ESMA Opinion on the Convergent Application of MiCA to Broker Models

31 July 2024 ESMA75-453128700-1048 ESMA - 201-203 rue de Bercy - CS 80910 - 75589 Paris Cedex 12 - France - www.esma.europa.eu 1 Opinion Opinion to support the convergent application of MiCA 1 Legal basis

1. The European Securities and Markets Authority’s (ESMA) competence to deliver an opinion to competent authorities is based on Article 29(1)(a) of Regulation (EU) No 1095/20101 (the ‘ESMA Regulation’). In accordance with Article 44(1) of the ESMA Regulation, the Board of Supervisors has adopted this opinion. 2 Background
2. The Regulation (EU) 2023/11142 (MiCA) was published in the Official Journal on 9 June 2023. It establishes a comprehensive set of obligations in relation to crypto-asset issuers and services providers. Key provisions for those issuing and trading crypto-assets (including asset-reference tokens and e-money tokens) cover transparency, disclosure, authorisation and supervision of transactions. The new legal framework will support investor protection, market integrity and financial stability by regulating, inter alia, public offers of crypto-assets and ensuring consumers are better informed about associated risks.
3. The entry into application of MiCA is a fundamental development for the establishment of a single rulebook for the regulation and supervision of issuance, trading, and provision of services in relation to crypto-assets. However, in order for MiCA to deliver on its objectives, it is crucial that the new framework is implemented in an effective and harmonised manner throughout the Union.
4. Trading platforms hold an important role in the functioning of the crypto-asset ecosystem. In particular, so-called Multifunction Crypto-asset Intermediaries (MCIs) 3 , i.e. those offering a large variety of services, products and functions, at the level of an individual entity or group of affiliated entities, typically centred around the operation of a trading platform, are an essential point of attention considering the impact they have on the functioning of crypto-asset markets, as demonstrated by the very large-scale effects of the FTX collapse.
5. Reflecting the importance of trading platforms for crypto-asset, Article 76 of MiCA sets out comprehensive requirements regarding their functioning. These include but are not limited to: (i) having detailed operating rules; (ii) ensuring resilient systems and procedures; (iii) adhering to pre￾trade and post-trade transparency requirements, (iv) maintaining a transparent fee structure; (v) setting rules, procedures and criteria promoting fair and open access to the trading platform for 1 Regulation (EU) No 1095/2010 of the European Parliament and of the Council of 24 November 2010 establishing a European Supervisory Authority (European Securities and Markets Authority), amending Decision No 716/2009/EC and repealing Commission Decision 2009/77/EC, OJ L 331, 15.12.2010, p. 84. 2 Regulation (EU) 2023/1114 of the European Parliament and the Council of 31 May 2023 on markets in crypto-assets (OJ L 150, 9.6.2023, p. 40), here. 3 MCIs are defined by the FSB as “individual firms, or groups of affiliated firms – such as FTX (prior to its failure) – that combine a broad range of crypto-asset services, products, and functions typically centred around the operation of a trading platform” (here).

