1. SCOPE OF MICA
2. CRYPTO-ASSET SERVICE PROVIDERS
3. REQUIREMENTS FOR ISSUERS OF CRYPTO-ASSETS OTHER THAN E-MONEY TOKENS AND ASSET-REFERENCED TOKENS
4. REQUIREMENTS FOR ISSUERS OF ASSET-REFERENCED TOKENS
5. REQUIREMENTS FOR ISSUERS OF E-MONEY TOKENS
7. MARKET ABUSE REGIME
The proposed EU Markets in Crypto-Assets Regulation (MiCA) establishes a regulatory framework for crypto-asset services across the EU.
MiCA aims to fill a perceived gap in regulation at the EU level and harmonise existing regulation in EU member states. As MiCA is an EU regulation, it will apply directly in EU member states without the need for transposition into their national laws.
On 5 October 2022, the European Council published the agreed text of MiCA, which is now subject to formal approval by the European Parliament. Assuming approval is granted, the text will then be reviewed by a team of “lawyer-linguists” and translated into each of the official languages of the EU. These will then be published in the Official Journal of the EU, and MiCA will enter into force 20 days after publication. This Sidley Update is based on the agreed text, which may differ from the final published text of MiCA.
Certain provisions in MiCA relating to issuers of asset-referenced tokens and e-money tokens (see below) will apply from the date 12 months after MiCA enters into force. All other provisions will apply from the date 18 months after MiCA enters into force. MiCA also includes limited transitional measures for certain crypto-asset service providers.
As the UK is no longer part of the EU, MiCA will not apply to the UK. In an early example of regulatory divergence between the EU and the UK, the UK is (at the time of writing) proposing only to bring fiat-linked stablecoins within the UK’s regulatory perimeter. For more information on these proposals, please see our recent Sidley Update.
MiCA applies to the issuance, offering to the public, and admission to trading of crypto-assets1 and the provision of certain crypto-asset services in the EU.
MiCA defines a “crypto-asset” as a “digital representation of a value or a right which may be transferred and stored electronically, using distributed ledger technology or similar technology.”
This is a broad definition and would likely capture coins such as Bitcoin and Ethereum.
MiCA further defines three subcategories of crypto-assets:
(a) “Asset-referenced token,” defined as “a type of crypto-asset that is not an electronic money token and that purports to maintain a stable value by referencing to any other value or right or a combination thereof, including one or more official currencies.” This includes stablecoins linked to multiple fiat currencies and/or other assets or indices.
(b) “Electronic money token” or “e-money token,” defined as “a type of crypto-asset that purports to maintain a stable value by referencing to the value of one official currency.” This includes stablecoins linked to a single fiat currency.
(c) “Utility token,” defined as “a type of crypto-asset which is only intended to provide access to a good or a service supplied by the issuer of that token.”
MiCA does not apply to crypto-assets that are “unique and not fungible with other crypto-assets,” meaning many non-fungible tokens (NFTs) will fall outside MiCA. However, NFTs that are not truly unique and fractional interests in NFTs may fall within the scope of MiCA.
MiCA does not apply to crypto-assets that already fall within the scope of existing EU regulation. For example, services in relation to crypto-assets that qualify as financial instruments regulated under the Markets in Financial Instruments Directive (e.g., equities, bonds, derivatives) will not be regulated by MiCA. Similarly, issuances of crypto-assets that are subject to the EU Prospectus Regulation (e.g., because they qualify as shares or bonds) will fall outside the scope of MiCA.
MiCA imposes various obligations on issuers and crypto-asset service providers, including:
(a) transparency and disclosure requirements for the issuance of crypto-assets;
(b) regulatory authorisation requirements for crypto-asset service providers and issuers of asset-referenced tokens and electronic money tokens;
(c) operational, organisational, and governance requirements for issuers of asset-referenced tokens and electronic money tokens and crypto-asset service providers;
(d) regulatory change of control approval requirements in respect of issuers of asset-referenced tokens (as defined below) and crypto-asset service providers;
(e) protections for holders of crypto-assets and clients of crypto-asset service providers; and
(f) a market-abuse regime for crypto-assets.
MiCA regulates the provision of the following crypto-asset services:
(a) the custody and administration of crypto-assets on behalf of third parties;
(b) the operation of a trading platform for crypto-assets;
(c) the exchange of crypto-assets for funds;
(d) the exchange of crypto-assets for other crypto-assets;
(e) the execution of orders for crypto-assets on behalf of third parties;
(f) placing of crypto-assets;
(g) providing transfer services for crypto-assets on behalf of third parties;
(h) the reception and transmission of orders for crypto-assets on behalf of third parties;
(i) providing advice on crypto-assets; and
(j) providing portfolio management on crypto-assets.
