The week MiCA started to bite, my inbox changed. Fewer speculative “we might list this” notes; more practical questions from CFOs and compliance leads: Does our exchange have a CASP license? Which stablecoins remain usable in the EU? How will the travel rule affect withdrawals to self‑custody? Without further ado, let me walk you through what actually matters—so you can make confident calls on risk, liquidity, and roadmaps.
Why MiCA matters now
MiCA (Regulation (EU) 2023/1114) is live across the EU in two waves. Stablecoin rules for asset‑referenced tokens (ARTs) and e‑money tokens (EMTs) have applied since June 30, 2024. The rest—covering most tokens and crypto‑asset service providers (CASPs)—has applied since December 30, 2024.
Member states may allow pre‑existing firms to keep operating during a transitional regime that can run until July 1, 2026, but some countries curtailed or skipped this flexibility. If your provider is relying on “grandfathering,” note the clock and country‑by‑country differences.
What MiCA covers (and what it doesn’t)
MiCA sets a harmonised EU rulebook for crypto that is not already caught by existing securities laws. Issuers of non‑stablecoin crypto offered to the public must publish a crypto‑asset white paper (no prior approval for non‑stablecoins), and marketing must be fair, clear, and not misleading. ESMA is building a central register of white papers, authorised CASPs, and non‑compliant entities—a practical due diligence starting point for investors and counterparties.
Importantly, unique NFTs generally sit outside MiCA—but mass‑minted “NFTs” or fractionalised series can be treated as fungible and fall back in scope. If a project calls a token an NFT and mints 10,000 near‑identical units, treat it like a fungible crypto‑asset for risk and compliance.
Safeguards investors should actually feel
Authorised CASPs must meet prudential and conduct standards. Minimum capital requirements scale with services provided: €50,000 (advice/execution/RTS), €125,000 (custody or exchange), €150,000 (operating a trading platform). CASPs must also hold their own funds equal to at least a quarter of prior‑year fixed overheads—whichever is higher. Client asset segregation, complaints handling, record‑keeping, and market‑abuse rules for crypto admitted to trading are now part of the baseline. Bottom line: regulated platforms should look and act more like financial firms.
Action for investors: before onboarding, check ESMA’s register for the firm’s authorisation status and scope of services; if they’re still under a national transition, ask for timelines and risk mitigants.
Stablecoins: reserves, redemption, and EU monetary concerns
If you hold or settle in stablecoins, MiCA’s details matter. ART and EMT issuers face reserve, own‑funds, redemption, disclosure, and stress‑testing obligations. EBA can designate “significant” tokens, triggering stricter prudential and liquidity standards. To protect monetary sovereignty, tokens used widely as a means of exchange face hard usage thresholds: if estimated daily averages in a currency area exceed 1 million transactions and €200 million, the issuer must stop issuing and file a plan to reduce usage. This mechanism also applies to EMTs denominated in non‑EU currencies (think USD‑stablecoins).
Practical takeaway: expect some stablecoins to face issuance throttles or distribution limits if their payments usage spikes, and plan contingency rails (euro‑EMTs, bank rails) for settlements.
Third‑country platforms and the reverse solicitation trap
Non‑EU firms can’t solicit EU clients without authorisation. ESMA’s reverse solicitation guidelines make the exemption very narrow: a third‑country firm can only serve an EU client when the client initiates contact on their own exclusive initiative, with strict limits on any follow‑up marketing. If your favourite global platform claims “we’re fine under reverse solicitation,” treat that as high risk without legal footing.
AML and the travel rule: what changes for transfers
The EU’s separate Transfer of Funds Regulation (TFR, Reg. (EU) 2023/1113) extends the travel rule to crypto transfers as of December 30, 2024. CASPs must collect and transmit originator/beneficiary data for all covered transfers, with extra checks for self‑hosted (unhosted) wallets above €1,000—including verifying that a customer owns or controls the self‑custody address.
EBA’s final guidelines also allow a transitional period for CASPs until July 31, 2025, to complete implementation. Expect more friction on withdrawals and deposits, and more “information needed” holds.
DORA compliance: the operational backbone you can’t ignore
MiCA doesn’t live alone. The Digital Operational Resilience Act (DORA) now applies to CASPs, aligning ICT risk management, incident reporting, third‑party risk, and resilience testing with what banks and brokers already do. In practice, that means your provider should have documented ICT continuity, response and recovery plans, incident reporting, and robust oversight of critical vendors. If they can’t map those controls, your operational risk—and downtime risk—remains elevated.
Early friction and what to watch
Supervisors are already pushing back on poor practices. ESMA warned in July 2025 that some CASPs are using their regulated status in marketing in ways that confuse customers about which products are actually covered by MiCA protections. Expect more interventions and slower cross‑border “passporting” if national authorities perceive supervisory gaps.
How to turn MiCA into an advantage
When you’re choosing platforms, products, or allocations, I look for three signals:
- Authorisation reality check. Verify the CASP’s license and the exact services they’re authorised to provide. If they’re in a transitional regime, ask for the application status and remediation plans. No authorisation, no passport.
- Stablecoin hygiene. Prefer issuers that publish reserve composition, independent audits, and redemption policies consistent with MiCA. Be wary of non‑EU‑currency tokens whose usage may bump into the Article 23 thresholds.
- Operational resilience and AML fit. Ask how the CASP meets DORA expectations and TFR data flows, including self‑hosted wallet controls above €1,000. If they can’t demonstrate working processes, expect transfer delays and higher incident risk.
Two investor‑friendly truths under MiCA:
• Better comparability. White papers and standardised disclosures make apples‑to‑apples comparisons easier across EU projects.
• Clearer recourse. CASPs face conduct, prudential, and market‑abuse rules; stablecoin issuers face redemption and reserve duties—making protections less theoretical.
Ready for the EU‑grade crypto marketplace?
MiCA draws a bright regulatory line through Europe’s crypto market. For investors, that means fewer unknowns and more process—from checking ESMA’s register before you wire funds, to understanding why a transfer to your hardware wallet needs a quick verification. For product teams, it’s time to align your MiCA compliance and DORA compliance roadmaps with the same discipline you apply to financial reporting.
If you remember just one thing, make it this: MiCA doesn’t kill innovation; it prices risk and standardises trust. In a market that has long lacked both, that’s a feature worth building on.
