EU Crypto Regulation - MiCA and TFR adopted

On 20 April 2023, the European Parliament adopted the Markets in Crypto Assets Regulation ("MiCA") and the Regulation on Information accompanying transfers of funds and certain crypto-assets ("TFR") by passing its final vote. It is expected that MiCA and the TFR will be published in the Official Journal by the end of June 2023 and enter into force in July 2023. The provisions regarding the regulation of stablecoins under MiCA will apply from July 2024. The remainder of the provisions under MiCA together with the TFR will apply from January 2025.

Click to view article



MiCA introduces a dedicated and harmonised legislative framework for crypto-assets and related activities and services. MiCA applies to natural and legal persons and other undertakings that are engaged in the issuance, offer to the public and admission to trading of crypto-assets or that provide services related to crypto-assets in the European Union ("EU") (the latter being referred to as crypto-asset service providers ("CASPs")).

MiCA will not apply to persons who provide crypto-asset services exclusively for their parent companies, for their subsidiaries or for other subsidiaries of their parent companies.

Furthermore, MiCA excludes from its scope those crypto-assets which are unique and non-fungible. Whether particular non-fungible tokens ("NFTs") are outside the scope of MiCA will have to be examined on a case-by-case basis in order to assess the true extent of their non-fungibility. Fractional NFTs could, for example, fall within MiCA as they would not be considered unique and non-fungible. Furthermore, Stefan Berger, the European Parliament rapporteur on MiCA, stated at the European Parliament debates on 19 April 2023, that CASPs who provide NFT services remain subject to the rules under MiCA.

Decentralised Finance ("DeFi") arrangements which execute crypto-asset services in a fully decentralised manner are also outside the scope of MiCA.

Lending and borrowing in crypto-assets is not regulated by MiCA and therefore remains subject to applicable national law.

Categorisation of crypto-assets

'Crypto-assets' are defined under MiCA as digital representations of value or rights which may be transferred and stored electronically, using distributed ledger technology or similar technology.

MiCA captures those crypto-assets which are not already regulated under existing financial services legislation and divides them into three sub-categories of crypto-assets, subject to different requirements depending on the risks they entail:

Electronic Money / E-Money Tokens

A type of crypto-asset that purports to maintain a stable value by referencing to the value of one official currency.

Asset-Referenced Tokens

A type of crypto-asset that is not an electronic money token and that purports to maintain a stable value by referencing to any other value or right or a combination thereof, including one or more official currencies.

All other crypto-assets

All other crypto-assets that are not asset-referenced tokens or e-money tokens, which covers a wide variety of crypto-assets, including utility tokens. Utility tokens are defined as a type of crypto-asset which is only intended to provide access to a good or a service supplied by the issuer of that token.


Offerors of crypto-assets

MiCA prohibits entities from offering crypto-assets, other than asset-referenced tokens and e-money tokens, to the public and/or seeking admission of such crypto-assets to trade on a trading platform, unless certain requirements are met. Some of the main requirements include:

  • The drafting, notification and publication of a crypto-asset white paper, as stipulated by MiCA;
  • The drafting and publication of marketing communications;
  • Withdrawal rights;
  • Safeguarding requirements, where applicable.
Exempted crypto-assets "issuances" include certain free crypto airdrops which do not require any collection of data or actions on the part of the recipient, blockchain validator rewards, and a limited network-type exemption.


CASPs are defined as any legal person or other undertaking whose occupation or business is the provision of one or more crypto-asset services to third parties on a professional basis.

‘Crypto-asset service’ means any of the services and activities listed below relating to any crypto-asset:

  • the custody and administration of crypto-assets on behalf of third parties;
  • the operation of a trading platform for crypto-assets;
  • the exchange of crypto-assets for funds;
  • the exchange of crypto-assets for other crypto-assets;
  • the execution of orders for crypto-assets on behalf of third parties;
  • placing of crypto-assets;
  • providing transfer services for crypto-assets on behalf of third parties;
  • the reception and transmission of orders for crypto-assets on behalf of third parties;
  • providing advice on crypto-assets;
  • providing portfolio management on crypto-assets.
MiCA prohibits persons within the EU from providing crypto-asset services, unless they are authorised as a CASP. Undertakings seeking to be authorised as a CASP are required to be 'established' in the EU. Furthermore, MiCA subjects all CASPs to conduct, prudential and governance requirements, as well as specific outsourcing, conflict of interest and asset safeguarding rules.

CASPs have the right to passport their authorisation throughout the EU, by providing crypto-asset services either through the right of establishment, including through a branch, or through the freedom to provide services.

MiCA contains a 'reverse-solicitation' provision whereby entities established outside the EU (i.e. third country firm) may provide crypto-asset services to EU clients, without requiring authorisation as a CASP, where a client established or situated in the EU initiates at its own exclusive initiative the provision of a crypto-asset service. However, once the third country firm, or any other entity acting on its behalf, solicits clients or potential clients in the EU, regardless of the means of communication used for solicitation, promotion or advertising in the EU, it shall not be deemed to be a service provided at the own exclusive initiative of the client. In order to address potential risks arising from a reverse-solicitation provision, the European Securities and Markets Authority ("ESMA") is mandated to establish an EU-wide blacklist of non-compliant entities supported by far-reaching supervisory powers.

