MiCA Regulation: Key Dates, Upcoming Changes, and New Challenges

Full Implementation of MiCA

As the news of Circle and Société Générale – Forge obtaining the “Electronic Money Institution” (“EMI”) license, a prerequisite for offering a stablecoin under MiCA¹ (referred to as “e-money token” or “EMT” in the regulation), resonated in the French crypto landscape, the timing of the announcement was no coincidence.

In fact, the announcement was made on July 1, the day after Titles III and IV of the MiCA regulation came into effect. These Titles cover stablecoins: those backed by a basket of assets (“asset-referenced tokens” or “ART”) and stablecoins backed by fiat currency, the EMTs.

In brief, these titles establish a unified regulatory framework at the EU level on public offerings of stablecoins (requiring issuers to publish a highly regulated whitepaper, obtain an EMI or credit institution license, etc.).

However, the rest of the regulation was still pending and will finally come into effect on December 30, 2024². It includes:

• Title I: Covers the purpose, definitions, and scope of the regulation, i.e., its application scope, boundaries, and subject matter: the domains and actors to which it applies... or doesn’t. For instance, it applies to entities located in the EU or offering crypto-assets or crypto-asset services to Europeans. Excluded, for example, are services on financial instruments, DeFi, and NFTs.

However, concerning DeFi, MiCA specifies that it only does not apply if the services in question are “provided in a fully decentralized manner without any intermediary.”³ Furthermore, the concept of NFTs is also clarified by the regulation:

"Fractional parts of a unique and non-fungible crypto-asset should not be considered unique and non-fungible. The issuance of crypto-assets as large-scale or collection-based non-fungible tokens should be considered an indicator of their fungibility. Merely assigning a unique identifier to a crypto-asset is not sufficient in itself to classify it as unique and non-fungible. For the crypto-asset to be considered unique and non-fungible, the assets or rights represented should also be unique and non-fungible. [...] In this regard, when evaluating and classifying crypto-assets, competent authorities should adopt a substance-over-form approach, so that the characteristics of the crypto-asset in question determine the classification rather than the issuer's designation."⁴

In other words, national regulators will conduct a case-by-case analysis to determine whether a given NFT project genuinely constitutes a collection of "non-fungible" tokens. If not, the regulation will likely be applicable.

• Title II: Covers a third category of crypto-assets, crypto-assets other than ART or EMT. This is a much broader category and, in any case, less restrictive than the stablecoin regime: the issuer of these cryptos does not need an EMI license and is subject to less demanding whitepaper obligations than ART/EMT issuers. This differentiated approach highlights one of the concerns and reasons behind the regulation: the protection of the EU's monetary and financial stability.

I’m not making this up; one only has to read one of the many recitals⁵ of the regulation, like recital (5), which states:

"While still modest in size, crypto-asset markets do not currently pose a threat to financial stability. However, some types of crypto-assets that aim to stabilize their price relative to a specific asset or basket of assets could potentially be widely adopted in the future by retail holders, which could pose additional challenges in terms of financial stability, proper functioning of payment systems, transmission of monetary policy, or monetary sovereignty."

This section hasn’t been discussed much recently, as the topic of MiCA is often addressed in terms of its impact on crypto service providers or stablecoins. However, Title II, given its broad scope of application, will likely draw more attention once it is concretely and publicly applied by regulators.

• Title V: This title, which introduces a new regime for crypto-asset service providers ("CASP"), has been causing quite a stir. For French actors, it replaces the regime for digital asset service providers ("DASP"). Crypto service providers will need to obtain a CASP⁶ license, estimated by many lawyers to potentially require expenditures totaling 500,000 euros.

This license imposes requirements on these new actors, including but not limited to: capital requirements, strict internal control policies, market abuse reporting, enhanced cybersecurity with regular penetration testing, and various other measures.

Therefore, these actors will need to prepare a comprehensive, costly, and time-consuming application, comparable to that of a full-fledged financial institution, to offer crypto-asset services such as buying/selling cryptos for fiat currency, crypto/crypto exchange, operating a trading platform, custodial services for clients’ cryptos, transfer, or even crypto-asset placement.

• Title VI: Deals with market abuse. With such provisions, insider trading, where someone holding privileged, non-public information uses it to trade, will apply to the crypto-asset sector and be penalized criminally. The same goes for market manipulation, such as using fake news to inflate or deflate a token's price.
• Title VII: Covers the powers and coordination measures of supervisory authorities, both European and national.
• Title VIII: Addresses delegated acts, which, as we will see, are crucial to MiCA’s effectiveness.

I also mention Title IX, which is quite specific: it deals with the transitional measures for the implementation of MiCA over time. For example, it specifies the implementation of Titles III and IV (on stablecoins) on June 30, and the rest of the regulation on December 30. Most importantly, it mandates the Commission to produce a report on possible regulatory approaches (or not) for DeFi, which we will discuss later.

Although this new framework will be applicable in a few weeks, European actors regulated before December 30, 2024, like DASPs, will benefit from a transitional period of 18 months (essentially until July 1, 2026) to comply with the new regulation… or if their licensing application is accepted or rejected in the meantime. The simultaneous application of this new regime alongside the transitional period for existing actors is drawing much attention, both from regulators and legislators, as well as from the industry. Different regulatory regimes, unclear transitions from national to European frameworks, and skepticism from regulators regarding the use of the transitional period are all topics that are far from resolved⁷.

