MiCA at a Glance: Structure and Scope

MiCA (Regulation (EU) 2023/1114) was published in the Official Journal of the European Union on June 9, 2023. It applies in two phases:

• •Phase 1 (June 30, 2024): Rules for asset-referenced tokens (ARTs) and e-money tokens (EMTs) — essentially stablecoins
• •Phase 2 (December 30, 2024): Full regulation including rules for other crypto-assets and CASPs

The regulation covers three categories of crypto-assets:

What MiCA Does NOT Cover

MiCA explicitly excludes:

1. •Financial instruments — Tokens qualifying as securities under MiFID II remain subject to existing financial regulation
2. •NFTs — Truly unique, non-fungible tokens are excluded (but large NFT collections may be re-classified)
3. •DeFi — Fully decentralized protocols with no identifiable issuer or service provider are carved out (the "DeFi exemption")
4. •CBDCs — Central bank digital currencies are excluded
5. •Deposits and structured deposits — Covered by existing banking regulation

The DeFi exemption is particularly important but narrowly defined. The European Securities and Markets Authority (ESMA) has indicated that protocols with governance tokens, identifiable development teams, or foundation-controlled parameters may not qualify as "fully decentralized."

The Three Token Categories in Detail

1. Asset-Referenced Tokens (ARTs)

ARTs are designed to maintain a stable value by referencing multiple currencies, commodities, or other crypto-assets. The requirements are the most stringent under MiCA:

Authorization: Issuers must be authorized by the competent authority of their home EU member state, with the European Banking Authority (EBA) having direct supervisory powers for "significant" ARTs (those exceeding thresholds for market cap, transaction volume, or user base).

Reserve requirements:

• •Maintain a reserve of assets backing the token at all times
• •Reserve must be segregated from issuer's own assets
• •At least 30% of reserves held in credit institution deposits spread across at least 6 institutions
• •No single credit institution holding more than a certain percentage
• •Independent audit of reserves at least every 6 months

Capital requirements: Own funds of at least the higher of EUR 350,000 or 2% of the average amount of reserve assets.

Redemption rights: Holders must have the right to redeem tokens at any time at market value of the referenced assets.

Significant ART thresholds (triggering direct EBA supervision):

• •Customer base exceeds 10 million holders
• •Market cap exceeds EUR 5 billion
• •Daily transaction count exceeds 2.5 million or daily value exceeds EUR 500 million

2. E-Money Tokens (EMTs)

EMTs reference a single official currency and function similarly to electronic money. The regulatory burden is heavy:

• •Issuer must be authorized as a credit institution or electronic money institution under the E-Money Directive
• •1:1 backing in the referenced fiat currency at all times
• •At-par redemption — holders can redeem at face value at any time
• •No interest payments — EMTs cannot offer yield or interest to holders
• •Reserve funds must be invested in secure, low-risk assets denominated in the referenced currency

The no-interest rule is one of MiCA's most impactful provisions for DeFi. Stablecoin-based yield protocols need to carefully structure their operations to avoid the EMT issuer being seen as paying interest.

Significant EMTs trigger the same enhanced EBA supervision thresholds as ARTs, plus a daily transaction cap of EUR 200 million for EMTs referencing a non-Euro currency — a provision designed to protect the Euro's monetary sovereignty.

3. Other Crypto-Assets (Utility Tokens, Governance Tokens, etc.)

The requirements for non-stablecoin tokens are lighter but still substantial:

White paper requirements: Every issuer must publish a crypto-asset white paper containing:

• •Detailed description of the project, technology, and rights attached to the token
• •Information about the issuer, including identity, governance, and financial condition
• •Risks associated with the crypto-asset
• •Underlying technology details
• •Environmental impact disclosure (energy consumption of the consensus mechanism)

The white paper must be notified to the relevant national competent authority (NCA) at least 20 working days before publication. The NCA does not "approve" the white paper, but can request modifications or prohibit the offering if it violates MiCA requirements.

Marketing communications must be fair, clear, and not misleading, clearly identifiable as marketing, and consistent with the white paper.