Crypto-asset service providers must be authorised under MiCA by a competent authority in an EU member state. As an exception to this, the following firms can provide crypto-asset services without obtaining additional regulatory authorisations provided that such firms notify and provide certain information to their home EU member state competent authority at least 40 working days before providing these services for the first time:
(a) A credit institution authorised pursuant to the EU Capital Requirements Directive (e.g., an EU bank) can provide all crypto-asset services.
(b) An investment firm authorised pursuant to the EU Markets in Financial Instruments Directive can provide crypto-asset services that are “equivalent” to the investment services and activities it is authorised to provide in the EU.
(c) An electronic money institution authorised pursuant to the EU Electronic Money Directive can provide the services of “custody and administration of crypto-assets on behalf of third parties” and “providing transfer services for crypto-assets on behalf of third parties” with regard to the e-money tokens it issues.
(d) A management company of an Undertaking for the Collective Investment in Transferable Securities (UCITS) authorised pursuant to the EU UCITS Directive may provide the service of portfolio management on crypto-assets, and (assuming it holds the necessary “top-up” permission of providing investment advice) it may also provide advice on crypto-assets.
(e) An alternative investment fund manager authorised under the EU Alternative Investment Fund Managers Directive may provide the service of portfolio management on crypto-assets, and (assuming it holds the necessary “top-up” permissions to provide investment advice and the reception and transmission of orders in relation to financial instruments) it may also provide advice on crypto-assets and the reception and transmission of orders for crypto-assets on behalf of third parties.
Crypto-asset service providers authorised under MiCA in one EU member state may use their EU freedom of establishment and freedom to provide services rights to “passport” their authorisations into other EU member states.
Third-country firms will be able to provide crypto-asset services only at the exclusive initiative of a client based in the EU (that is, by “reverse solicitation”). This therefore precludes a third-country firm from soliciting EU-based clients or directly providing their services in the EU.
In addition to regulatory authorisation requirements, crypto-asset service providers are subject to extensive ongoing obligations under MiCA including in relation to:
(a) conduct of business, including a general obligation to act honestly, fairly, and professionally in accordance with the best interests of their clients and potential clients;
(b) disclosure and transparency, including in relation to costs and pricing and risks relating to their services;
(c) prudential requirements, which can be met through regulatory capital or insurance or a combination of both;
(d) safekeeping of clients’ crypto-assets and funds, including segregation requirements;
(e) governance, including ensuring that members of the management body are of good repute and possess knowledge, experience, and skills to perform their duties, and having appropriate policies and procedures for compliance, including anti-money-laundering (AML), continuity of services, and data security;
(f) recordkeeping and regulatory reporting;
(g) complaints handling;
(h) managing conflicts of interest;
(i) outsourcing; and
(j) wind-down planning.
There are also specific ongoing regulatory requirements under MiCA for particular categories of crypto-asset service providers. For example, providers of custody and administration services are subject to detailed additional rules in relation to custody agreements, recordkeeping, segregation and return of crypto-assets, and liability. Providers of transfer services for crypto-assets are also subject to specific requirements relating to their agreements with clients, which will be developed further by the European Supervisory Authorities.
An issuer of crypto-assets that are not e-money-tokens or asset-referenced tokens is required to publish a publicly accessible white paper and any other marketing communications on its website within a reasonable time in advance of the starting date of an offer to the public of the crypto-assets or their admission to trading.
The white paper must contain (among other things) information on:
(a) the offeror or the person seeking admission to trading (and, if different, the issuer and, if relevant, the operator of the trading platform);
(b) the crypto-asset and the rights and obligations attached to it;
(c) the risks relating to the crypto-asset; and
(d) the principal adverse environmental and climate-related impact of the consensus mechanism used to issue the crypto-asset.
White papers must be notified to the competent authority of the home EU member state of the offeror, person seeking admission to trading, or operator of trading platforms (as applicable) 20 working days before the publication of the white paper.
Any additional marketing communications must be labelled as such and are also subject to specific requirements including that they must be fair, clear, and not misleading.
Right of withdrawal
Retail holders of crypto-assets (other than asset-referenced tokens and e-money tokens) generally have a right to withdraw from their agreement to purchase crypto-assets without incurring fees or costs and without giving reasons for a period of 14 calendar days after agreeing to the purchase. However, the right of withdrawal does not apply where the crypto-assets have been admitted to trading on a trading platform prior to the purchase by the retail holder.
