EU close to introducing groundbreaking law to regulate crypto | Akin Gump Strauss Hauer & Feld LLP

In October 2022, the European Council approved the Markets in Crypto-Assets (MiCA) regulation, one of the first attempts globally at comprehensive regulation of cryptocurrency markets. The regulation covers money laundering, consumer protection, crypto companies’ accountability and environmental impact. The European Union (EU) is a pioneer in digital regulation, and the breadth of MiCA means it will have a significant global impact.

Introduction

What is the legislation and what is it for?

The Markets in Crypto-Assets Regulation (“MiCA” or “the Regulation”) is new, comprehensive EU legislation designed to regulate crypto-asset-related activities conducted in the EU. MiCA covers several key areas, including transparency, disclosure, authorization and supervision of transactions. The regulation applies to natural and legal persons and other companies that issue, offer to the public and admission to trade in crypto-assets or that provide services related to crypto-assets in the Union.

MiCA uses its own definition of “crypto-asset”, which means “a digital representation of a value or a right that can be transferred and stored electronically using distributed ledger technology or similar technology”. The regulation divides this definition into three subcategories, as explained below.

MiCA has gone through all stages of the EU legislative process, apart from approval in the European Parliament. The European Parliament is not expected to oppose the regulation, and is expected to adopt it before the end of 2022. If it does, MiCA will enter into force in 2024.

General purpose

The main objectives of MiCA are industry regulation, consumer protection1, preventing market abuse and maintaining the integrity of crypto markets. Under MiCA, consumers will be “better informed about [the] risks, costs and fees” when handling crypto-assets, and the regulation will also “support market integrity and financial stability by regulating public offerings of crypto-assets”, as well as introduce measures to tackle market manipulation and prevent money laundering, terrorist financing and other criminal activities.

More broadly, MiCA is designed to help ensure that “Union financial services legislation is fit for the digital age, contributing to a future-ready economy that works for the people”.

Interaction with other legislation

Broadly, crypto-assets already regulated by existing EU financial services regulation will not be covered by MiCA and will remain regulated under the existing framework, “irrespective of the technology used for issuance or transfer”. For example, this means that crypto-assets that are already classified as “financial instruments” under EU law will still be subject to existing regulation and not MiCA. The European Securities and Markets Authority will be tasked with publishing guidelines on the interaction between MiCA and the existing EU regulation on financial services before MiCA enters into force, to ensure “a clear demarcation between crypto-assets covered by [the] Regulation and financial instruments’.

Enforcement

The Regulation will be administered by competent authorities designated by each Member State, a list of which will be published. A competent authority can be a new or existing authority. The European Securities and Markets Authority and the European Banking Authority will be the supervisory regulatory bodies at Union level.

Competent authorities will have the power to take appropriate administrative sanctions and other administrative measures in case of infringement, notwithstanding existing criminal sanctions in the Member States. The regulation specifies that the competent authorities must have the authority to impose at least certain specified penalties, including, among others, fines of either 5 million euros or a share of the annual turnover (3% – 12.5%) of the legal person, depending on the nature of the infringement.

Approach

The regulation divides crypto assets into three subcategories, and sets different requirements for each. The categories are based on whether cryptoassets seek to stabilize their value by reference to other assets. The three categories are as follows:

  1. E-money (electronic money) tokens. These are cryptoassets that aim to stabilize their value by referring to only one official currency.
  2. Asset-Related Tokens. These are crypto-assets that are not electronic monetary tokens and that purport to maintain a stable value by referring to any other value or right or a combination thereof, including one or more official currencies. This category captures all cryptoassets that are not e-money tokens and whose value is backed by assets. The regulation notes that this aggregate makes MiCA “future-proof”.
  3. All other crypto assets. This covers all crypto assets that are not e-money tokens or asset-backed tokens. This would include utility tokens (ie, a type of crypto-asset intended only to provide access to a good or service provided by the issuer of that token).

The regulation does not apply to cryptoassets that are “unique and not interchangeable with other cryptoassets, including digital art and collectibles, the value of which can be attributed to each cryptoasset’s unique characteristics and the utility it provides to the token holder“. The regulation further expands what “unique and non-fungible” means, but it is likely that NFTs, particularly in the form of digital art and collectibles, will not be captured unless they qualify as financial instruments.

