Foreword

The European Union has adopted and implemented the MiCA regulation in May 2023 as a unified regulatory framework for crypto assets across EU member states, which can directly radiate the large crypto asset market of 27 countries and 450 million EU population. Compared with the United States, which has fired frequent shots at crypto giants and carried out enforcement activities this year, but has been slow to make legislative moves, the EU has actively legislated and established a sound regulatory framework and system, which has served as a model for global crypto regulation. This article is our third report on the topic of global crypto regulation, following the series of articles on Hong Kong and U.S. regulation. We will make a compendium of the EU's regulatory framework and system for the crypto market, as well as analyzing and interpreting its impact and significance.

Key Insights

♦ The EU has launched a digital finance package for the cryptocurrency market with the aim of exploring a European route to promote crypto, ensure financial stability and provide protection to investors and consumers. In addition to the MiCA proposal, the package includes a Digital Finance Strategy, a Digital Operational Resilience Act (DORA) covering crypto-asset service providers, and a pilot proposal for the large-scale adoption of Distributed Ledger Technology (DLT), which fills the gaps in the EU's existing legislation and ensures that the current legal framework does not pose barriers to the use of new digital financial instruments, while ensuring that these new technologies and products fall within the scope of financial regulation.

♦ The Transfer of Funds Regulation (TFR) is also noteworthy in that it requires CASPs to conduct KYC checks on the source of funds and beneficiaries of cryptocurrency transactions, and in the event of investigations into money laundering and terrorist financing, CASPs will be obliged to provide this information to the competent authorities. The point of contention of this bill is data privacy protection, and it still needs to be scrutinized whether excessive data collection is effective in combating financial crimes.

♦ Even for startups, the EU legislation is good news: MiCA's legislative status is high enough to apply to all EU member states, so for crypto service providers, they only need to comply with one regulatory framework to operate in 27 EU member states with 500 million consumers, which greatly reduces compliance costs; and MiCA is likely to serve as a model law that will further accelerate the adoption of appropriate legislation by all countries. MiCA is likely to serve as a model law, further accelerating the adoption of appropriate legislation to end the "Wild West" of the crypto world.

♦ The EU legislation style is gradual and flexible, adjusting the rules in line with the reality, which will not overly stifle innovation, but also effectively protect the rights and interests of all participants in the crypto market, attracting more traditional large organizations to enter the market under the conditions of lawful compliance, and maintaining the stability of the financial market.

Report Outline

1. Background

2. An Overview of MiCA

2.1 Regulatory Subjects and Scope

2.2 Regulatory Framework and Details

2.3 Significance and Impact

3. Other EU Crypto Bills

4. Summary

1. Background

2022 is a landmark year for policy and regulatory developments in the crypto industry. The U.S. Congress debated bipartisan legislative proposals to govern the cryptocurrency market, and regulators from Singapore to the U.K. enacted rules to protect consumers from fraud and misleading advertisements in the cryptocurrency market; in addition, the collapse of Terra accelerated the legislative process to address the risks associated with stablecoins, and the demise of FTX renewed the discussion of the search for regulation that would require urgent regulatory intervention to ensure the stability of cryptocurrency trading platforms and reduce opportunities for regulatory arbitrage. After the crypto industry's darkest moment in 2022, EU regulators and policymakers have continued to explore the cryptocurrency space as regulatory frameworks for cryptocurrencies around the world become clearer. In order to strive for a world-leading position in the crypto wave, and to help revitalize local economies and find new growth points and drivers, the EU is encouraging crypto innovations while also improving a unified regulatory framework across EU members. Compared to the U.S., where the authorities have frequently taken enforcement actions against crypto companies but have been slow to push for legislation, the EU has taken a big step ahead by establishing an advanced and relatively complete regulatory system, providing increasingly clear standards and requirements for crypto market participants, which will help accelerate the transition of the global crypto market from the stage of "barbaric growth" to the "era of legal system".

