How to obtain a MiCA 'licence' now


Jonathan Galea

AKA benefitting fully from the transitory period

With the final text of the Markets in Crypto Assets Regulation (‘MiCA’) having been approved on the 5th of October, a race of sorts has started, with its participants being varyingly equipped, and some not being equipped at all. This article may be viewed as a cheat code, or to put it less bombastically, it will go through the means possible to become MiCA-compliant immediately. I will be focusing on the regime applicable to Crypto Asset Service Providers (‘CASPs), with future material to be dedicated to crypto asset issuers as well.

It is firstly important to note that the MiCA framework is a robust one, with plenty of elements taken from its older sibling, being the Markets in Financial Instruments Directive (‘MiFID II’). MiCA can even be seen as a natural progression from MiFID II; while the latter regulates financial instruments and the provision of services in relation thereto, MiCA will be covering the provision of services and issuance of a new category of assets that, hitherto, have been sparsely regulated within the European Union (‘EU’) and the wider European Economic Area (‘EEA’).

Most EU& EEA member states have, up until now, only been regulated CASPs in adherence to the Fifth AML Directive (5AMLD), requiring them to undertake a registration process with local Financial Intelligence Units (‘FIUs’) prior to allowing them to offer their services in the relevant jurisdictions. Apart from the evident issue of fragmentation, it also means that VASPs with a 5AMLD registration, at most, would have their offered services regulated strictly from an AML perspective, and moreover, for the greater part, would only have their custody and exchange service offerings as being so regulated. This is a far cry from the holistic licence being envisaged under MiCA, which not only regulates additional services such as portfolio management, investment advice, and placing of crypto assets, but does so under a regulatory regime that has been built, from the ground up, specifically for CASPs. It is also clear that the relevant competent authorities will be the financial services authorities (FSAs), rather than the FIUs.

The legislator has clarified, in express terms, the dichotomy between most national regimes and MiCA, and laid out the following in Recital 77a of MICA:

Since the national regulatory frameworks applicable to crypto-asset service providers before the entry into application of this Regulation differ among Member States, it is essential that Member States that have not in place strong prudential requirements for crypto-asset service providers that currently operate under their regulatory frameworks, have the possibility to require such crypto-asset service providers to be subject to stricter requirements than those under the national regulatory frameworks. In such a case, Member States might not apply or might reduce the 18-month transitional period allowing crypto-asset service providers to provide services on the basis of their national framework. Such an option for Member States is not to be considered as setting a precedent in any other areas of financial services legislation [emphasis placed by the author]

This is then reinforced in the body of MiCA’s text, specifically under Article 123 (Transitional Measures), sub-article 2:

By way of derogation from this Regulation, crypto-asset service providers which provided their services in accordance with applicable law before [please insert the date of entry into application], may continue to do so until [please insert the date [18] months after the date of application] or until they are granted an authorisation pursuant to Article 55, whichever is sooner.

Member States may decide not to apply the transitional measure provided in the first subparagraph or reduce its duration, where they consider that crypto-asset service providers shall be subject to stricter requirements than those set out in their national regulatory framework applicable before [please insert the date of entry into application].

By [insert date 12 months after entry into force], Member States shall notify to the
Commission and ESMA whether they have exercised the option provided in the second subparagraph and the duration of the transitional measure.
[emphasis placed by author]

The parts highlighted above are of crucial, and significantly underestimated importance. According to our interpretation, the legislator is clearly stating that any CASP currently operating in an EU/EEA member state under a regime that do not have the same strong prudential requirements stipulated under MiCA, ergo less strict, may potentially not be eligible to enjoy the transitory period of 18 months if the relevant Member State in which it is operating does not align its local framework to MiCA by no later than 12 months after the date of entry into force of MiCA, which is set to be sometime in Q4 2022 or Q1 2023. Should such Member States decide to shorten or forfeit the option to apply the transitional period as described in Article 123(2), then CASPs regulated under the national framework(s) of such Member States will have no option but to undertake the application process envisaged under Article 53 et seq. of MiCA shortly after the date of entry into force, because one has to keep in mind that they would need to be fully licensed by the date of application if they wish to continue offering services within the EU & EEA. From our practical experience, a rigorous licensing process may take anywhere between 6 to 12 months, and therefore it is reasonable to assume that such CASPs will potentially be required by the Member State in which their registered office is located to commence the licensing process a year before the date of application of MiCA.

On the other hand, CASPs that are regulated under a regime that is already of a sufficient standard will quite likely be allowed to benefit from the transitory period in full for a period of 18 months after the date of application, potentially with a minimal process involved to convert their national licence/registration into a MiCA one, depending on how closely they are already regulated in comparison to the requirements under MiCA. One must bear in mind that while the date of entry into force is set to be either later this year, or early next year, the date of application is at least a full year and a half after the date of entry into force, as stated under Article 126(2). This means that CASPs which are regulated under a regime that can be described as ‘MiCA-ready’ will potentially be eligible to benefit from a minimum period of 36 months, or 3 years, of hassle-free operations.