2 clients willing to trade; and (vi) ensuring fair and orderly trading and efficient execution of orders. The intention of MiCA is thus that trading platforms for crypto-assets operating in the Union are held to, among others, these comprehensive requirements to ensure investor protection, market integrity and financial stability. 6. The disintermediated nature of the services offered is a fundamental characteristic and a key selling point used by MCIs to promote their services. Such MCIs may thus try to gain access to EU clients without moving their activities to the Union, whilst simultaneously preserving the disintermediated aspect of their business model. In such cases, the brokerage model may be used by such MCIs to achieve regulatory arbitrage and lead to an unlevel playing field between (i) trading platforms located in a third-country but trying to gain access to EU clients and (ii) MiCA-regulated EU trading platforms. 7. In a previous Statement4 published in October 2023, ESMA had anticipated that MCIs (referred to as global crypto firms in the ESMA statement) might seek operating under the MiCA framework “using group structures that tend to be complex and opaque”, thereby highlighting the specific ability of these entities to engage in regulatory arbitrage. ESMA noted the risk of conflicts of interest, diminished investor protection and the unlevel playing field with EU trading platforms that MCI’s business strategies could create. 8. In light of these concerns, which have not been alleviated, ESMA considers it necessary to provide some clarifications regarding the application of certain MiCA obligations, particularly in relation to MCIs that might attempt to structure their business in a way to maintain access to EU clients while minimising the impact of the MiCA regulatory framework on their activities. 9. This opinion is addressed primarily to national competent authorities (NCAs). It tackles regulatory and supervisory arbitrage risks stemming from specific business setups whereby MCIs would only seek authorisation under MiCA for brokerage services (e.g. reception and transmission of orders, execution of orders for crypto-assets on behalf of clients and/or exchange of crypto-assets for funds or for other crypto-assets) but intend to leave a large part of the group activities (and in particular the operation of a trading platform for crypto-assets) outside of MiCA. The objective is to share relevant criteria to promote supervisory convergence and support (i) NCAs’ assessment of the business model and activities that the applicant MCIs intend to carry out, as well as (ii) the ongoing assessment of how such activities are carried out. 10. While similar business arrangements can be established between entities that do not belong to the same group, this opinion primarily covers concerns linked to MCI’s intragroup arrangements. 11. This opinion does not prejudice any future opinions or other convergence tools issued by ESMA. 3 General considerations 12. Certain applications for authorisation as crypto-asset services providers anticipated under MiCA bear some similarities with some applications received by NCAs in the context of the UK’s decision to withdraw from the EU. Indeed, just as UK firms may have sought to maintain access to the EU market by creating EU entities or relocating activities to the EU, crypto-asset service providers under MiCA may seek to establish entities in or relocate activities to the Union in order to retain access to the EU market while minimising the effective transfer of activities or functions to the Union. Consequently, given the similar underlying issues and risks of supervisory arbitrage, the general principles developed by ESMA to support supervisory convergence in the context of the UK’s 4 ESMA clarifies timeline for MiCA and encourages market participants and NCAs to start preparing for the transition, 17 October 2023, ref. ESMA74-449133380-441, here.

3 decision to withdraw from the EU should also be applied in the context of services and activities to which MiCA applies. 13. Specifically, in its Opinion published in May 20175 (Brexit Opinion), ESMA clarified some principles with the objective to ensure that: a. authorisations were granted in full compliance with Union law and in a coherent manner across the Union; b. any outsourcing or delegation arrangement from entities authorised in the Union to third country entities was strictly framed and consistently supervised; and c. outsourcing or delegation arrangements, under which entities confer either a substantial degree of activities or critical functions to other entities, did not result in those entities becoming letter-box entities. 14. ESMA considers that most of the overarching principles established in the Brexit Opinion are also relevant for NCAs assessing applications in the context of MiCA. More specifically, ESMA considers that, mutatis mutandis, the principles two to eight of the Brexit Opinion should apply and be considered amongst the guiding principles for NCAs when considering the authorisation of crypto￾asset service providers, along with the other elements in sections 4 to 8 below. 4 Requirements on the authorisation in the EU and reverse solicitation 15. In accordance with Article 59 of MiCA, third-country firms may not provide crypto-asset services in the Union6 . Article 61 of MiCA, however, provides an exemption to this principle. This exemption (the so-called “reverse solicitation” exemption) is applicable where a client established or situated in the Union initiates at its own exclusive initiative the provision of a crypto-asset service or activity by a third‐country firm. In such cases, the requirement for authorisation under Article 59 of MiCA does not apply to the provision of that crypto-asset service or activity by the third‐country firm to that client and the related crypto-asset services should not be deemed to be provided in the Union. 16. The rationale for this exemption is that persons established in the Union should have the liberty to request and receive crypto-asset services by a third-country firm on their own exclusive initiative. This reverse solicitation exemption applies only where the third-country firm has not solicited, promoted or advertised crypto-asset services or activities to clients or prospective clients in the Union7 . 5 Opinion on General principles to support supervisory convergence in the context of the United Kingdom withdrawing from the European Union, ref. ESMA42-110-433, here. 6 In particular, according to Article 59(1), crypto-asset services may be provided only by entities authorised as crypto-asset service providers in accordance with Article 63 of MiCA, or by entities allowed to provide crypto-asset services pursuant to Article 60 of MiCA. For the purposes of the authorisation in Article 63 the crypto-asset service provider should have a registered office in a Member State where it carries out at least part of the crypto-asset services (Article 59(2) of MiCA). 7 According to the second subparagraph of Article 61(1) of MiCA, the crypto-asset services of a third-country firm should not be deemed to be services provided on the own initiative of the client where a third-country firm - including through an entity acting on its behalf or having close links with such third‐country firm or any other person acting on behalf of such entity - solicits clients or prospective clients in the Union, regardless of the means of communication used for the solicitation, promotion or advertising in the Union.