2. An Overview of MiCA

On May 16, 2023, the Council of the European Union adopted a regulation on the Markets in Crypto-assets Regulation (MiCA), which brings crypto-assets, crypto-asset issuers, and crypto-asset service providers into the regulatory framework, establishing for the first time a legal framework for the industry at the EU level by improving legislative transparency and providing a clear regulatory framework to better protect the legitimate interests of all participants in the crypto market, combat illegal money laundering and other criminal activities using crypto, and maintain financial stability. Considering the global nature of the cryptocurrency market, MiCA is undoubtedly a step forward compared to the current situation where national legislation is only implemented in some member states. Binance CEO CZ tweeted and commented, "The European Parliament's vote in favor of implementing MiCA means that one of the world's largest markets is introducing tailored crypto regulations to protect users and support innovation. Details matter, but overall we see this as a pragmatic solution to the challenges we all face together. There are now clear rules of the game for cryptocurrency exchanges operating in the EU. We are ready to adapt our business over the next 12-18 months to make it fully compliant."

The European Commission presented the MiCA proposal on September 24, 2020, which is part of the Digital Finance Package and aims to explore European routes to promote crypto, ensure financial stability and provide protection to investors and consumers. In addition to the MiCA proposal, the package includes the Digital Finance Strategy, the Digital Operational Resilience Act (DORA) covering crypto-asset service providers, and a pilot proposal for the large-scale adoption of Distributed Ledger Technology (DLT), which fills the gaps in the EU's existing legislation and ensures that the current legal framework does not pose barriers to the use of new digital financial instruments, while ensuring that these new technologies and products fall within the scope of financial regulation. The Council of the European Union adopted a negotiating mandate for MiCA on November 24, 2021, and tripartite talks between the co-legislators began on March 31, 2022, with a provisional agreement reached on June 30, 2022.The formal adoption of the regulation in May is the final step in the legislative process.MiCA will be formally implemented on December 30, 2024, after an 18-month transition period.

2.1 Regulatory Subjects and Scope

MiCA is regulated at the EU level by the European Banking Authority (EBA) and the European Securities and Markets Authority (ESMA), while the European Central Bank (ECB) will be one of the regulators; at the national level, each member state will designate a regulator to cooperate with MiCA. Bank will act as one of the regulators for stablecoins; at the national level, each member state will designate a regulator to work with MiCA on the ground.

MiCA defines crypto-assets as "representations of value or rights in digital form that can be transferred and stored electronically using distributed ledger technology or similar technology". The regulation distinguishes between "cryptocurrencies" and "tokens. "MiCA also imposes requirements on crypto-asset issuers and crypto-asset service providers (CASPs). CASPs must provide complete and transparent information about the crypto assets they issue and comply with disclosure and transparency rules. Crypto asset service providers must register and implement security measures and comply with anti-money laundering regulations.

MiCA provides a regulatory framework for digital assets using decentralized ledger technology (DLT).The main crypto assets covered by MiCA are: a. Asset-Referenced tokens (ARTs), which are crypto-assets designed to maintain a stable value by being linked to the value of several fiat currencies, one or more commodities, one or more crypto-assets, or a combination of these assets. This category includes all crypto assets that do not qualify as "electronic money tokens", such as Digix (DGX), which is backed by an equivalent amount of physical gold stored in a secure vault; b. Electronic-money tokens (EMTs), which maintain a stable value by reference to the value of fiat currencies. The difference between ART and EMT lies in the underlying asset that backs the price. ART is backed by a non-cash asset or basket of currencies, whereas EMTs are backed by a single currency, which makes them more similar to the concept of an electronic currency. c. Crypto-assets that are not considered as ART or EMT, such as "utility tokens", which are intended to provide digital access to a good or service, are available on the DLT, and are accepted only by the issuer of that token. Such crypto-assets are generally not considered financial instruments under the securities laws of many countries, unlike securities-based tokens.