Liability: Issuers are liable for the completeness and accuracy of information in the white paper. Token holders who suffer losses due to misleading white papers have a right of action against the issuer.

Exemptions from the white paper requirement:

• •Tokens offered for free
• •Tokens automatically created through mining/staking as consensus rewards
• •Tokens offered to fewer than 150 persons per member state
• •Offerings below EUR 1 million over 12 months
• •Tokens offered exclusively to qualified investors

These exemptions are narrower than they might seem. Airdrops may not qualify as "free" if recipients must perform actions (follow accounts, join communities) to receive tokens.

Crypto-Asset Service Providers (CASPs)

Any entity providing crypto-asset services in the EU must be authorized as a CASP. The defined services include:

1. •Custody and administration of crypto-assets on behalf of clients
2. •Operation of a trading platform for crypto-assets
3. •Exchange of crypto-assets for funds or other crypto-assets
4. •Execution of orders for crypto-assets on behalf of clients
5. •Placement of crypto-assets (underwriting/distribution)
6. •Reception and transmission of orders for crypto-assets
7. •Providing advice on crypto-assets
8. •Providing portfolio management of crypto-assets
9. •Providing transfer services for crypto-assets on behalf of clients

CASP Authorization Requirements

• •Legal entity established in an EU member state
• •Minimum capital: EUR 50,000 to EUR 150,000 depending on service type
• •Governance requirements: Fit and proper management, clear organizational structure
• •IT security: Robust IT systems, business continuity plans, cybersecurity protocols
• •Complaint handling: Formal procedures for handling client complaints
• •Conflict of interest policies: Documentation and management of conflicts
• •Record keeping: 5-year retention of all transactions and communications
• •AML/KYC: Full compliance with the Anti-Money Laundering Directive (AMLD)

The Grandfathering Provision

CASPs that were authorized under existing national regimes (such as France's PSAN registration or Germany's BaFin crypto custody license) received a transitional period of up to 18 months (until July 1, 2026) to obtain full MiCA authorization while continuing to operate. This deadline is approaching rapidly, and entities without proper MiCA authorization by this date must cease operations.

MiCA Compliance Roadmap for Web3 Companies

Step 1: Token Classification Analysis

The first and most critical step is determining how your token is classified under MiCA and existing EU financial regulation. This requires analysis along two dimensions:

1. •Is your token a financial instrument under MiFID II? If yes, MiCA does not apply — you are subject to securities regulation instead.
2. •If not a financial instrument, which MiCA category does it fall into? ART, EMT, or other crypto-asset.

This classification has enormous implications for your fundraising strategy and should be conducted with specialized legal counsel.

Also consider how token classification frameworks vary across jurisdictions — a token classified as a utility token under MiCA may still be considered a security in the United States.

Step 2: Determine Your Entity Type

Are you:

• •A token issuer that needs to publish a white paper and potentially obtain ART/EMT authorization?
• •A service provider that needs CASP authorization?
• •Both? Many projects both issue tokens and operate platforms.

Step 3: Choose Your Home Member State

MiCA authorization is granted at the national level, but once obtained, is passported across all 27 EU member states. This means you can choose which country to apply in based on:

• •Speed of authorization process
• •Quality of regulatory dialogue
• •Existing legal infrastructure for crypto
• •Tax implications

Leading jurisdictions for MiCA authorization:

When choosing a jurisdiction for your Web3 company incorporation, consider MiCA authorization availability as a key factor if you serve EU markets.