4 17. As previously stated in the ESMA Statement dated 17 October 20238 , this exemption should be understood to be very narrowly framed and, as such, should be regarded as an exception to the rule of Article 59 of MiCA. It should not be assumed, nor exploited to circumvent MiCA. 18. This exemption will be subject to further guidance by ESMA, through ESMA’s Guidelines on reverse solicitation under MiCA, to be published in Q3/Q4 of 2024. 19. However, it is already worth specifying that NCAs should ensure compliance with Articles 59 and 61 of MiCA both on an on-going basis and when authorising crypto-asset service providers. When assessing an application for authorisation under Title V of MiCA, NCAs should notably ensure that the application does not aim at obtaining a ‘legal cover’ in the Union for third-country firms which seek to solicit clients or prospective clients in the Union through a MiCA-authorised entity (typically belonging to the same group), whilst still providing services from outside the Union. NCAs should conduct a detailed assessment of the overall activities to be carried out by applicants with a view to prevent cases where solicitation of EU clients by a third–country firm is done through an EU authorised entity belonging to the same group. 20. To that effect, applicants should provide NCAs with a programme of operations in accordance with Article 62(2)(d) of MiCA. Where the applicant belongs to a group, NCAs should review the current and planned organisation, structure and marketing policy of that group and assess how the overall activities of the applicant fit within the group strategy and interact with the activities of the other entities of that group. NCAs should also carefully consider during their assessment what the main activities conducted at group level are and ensure that these activities will not effectively be pursued and services be provided in the Union without relevant authorisation. In the case of MCIs, NCAs should ensure that the applying entity would not seek to be authorised for MiCA brokerage activities to be used, in fact, for soliciting clients established or situated in the Union and thus providing services in the Union on behalf of a non-EU execution venue9 . 21. NCAs should assess all facts and circumstances of the application to determine whether the applicant located in the Union would, as a matter of fact, be soliciting clients for the non-EU entities of its group. 22. Whilst MiCA does not prohibit crypto-asset service providers from routing, executing or hedging orders on non-EU execution venues, NCAs are responsible for assessing whether this constitutes solicitation of EU clients and provision of services in the Union by non-authorised entities in breach of Article 59 of MiCA. 23. Although a case-by-case assessment is required, the following facts and circumstances should be regarded by NCAs as very likely indications of unlawful solicitation of EU clients and consequent provision of services in the Union by a non-EU trading platform: • the EU-authorised broker systematically routes orders received to the group’s execution venue (be it a trading platform or another broker) located outside of the Union; • the EU-authorised broker has not analysed the availability of other suitable unaffiliated execution venues or is unable to provide a sound and substantiated justification for not including other unaffiliated execution venues in its execution policy; 8 ESMA clarifies timeline for MiCA and encourages market participants and NCAs to start preparing for the transition, 17 October 2023, ref. ESMA74-449133380-441, here. 9 While most crypto-asset conglomerates are expected to operate a multilateral trading platform outside the EU, there could also be cases where the non-EU entity is rather internalising the order flow, executing orders coming from EU clients on own account. Therefore, the term “execution venues” is used in this Opinion to capture both alternatives.