MiCA's regulatory scope excludes the DeFi industry and NFTs, which, according to the definition provided by the European Central Bank, are a new way of delivering financial services that eschews traditional centralized intermediaries in favor of relying on automated protocols. These emerging industries either already have their own regulation based on their nature, such as security tokens, or they are unique and require further analysis by legislators to configure a regulatory framework that can appropriately address the risks. Rather than using the industry term "NFT", MiCA has adopted a substance-over-form approach to describe such crypto-assets, i.e., their value and attributes are attributable to each individual crypto-asset. The properties are attributed to the uniqueness and functionality of each crypto-asset, and the value of each crypto-asset cannot be measured by the same market-based price comparison tool or uniform asset. As a result, Fractionalized NFTs will not be considered unique, non-homogenous cryptoassets; at the same time, excessive issuance of NFTs will also be considered to be homogenous in nature and may be subject to MiCA regulation. The European Commission will be mandated to submit a report 18 months after MiCA comes into force to assess the potential for regulating NFTs. In any case, MiCA is certainly a big step towards strong consumer protection, while minimizing the risk these markets could pose to financial stability. Central bank digital currencies (CBDCs) are also outside the scope of MiCA.

2.2 Regulatory Framework and Details

MiCA contains 126 provisions and its regulatory framework consists mainly of:

• Transparency and disclosure requirements for crypto-asset issuance and trading access;

• Authorization and regulation of crypto-asset service providers and issuers;

• Rules for the operation, organization and governance of Asset-Referenced Tokens (ARTs), Electronic-Money Tokens (EMTs) and other crypto-asset service providers;

• Crypto-asset consumer protection rules;

• Measures to prevent market abuse and ensure the integrity of the crypto-asset market.

MiCA establishes harmonized requirements for the offering and placing on the market of most crypto-assets, as well as requirements for Cryptocurrency Asset Service Providers (CASPs). Under MiCA, CASPs in the EU will face extensive compliance requirements, which will increase transparency, minimize the potential for market chain reactions, and reduce user risk. Crypto-asset services include the operation of trading platforms, the safekeeping and management of crypto-assets on behalf of third parties, the conversion of crypto-assets into funds/other crypto-assets, the execution of orders for crypto-assets, the placing of crypto-assets, the provision of crypto-asset transfer services to third parties, the provision of crypto-asset advice, and the management of portfolios of crypto-assets.In order to avoid any conflict with the existing EU financial regulatory framework, MiCA would not apply to European financial institutions that are already regulated European financial institutions, such as credit institutions, investment firms, market makers, e-money institutions, asset management firms, etc. CASPs will be required to demonstrate their

• Stability and soundness;

• Ability to protect user funds;

• Compliance with prudential standards;

• Implementation of controls to ensure that they do not engage in proprietary trading;

• Avoidance of conflicts of interest;

• The ability to protect against market abuse and manipulation.

In addition, stablecoin issuers will face strict reserve and disclosure requirements to ensure that token holders are protected from bank runs. As MiCA is very comprehensive in providing clear rules for market participants, it is expected that in 2023, an increasing number of CASPs will seek to register in Europe to take advantage of MiCA's benefit of allowing entities registered in one EU member state to "pass" their services across Europe without having to obtain approval from regulators in all 27 member states.

MiCA requires issuers of ARTs and EMTs to incorporated as a legal entity in the EU and to publish their white papers containing investor information prior to issuance; issuers must also build up sufficient liquidity reserves on a 1:1 basis and meet other regulatory requirements. The European Banking Authority (EBA) will have supervisory responsibility for issuers of significant ART and EMT. For stablecoins, ARTs are subject to stricter regulatory requirements than EMTs, as ARTs are considered more likely to pose a potential threat to monetary stability in the EU. Prior to a public offering or trading on an exchange, an issuer is required to register in an EU member state and apply to the local regulator for approval (prior approval). The issuance application must contain: (i) detailed information about the issuer, including its organizational structure, business model, governance model, internal control measures, and means of risk control, its own capital requirements, conflicts of interest, reserves of assets held, assets held; (ii) a legal opinion on the ART; (iii) the issuer's organizational documents; and (iv) the ART white paper.ART issuers are also required to comply with periodic reporting obligations to the regulator with respect to clients traded, amounts traded, reserves, etc., after obtaining approval for the issuance.

2.3 Significance and Impact

MiCA will provide regulatory certainty and stronger protections for consumers in the cryptocurrency market while supporting innovation; MiCA establishes mechanisms to ensure that stablecoins are truly stable, requiring greater market transparency and preventing participants from creating excessive risk while ensuring that assets held in custody are truly protected; MiCA also seeks to mitigate the environmental impact of cryptocurrencies, with the mining of some cryptocurrencies requires the use of high-powered equipment that consumes large amounts of energy that may come from fossil fuels such as coal, and the industry also requires large amounts of computer components and generates e-waste; MiCA aims to lay the groundwork for broader regulatory efforts, including initiatives such as the Digital Operations Resilience Act (DORA), the DLT pilot regime, and the Transfer of Funds Regulations (TFR).