Step 4: Prepare Your Application

For CASP authorization, you will need:

• •Corporate governance documentation
• •Business plan with 3-year financial projections
• •IT systems assessment and cybersecurity policies
• •AML/CFT policies and procedures
• •Client complaint handling procedures
• •Proof of minimum capital
• •Fit and proper assessments for directors and key function holders
• •Insurance policies (professional indemnity)

For token issuers, add:

• •Compliant white paper
• •Marketing communications plan
• •Reserve management policy (for ARTs/EMTs)
• •Redemption procedures (for ARTs/EMTs)

Step 5: Ongoing Compliance

Post-authorization, CASPs must:

• •File regular reports with their NCA
• •Maintain minimum capital requirements continuously
• •Update white papers for material changes
• •Report significant incidents within 24 hours
• •Conduct annual audits
• •Maintain AML transaction monitoring
• •Handle complaints within prescribed timelines

Impact on Specific Web3 Business Models

DeFi Protocols

The "fully decentralized" exemption is MiCA's most debated provision. ESMA's 2025 guidance indicates that protocols must meet ALL of the following to qualify:

• •No identifiable issuer or intermediary
• •No centralized governance that can alter protocol parameters
• •No entity profiting from the protocol's operation through fees
• •Fully autonomous smart contract execution

In practice, very few protocols meet this standard. Projects with foundation-controlled governance, upgradeable contracts, or fee-sharing mechanisms likely need to consider CASP authorization or restructure their operations.

NFT Marketplaces and Platforms

While individual NFTs are excluded, MiCA's recitals clarify that:

• •Large collections of NFTs with fungible characteristics may be treated as crypto-assets
• •NFT platforms that facilitate exchange may need CASP authorization
• •Fractional NFTs are almost certainly within scope

Exchanges and Trading Platforms

CEXs operating in the EU must obtain CASP authorization for multiple services (trading platform operation, exchange, custody, order execution). Requirements include:

• •Transparent and non-discriminatory trading rules
• •Pre- and post-trade transparency requirements
• •Market surveillance systems to detect market abuse
• •Resilience testing of IT systems

Custodians and Wallet Providers

Custodial wallet providers are CASPs under MiCA. Self-custodial (non-custodial) wallets are explicitly excluded, but the distinction matters: if your wallet interface facilitates exchange or order execution, additional CASP categories may apply.

Market Makers

Professional market makers providing crypto liquidity services fall under CASP authorization requirements, specifically for "exchange of crypto-assets" and potentially "execution of orders." This has significant implications for market making fee structures as compliance costs are passed through to clients.

Market Abuse Provisions

MiCA introduces crypto-specific market abuse rules modeled on the EU Market Abuse Regulation (MAR):

Prohibited conduct:

• •Insider dealing — Trading based on inside information about a crypto-asset
• •Unlawful disclosure of inside information
• •Market manipulation — Including wash trading, spoofing, layering, and pump-and-dump schemes

Key obligations:

• •Issuers must disclose inside information publicly as soon as possible
• •Persons discharging managerial responsibilities must notify transactions in their own tokens
• •Trading platforms must have systems to detect and report suspected market abuse

Penalties for market abuse can reach up to EUR 5 million for individuals and EUR 15 million or 15% of annual turnover for entities.

MiCA vs. Other Global Frameworks

MiCA's passporting advantage is unique globally. A single MiCA authorization gives access to a market of 450 million consumers across 27 countries. No other jurisdiction offers comparable reach through a single license.

Strategic Implications for Non-EU Companies

If you are based outside the EU but serve EU customers:

1. •Reverse solicitation — MiCA allows EU customers to initiate contact with non-EU providers, but this exemption is narrow and ESMA is expected to interpret it strictly
2. •EU entity establishment — Most non-EU companies will need to establish an EU subsidiary and obtain CASP authorization to actively market to EU customers
3. •Partnering with authorized CASPs — An alternative to direct licensing is partnering with an already-authorized EU entity

For companies considering their incorporation jurisdiction, having an EU presence (or clear pathway to one) is increasingly important for accessing European institutional capital and enterprise clients.

