How EU Crypto Regulation Will Affect You: Everything you Need to Know About MiCA


The European Union’s upcoming Markets in Crypto Assets Regulation (MiCA) is something that we have been talking about a lot recently at Dusk Network. As the builder of the first privacy blockchain for financial transactions with compliance built-in, it is obviously something that we need to be aware of. But more importantly, we are building a blockchain that puts data privacy and legal compliance at its very core. Because of this, we’re able to build products that have compliance built-in for whatever rules apply in any given jurisdiction. We also understand that our European partners currently building products in the DeFi space will have to be as aware of these regulations as well. With that need to educate in mind, we are committed to sharing our knowledge on this topic, which is what this blog series is all about.

We did not begin our series by explaining what MiCA actually is; We defined a few key terms and speculated as to the desirability of these new regulations for various stakeholders. This was not an accidental choice. Few people find the specific details of legislation easy to read or interesting. Therefore, we felt it was better to establish the background for why this legislation is so important, before getting into the details of the bill itself. It’s hard to make things like this interesting, but we are going to try anyway. So here goes!

What is MiCA?

The Markets in Crypto Assets Regulation, better known as MiCA, is an
upcoming piece of legislation in the European Union that attempts to
plug a hole in the current legal system. The EU has determined that, in
the case of most crypto assets, existing laws do not apply and therefore
a new law has to be written to regulate their issuance and use.

What stage is MiCA currently at?

On June 30, 2022, the Council of the EU (representing individual member
states) and the European Parliament struck a deal on the final draft of
MiCA. The next step is to write up the draft as agreed per the terms of
the deal. Once that is done, the draft will be voted on and if passed,
is expected to come into effect some time in 2023.

What impact will this have on the national crypto regulations of individual member states?

Put simply, it will replace them. MiCA is what the EU refers to as a
‘Regulation’ - this means that when it is passed by the EU, it
immediately becomes law in each of the 27 member states. The governments
of the individual countries do not need to do anything, cannot reject
it, and any existing laws they have will be replaced by MiCA once it
comes into effect.

What does MiCA actually regulate?

MiCA regulates two categories: ‘crypto assets’ and ‘crypto asset service

What does the EU consider to be crypto assets?

Crypto assets are Distributed Ledger Technology-based tokens used as a
medium of exchange. If something does not meet that description, then in
the eyes of MiCA, it is not a crypto asset. The EU clearly defines three
specific types of crypto assets, but the overall wording of MiCA implies
the existence of a fourth category. For a full explanation, see the
first article in this series.

If my crypto project’s token meets the definition of a crypto asset, what does this mean for me?

Firstly, if you have already launched your project, then it doesn’t mean
much at the moment. The law will not be retroactive and MiCA will only
apply to projects launched after it has taken effect. That doesn’t mean
you should ignore it, however. It may be that future amendments prohibit
non-MiCA compliant tokens from being listed on EU-based exchanges
regardless of issuance date, for example. It is a good idea to be aware
of the regulations.

If you have not yet launched your project, then MiCA is more immediately
relevant to you. If you want to offer your token for sale to EU
citizens, or if you want to be listed on EU exchanges, MiCA imposes upon
you three major conditions, as follows:

1.  You must register a legal entity in one of the 27 EU member states
2.  You must draft and publish a whitepaper outlining your project.
3.  You must submit the whitepaper to the National Competent Authority
   of the country in which you are registered, and NOT have it

What needs to be in the whitepaper?

The whitepaper needs to contain all relevant information about the
project. Particularly important are lists and bios of the people
involved, information about the economic model and the technology used
to build it, and clearly outlined responsibilities of the token
providers and the rights of the token buyers. This may not sound too
different to current whitepaper issuance, but there is one critical
issue: everything written in a whitepaper has civil liability attached
to it. This means it is a legally binding document, and promises made in
it must be carried out, or else there will be consequences.

What does it mean for a whitepaper NOT to be rejected by the NCA?