5 • when promoting or advertising its services, the EU-authorised broker relies on the reputation and brand of the non-EU exchange to attract business from EU clients, making it, for instance, difficult to distinguish its services from those of the group’s execution venue; • the EU-authorised broker has no or very limited sources of revenues (e.g. fees or commissions, spreads) for its brokerage activities with EU clients or has revenue flows that significantly diverge from what would be expected where an independent broker and independent execution venue interact. 24. Each one of these factors and circumstances described above might not as such singlehandedly point to provision of services in the Union or solicitation of EU clients by the EU-authorised broker on behalf of the non-EU execution venue. However, NCAs should adopt a holistic approach and take all circumstances into account to establish whether there exist sufficient elements that allow to presume or conclude that there is a solicitation of EU clients by the third-country firm through the EU broker. 25. While the provision of service to EU clients by a non-authorised entity is more likely to be implemented through EU brokers authorised for “reception and transmission of orders for crypto￾assets on behalf of clients” or "execution of orders for crypto-assets on behalf of clients”, it is also possible that a similar outcome may be achieved through other types of business setups. 26. Under MiCA, EU-authorised brokers may offer exchange services (i.e. exchange of crypto-assets for funds or other crypto-assets to EU clients) and enter into agreements with non-EU entities to manage their liquidity and hedge their risk. While such EU-authorised brokers should maintain discretion regarding how they manage their market risks and source their liquidity, NCAs should pay close attention to situations where an established hedging scheme has the main purpose or effect to channel EU order flows systematically and automatically to a unique non-EU execution venue and, in particular, where this non-EU execution venue is part of the same group. 27. In such cases, NCAs should consider carrying out a detailed assessment to determine if there is any unlawful provision of crypto-asset services in the Union by non-EU entities. More specifically, in addition to the circumstances listed in paragraph 23 above and acknowledging that a case-by￾case assessment is always necessary, NCAs should carefully scrutinise situations where the EU￾authorised broker does not engage in risk-facing transactions but systematically conducts, when executing EU client orders, riskless back-to-back transactions with/on the group’s execution venues as this may constitute a relevant indication of a strategy to structurally circumvent the MiCA regime. 28. Another circumstance that NCAs should carefully consider is the situation where the EU-authorised broker is streaming quotes to his clients from this non-EU liquidity provider. 5 Conflicts of interest 29. Under Article 72 of MiCA, crypto-asset service providers must identify, prevent, manage and disclose conflicts of interests between, inter alia, themselves and their clients. In supervising compliance with this requirement, NCAs should also consider activities of the group to which the crypto-asset service provider belongs. 30. The conflicts of interest risk being particularly prominent within MCIs which might attempt to create synergies between their different activities by offering integrated services to the detriment of their clients. The combination of EU brokerage activities with execution venues belonging to the same group, especially when the latter are located in third countries and being subject to no or less strict requirements compared to MiCA, should be regarded as a particularly risky combination of activities

6 creating financial, operational and logistical incentives to route and execute orders to the in-house trading platform. 31. NCAs should therefore pay particular attention to the identification and prevention or management of conflicts of interests by MCIs and in particular those offering, at group level, the above-mentioned combination of services (brokerage activities and trading platform). NCAs should not grant an authorisation under MiCA where they deem that structural conflicts of interest have been left inadequately managed. For those MCIs that would conduct brokerage activities in the EU, NCAs should for instance check that the interests of the group do not influence how and where orders from EU clients are executed. 32. Although a case-by-case assessment should be done by the NCA, the very decision - on an ex-ante basis and at a structural level, i.e. not on a case-by-case basis for each order - to execute orders on the group’s platform (especially when located in a third country) should be considered as a very strong indication that such structural conflict of interest has not been properly managed. Similarly, only having the technical capability to execute orders on other trading platforms without operationalising it in practice should be regarded by NCAs as a strong indication that conflicts within the MCI have not been adequately prevented or managed by the concerned entities. The disclosure of such conflict of interest by the EU broker to its clients should not be regarded as amounting to appropriately managing it. 6 Best execution 33. EU brokers executing orders on a third country trading platform must comply with Article 78 of MiCA. Article 78 of MiCA requires crypto-asset service providers executing orders for crypto-assets on behalf of clients to take all necessary steps to obtain, while executing orders, the best possible result for their clients. In order to achieve the best possible result, they must take into account the following factors: price, costs, speed, likelihood of execution and settlement, size, nature, conditions of custody of the crypto-assets as well as any other consideration relevant to the execution of the order. 