Practical Tips for MiCA Compliance

1. •Start early — The authorization process takes 3-12 months depending on jurisdiction. Begin now if you have not already.
2. •Engage specialized counsel — MiCA is complex and interacts with existing financial regulation. Work with legal specialists who understand Web3 and European regulatory frameworks.
3. •Conduct token classification first — Everything flows from whether your token is a financial instrument, ART, EMT, or other crypto-asset.
4. •Budget appropriately — Expect EUR 100,000-500,000 in legal, compliance, and setup costs for CASP authorization, plus ongoing compliance costs of EUR 50,000-200,000 annually.
5. •Use the grandfathering provision — If you already have national authorization (PSAN, BaFin license), file for MiCA authorization before the transitional period expires in July 2026.
6. •Design for compliance — If building new products, design with MiCA requirements from the start rather than retrofitting.
7. •Monitor ESMA guidance — ESMA and EBA are continuing to publish technical standards and guidelines that clarify MiCA's application. Stay current through The Signal's intelligence hub.
8. •Consider your white paper carefully — White paper liability is real. Treat it as a regulated disclosure document, not a marketing piece.

The MiCA Opportunity

While compliance costs are real, MiCA creates significant advantages for compliant Web3 companies:

• •Institutional confidence — European institutional investors increasingly require service providers to be MiCA-authorized
• •Competitive moat — The authorization barrier reduces competition from unregulated operators
• •Legal certainty — Clear rules reduce the regulatory risk premium that has historically depressed Web3 valuations in Europe
• •Banking access — MiCA-authorized entities find it significantly easier to establish and maintain banking relationships
• •Market access — Single authorization provides access to the entire European Economic Area

The companies that invest in compliance now will be best positioned to capture the European Web3 market as it matures. Browse our directory of legal and compliance partners to find firms specializing in MiCA authorization, or explore the broader partner directory for full-service Web3 support.

Frequently Asked Questions

What is MiCA regulation?

MiCA (Markets in Crypto-Assets Regulation) is the EU's comprehensive regulatory framework for crypto-assets and crypto-asset service providers. It establishes unified rules across all 27 EU member states for token issuance, stablecoin regulation, and licensing of crypto service providers including exchanges, custodians, and market makers.

When did MiCA come into effect?

MiCA was published in June 2023, with stablecoin rules (ARTs and EMTs) applying from June 30, 2024, and the full regulation including CASP requirements applying from December 30, 2024. Transitional provisions for existing operators extend until July 1, 2026.

Does MiCA apply to DeFi protocols?

MiCA contains an exemption for "fully decentralized" services with no identifiable intermediary. However, ESMA interprets this narrowly. Protocols with governance tokens, identifiable teams, foundation-controlled parameters, or fee-sharing mechanisms likely fall within MiCA's scope.

How much does MiCA compliance cost?

Initial CASP authorization costs range from EUR 100,000 to EUR 500,000 including legal fees, compliance setup, and capital requirements. Ongoing annual compliance costs run EUR 50,000 to EUR 200,000 for mid-sized operators, covering regulatory reporting, audits, and compliance staff.

Does MiCA apply to NFTs?

Individual, truly unique NFTs are excluded from MiCA. However, large NFT collections with fungible characteristics, fractional NFTs, and NFT platforms facilitating exchange may fall within scope. The European Commission is expected to provide further guidance on NFT classification.

What is the difference between an ART and an EMT under MiCA?

Asset-Referenced Tokens (ARTs) maintain stable value by referencing multiple assets (currencies, commodities, or crypto-assets), while E-Money Tokens (EMTs) reference a single fiat currency. EMTs require authorization as a credit institution or e-money institution, and cannot pay interest to holders.

Can non-EU companies operate under MiCA?

Non-EU companies cannot directly obtain MiCA authorization. They must establish an EU subsidiary, partner with an authorized EU CASP, or rely on the narrow reverse solicitation exemption (where EU customers initiate contact). Active marketing to EU customers without authorization is prohibited.

What are the penalties for non-compliance with MiCA?

Penalties vary by violation type but can reach EUR 5 million for individuals and EUR 15 million or 15% of total annual turnover for legal entities. National competent authorities also have powers to suspend or withdraw authorization, prohibit offerings, and issue public warnings.

Navigating MiCA compliance requires specialized expertise. Find legal and compliance partners experienced with EU crypto regulation in our directory, explore security and infrastructure providers for compliance tooling, or book a consultation to discuss your MiCA strategy.