Your submitted whitepaper does not get ‘passed’ or ‘accepted’ or
‘approved’. It can only be rejected. The job of your whitepaper is to
not get rejected, which could happen for a variety of reasons if your
project is deemed to have serious issues. This seems to be a clever
piece of wording on the part of the EU to prevent token projects from
advertising themselves as ‘EU-approved’. ‘EU-non-rejected’ just doesn’t
sound as catchy.

Are there any exceptions to these rules?

There are no exceptions to rules (1) and (2). There are, however,
exceptions to rule (3), which are:

-   AirDrops | tokens are free
-   Small Offerings | tokens are offered to less than 150 people per
   member state, OR have a total value less than EUR 1m
-   Restrictive Offerings | tokens are offered exclusively to qualified
-   Mining Rewards | tokens are offered as a reward for maintenance of a

In these cases, you would still have to write a whitepaper, but you
would not have to submit it to an NCA. Liability still applies though,
so it shouldn’t impact the way you write your whitepaper.

Are there any other rules beyond these three?

Yes. If your token offering is considered ‘significant’, it will be
passed from the national regulator to a European regulator for ‘enhanced
regulation’. This can take many forms, including higher capital
requirements, and EU interference in your company’s internal
remuneration and risk management policies. To be classified as
‘significant’, your offering must meet any three of the following five

-   Customer base is greater than 2 million people
-   Total value of issued token is greater than 1 billion euros
-   Total number of daily transactions is greater than 500,000
-   Total value of daily transactions is greater than 100 million euros
-   Initial token offering was made in more than 7 member states

Furthermore, there are additional requirements if the token you are
issuing is an Asset-Referenced Token or an Electronic Money Token. These
will be discussed in the next article.

OK, so what about the rules for CASPs?

‘Crypto Asset Service Providers’, or CASPs, also face various rules and
regulations under MiCA. In short, the requirements for CASPs are:

-   You must register a legal entity in one of the 27 EU member states
-   You must demonstrate enough funds to engage in the services you
   propose to provide
-   You must show evidence of proper rules and regulations ready to be
   applied internally to prevent market manipulation and abuse

This is what is required to start. In order to maintain authorization, a
CASP must:

-   Hold enough funds in reserve to absorb losses
-   Separate any funds held on behalf of customers from those used for
   company costs
-   Appoint appropriate shareholders and appoint an appropriate
   management team
-   Store and make available to the NCA all records, including for
   things like customer transactions

What does ‘enough funds to absorb losses’ mean?

The details differ dramatically, depending on what type and how many
services a CASP provides, but it can range from a small one-off amount
per service, all the way up to one-quarter of the company’s annual
operating costs.

What does ‘appropriate’ mean in the case of shareholders and management?

For major shareholders, it means that they must have a clean criminal
record. For the management team, they must have a high level of
experience and the relevant professional qualifications for the roles
that they hold.

The Impact of MiCA

I hope that this article provides answers to all the questions that you
might have regarding MiCA. There are still some issues to be covered and
several items which remain unanswered, even in the final draft. Both of
these topics will be discussed in the final two articles of this series.
Now that we know the requirements to work with crypto assets, or crypto
asset services in a post-MiCA EU, we can speculate as to what the future
of crypto looks like.

Firstly, MiCA adds liability to everything. No longer will token issuers
be able to download a whitepaper template from the internet, change a
few words, and issue it. Time and thought will need to be put into the
exact wording, and legal opinions should be sought on every sentence.
This brings us to the second impact - it will be much more expensive.
While a whitepaper, which comes in at about 10-15 pages, is nowhere near
as comprehensive as a prospectus for an IPO, it will still require a lot
of money to put together properly. As will many of the other
requirements discussed above. The EU clearly hopes that this combination
of legal liability and increased costs will deter nefarious and/or
half-baked projects, while boosting consumer confidence in those
remaining. Dusk Network certainly hopes so, and also believes that the
arrival of clear guidelines will encourage financial players across the
EU to engage in DLT-based experiments of their own. When you do decide
to do this, we are ready to help.