The table below helps to visualise the salient differences highlighted above:

  CASPs regulated under the AMLD5 CASPS regulated under a purpose-built crypto framework
Competent Authority Financial Intelligence Unit (AML) Financial Services Authority
Regulatory Regime AML-focused, light touch Services-focused, comprehensive with prudential requirements
Time required to get a licence/registration (average) 4-10 weeks 6-9 months
Services covered under regulation Custody, exchange Multiple other services, similar to MiCA
Eligible for MiCA transitory period No Yes
When will a MiCA licence be required By the date of application of MiCA (circa Q3 2024*) By the end of the transitory period (circa Q1 2026*)
What will getting a MiCA licence entail? A fresh licence application process from scratch with another authority, being the FSA A conversion process from the national licence/registration to a MiCA licence with the same authority (FSA)
Level of operational disruption High Low

As you may appreciate, this gives a significant advantage to such CASPs, as opposed to others which will be scrambling to undergo a rigorous licensing process that is likely to be supervised by FSAs that would be handling voluminous applications of this nature for the first time, and therefore very likely to result in significant operational disruption for the concerned CASPs.

Currently, the only three jurisdictions in the EEA which have an ad-hoc regulatory regime that can be seen as being sufficiently proximate to MiCA are Malta, Liechtenstein, and France, with the competent authority in each jurisdiction being the respective FSA. Malta was the first EU Member State to promulgate a comprehensive regulatory framework in November 2018, titled the Virtual Financial Assets (VFA) Framework, which is heavily influenced by MiFID II and consequently the framework which is the most proximate to MiCA to date. France followed in May 2019 with the PACTE law, which amongst other things regulates Digital Asset Service Providers (‘DASPs’) under a framework that is similar to Malta’s, albeit being a voluntary registration regime for certain services, and requiring obligatory registration for some others. Lastly, Liechtenstein promulgated its Blockchain Act (locally known as the ‘TVTG’) in January 2020, which while not being as comprehensive as Malta’s VFA framework, differs in certain interesting aspects by introducing novel roles such as physical validators which act as gatekeepers between physical assets and their digital twins.

Out of the three frameworks, Malta’s VFA framework is the most similar to MiCA, and the Malta Financial Services Authority also boasts of the most experience when it comes to regulating the crypto asset industry. Malta currently regulates certain well-known CASPs such as, OKCoin Europe, and France has recently turned up the wick, with giants Binance and announcing Paris as their European headquarters. Liechtenstein enjoys a close affinity with Switzerland and neighbouring jurisdictions, with Bittrex Global being one of the main exchanges headquartered there.

So does one need a licence or registration in any of these three jurisdictions to secure the applicability of transitory provisions?

While those solely seeking to be regulated as CASPs are strongly recommended to consider the mentioned three jurisdictions if they wish to avail of the applicable transitory provisions, there is also another way in which to also operate under MiCA, and that is through one of the applicable exemptions listed under Article 53(a). This article stipulates that authorised credit institutions, central securities depositories, investment firms, market operators, e-money institutions, management companies of UCITS and alternative investment fund managers may offer certain crypto asset services by simply notifying the relevant FSA and without being required to undergo the licensing process envisaged under Article 54 et seq., with credit institutions in particular being allowed to offer all crypto asset services listed in MiCA. It is important to note that, except for banks/credit institutions, the other listed entities would need to undertake the relevant licensing process for any services that do not feature under the applicable exemptions.

I do not want to obtain a licence as a bank or any of those entities either… any other option?

The only remaining option is the one typically referred to as ‘reverse solicitation’, which is taking on board clients that approach a CASP located outside the EU or EEA out of their own sole, exclusive initiative. Article 53b(1) clearly highlights the mechanics of reverse solicitation:

Where a client established or situated in the Union initiates at its own exclusive initiative the provision of a crypto-asset service or activity by a third‐ country firm, the requirement for authorisation under Article 53 shall not apply to the provision of that service or activity by the third‐ country firm to that person, including a relationship specifically relating to the provision of that service or activity

This effectively means that while CASPs located outside of the EU & EEA can onboard and service users who approach them out of their own exclusive initiative, they cannot engage in any form of marketing targeting users residing in the EU & EEA, even if such users would have initially engaged with them through reverse solicitation. Therefore, this is quite a weak option to look at.

What is the best course of action?

The date of entry into force of MiCA is still at least a couple of months away, with the date of application being even further than that. Any CASPs that are not regulated in Malta, Liechtenstein, or France are well-advised to consider the option of being so regulated before the date of application of MiCA, in order to not only enjoy the full extent of the transitory period, but also to take their time to align their operations with the expectations under MiCA, as opposed to CASPs in other jurisdictions which may well have to do significant changes to their set-up in a short period of time if the Member State in which they are located decides not to give them the benefit of the transitory period.

In short, those who act now, or who have already acted, will reap significant benefits and enjoy a considerable competitive advantage, since apart from benefitting from the transitory period, it is likely that the process of conversion from the mentioned national licences/registrations to a MiCA licence will be nowhere near as disruptive as applying for a MiCA licence from scratch.

Get in touch with us if you wish to become licensed under the Maltese VFA Framework, or obtain a registration under the TVTG of Liechtenstein or PACTE framework of France.

This article has been written on the basis of the latest MiCA draft published on the 5th of October 2022, and may be subject to further changes until its official publication in the European Union’s Official Journal.