MiCA at a Glance: Structure and Scope

MiCA (Regulation (EU) 2023/1114) was published in the Official Journal of the European Union on June 9, 2023. It applies in two phases:

• •Phase 1 (June 30, 2024): Rules for asset-referenced tokens (ARTs) and e-money tokens (EMTs) — essentially stablecoins
• •Phase 2 (December 30, 2024): Full regulation including rules for other crypto-assets and CASPs

The regulation covers three categories of crypto-assets:

What MiCA Does NOT Cover

MiCA explicitly excludes:

1. •Financial instruments — Tokens qualifying as securities under MiFID II remain subject to existing financial regulation
2. •NFTs — Truly unique, non-fungible tokens are excluded (but large NFT collections may be re-classified)
3. •DeFi — Fully decentralized protocols with no identifiable issuer or service provider are carved out (the "DeFi exemption")
4. •CBDCs — Central bank digital currencies are excluded
5. •Deposits and structured deposits — Covered by existing banking regulation

The DeFi exemption is particularly important but narrowly defined. The European Securities and Markets Authority (ESMA) has indicated that protocols with governance tokens, identifiable development teams, or foundation-controlled parameters may not qualify as "fully decentralized."

The Three Token Categories in Detail

1. Asset-Referenced Tokens (ARTs)

ARTs are designed to maintain a stable value by referencing multiple currencies, commodities, or other crypto-assets. The requirements are the most stringent under MiCA:

Authorization: Issuers must be authorized by the competent authority of their home EU member state, with the European Banking Authority (EBA) having direct supervisory powers for "significant" ARTs (those exceeding thresholds for market cap, transaction volume, or user base).

Reserve requirements:

• •Maintain a reserve of assets backing the token at all times
• •Reserve must be segregated from issuer's own assets
• •At least 30% of reserves held in credit institution deposits spread across at least 6 institutions
• •No single credit institution holding more than a certain percentage
• •Independent audit of reserves at least every 6 months

Capital requirements: Own funds of at least the higher of EUR 350,000 or 2% of the average amount of reserve assets.

Redemption rights: Holders must have the right to redeem tokens at any time at market value of the referenced assets.

Significant ART thresholds (triggering direct EBA supervision):

• •Customer base exceeds 10 million holders
• •Market cap exceeds EUR 5 billion
• •Daily transaction count exceeds 2.5 million or daily value exceeds EUR 500 million

2. E-Money Tokens (EMTs)

EMTs reference a single official currency and function similarly to electronic money. The regulatory burden is heavy:

• •Issuer must be authorized as a credit institution or electronic money institution under the E-Money Directive
• •1:1 backing in the referenced fiat currency at all times
• •At-par redemption — holders can redeem at face value at any time
• •No interest payments — EMTs cannot offer yield or interest to holders
• •Reserve funds must be invested in secure, low-risk assets denominated in the referenced currency

The no-interest rule is one of MiCA's most impactful provisions for DeFi. Stablecoin-based yield protocols need to carefully structure their operations to avoid the EMT issuer being seen as paying interest.

Significant EMTs trigger the same enhanced EBA supervision thresholds as ARTs, plus a daily transaction cap of EUR 200 million for EMTs referencing a non-Euro currency — a provision designed to protect the Euro's monetary sovereignty.

3. Other Crypto-Assets (Utility Tokens, Governance Tokens, etc.)

The requirements for non-stablecoin tokens are lighter but still substantial:

White paper requirements: Every issuer must publish a crypto-asset white paper containing:

• •Detailed description of the project, technology, and rights attached to the token
• •Information about the issuer, including identity, governance, and financial condition
• •Risks associated with the crypto-asset
• •Underlying technology details
• •Environmental impact disclosure (energy consumption of the consensus mechanism)

The white paper must be notified to the relevant national competent authority (NCA) at least 20 working days before publication. The NCA does not "approve" the white paper, but can request modifications or prohibit the offering if it violates MiCA requirements.

Marketing communications must be fair, clear, and not misleading, clearly identifiable as marketing, and consistent with the white paper.