Issuers of asset-referenced tokens must be established in the EU and be authorised under MiCA or as a credit institution (e.g., a bank).2
Issuers of asset-referenced tokens must also produce a white paper. The content requirements are similar to those described above. White papers for asset-referenced tokens must be approved by the issuer’s home-state competent authority. Issuers must publish approved white papers on their websites no later than the starting date of the offer to the public of the asset-referenced tokens or the admission of those tokens to trading.
Organisational, operational, and conduct-of-business requirements
Issuers of asset-referenced tokens must (among other things):
(a) establish a reserve of assets which must be segregated from their other assets and placed into third-party custody within five working days of issuance of the relevant tokens;
(b) meet ongoing regulatory capital requirements, including a requirement to maintain eligible capital (e.g., share capital) of the higher of €350,000 and 2% of the average amount of the reserve assets referred to above;
(c) grant token holders redemption rights at all times against the issuer (for the market value of the token) and, in the event that an issuer is unable to satisfy its obligations, against the reserve assets;
(d) provide certain ongoing public disclosures;
(e) comply with various regulatory reporting requirements;
(f) have governance arrangements including an organisational structure with clear reporting lines;
(g) establish a business continuity plan;
(h) establish a recovery plan addressing any failures to comply with requirements relating to the reserve of assets and the preservation of services in the case of events that pose a significant risk of disrupting operations; and
(i) have policies and procedures for (among other things):
(i) the reserve of assets;
(ii) the custody of reserve assets;
(iii) the redemption of tokens;
(iv) maintaining the liquidity of tokens;
(v) complaint handling; and
(vi) conflicts of interest policies in respect of conflicts between, for example, themselves and their shareholders, employees, and holders of the tokens.
Issuers of asset-referenced tokens are prohibited from granting interest on tokens.
Reporting and approval of widely used asset-referenced tokens
Issuers of asset-referenced tokens with a total issued value greater than €100 million must report to the relevant competent authority on a quarterly basis:
(a) the customer base;
(b) the value of the asset-referenced token issued and the size of the reserve of assets;
(c) the average number and value of transactions per day; and
(d) an estimation of the average number and value of transactions per day associated to uses as means of exchange within a single currency area.
Where the estimated quarterly average number and value of transactions per day associated to uses as means of exchange is higher than 1 million transactions and €200 million in value respectively, within a single currency area, the issuer must:
(a) stop issuing the asset-referenced token; and
(b) present a plan to the competent authority, within 40 working days, to ensure that the number and value of transactions per day associated to uses as means of exchange within a single currency area is kept below 1 million transactions and €200 million in value respectively.
This is a significant restriction for any issuer of an asset-referenced token (e.g., a stablecoin linked to multiple currencies or other assets) that plans to achieve significant scale.
Issuers of widely-used asset-referenced tokens will need to put in place procedures and controls to meet these requirements and factor them into their launch and distribution plans.
Where a firm is involved in processing some, but not all, transactions in an asset-referenced token, or providing other services to an asset-referenced token issuer, it may wish to negotiate contractual rights to receive reports on the number and value of transactions per day and put in place procedures to mitigate risks relating to the requirement to stop issuing — for example, to deal with loss of transaction revenue, price fluctuation, and potential settlement risks that could result from a sudden cessation of issuing.
Significant asset-referenced tokens
There are additional requirements for “significant asset-referenced tokens”3 including increased capital requirements and direct supervision by the European Banking Authority (EBA).
Authorisation and issuance
An issuer of e-money tokens must be authorised as a credit institution (e.g., a bank) or an e-money institution.
Banks and e-money institutions must notify their competent authorities 40 working days before the date on which they intend to issue e-money tokens.
E-money tokens are electronic money within the meaning of the EU E-Money Directive. As a result, rules under that Directive relating to the issuance of e-money and regulatory capital requirements applicable to e-money institutions in relation to the average outstanding amount of electronic money in issuance will apply in respect of e-money tokens.
Issuers must issue e-money tokens at par value and grant holders the right to redeem e-money tokens at par value.
Issuers of e-money tokens are prohibited from granting interest on tokens.
Issuers of e-money tokens must also produce a white paper. The content requirements are similar to those described above. E-money token white papers do not have to be approved by the relevant competent authority. However, issuers must publish their white papers on their websites no later than the starting date of the offer to the public of the e-money tokens or the admission of those tokens to trading.
