How EU Crypto Regulation Will Affect You: Everything you Need to Know About MiCA


The European Union’s upcoming Markets in Crypto Assets Regulation (MiCA) is something that we have been talking about a lot recently at Dusk Network. As the builder of the first privacy blockchain for financial transactions with compliance built-in, it is obviously something that we need to be aware of. But more importantly, we are building a blockchain that puts data privacy and legal compliance at its very core. Because of this, we’re able to build products that have compliance built-in for whatever rules apply in any given jurisdiction. We also understand that our European partners currently building products in the DeFi space will have to be as aware of these regulations as well. With that need to educate in mind, we are committed to sharing our knowledge on this topic, which is what this blog series is all about.

We did not begin our series by explaining what MiCA actually is; We defined a few key terms and speculated as to the desirability of these new regulations for various stakeholders. This was not an accidental choice. Few people find the specific details of legislation easy to read or interesting. Therefore, we felt it was better to establish the background for why this legislation is so important, before getting into the details of the bill itself. It’s hard to make things like this interesting, but we are going to try anyway. So here goes!

What is MiCA?

The Markets in Crypto Assets Regulation, better known as MiCA, is an upcoming piece of legislation in the European Union that attempts to plug a hole in the current legal system. The EU has determined that, in the case of most crypto assets, existing laws do not apply and therefore a new law has to be written to regulate their issuance and use.

What stage is MiCA currently at?

On June 30, 2022, the Council of the EU (representing individual member states) and the European Parliament struck a deal on the final draft of MiCA. The next step is to write up the draft as agreed per the terms of the deal. Once that is done, the draft will be voted on and if passed, is expected to come into effect some time in 2023.

What impact will this have on the national crypto regulations of individual member states?

Put simply, it will replace them. MiCA is what the EU refers to as a ‘Regulation’ - this means that when it is passed by the EU, it immediately becomes law in each of the 27 member states. The governments of the individual countries do not need to do anything, cannot reject it, and any existing laws they have will be replaced by MiCA once it comes into effect.

What does MiCA actually regulate?

MiCA regulates two categories: ‘crypto assets’ and ‘crypto asset service providers’.

What does the EU consider to be crypto assets?

Crypto assets are Distributed Ledger Technology-based tokens used as a medium of exchange. If something does not meet that description, then in the eyes of MiCA, it is not a crypto asset. The EU clearly defines three specific types of crypto assets, but the overall wording of MiCA implies the existence of a fourth category. For a full explanation, see the first article in this series.

If my crypto project’s token meets the definition of a crypto asset, what does this mean for me?

Firstly, if you have already launched your project, then it doesn’t mean much at the moment. The law will not be retroactive and MiCA will only apply to projects launched after it has taken effect. That doesn’t mean you should ignore it, however. It may be that future amendments prohibit non-MiCA compliant tokens from being listed on EU-based exchanges regardless of issuance date, for example. It is a good idea to be aware of the regulations.

If you have not yet launched your project, then MiCA is more immediately relevant to you. If you want to offer your token for sale to EU citizens, or if you want to be listed on EU exchanges, MiCA imposes upon you three major conditions, as follows:

  1. You must register a legal entity in one of the 27 EU member states
  2. You must draft and publish a whitepaper outlining your project.
  3. You must submit the whitepaper to the National Competent Authority of the country in which you are registered, and NOT have it rejected.


What needs to be in the whitepaper?

The whitepaper needs to contain all relevant information about the project. Particularly important are lists and bios of the people involved, information about the economic model and the technology used to build it, and clearly outlined responsibilities of the token providers and the rights of the token buyers. This may not sound too different to current whitepaper issuance, but there is one critical issue: everything written in a whitepaper has civil liability attached to it. This means it is a legally binding document, and promises made in it must be carried out, or else there will be consequences.

What does it mean for a whitepaper NOT to be rejected by the NCA?