Provision of crypto-asset services by entities already regulated under EU law

The following regulated entities may provide certain crypto-asset service (this can vary depending on their authorisation) without having to seek additional authorisation as a CASP under MiCA, provided they notify the competent authority of the home Member State, at least 40 working days before providing those services for the first time:

  • credit institutions;
  • central securities depositories;
  • investment firms;
  • market operators;
  • e-money institutions;
  • management companies of UCITS; and
  • alternative investment fund managers.

E-Money tokens and asset-referenced tokens are often referred to as types of stablecoins.

A large part of MiCA is dedicated to the regulation of stablecoins by establishing a regulatory framework for stablecoin issuers.

Issuers of asset-referenced tokens or persons seeking admission of such crypto-assets to trading on a trading platform are required to be authorised as a legal person established in the EU under MiCA (this is a designated authorisation for issuers of asset-referenced tokens), or authorised as a credit institution under the Capital Requirements Directive ("CRD")[1].

Stablecoin issuers are required to draw up a detailed crypto-asset white paper and are subject to reporting and monitoring requirements. Furthermore, MiCA subjects all issuers of asset-referenced tokens to stringent conduct, prudential and governance requirements, as well as specific conflict of interest and custody/reserve of asset rules.

Issuers of e-money tokens or persons seeking admission of such crypto-assets to trading on a trading platform are required to be authorised as a credit institution or electronic money institution under the Electronic Money Directive ("EMD2)[2]. E-money tokens shall be deemed to be ‘electronic money’ as defined under EMD2 and therefore, certain provision of EMD2 (i.e. prudential, safeguarding, redeemability requirements) shall apply with respect to e-money tokens unless otherwise stated under MiCA. The crypto-asset white paper requirement also applies to issuers of e-money tokens.

MiCA places additional conduct, prudential and governance requirements on issuers of 'significant' asset-referenced tokens and e-money tokens. Such tokens will be classified as 'significant' based several factors, including, inter alia, the number of holders, the value of the token itself and the number and value of transactions

Market Abuse Rules

Lastly, MiCA introduces a market abuse regime which is based on the traditional prohibitions of unlawful disclosure of inside information, insider dealing, and market manipulation.

The market abuse prohibitions and requirements under MiCA apply to:

  1. acts carried out by any person;
  2. any transaction, order or behaviour; and
  • actions and omissions, in the EU and in a third country,
regarding crypto-assets that are admitted to trading on a trading platform for crypto-assets operated by a CASP, or for which a request for admission to trading on such a trading platform has been made.

Transitional Measures[3]

CASPs which provided their services in accordance with applicable law before January 2025 may continue to do so until July 2026 or until they are granted an authorisation as a CASP under MiCA, whichever is sooner. Furthermore, MiCA provides for a simplified procedure for CASP applications where the application has been submitted between January 2025 and July 2026 by entities that are already authorised under national law to provide crypto-asset services.

Issuers of asset-referenced tokens which issued asset-referenced tokens in accordance with applicable law before July 2024 may continue to do so until they are granted an authorisation under MiCA, provided that they applied for an authorisation by August 2024.


The TFR builds on the definitions established under MiCA. It requires CASPs, as obliged entities under the current Anti-Money Laundering ("AML") regime, to collect, verify and submit certain information about the originator (i.e. a person that holds a crypto-asset account or address) and the beneficiary (i.e. a person that is the intended recipient of the transfer of crypto-assets) of crypto-asset transfers (the so-called "travel rule").

In case of a transfer to or from a self-hosted address (i.e. non-custodial wallets), CASPs are required to collect the information on both the originator and the beneficiary, usually from their customer. CASPs are, in principle, not required to verify the information on the user of the self-hosted address, however, where a transfer exceeds EUR 1 000, CASPs should verify whether the self-hosted address is effectively owned or controlled by that customer.

Intermediary CASPs (i.e. CASPs that receive and transmit a transfer of crypto-assets on behalf of the CASP of the originator or of the beneficiary, or of another intermediary CASP) must ensure that all the information received on the originator and the beneficiary that accompanies a transfer of crypto-assets is transmitted with the transfer and that records of such information are retained and made available on request to the competent authorities.

Additionally, CASPs are required to have in place internal policies, procedures and controls to ensure the implementation of EU and national restrictive measures (such as actions to freeze crypto-assets) when performing transfers of crypto assets.

The TFR will apply to transfers of crypto-assets where the CASP of the originator or the beneficiary is established in the EU.

The TFR will not apply to transfers of crypto-assets in the following scenarios:

  • both the originator and the beneficiary are CASPs acting on their own behalf;
  • the transfers constitute person-to-person transfers of crypto-assets carried out without the involvement of a CASP (i.e. P2P crypto transfers).
The rules under the TFR will apply from January 2025.

[1] Directive 2013/36/EU of the European Parliament and of the Council of 26 June 2013 on access to the activity of credit institutions and the prudential supervision of credit institutions and investment firms, amending Directive 2002/87/EC and repealing Directives 2006/48/EC and 2006/49/EC.

[2] Directive 2009/110/EC of the European Parliament and of the Council of 16 September 2009 on the taking up, pursuit and prudential supervision of the business of electronic money institutions amending Directives 2005/60/EC and 2006/48/EC and repealing Directive 2000/46/EC

[3] The timeframes indicated in this section are estimates only and might deviate slightly depending on when MiCA is published in the Official Journal of the EU.

Related Content