We will see later that developments in this area will be delegated to the European Commission as well as European regulators such as ESMA ("European Securities and Markets Authority") and the EBA ("European Banking Authority"), along with the practices of national regulators like the AMF ("Autorité des Marchés Financiers") and the ACPR ("Autorité de Contrôle Prudentiel et de Résolution").

Moreover, on other key points in the sector, the Commission’s position is eagerly awaited, for instance, regarding DeFi, NFTs, and lending & borrowing.

---

The European Commission’s Position on a Possible MiCA II

Article 142 of MiCA outlines the next steps: before December 30, the Commission must present a report to the European Parliament and the Council on "the latest developments in crypto-assets, particularly in areas not covered by this regulation" and may accompany it with a "legislative proposal."

This report includes an assessment of the DeFi and NFT sectors, "including an evaluation of the necessity and feasibility of regulation," as well as the scope of lending & borrowing services and the "handling of services associated with the transfer of e-money tokens, if they were not covered in the review of Directive (EU) 2015/2366."

Regarding this last point, the regulatory treatment of stablecoins (the well-known "EMTs" under MiCA): are they crypto-assets or e-money? The question arises as Directive 2015/2366 refers to the "PSD2" or "Second Payment Services Directive," which is currently being reviewed to pave the way for a third PSD and an EU regulation on payment services, known as the "Payment Services Regulation" or "PSR."

Reclassifying EMTs as e-money could have serious implications for the sector, particularly for future crypto-asset service providers, who might find themselves subject to payment services regulation in addition to MiCA.

As for the anticipated report itself, there have been some updates behind the scenes. Initially expected in December 2024, many, myself included, thought this report would primarily address DeFi and regulatory pathways.

However, when Bill Hughes, Regulatory Director at ConsenSys, posted about the report on LinkedIn, Peter Kerstens, an advisor to the European Commission on digital finance and cybersecurity, clarified:

"Not sure this is “no news” or “fake news.” There was never a requirement that the report requested by the legislator had to include legislative proposals. We have not started to draft the report, but who says it can not be started before March 2025? And maybe there is not much to report on. We never prioritized a regulatory framework for DeFi, so we can no longer prioritize it. Crypto is very much in the policy spotlight right now with myriad delegated acts being prepared and MiCA application deadline looming. There is more policy than new legislative proposals..."

The advisor’s response, hinting at a potential delay in drafting the report and possibly minimal coverage of DeFi, brings reassurance. It suggests that MiCA, its text, and application still contain ambiguities and uncertainties. Delaying DeFi regulation allows this sector to grow before falling under regulatory scrutiny and enables European legislation to be fine-tuned to fit the crypto sector's contours closely. MiCA, a European regulation, has been notably swift in adoption and trilogue discussions between the Commission, Parliament, and the European Council.

This response reflects an adaptable European regulatory approach: although sometimes imperfect, hasty, and often harsh, it at least tries to adapt. And that is arguably better (or more tolerable) than a regulatory void allowing a regulator to do as they please (here, I am thinking of the U.S. Securities and Exchange Commission under Gary Gensler).

While awaiting this report, many details will enrich MiCA through European regulators like ESMA or the EBA via RTS (Regulatory Technical Standards), which are texts complementing MiCA as provided by the regulation delegating this task to European regulators, or Q&A (Questions & Answers), published by regulators to express their positions and interpretations on various text-related issues raised by industry actors. Additionally, further clarifications will come through delegated acts from the Commission and national decisions from regulators like the AMF or the ACPR, which will play a key role in MiCA’s application and effectiveness, set to be fully implemented on December 30.

---

Conclusion

Various legal battles remain to be fought; for instance, last September 3: the European Commission rejected ESMA’s RTS, which would have mandated cybersecurity audits for new CASPs, the new crypto service providers under MiCA. In response, the European regulator urged the Commission to integrate this requirement into the regulation via a delegated act.

Another example is the ITS published by the EBA, which would require CASPs to report to stablecoin issuers pegged to a fiat currency other than the euro, including the number of holders of this stablecoin along with an official document number, such as a passport or tax ID. Here, it is clear that the privacy rights implications seem disproportionate, given the simple goal of analyzing the non-euro stablecoin market within the EU.

These battles will need to be fought by the directly regulated entities, as well as interest groups like ADAN⁹, along with lawyers and legal professionals supporting all these stakeholders.

¹ Article 48 of the MiCA regulation. ² Some articles in these sections are, however, already applicable in a scattered manner since June 29, 2023, as described in Article 149(4) of the MiCA regulation. ³ Recital (22) of the MiCA regulation. ⁴ Recital (11) of the MiCA regulation. ⁵ Recitals are explanatory paragraphs of the provisions in European legislative acts, appearing before the articles. ⁶ Under Article 59 of the MiCA regulation. ⁷ It was in this context that an ordinance, no. 2024-936, was published in the Official Journal of the French Republic on October 15. This ordinance concerns crypto-asset markets and aims to adapt the French regime of 2019 (including the “PSAN” regime) to the MiCA regulation. A substantial part is dedicated to applying the transitional period benefiting PSANs regulated before December 30. ⁸ Another form of standardization/adaptation of a European text by European regulators, similar to RTS. ⁹ Refers to the “association for the development of digital assets.”