Your submitted whitepaper does not get ‘passed’ or ‘accepted’ or ‘approved’. It can only be rejected. The job of your whitepaper is to not get rejected, which could happen for a variety of reasons if your project is deemed to have serious issues. This seems to be a clever piece of wording on the part of the EU to prevent token projects from advertising themselves as ‘EU-approved’. ‘EU-non-rejected’ just doesn’t sound as catchy.

Are there any exceptions to these rules?

There are no exceptions to rules (1) and (2). There are, however, exceptions to rule (3), which are:

  • AirDrops | tokens are free
  • Small Offerings | tokens are offered to less than 150 people per member state, OR have a total value less than EUR 1m
  • Restrictive Offerings | tokens are offered exclusively to qualified investors
  • Mining Rewards | tokens are offered as a reward for maintenance of a network

In these cases, you would still have to write a whitepaper, but you would not have to submit it to an NCA. Liability still applies though, so it shouldn't impact the way you write your whitepaper.

Are there any other rules beyond these three?

Yes. If your token offering is considered ‘significant’, it will be passed from the national regulator to a European regulator for ‘enhanced regulation’. This can take many forms, including higher capital requirements, and EU interference in your company’s internal remuneration and risk management policies. To be classified as ‘significant’, your offering must meet any three of the following five criteria:

  • Customer base is greater than 2 million people
  • Total value of issued token is greater than 1 billion euros
  • Total number of daily transactions is greater than 500,000
  • Total value of daily transactions is greater than 100 million euros
  • Initial token offering was made in more than 7 member states

Furthermore, there are additional requirements if the token you are issuing is an Asset-Referenced Token or an Electronic Money Token. These will be discussed in the next article.

OK, so what about the rules for CASPs?

‘Crypto Asset Service Providers’, or CASPs, also face various rules and regulations under MiCA. In short, the requirements for CASPs are:

  • You must register a legal entity in one of the 27 EU member states
  • You must demonstrate enough funds to engage in the services you propose to provide
  • You must show evidence of proper rules and regulations ready to be applied internally to prevent market manipulation and abuse

This is what is required to start. In order to maintain authorization, a CASP must:

  • Hold enough funds in reserve to absorb losses
  • Separate any funds held on behalf of customers from those used for company costs
  • Appoint appropriate shareholders and appoint an appropriate management team
  • Store and make available to the NCA all records, including for things like customer transactions

What does ‘enough funds to absorb losses’ mean?

The details differ dramatically, depending on what type and how many services a CASP provides, but it can range from a small one-off amount per service, all the way up to one-quarter of the company’s annual operating costs.

What does ‘appropriate’ mean in the case of shareholders and management?

For major shareholders, it means that they must have a clean criminal record. For the management team, they must have a high level of experience and the relevant professional qualifications for the roles that they hold.

The Impact of MiCA

I hope that this article provides answers to all the questions that you might have regarding MiCA. There are still some issues to be covered and several items which remain unanswered, even in the final draft. Both of these topics will be discussed in the final two articles of this series. Now that we know the requirements to work with crypto assets, or crypto asset services in a post-MiCA EU, we can speculate as to what the future of crypto looks like.

Firstly, MiCA adds liability to everything. No longer will token issuers be able to download a whitepaper template from the internet, change a few words, and issue it. Time and thought will need to be put into the exact wording, and legal opinions should be sought on every sentence. This brings us to the second impact - it will be much more expensive. While a whitepaper, which comes in at about 10-15 pages, is nowhere near as comprehensive as a prospectus for an IPO, it will still require a lot of money to put together properly. As will many of the other requirements discussed above. The EU clearly hopes that this combination of legal liability and increased costs will deter nefarious and/or half-baked projects, while boosting consumer confidence in those remaining. Dusk Network certainly hopes so, and also believes that the arrival of clear guidelines will encourage financial players across the EU to engage in DLT-based experiments of their own. When you do decide to do this, we are ready to help.