Liability: Issuers are liable for the completeness and accuracy of information in the white paper. Token holders who suffer losses due to misleading white papers have a right of action against the issuer.

Exemptions from the white paper requirement:

• •Tokens offered for free
• •Tokens automatically created through mining/staking as consensus rewards
• •Tokens offered to fewer than 150 persons per member state
• •Offerings below EUR 1 million over 12 months
• •Tokens offered exclusively to qualified investors

These exemptions are narrower than they might seem. Airdrops may not qualify as "free" if recipients must perform actions (follow accounts, join communities) to receive tokens.

Crypto-Asset Service Providers (CASPs)

Any entity providing crypto-asset services in the EU must be authorized as a CASP. The defined services include:

1. •Custody and administration of crypto-assets on behalf of clients
2. •Operation of a trading platform for crypto-assets
3. •Exchange of crypto-assets for funds or other crypto-assets
4. •Execution of orders for crypto-assets on behalf of clients
5. •Placement of crypto-assets (underwriting/distribution)
6. •Reception and transmission of orders for crypto-assets
7. •Providing advice on crypto-assets
8. •Providing portfolio management of crypto-assets
9. •Providing transfer services for crypto-assets on behalf of clients

CASP Authorization Requirements

• •Legal entity established in an EU member state
• •Minimum capital: EUR 50,000 to EUR 150,000 depending on service type
• •Governance requirements: Fit and proper management, clear organizational structure
• •IT security: Robust IT systems, business continuity plans, cybersecurity protocols
• •Complaint handling: Formal procedures for handling client complaints
• •Conflict of interest policies: Documentation and management of conflicts
• •Record keeping: 5-year retention of all transactions and communications
• •AML/KYC: Full compliance with the Anti-Money Laundering Directive (AMLD)

The Grandfathering Provision

CASPs that were authorized under existing national regimes (such as France's PSAN registration or Germany's BaFin crypto custody license) received a transitional period of up to 18 months (until July 1, 2026) to obtain full MiCA authorization while continuing to operate. This deadline is approaching rapidly, and entities without proper MiCA authorization by this date must cease operations.

MiCA Compliance Roadmap for Web3 Companies

Step 1: Token Classification Analysis

The first and most critical step is determining how your token is classified under MiCA and existing EU financial regulation. This requires analysis along two dimensions:

1. •Is your token a financial instrument under MiFID II? If yes, MiCA does not apply — you are subject to securities regulation instead.
2. •If not a financial instrument, which MiCA category does it fall into? ART, EMT, or other crypto-asset.

This classification has enormous implications for your fundraising strategy and should be conducted with specialized legal counsel.

Also consider how token classification frameworks vary across jurisdictions — a token classified as a utility token under MiCA may still be considered a security in the United States.

Step 2: Determine Your Entity Type

Are you:

• •A token issuer that needs to publish a white paper and potentially obtain ART/EMT authorization?
• •A service provider that needs CASP authorization?
• •Both? Many projects both issue tokens and operate platforms.

Step 3: Choose Your Home Member State

MiCA authorization is granted at the national level, but once obtained, is passported across all 27 EU member states. This means you can choose which country to apply in based on:

• •Speed of authorization process
• •Quality of regulatory dialogue
• •Existing legal infrastructure for crypto
• •Tax implications

Leading jurisdictions for MiCA authorization:

When choosing a jurisdiction for your Web3 company incorporation, consider MiCA authorization availability as a key factor if you serve EU markets.

