Cross-border crypto-emission services are permitted in the EU

19th of May

New laws permitting cross-border crypto-emission services were implemented in the European Union at the beginning of 2021. The legislation was put in place to simplify and strengthen regulation of crypto-asset services in the EU, as well as to safeguard consumers and prevent crypto-assets from being used to support criminal activities.

Providers must give the following information to the appropriate authorities of the state of origin in order to conduct cross-border crypto-asset services in the European Union:

  • The list of Member States where the crypto-asset service provider plans to offer its services;
  • The date when the crypto-asset service provider intends to begin offering services;
  • A list of all additional actions performed by the crypto-asset service provider that are not covered by this rule; Crypto-asset service types to be supplied in more than one Member State.

Financial requirements

The minimum capital requirements for crypto-asset service providers vary according on the type of services they offer.

The permissible operations and minimum capital requirements for three types of crypto-asset service providers differ.

Class 1 providers include those who can offer services such as order taking and transmission, advice, crypto-asset portfolio allocation and management, and crypto-asset transfers. This class has a €50,000 minimum capital requirement.

Class 2 providers include those who can supply any Class 1 service as well as those who can keep and manage cryptoassets on behalf of third parties, exchange cryptoassets for funds, and exchange cryptoassets for other cryptoassets. A minimum capital of €125,000 is required for this class.

Class 3 vendors can supply any class 2 service as well as operate a crypto-asset trading platform. A minimum capital requirement of €150,000 is required for this class.

These capital requirements for each class ensure that crypto-asset providers have the financial resources to satisfy their client responsibilities and regulatory duties.

Insurance is required

The demand for obligatory insurance for crypto-asset service providers is one of the MICA's primary developments. This obligation applies to each of the three types of crypto-asset service providers outlined in the rule.

Every crypto-asset service provider must have an insurance policy in place to cover any losses caused by customer fraud, system faults, crypto-asset theft, and other similar risks.

Business Continuity Requirement

Crypto-asset suppliers must deliver services without interruption and on a consistent basis. Companies are responsible for putting in place the required safeguards to ensure this continuation. To ensure the continuity of their activities, they should have proper risk management systems and business strategies in place. This may entail evaluating business strategies and risk management systems on a regular basis, maintaining data backups, and guaranteeing the security and availability of firm information systems. In order to do so, businesses must adopt a variety of strategies and policies, such as disaster recovery plans, as well as employ resilient ICT systems and security processes.

Crypto-asset service providers must offer suitable and effective preventative mechanisms, systems, and procedures to identify risks and comply with all applicable laws and regulations, as well as continuously monitor compliance.

Managing grievances and conflicts of interest

Grievance processes are a crucial aspect of crypto-asset providers' business. They must be open, honest, and consistent. Customers should be allowed to file complaints for free and be kept up to date on the status of their complaints. Crypto-asset suppliers should make their complaint procedures public.

The handling of sensitive information is a crucial feature of crypto-asset suppliers. Crypto-asset providers must ensure that any complaints are kept private and secure from unwanted access.

Recognising, avoiding, managing, and disclosing conflicts of interest

Effective strategies for identifying, preventing, managing, and disclosing conflicts of interest should be implemented by crypto-asset providers. They must consider the breadth, type, and range of crypto-asset services offered, as well as potential conflicts among themselves, their shareholders, executives, staff, and consumers.

Conflicts of interest can occur in a variety of settings. A crypto-asset service provider, for example, may have interests that clash with those of its consumers. Conflicts of interest may also exist between the crypto-asset service provider and its executives or owners.

Conflicts of interest must be disclosed.

In addition to preventing conflicts of interest, appropriate rules and processes for disclosing them are required. Crypto-asset service providers should declare conflicts of interest and offer clients with information about them in a timely manner.

If a crypto-asset service provider faces a conflict of interest that may jeopardise its capacity to offer services for the benefit of its consumers, it should address the conflict of interest immediately. It is also critical to examine the potential repercussions and tell customers of the conflict of interest and the steps taken to address it.

Specific specifications for crypto-asset services

The responsibility to deliver specified services is one of the most important issues to consider while providing crypto-asset services. Section 67 of the Cryptoasset Act, in particular, requires cryptoasset service providers that offer custody and management services on behalf of third parties to enter into a contract with their clients outlining their rights and responsibilities.

The agreement must include many crucial features in order to be legally enforceable and safeguard the interests of all parties:

  • The name of the agreement's parties, as well as a description of the service to be given, must be mentioned.
  • The document must specify the method of communication between the crypto-asset supplier and the consumer, as well as the authentication mechanism used by the customer.
  • The agreement must detail the crypto-asset provider's security mechanisms. This contains a description of the crypto-asset provider's identity and authentication methods, as well as steps to safeguard against cyber-attacks and other dangers.
  • The agreement should include information regarding the fees, prices, and charges that the crypto-asset supplier would levy, as well as the applicable law.

A custody policy that describes how the crypto-asset service provider will manage crypto-assets on behalf of third parties and what action will be taken in the case of a security breach should be included.

Merger and acquisition regulations

When merging or purchasing a crypto-asset service provider, the prospective acquirer must inform the provider's competent authority in writing.

If the voting or equity stake reaches or surpasses 20%, 30%, or 50%, or if the provider becomes a subsidiary, the competent authority must be notified, and the regulatory and technical conditions must be met.

Such evaluations are required to comply with crypto-asset maintenance regulations and to guarantee proper oversight by the competent authorities.