaning of MiFID II. They continue to be subject to existing capital market regulations such as the Prospectus Regulation.
• Unique, non-fungible tokens (NFTs), which are not crypto assets within the meaning of MiCAR due to their uniqueness and non-exchangeability. However, series of NFTs or fractional NFTs may qualify as crypto assets if they are sufficiently standardized and fungible.
• Crypto assets that are already covered by other EU regulations, e.g. as deposits, funds (except for e-money tokens), securitization positions or insurance products.

MiCAR thus creates for the first time a comprehensive taxonomy and a set of rules for previously largely unregulated token types that do not fit into existing regulatory frameworks. The differentiation between ARTs, EMTs and utility tokens and the risk-adjusted requirements are intended to ensure appropriate investor and consumer protection while remaining open to innovation.

What obligations apply to issuers?

Issuers of ARTs and EMTs must meet the following regulatory obligations from June 30, 2024:

1. Approval by the competent national authority and publication of a white paper with information on the respective ART/EMT for investors:
   • The white paper must contain detailed information on the issuer, the project, the rights, risks and costs associated with the ART/EMT and the underlying technology.
   • The white paper must be notified to the supervisory authority and published on the issuer’s website.
2. Conduct and governance requirements in relation to marketing, disclosure of information and dealing with conflicts of interest:
   • Issuers must act honestly, fairly and professionally in the best interests of their clients.
   • You must identify, disclose and avoid or manage conflicts of interest.
   • Marketing communications must be recognizable as such and must not be misleading.
   • Issuers must have sound governance arrangements in place, such as a clear organizational structure, competent managers and business continuity arrangements.
3. Regulatory requirements to ensure sufficient liquidity and the ability to meet redemption requests:
   • Issuers of ARTs/EMTs must at all times hold own funds of at least EUR 350,000, 2% of the average amount of reserve assets or one quarter of the fixed costs of the previous year, whichever is higher.
   • They must hold reserves of assets that are legally and operationally separate from their portfolio and are managed according to specific custody rules.
   • Issuers must set up redemption and liquidity plans to ensure the redemption of tokens.

Issuers of EMTs are subject to additional requirements:

• They must be licensed as e-money institutions or credit institutions.
• EMTs must be issued at par value upon receipt of the funds.
• Holders can redeem their EMTs at any time at face value in cash or by bank transfer.
• No fees may be charged for redemption.
• Funds from EMTs may only be invested in safe, low-risk investments or deposited in trust accounts.

Issuers of utility tokens and other crypto assets will be subject to transparency and disclosure requirements for the issue, public offering and admission to trading from December 30, 2024. They must also publish a white paper, but this must contain less extensive information than for ARTs/EMTs.

What do crypto service providers need to consider?

Crypto-asset service providers (CASPs) will require a license to operate in the EU from 30 December 2024. The crypto services covered by MiCAR include, among others:

• Custody and management of crypto assets on behalf of clients: CASPs providing custody services must take reasonable precautions to protect clients’ ownership rights to crypto assets, including segregation of client assets.
• Operation of a trading platform for crypto assets: Operators of trading platforms must define transparent rules for the trading and admission of crypto assets and set up systems to detect market abuse.
• Exchange of crypto assets for money or other crypto assets: CASPs offering exchange services must ensure fair and transparent prices and avoid conflicts of interest.
• Execution of orders for crypto assets on behalf of clients: CASPs must execute orders on the best possible terms for the client and take precautions against conflicts of interest.
• Placement of crypto assets: CASPs placing crypto assets on behalf of issuers must disclose and avoid conflicts of interest and conduct appropriate due diligence.
• Accepting and transmitting orders for crypto assets on behalf of clients: CASPs must have systems and procedures in place to correctly and expeditiously process and transmit orders to other CASPs or trading venues.
• Advice on crypto-assets: CASPs offering investment advice on crypto-assets must assess the suitability and appropriateness for the respective client and disclose any conflicts of interest.

CASPs are subject to comprehensive anti-money laundering, supervisory and conduct requirements:

• They must have robust governance arrangements, effective procedures to prevent money laundering and terrorist financing and appropriate internal control mechanisms.
• They must maintain high standards with regard to the security of IT systems, record keeping and the protection of client funds and assets.
• They must identify, avoid or manage conflicts of interest and act fairly and transparently towards clients.
• They must report regularly to the competent authority and report violations of MiCAR or other relevant regulations.

The authorization as a CASP is valid throughout the EU and enables the cross-border provision of crypto services. However, Member States may impose additional requirements on CASPs operating on their territory, provided that these requirements are proportionate and non-discriminatory.

What happens now?

The European Securities and Markets Authority (ESMA) and the European Banking Authority (EBA) are currently working hard to develop the regulatory and implementing technical standards and guidelines that will further clarify the application of MiCAR. ESMA has already published two final reports on MiCAR. The first report of March 2024 contains proposals on information regarding the authorization of CASPs, the notification of financial companies wishing to provide crypto services, the assessment of intended acquisitions of interests in CASPs and the handling of complaints by CASPs. The second report from May 2024 concerns the rules on conflicts of interest for CASPs and the EBA has also submitted several final drafts of regulatory technical standards and guidelines on MiCAR. These relate, among other things, to capital requirements, liquidity requirements and recovery plans for issuers of ARTs and EMTs, information on the assessment of the acquisition of qualifying holdings in ART issuers and the procedure for the approval of white papers for ARTs issued by credit institutions. The European Commission also adopted delegated regulations on MiCAR in May 2024, which, for example, set out the fees charged by the EBA, the criteria for classifying ARTs and EMTs as significant and the criteria for the exercise of supervisory authorities’ intervention powers.The first public consultations on these Level 2 and Level 3 measures are important milestones in the implementation of the MiCAR framework. They help to provide clarity and predictability, promote fair competition between market participants and ensure a safer environment for investors across the EU. As a tech-savvy lawyer who closely follows the developments surrounding MiCAR, I can only recommend that startups and crypto companies familiarize themselves with the new rules at an early stage and seek dialogue with the relevant authorities. This is the only way to ensure a smooth transition to MiCAR and avoid nasty surprises, and the supervisory authorities, for their part, have made it unmistakably clear that the EU will not be a playground for crypto providers who want to cherry-pick or do shady things. I will continue to closely monitor and report on further developments relating to MiCAR, in particular the adoption of the outstanding technical standards and guidelines as well as the preparations of market participants and supervisory authorities. If you, as a startup or crypto company, have questions about the implementation of MiCAR or need support in applying for authorization as a CASP or issuer, I will be happy to assist you with my expertise. Together, we will find a way for you to make the most of the opportunities offered by the new legal framework and efficiently meet the compliance requirements. Just get in touch with me – I look forward to accompanying you on your journey into the exciting world of MiCAR!