European Union: crypto & digital assets regulation

Regulated

EU crypto regime under MiCA; ESMA/EBA dual oversight; full licensing required by March 2026

Lead regulator:
European Securities and Markets Authority (ESMA) and National Competent Authorities
Key law:
Markets in Crypto-Assets Regulation (MiCA), Regulation (EU) 2023/1114
Last updated:
2026-07-12

The European Union operates a comprehensive licensing regime for crypto-asset service providers (CASPs) and token issuers under the Markets in Crypto-Assets Regulation (MiCA). National Competent Authorities (NCAs) are the primary supervisors, with ESMA overseeing CASPs and the EBA overseeing Asset-Referenced Token (ART) and E-Money Token (EMT) issuers, ensuring harmonized application across the bloc.

Entities must obtain authorization to provide services such as exchange, custody, and advisory, with strict requirements for operational resilience, investor protection, and market integrity. The transition period for existing entities ended on 2 March 2026, after which full compliance with MiCA licensing and prudential standards is mandatory.

Notable restrictions include a narrow scope for the reverse solicitation exemption to prevent regulatory arbitrage, stringent rules on reserve assets for stablecoins, and mandatory suitability assessments for management bodies. The regulatory direction emphasizes preventing dual authorization burdens where MiCA and PSD2 overlap, particularly for electronic money tokens.

Who regulates

  • European Securities and Markets Authority (ESMA)

    Supervises crypto-asset service providers (CASPs) and issues guidelines on market abuse, investor protection, and classification.

    [1][2][3][4][5][6][7][8][9][10][11][12][13]
  • European Banking Authority (EBA)

    Supervises Asset-Referenced Token (ART) and E-Money Token (EMT) issuers; issues guidelines on prudential requirements, liquidity, and classification of significant tokens.

    [14][15][16][17][18][19][20][21]

Core laws & rules

Licensing & registration

  • Crypto-Asset Service Provider (CASP) Authorization

    Entities must be authorized by National Competent Authorities to provide services such as exchange, custody, and advisory. The transition period for existing entities ended on 2 March 2026, requiring full compliance. Timeline: Transition period ended 2 March 2026

    [14][10][13]
  • Asset-Referenced Token (ART) and E-Money Token (EMT) Issuer Authorization

    Issuers of ARTs and EMTs require authorization, with the EBA supervising significant issuers. Strict rules apply to reserve assets, which must be held in highly liquid financial instruments with minimal risk.

    [14][17][18][21]

Restrictions & warnings

  • The reverse solicitation exemption for third-country firms is narrowly defined to prevent regulatory arbitrage and circumvention of MiCA rules.

    [6][11]
  • CASPs must implement robust systems for detecting and reporting market abuse, and maintain strict operational resilience and security access protocols.

    [2][5][4]
  • Reserve assets for ARTs and EMTs cannot be invested in non-highly liquid financial instruments, as rejected by the EBA in draft RTS.

    [17][18]

Direction of travel

  • Regulators are focusing on harmonized application of MiCA, preventing dual authorization burdens with PSD2, and ensuring high standards for investor protection and market integrity.

    [14][19][20]

Sources

  1. Final Report on Guidelines for Assessment of Knowledge and Competence under MiCA · 2025-07-11
  2. Final Report on Guidelines for Preventing and Detecting Market Abuse under MiCA · 2025-04-29
  3. ESMA Opinion on RTS specifying requirements for conflicts of interest for crypto-asset service providers under MiCA · 2025-01-24
  4. Final Report on Guidelines specifying Union standards on systems and security access protocols for crypto-asset offerors · 2024-12-17
  5. Final Report on Draft Technical Standards for Market Abuse Detection and Prevention under MiCA · 2024-12-17
  6. Final Report on Guidelines on Reverse Solicitation under MiCA · 2024-12-17
  7. Final Report on Guidelines for Qualifying Crypto-Assets as Financial Instruments · 2024-12-17
  8. Final Report on Guidelines specifying certain requirements of the Markets in Crypto Assets Regulation (MiCA) on investor protection – third package · 2024-12-17
  9. Final Report on Guidelines for Crypto-Asset Classification Templates and Standardised Test under MiCAR · 2024-12-10
  10. ESMA Opinion on MiCA Regulatory Technical Standards for Crypto-Asset Service Provider Authorisations and Notifications · 2024-10-16
  11. ESMA Opinion on the Convergent Application of MiCA to Broker Models · 2024-07-31
  12. Final Report on technical standards specifying certain requirements in relation to conflicts of interest for crypto-asset service providers under MiCA · 2024-05-31
  13. Final Report on Draft Technical Standards for Markets in Crypto Assets Regulation First Package · 2024-03-25
  14. Opinion on the end of the No-action Letter transition period · 2026-01-01
  15. EBA Opinion on money laundering and terrorist financing risks affecting the EU financial sector · 2025-01-01
  16. Guidelines amending Guidelines on equivalence of confidentiality regimes · 2025-01-01
  17. EBA Opinion on Final Draft RTS to Further Specify the Liquidity Requirements of the Reserve of Assets · 2025-01-01
  18. EBA Opinion on Final Draft RTS to Specify Highly Liquid Financial Instruments with Minimal Risk under MiCA · 2025-01-01
  19. Opinion on the interplay between PSD2 and MiCA in relation to crypto-asset service providers that transact electronic money tokens · 2025-01-01
  20. Joint EBA and ESMA Guidelines on the suitability assessment of management body members and shareholders for MiCA entities · 2024-06-27
  21. Decision on the Procedure for the Classification of Asset-Referenced Tokens and E-Money Tokens as Significant under MiCAR · 2024-01-01

Email alerts for European Union updates

New circulars, rules and guidance — a digest in your inbox, same day.

This guide is compiled automatically from 21 primary-source documents published by European Union's regulators, reviewed by RegAlert, and refreshed monthly (last updated 2026-07-12). It is not legal advice — always confirm requirements with the regulator or local counsel before acting.