3. Other EU Crypto Bills

While MiCA is far-reaching as the cornerstone of the EU's system of crypto regulations, there are far more EU regulations for the crypto industry. Several other rules that have helped shape the EU's body of crypto regulations are outlined here.

DORA, the Digital Operational Resilience Act

DORA establishes uniform requirements for the security of the networks and information systems of companies and organizations operating in the financial sector, as well as of important third parties (such as credit institutions, investment firms, and crypto service providers) that provide them with ICT (information and communication technology)-related services (e.g., cloud-based platforms or data analytics services) DORA establishes a regulatory framework for digital operational resilience, whereby all companies must ensure that they can resist, respond and recover from all types of ICT-related disruptions and threats. These requirements are the same in all EU Member States, with the core objective of preventing and mitigating cyberthreats.The DORA proposal was formally adopted in November 2022 and will be passed into national law by each EU Member State. In the meantime, the relevant European Supervisory Authorities (ESAs), such as the European Banking Authority (EBA), the European Securities and Markets Authority (ESMA), and the European Insurance and Occupational Pensions Authority (EIOPA), will develop technical standards that all financial services organizations, from banking and insurance to asset management, will be required to comply with. National authorities will conduct compliance monitoring and enforce regulations where necessary. "DORA is in fact the cornerstone of our work on digital finance in the EU," European Finance Commissioner Mairead McGuinness told members of parliament in November. "Financial institutions are increasingly dependent on technology. More and more people and businesses are managing their finances online. It is therefore crucial to protect the financial system from cyber-attacks and cyber-fraud."

DLT Pilot Regime

DLT refers to digital systems that record transactions of assets (such as Bitcoin), where transaction details are recorded in multiple places simultaneously.DLT allows information to be stored in a secure and accurate manner, ensuring that record management is not subject to manipulation. The European Union's MiCA includes regulation of DLT-based cryptoassets such as stablecoins. The DLT Pilot Regime, launched on March 23, 2023, is a regulatory sandbox that allows traditional financial participants and market newcomers to experiment with tokenized financial instruments and innovative markets based on decentralized technology, with the aim of allowing firms to leverage DLTs without legislative constraints and to develop trading and settlement functionality for DLT financial instruments. trading and settlement functionality. As part of the program, firms can apply for exemptions from certain requirements of the Markets in Financial Instruments Regulation (MiFIR), the Markets in Financial Instruments Directive II (MiFID II) and/or the Central Securities Depositories Regulation (CSDR). The European Securities and Markets Authority (ESMA) will act as regulator for the pilot regime.

TFR, Transfer of Funds Regulation

The "Travel Rules" require CASPs to conduct KYC checks on the source and beneficiary of funds for cryptocurrency transactions, with information on the source and beneficiary of the assets traveling with the transaction and stored on both sides of the transfer. CASPs will be obliged to provide this information to the competent authorities in the event of an investigation into money laundering and terrorist financing. Unlike the original proposal, the agreement now excludes private non-custodial wallets operated by unregulated CASPs, which means that private wallets and person-to-person transfers made without a service are not regulated under the Travel Rules. In addition, cryptocurrency transfers of more than €1,000 between exchanges and individually owned non-custodial wallets must be reported to national authorities, while non-provider-custodied cryptocurrency peer-to-peer wallets are exempt from these rules.

The regulation is a response to the increasing use of cryptocurrencies for money laundering and terrorist financing. Crypto assets are often used for these illicit purposes because they allow for the quick and anonymous transfer of funds. By requiring information on the source and beneficiary of the funds, authorities will be able to track these transactions and investigate any suspicious activity. Controversy over the TFR has centered on data protection, with the public fearing that by collecting information on a large number of cryptocurrency users it will be open to hackers and that over-collecting information on users won't necessarily help much in the fight against terrorism.The TFR's approach to data protection will be guided by the European Union's General Data Protection Regulation (GDPR), which is regarded as one of the most robust data protection regulations in the world. Under the TFR, data should be shared with authorities upon request, but will not be automatically transferred to them.

