EU establishes comprehensive set of rules for crypto-assets

In-House Perspective outlines what organisations need to know about the Markets in Crypto-assets legislation, the EU’s attempt to be at the forefront of the token economy and to protect consumers in the process.

In mid-May the Council of the EU approved the first EU-wide rules to enable the tracing of transfers of crypto-assets such as bitcoins and electronic money tokens. The intention is that crypto transactions can now be traced in the same way as any other financial operation, and suspicious transactions blocked.

The Markets in Crypto-assets (MiCA) legislation is the first regulatory framework for crypto-assets in the world and, some believe, establishes the EU as a global pace-setter by equipping European regulators with a broad mandate to protect customers in case of any perceived wrongdoing. Once implemented – likely to take place between mid-2024 and early 2025 – MiCA will apply to anybody providing crypto-asset services or issuing crypto assets within the EU.

The push to enact legislation and provide greater consumer protection comes in the wake of high-profile scandals in the crypto sector, such as the collapse in 2022 of FTX, a major cryptocurrency exchange, as well as crypto hedge fund Three Arrows Capital (3AC) and lenders Voyager, Celsius Network and BlockFi.

Stefan Berger, one of the members of the European Parliament responsible for championing the MiCA regulation, said: ‘This puts the EU at the forefront of the token economy with 10,000 different crypto assets. Consumers will be protected against deception and fraud, and the sector that was damaged by the FTX collapse can regain trust. Consumers will have all the information they need and all underlying risks around crypto-assets will have to be monitored. The European crypto-asset industry has regulatory clarity that does not exist in countries like the US.’

Under the rules, consumers will be better informed about the risks, costs and charges linked to crypto transactions. In addition, the new legal framework will support market integrity and financial stability by regulating public offers of crypto-assets. The legislation includes safeguards against market manipulation and financial crime and covers crypto-assets that are not regulated by existing financial services legislation. Key provisions for those issuing and trading crypto-assets – including asset-reference tokens and e-money tokens – cover transparency, disclosure, authorisation and the supervision of transactions.

MiCA, which was provisionally agreed in June 2022, defines a crypto-asset as ‘a digital representation of value or rights which may be transferred and stored electronically, using distributed ledger technology or similar technology’. It sets requirements for crypto-asset issuers one the one hand, and crypto-asset service providers (CASPs) on the other. For example, crypto-asset issuers must provide complete and transparent information about the crypto assets they issue and comply with disclosure and transparency rules. CASPs, meanwhile, must be registered and implement security measures and anti-money laundering compliance.

The regulation also draws a distinction between ‘cryptocurrencies’ and ‘tokens’. It defines crypto-assets broadly and distinguishes distributed-ledger technology assets based on their common attributes into ‘normal’ crypto-assets, such as utility tokens, and more intensely regulated stablecoins – so-called asset-referenced tokens or e-money tokens.

To improve transparency and traceability, the legislation introduces a so-called ‘travel rule’ – already used in traditional finance – where information on the source of the asset and its beneficiary will have to ‘travel’ with the transaction and be stored on both sides of the transfer. Further, it’ll provide greater consumer protection by covering transactions above €1,000 from self-hosted wallets – meaning a crypto-asset wallet address of a private user – when they interact with hosted wallets managed by CASPs. To counter money laundering risks, the European Securities and Markets Authority will set up a public register for non-compliant CASPs that operate in the EU without authorisation.

The legislation also aims to reduce the high carbon footprint of cryptocurrencies by forcing significant service providers to disclose their energy consumption.

However, there are limits to MiCA’s scope of protection. For instance, it doesn’t apply to crypto-asset services that are provided without an intermediary in a ‘fully decentralised manner’, although the definition of ‘decentralisation’ is still to be decided by regulators. Nor does it cover non-fungible tokens – unique and indivisible tokens that represent a piece of digital art, a video, a tweet or any other unique object. Central bank digital currencies also fall outside the scope of MiCA.

Alexei Bonamin, Senior Vice-Chair of the IBA Capital Markets Forum and a partner at Brazilian law firm TozziniFreire, believes MiCA ‘is so far the most comprehensive and extensive regulation on crypto issued’ and, as a result, ‘will probably serve as a benchmark for regulation of the crypto sector in other countries’. He adds though that ‘it is difficult to foresee all its practical aspects and how it will work in all the jurisdictions under its scope’.

He adds that while compliance requirements will be stricter for the sector, investment opportunities will also open up, since the new regulation will create a level-playing field and foster stronger and more robust entities, which in turn will produce greater confidence for the market and investors.

Philippe Tardif, Vice-Chair of the IBA Securities Law Committee and a partner at Canadian law firm BLG, says that since MiCA is premised on established consumer protection principles – such as government oversight of issuers and service providers – the regulation ‘should provide an effective harmonized regulatory framework’, at least ‘to a point’. He adds that ‘The enforcement and civil liability regimes and a culture of compliance will determine how effective the regulation will be in practice’. Other jurisdictions, meanwhile, may choose to update their existing regimes rather than produce a new regulatory framework in the way the EU has done, believes Tardif.

He says that ‘organisations that choose to transact in crypto assets will need to establish policies and procedures that seek to ensure compliance with the new rules. They should also establish policies aimed at confirming that the counterparties (service providers and issuers) are authorised to deal in crypto assets and that satisfactory custodial arrangements are in place. In-house counsel should be in a position to play a central role in developing these policies.’