Step 4: Prepare Your Application

For CASP authorization, you will need:

• •Corporate governance documentation
• •Business plan with 3-year financial projections
• •IT systems assessment and cybersecurity policies
• •AML/CFT policies and procedures
• •Client complaint handling procedures
• •Proof of minimum capital
• •Fit and proper assessments for directors and key function holders
• •Insurance policies (professional indemnity)

For token issuers, add:

• •Compliant white paper
• •Marketing communications plan
• •Reserve management policy (for ARTs/EMTs)
• •Redemption procedures (for ARTs/EMTs)

Step 5: Ongoing Compliance

Post-authorization, CASPs must:

• •File regular reports with their NCA
• •Maintain minimum capital requirements continuously
• •Update white papers for material changes
• •Report significant incidents within 24 hours
• •Conduct annual audits
• •Maintain AML transaction monitoring
• •Handle complaints within prescribed timelines

Impact on Specific Web3 Business Models

DeFi Protocols

The "fully decentralized" exemption is MiCA's most debated provision. ESMA's 2025 guidance indicates that protocols must meet ALL of the following to qualify:

• •No identifiable issuer or intermediary
• •No centralized governance that can alter protocol parameters
• •No entity profiting from the protocol's operation through fees
• •Fully autonomous smart contract execution

In practice, very few protocols meet this standard. Projects with foundation-controlled governance, upgradeable contracts, or fee-sharing mechanisms likely need to consider CASP authorization or restructure their operations.

NFT Marketplaces and Platforms

While individual NFTs are excluded, MiCA's recitals clarify that:

• •Large collections of NFTs with fungible characteristics may be treated as crypto-assets
• •NFT platforms that facilitate exchange may need CASP authorization
• •Fractional NFTs are almost certainly within scope

Exchanges and Trading Platforms

CEXs operating in the EU must obtain CASP authorization for multiple services (trading platform operation, exchange, custody, order execution). Requirements include:

• •Transparent and non-discriminatory trading rules
• •Pre- and post-trade transparency requirements
• •Market surveillance systems to detect market abuse
• •Resilience testing of IT systems

Custodians and Wallet Providers

Custodial wallet providers are CASPs under MiCA. Self-custodial (non-custodial) wallets are explicitly excluded, but the distinction matters: if your wallet interface facilitates exchange or order execution, additional CASP categories may apply.

Market Makers

Professional market makers providing crypto liquidity services fall under CASP authorization requirements, specifically for "exchange of crypto-assets" and potentially "execution of orders." This has significant implications for market making fee structures as compliance costs are passed through to clients.

Market Abuse Provisions

MiCA introduces crypto-specific market abuse rules modeled on the EU Market Abuse Regulation (MAR):

Prohibited conduct:

• •Insider dealing — Trading based on inside information about a crypto-asset
• •Unlawful disclosure of inside information
• •Market manipulation — Including wash trading, spoofing, layering, and pump-and-dump schemes

Key obligations:

• •Issuers must disclose inside information publicly as soon as possible
• •Persons discharging managerial responsibilities must notify transactions in their own tokens
• •Trading platforms must have systems to detect and report suspected market abuse

Penalties for market abuse can reach up to EUR 5 million for individuals and EUR 15 million or 15% of annual turnover for entities.

MiCA vs. Other Global Frameworks

MiCA's passporting advantage is unique globally. A single MiCA authorization gives access to a market of 450 million consumers across 27 countries. No other jurisdiction offers comparable reach through a single license.

Strategic Implications for Non-EU Companies

If you are based outside the EU but serve EU customers:

1. •Reverse solicitation — MiCA allows EU customers to initiate contact with non-EU providers, but this exemption is narrow and ESMA is expected to interpret it strictly
2. •EU entity establishment — Most non-EU companies will need to establish an EU subsidiary and obtain CASP authorization to actively market to EU customers
3. •Partnering with authorized CASPs — An alternative to direct licensing is partnering with an already-authorized EU entity

For companies considering their incorporation jurisdiction, having an EU presence (or clear pathway to one) is increasingly important for accessing European institutional capital and enterprise clients.