Authorization

MiCA applies to persons engaged in:

  1. Issuance, offer and/or admission to trading of crypto-assets.
  2. Provision of services for crypto assets.

A crypto-asset service is one of ten services listed in the regulation, with examples including custody and management of crypto-assets on behalf of third parties; the operation of a trading platform for cryptoassets; and exchange of crypto assets for funds.

The regulation determines which legal entities or other entities are permitted to provide crypto asset services (and therefore be crypto asset service providers (“CASPs”). In short, a CASP must either,

  • be a specified type of financial institution (eg a credit institution or securities firm) that meets the various specified requirements; or
  • be authorized by the relevant competent authority, and: have a registered office in a Member State of the Union where it performs at least part of its crypto asset services; have their place for effective leadership in the Union; and have at least one director resident in the EU.

The penalty for offering crypto asset services without authorization is a fine of at least 5 million euros or 5% of the total annual turnover of the legal entity.

Key requirements

As an example, we show below some of the most important regulatory provisions that MiCA will introduce when it comes into force.

Liability for loss of crypto assets

According to the regulation, CASPs which is authorized for the custody and administration of crypto-assets on behalf of third parties, shall be liable to its clients for the loss of any crypto-assets or of the means of access to crypto-assets, as a result of an event attributable to the provision of the relevant service or the operation of the service provider2. Especially such events include ICT-related incidents, including cyber-attacks, theft and malfunctions. Events like “occurred independently of the provision of the relevant service or the operations of the crypto asset service provider”, which may include, for example, problems inherent in the operation of the distributed ledger that CASP does not control, cannot be attributed to CASP.

White Paper on Crypto Assets

Any entity – whether an individual or a financial institution – that wishes to offer crypto-assets to the public or allow crypto-assets to a trading platform must prepare a white paper with respect to those crypto-assets containing mandatory disclosures and other information. The content of the whitepaper will vary depending on the type of cryptoasset, but all whitepapers must contain information including information about the issuer, information about the cryptoasset, information about the underlying technology and associated risks. Advertising and marketing communications should be consistent with the content of the white paper.

Agreement and job register

CASPs offering a crypto-asset custody and administration service on behalf of third parties will be required to enter into an agreement with their clients to identify their duties and responsibilities. Such agreements must contain certain specified information (set out in Article 67), which includes the identity of the parties, a description of the security systems used by the CASP, and the law applicable to the agreement.

CASPs providing a crypto-asset custody and administration service on behalf of third parties will also be required to maintain a register of positions, opened in each client’s name, corresponding to each client’s rights to crypto-assets.

Such CASPs must also, at least once every three months or at the request of a client, provide each client with a position statement for cryptoassets registered in the client’s name.

Transparency and governance

MiCA will require issuers of asset-backed tokens to maintain robust governance arrangements. This is stated to include (a) a clear organizational structure with well-defined, transparent and consistent lines of responsibility; (b) effective processes for identifying, managing, monitoring and reporting the risks to which the issuer is or may be exposed; and (c) adequate internal control mechanisms, including sound administrative and accounting procedures.

The effect of MiCA

A main goal of MiCA is to increase consumer confidence in crypto-assets by strengthening consumer protection through regulation. The EU’s expectation is that increased consumer confidence will lead to the development of a market for crypto assets and the development of opportunities within innovative digital services. Furthermore, a unified framework as laid down in MiCA will give CASPs certainty with regard to how the services they will offer will be treated in different member states.

The recipients of MiCA should therefore be wide-ranging: consumers, developers, financial institutions and regulators. Moreover, regulation also means recognition, and large-scale EU regulation gives legitimacy to this area. Some commentators have noted that if crypto is to fulfill its potential, it needs this kind of regulatory legitimacy to bolster trust and security.

Next step

Although MiCA is not yet in effect, now is a good time to start preparing. Any person or entity wishing to enter the CASP area would be well advised to set up according to the requirements of MiCA, not least because many of the requirements are good practice, but mostly to be compliant by the time the regulation comes into force in. force in.

1 Slightly different rules apply where crypto assets are to be offered to “qualified investors” (as defined in MiFID II).

2 Such liability will be limited to the market value of the crypto-asset lost at the time the loss occurred.

You may also like...

Leave a Reply

Your email address will not be published. Required fields are marked *