Organisational, operational, and conduct-of-business requirements
The organisational, operational, and conduct-of-business requirements for issuers of e-money tokens are similar to those that apply to asset-referenced tokens. However, significantly, e-money token issuers do not have to establish a reserve but must instead safeguard funds received in exchange for e-money tokens in accordance with EU E-Money Directive (e.g., by holding them in a segregated account or investing them in secure, low-risk assets).
Significant e-money tokens
There are additional requirements for significant e-money tokens,4 including increased capital requirements and direct supervision by the EBA.
Crypto-asset service providers will become “obliged entities” under the EU Money Laundering Directive and subject to customer due diligence, transaction monitoring, and reporting and other AML requirements as is already the case for payment service providers (e.g., issuers, acquirers, money remitters) in relation to their provision of payment services in the EU.
MiCA establishes a market abuse regime for crypto-assets based on the existing EU market abuse regime for financial instruments (e.g., securities and derivatives) under the EU Market Abuse Regulation. The market abuse regime under MiCA applies generally in relation to crypto-assets that are admitted to a trading platform or for which a request for admission to trading on such a platform has been made.
The regime includes rules on disclosure of “inside information”, which includes non-public information of a precise nature that could have a significant effect on the price of a traded or related crypto-asset. It also includes prohibitions on insider dealing, unlawful disclosure of inside information, and market manipulation. This could result in EU regulators’ taking enforcement action similar to the ongoing U.S. Securities and Exchange Commission case against a former Coinbase employee and his associates for insider trading in crypto-assets.
MiCA introduces a change in control regime in respect of crypto-asset service providers and the issuers of asset-referenced tokens. This is similar to the regime that currently applies to other financial institutions authorised in an EU member state (e.g., credit institutions, investment firms, e-money institutions, and payment institutions).
Generally speaking, any direct or indirect acquisition of 10% or more of the shares or voting rights in a crypto-asset service provider or in an issuer of asset-referenced tokens will require the prior approval of its home EU member state competent authority.
As set out above, MiCA requires disclosure of environmental sustainability factors, such as energy consumption and information on sustainability indicators. The European Securities and Markets Authority (ESMA) will publish regulatory technical standards to clarify these requirements.
Following much legislative debate, MiCA does not ban proof-of-work (PoW) cryptomining, which is an energy-intensive process. However, within two years of MiCA’s entering into force, the European Commission must provide an interim report on MiCA’s application, where appropriate, accompanied by a legislative proposal covering, amongst others, the adverse effects on the climate and environment of the consensus mechanisms used to validate crypto-asset transactions. Therefore, a future PoW ban is still possible.
Firms that provide or plan to issue crypto-assets or provide crypto-asset services in the EU, or to distribute crypto-assets or offer crypto-asset services to customers in the EU, should review MiCA carefully and consider its application to their current and proposed business activities.
Firms should consider creating a crypto-asset categorisation policy that will help them determine whether any of their products and services, or those of their commercial partners, fall within the definition of a crypto-asset and, if so, whether they may also be asset-referenced tokens or e-money tokens. Categorising particular crypto-assets for these purposes will be essential for compliance with MiCA, as the application of the different rules under MiCA is determined by such categorisation. Miscategorisation of a particular crypto-asset could therefore carry significant compliance risks.
Regulated firms that provide services to crypto-asset service providers should also consider incorporating such categorisation assessments into their due diligence processes in relation to those providers.
ESMA will maintain a crypto-asset “blacklist.” This will include issuers and crypto-asset service providers that are not compliant with MiCA. Firms may wish to include the ESMA blacklist in the sources they use for due diligence and broader risk-management purposes.
1For ease of reading, we refer generically to “issuing” and “issuers” throughout this Update, but such references should be understood to include the offering and admission to trading of crypto-assets unless stated otherwise.
2Authorisation is not required where the average outstanding value of all issued asset-referenced tokens over a period of 12 months does not exceed €5 million or where tokens are only offered to (and can only be held by) “qualified investors,” which term includes certain institutional investors.
3This is determined by the EBA, which will assess tokens on, for instance, the basis of transaction volume, market capitalisation, and interconnectedness with the financial system.
4This is also determined by the EBA with the test being similar to that for significant asset-referenced tokens.
Sidley Austin LLP provides this information as a service to clients and other friends for educational purposes only. It should not be construed or relied on as legal advice or to create a lawyer-client relationship. Readers should not act upon this information without seeking advice from professional advisers.
Attorney Advertising—Sidley Austin LLP, One South Dearborn, Chicago, IL 60603. +1 312 853 7000. Sidley and Sidley Austin refer to Sidley Austin LLP and affiliated partnerships, as explained at www.sidley.com/disclaimer.
© Sidley Austin LLP