Practical Tips for MiCA Compliance

1. •Start early — The authorization process takes 3-12 months depending on jurisdiction. Begin now if you have not already.
2. •Engage specialized counsel — MiCA is complex and interacts with existing financial regulation. Work with legal specialists who understand Web3 and European regulatory frameworks.
3. •Conduct token classification first — Everything flows from whether your token is a financial instrument, ART, EMT, or other crypto-asset.
4. •Budget appropriately — Expect EUR 100,000-500,000 in legal, compliance, and setup costs for CASP authorization, plus ongoing compliance costs of EUR 50,000-200,000 annually.
5. •Use the grandfathering provision — If you already have national authorization (PSAN, BaFin license), file for MiCA authorization before the transitional period expires in July 2026.
6. •Design for compliance — If building new products, design with MiCA requirements from the start rather than retrofitting.
7. •Monitor ESMA guidance — ESMA and EBA are continuing to publish technical standards and guidelines that clarify MiCA's application. Stay current through The Signal's intelligence hub.
8. •Consider your white paper carefully — White paper liability is real. Treat it as a regulated disclosure document, not a marketing piece.

The MiCA Opportunity

While compliance costs are real, MiCA creates significant advantages for compliant Web3 companies:

• •Institutional confidence — European institutional investors increasingly require service providers to be MiCA-authorized
• •Competitive moat — The authorization barrier reduces competition from unregulated operators
• •Legal certainty — Clear rules reduce the regulatory risk premium that has historically depressed Web3 valuations in Europe
• •Banking access — MiCA-authorized entities find it significantly easier to establish and maintain banking relationships
• •Market access — Single authorization provides access to the entire European Economic Area

The companies that invest in compliance now will be best positioned to capture the European Web3 market as it matures. Browse our directory of legal and compliance partners to find firms specializing in MiCA authorization, or explore the broader partner directory for full-service Web3 support.

Frequently Asked Questions

What is MiCA regulation?

MiCA (Markets in Crypto-Assets Regulation) is the EU's comprehensive regulatory framework for crypto-assets and crypto-asset service providers. It establishes unified rules across all 27 EU member states for token issuance, stablecoin regulation, and licensing of crypto service providers including exchanges, custodians, and market makers.

When did MiCA come into effect?

MiCA was published in June 2023, with stablecoin rules (ARTs and EMTs) applying from June 30, 2024, and the full regulation including CASP requirements applying from December 30, 2024. Transitional provisions for existing operators extend until July 1, 2026.

Does MiCA apply to DeFi protocols?

MiCA contains an exemption for "fully decentralized" services with no identifiable intermediary. However, ESMA interprets this narrowly. Protocols with governance tokens, identifiable teams, foundation-controlled parameters, or fee-sharing mechanisms likely fall within MiCA's scope.

How much does MiCA compliance cost?

Initial CASP authorization costs range from EUR 100,000 to EUR 500,000 including legal fees, compliance setup, and capital requirements. Ongoing annual compliance costs run EUR 50,000 to EUR 200,000 for mid-sized operators, covering regulatory reporting, audits, and compliance staff.

Does MiCA apply to NFTs?

Individual, truly unique NFTs are excluded from MiCA. However, large NFT collections with fungible characteristics, fractional NFTs, and NFT platforms facilitating exchange may fall within scope. The European Commission is expected to provide further guidance on NFT classification.

What is the difference between an ART and an EMT under MiCA?

Asset-Referenced Tokens (ARTs) maintain stable value by referencing multiple assets (currencies, commodities, or crypto-assets), while E-Money Tokens (EMTs) reference a single fiat currency. EMTs require authorization as a credit institution or e-money institution, and cannot pay interest to holders.

Can non-EU companies operate under MiCA?

Non-EU companies cannot directly obtain MiCA authorization. They must establish an EU subsidiary, partner with an authorized EU CASP, or rely on the narrow reverse solicitation exemption (where EU customers initiate contact). Active marketing to EU customers without authorization is prohibited.

What are the penalties for non-compliance with MiCA?

Penalties vary by violation type but can reach EUR 5 million for individuals and EUR 15 million or 15% of total annual turnover for legal entities. National competent authorities also have powers to suspend or withdraw authorization, prohibit offerings, and issue public warnings.

Navigating MiCA compliance requires specialized expertise. Find legal and compliance partners experienced with EU crypto regulation in our directory, explore security and infrastructure providers for compliance tooling, or book a consultation to discuss your MiCA strategy.