MiCA
Markets in Crypto-assets Regulation — Regulation (EU) 2023/1114
Standard Introduction
MiCA is an active standard published by European Union. It is commonly used across Finance & Banking, Technology, Services and applies in European Union, European Economic Area.
Use this page to review the official documentation, current status, and the certification or assessment bodies most commonly associated with MiCA.
EU crypto market passport
MiCA creates a harmonised authorisation regime for crypto-asset service providers, allowing authorised firms to operate across the EU subject to regulatory conditions.
Stablecoin controls
Asset-referenced tokens and e-money tokens face reserve, governance, redemption, white paper, and supervision requirements, with heightened scrutiny for significant tokens.
Operational resilience link
Crypto firms often need to coordinate MiCA licensing with DORA ICT risk management, cybersecurity controls, outsourcing oversight, and incident response.
list_alt MiCA Compliance Themes
- CASP authorisation and governance arrangements
- Crypto-asset white papers and marketing communications
- Stablecoin reserve, redemption, and prudential requirements
- Market abuse prevention and conflicts management
- Client asset safeguarding and complaint handling
- DORA-aligned ICT risk and third-party oversight
Who Needs to Comply?
Crypto-asset service providers, issuers of asset-referenced tokens, issuers of e-money tokens, trading platforms, custodians, exchange services, wallet providers, and fintechs offering crypto services to EU clients.
Key Requirements
Authorisation and governance
CASPs must obtain authorisation, maintain fit-and-proper management, implement governance controls, and meet prudential, safeguarding, and complaint-handling obligations.
White papers and disclosures
Issuers must publish compliant crypto-asset white papers and ensure marketing communications are fair, clear, and not misleading.
Stablecoin reserves and redemption
ART and EMT issuers must maintain reserve assets, redemption rights, governance arrangements, and additional controls for significant tokens.
Market abuse and conflicts
Implement controls for inside information, market manipulation, conflicts of interest, order handling, and fair treatment of clients.
Implementation Roadmap
Define EU crypto-asset regulation scope
Identify the products, services, systems, entities, jurisdictions, teams, vendors, and stakeholders covered by MiCA. Confirm owners, boundaries, applicable obligations, documentation, and evidence expectations for crypto-asset classification, white papers, issuer obligations, asset-referenced tokens, e-money tokens, CASP authorization, governance, capital, custody, complaints, conflicts of interest, market abuse, ICT resilience, and supervisory reporting.
Assess obligations and gaps
Compare current practices with the expected EU crypto-asset regulation approach. Review token classification, white-paper governance, reserve management, custody controls, prudential monitoring, fit-and-proper governance, complaint handling, conflicts management, market-abuse surveillance, outsourcing, ICT controls, and regulatory notifications, then prioritize gaps by legal exposure, financial reporting impact, security or privacy impact, customer commitments, operational dependency, and audit readiness.
Implement controls and evidence
Deploy required procedures, technical controls, review gates, training, supplier workflows, reporting paths, and operational records. Maintain classification memos, white papers, authorization files, governance records, reserve reports, custody reconciliations, complaint logs, conflict registers, transaction surveillance alerts, outsourcing files, ICT evidence, and regulator correspondence as traceable evidence.
Review, report, and improve
Run management reviews, internal checks, independent assessments where applicable, corrective actions, and change reviews. Refresh the program when products, vendors, laws, incidents, assurance expectations, or stakeholder needs change.
Compliance Checklist
checklist Scope and accountability
checklist Controls and records
checklist Monitoring and assurance
Penalties & Enforcement
MiCA enforcement is handled by national competent authorities with EU-level coordination by ESMA and EBA. Firms risk licence refusal or withdrawal, public enforcement measures, business restrictions, and administrative fines set under the regulation and national implementation rules.
Frequently Asked Questions
Who needs MiCA?
expand_more
MiCA is most relevant to crypto-asset issuers, offerors, trading platforms, custodians, exchanges, and crypto-asset service providers operating in or targeting the EU. The exact scope depends on products, services, jurisdictions, customer commitments, assurance requirements, and the organization's role in the relevant ecosystem.
Is MiCA certifiable?
expand_more
MiCA is an EU legal authorization and compliance regime, not a certification. Firms may need authorization, white papers, governance, prudential safeguards, and ongoing supervision.
What should implementation focus on first?
expand_more
Start by defining scope, obligations, accountable owners, and the evidence expected by regulators, auditors, customers, or governance bodies. Then perform a gap assessment against current controls and prioritize remediation by risk and deadline.
What evidence is useful for MiCA?
expand_more
Useful evidence includes classification memos, white papers, authorization files, governance records, reserve reports, custody reconciliations, complaint logs, conflict registers, transaction surveillance alerts, outsourcing files, ICT evidence, and regulator correspondence. Evidence should be version-controlled, attributable to owners, linked to obligations and controls, and retained for the required review or audit period.
How often should the program be reviewed?
expand_more
Review it at planned intervals and whenever laws, products, vendors, incidents, customer commitments, reporting cycles, or assurance expectations change. Higher-risk obligations should have more frequent monitoring and management reporting.
Official Documentation
Official PDF for MiCA
Official publication or summary for MiCA
Official online resource
European Union guidance and reference material
Implementation toolkit
Templates, guidance, or companion resources for MiCA