Anti-Money Laundering Rules (AML)

The EU Parliament voted in favor of three important anti-money laundering (AML) legislations in March this year, and cryptocurrency payments for goods and services over €1,000 will have to comply with AML laws. The legislation expands the definition of a Crypto Asset Service Provider (CASP) to include NFT platforms in its regulatory scope, which also closes the regulatory gap in MiCA in the NFT space.The definition of a Crypto Asset Service Provider (CASP) is more loosely defined in MiCA, and whether or not the Defi protocol will fall under AML regulation will depend on whether or not the DeFi protocol can be shown to be centrally controlled. If it is indeed decentralized, it will not be considered a CASP, which means it will not fall under AML.

In addition to the AML rules, MiCA has a separate anti-money laundering companion regulation for crypto assets, which has been voted on by Parliament. This AML companion regulation has an exclusion for so-called P2P transactions, and the text defines a P2P transaction as one that is not backed by a crypto-asset service provider (CASP). As a result, transactions using the DeFi protocol will be excluded if the DeFi protocol is sufficiently decentralized.

DAC8

On May 16, 2023, EU Member States reached a political agreement through the Economic and Financial Affairs Committee (ECOFIN) on new tax transparency rules applicable to all service providers facilitating crypto-asset transactions for EU resident clients. These new reporting requirements on crypto-assets, e-money and central bank digital currencies (CBDCs) will come into force on January 1, 2026 through the EU DAC8.DAC8 will introduce disclosure and reporting obligations for cryptocurrency intermediaries facilitating transactions for EU clients, placing tax reporting requirements on crypto-asset service providers.DAC8 is part of the series of EU tax measures ( DAC), initially implemented by Directive 2011/16/EU on administrative cooperation in the field of taxation (DAC).DAC8 will adapt the Crypto Asset Reporting Framework (CARF), which establishes a set of model rules on the reporting and exchange of crypto transaction information, and will be based on the EU's objective of promoting global tax transparency in the digital marketplace, and will be aligned with the EU's existing Regulation on Markets in Crypto Assets (MiCA). According to a briefing from the European Parliament, a crypto reporting framework could potentially add up to €2.4 billion per year to EU tax revenues. From 2026, companies offering crypto services will need to report their clients' domestic and cross-border transactions to national authorities.

4. Summary

The adoption of MiCA is of extremely important and far-reaching significance to the development of the EU and the global crypto industry. Previously, there was no unified crypto regulatory framework in the EU countries except for the AML regulations, and nowadays, for crypto service providers, they only need to comply with one regulatory framework, and they can operate in 27 EU member states countries with 500 million consumers, and the cost of compliance has been greatly reduced. Moreover, it is likely that MiCA will play the role of a model law. Although the rapid development of crypto technology disrupts the traditional industry, it is also used for terrorism, money laundering and other criminal activities. Legislation in the crypto industry in many countries around the world has been halting, holding a wait-and-see attitude, or directly across-the-board, completely rejecting the opportunity for such a development, and the adoption and implementation of MiCA will provide a reference for the legislation of other countries, which will also prompt some countries to change their negative attitudes towards cryptocurrencies. In addition to MiCA, other EU crypto laws complement each other. Although the EU has a very strict regulatory attitude toward stable coins and has introduced more regulations for centralized exchanges, which may cause many crypto service providers that have been growing wildly to face a variety of compliance restrictions, the positive significance of the legislation and regulation is still greater than the negative significance, and a regulated and protected crypto market will attract more traditional large institutions to enter the market, as well as more traditional large institutions. More traditional large institutions will be attracted to the market, and the EU's harmonized regulatory framework allows startups to choose to domicile in the EU to receive legal protections and encourage innovation, and face modest compliance costs. With the successive launch of the EU's Digital Finance Strategy package, the style of EU's crypto legislation is progressive, constantly adapting the rules to real situations, and flexible, so that the iron fist of regulation does not strike too hard and stifle innovation. Meanwhile, EU can also manage to protect the rights and interests of all parties involved in the crypto market, and safeguard the stability of the financial market.