34. NCAs should pay particular attention to the application of this provision with respect to crypto-asset service providers that are engaged in brokerage activities involving executing orders on behalf of clients and that are part of a group that includes execution venues (either through an entity executing orders on its own account and on a multilateral trading platform). In such cases, it is essential to ensure that the EU broker has procedures and operational accesses that would allow it to execute transactions with the best possible results for its clients. 35. Where a certain execution venue might enable the EU broker to obtain the best possible result for one crypto-asset, that same execution venue might deliver worse execution quality for other crypto￾assets compared to other execution venues. Therefore, the EU broker should, initially and periodically, be aware of the available execution venues and assess the benefits and additional costs, that would be passed on to its clients, of adding additional execution venues. In principle, especially when the EU broker offers execution of orders on a wide variety of crypto-assets, it should be considered unlikely that relying on one execution venue only would enable the EU broker to obtain the best possible result. 36. In all cases, including when the EU crypto-asset service provider acting as a broker has a trading platform within its group, Article 78(6) of MiCA requires that the EU broker undertakes on a regular basis an assessment of the execution quality offered by the available execution venues. This could be done, for example, in a two-stage approach, where the EU broker first compares the available execution venues on execution price and costs directly related to the execution. In the second stage,

7 the execution venues providing the best quality in the first stage could be compared with respect to the remaining factors. This would result in the selection of one or several execution venues that enable the EU broker to obtain the best possible result for the concerned crypto-asset. 7 Obligation to act honestly, fairly and professionally in the best interests of clients 37. In accordance with Article 66 of MiCA, crypto-asset service providers must act honestly, fairly and professionally in accordance with the best interests of their clients and prospective clients. 38. Consequently, when assessing whether an EU-authorised crypto-asset service provider acting as a broker complies or will be able to comply with this obligation, NCAs should also take into account the level of consumer protection offered by non-EU trading platforms (especially if not regulated) where the EU crypto-asset service provider intends to execute clients’ orders on these platforms. 8 Custody and administration of crypto-assets on behalf of clients 39. The process of executing client orders might involve an execution venue (temporarily) taking custody of client assets. Where this is the case, Article 75(9) of MiCA sets out that where a crypto￾asset service provider providing custody and administration of crypto-assets on behalf of clients relies on other entities to deliver that service, they should ensure that these entities are also authorised as crypto-asset service providers in accordance with Article 59 of MiCA. 40. As a result, in the case of EU-authorised brokers that are routing, executing or hedging orders and transactions on execution venues not authorised as crypto-asset service providers in the EU, NCAs should ensure that such execution venue does not at any point take custody or administration of the crypto-assets of EU-clients, as this would not be compliant with Article 75(9) of MiCA. 10 9 Promotion of common supervisory approaches by ESMA 41. As foreseen in Article 29(2) of the ESMA Regulation, ESMA may establish new practical convergence tools to promote common supervisory approaches and practices, including a forum for NCAs to report and discuss applications by market participants, and in particular MCIs, seeking to provide crypto-asset services in the EU, with the aim to promote consistent practices and decision￾making by NCAs. 42. ESMA stands ready to make use of all its powers in order to support convergent supervisory practices across the EU and effective application of MiCA through follow-up work including bringing cases for discussion in the context of this reporting and discussion forum, providing opinions to NCAs, conducting peer reviews and initiating investigations of possible breaches of Union law as the need may arise. 10 The non-EU execution venue may, however, take possession of EU clients’ assets for the specific purpose of settling a transaction executed on that venue. This should in no circumstances amount to the relinquishment of its custody obligations the EU broker.