Authority. For BCB that means France’s Autorité des Marchés Financiers (AMF). For larger groups, such as BCB Group, that are already registered as digital asset service companies, upgrading to full CASP will be more straightforward and BCB is already well on its way to that licence. The key aspect of a licence that some crypto service providers may find challenging is the prudential requirement. Firms must demonstrate they have capital buffers in place to enable them to continue to operate in the event of market problems and so ensure they can continue to return assets to clients. The sums required vary and according to Arras, meeting the requirement may be a shock to those who have no existing licence. Businesses that are already authorised as electronic money institutions (EMI) are used to such guardrails. “If you are not used to these types of guardrails, this is something that is really going to change the game. It’s great for clients, but it comes with a lot of obligations and oversight from the regulators.” Audits for cybersecurity A second key component, according to Arras, is the requirement that firms ensure cybersecurity. On the one hand, this may appear to be a moving target, with ESMA calling for modifications in the regulations as recently as October that will require CASPs to provide an external audit of their cybersecurity. In practice, major national financial authorities are already requiring such audits as part of their MiCA implementation with BCB’s regulator, the AMF, requiring a third-party audit known as PASSI. “This is pretty important and again, for those without this in place already, it requires a lot of time and a lot of resources,” says Arras. Coin issuers will also be required to meet a range of requirements, most notably stablecoin issuers whose reference asset is a European currency. For service providers such as BCB, this and various other aspects of MiCA affecting clients will be integrated with onboarding and BCB’s recent upgrading of its onboarding process is designed with this in mind. “We do have clients who are going to issue or who are already issuing stablecoins, and we are scoping whether they will fall under MICA and it depends which jurisdiction they are in,” says Arras. “Among our clients, the larger,
indicated their transition period will be shorter, in some cases 12 months, in others six or less. Meanwhile, the new MiCA regulation does not exist in isolation. It sits amid a wider landscape of EU regulation and is itself set to evolve. For example, NFTs have not been included in current regulations but are likely to be drawn under MiCA in later rules revisions. In the interim, sustainability assessments are also expected to become part of the regulations, bringing crypto closer to existing EU regulations on sustainable finance. Don’t fear the regulator When it comes to MiCA (and indeed for all the new regulations that are in the pipeline that might affect the crypto space) Arras has one simple piece of advice for clients. “It’s really important that they talk to their regulators. We have a close relationship with our regulator and that has been really helpful. We’re in good shape to know what’s coming. I would tell our customers not to be scared to
Among our clients, the larger, established ones are definitely on top of it and we’re already getting a sense that the medium and large clients are getting MiCA-compliant. We have meetings with them, we share information from a compliance perspective as well. We all need to know that everyone is on top of this.
talk to their national competent authority, because regulators
themselves appreciate knowing who is doing what to comply with MiCA. Get it right now, if you haven’t already.” MiCA regulations naturally only apply to EU-based businesses and in the short term, some operators may be tempted to migrate beyond the EU’s borders to avoid the regulatory burden. However, providing digital asset services to EU citizens from a third country will only be permissible if it comes from a ‘reverse solicitation’ in which the client has requested the service entirely under their own initiative. Where the EU leads in financial regulation, other jurisdictions typically follow, not least because access to EU markets requires, if not identical regulations, then at least ‘equivalence’. MiCA is also the most advanced set of regulations in crypto and as such is highly likely to be a reference point for other jurisdictions as they design their own rules. It is certainly what Arras is hoping for: “MiCA is not perfect and includes some unwelcome restrictions for example on staking and other techniques for earning income from stablecoins. On balance, however, it provides a useful framework on which to build. At BCB we are more than comfortable that we can meet the MiCA requirements and continue to expand our services to our clients.” ◆
Marie Arras
established ones are definitely on top of it and we’re already getting a sense that the medium and large clients are getting MiCA-compliant. We have meetings with them, we share information from a compliance perspective as well. We all need to know that everyone is on top of this.” MiCA rules concerning governance, dealing in cryptocurrency by company directors and general market abuse controls come into immediate force for all service providers on December 30. However, service providers registered with their national authority will have a transition period in which to comply with the new regulations and acquire their full CASP licence. The maximum is 18 months, but a number of states have
31
Made with FlippingBook - professional solution for displaying marketing and sales documents online