Markets in Crypto-Assets Regulation and a ValidEntry Solution

With the expectation that the EU’s Markets in Crypto-Assets Regulation (MiCA) is scheduled to take effect before the end of 2024, it is very important for crypto-asset service providers to become familiar with the requirements that the legislation imposes. Due to the high risk of fraud that crypto-assets carry, MiCA has placed requirements onto the service providers to provide the EU regulators with information on the internal control mechanisms, policies, and procedures that are used to identify and manage the risks of money laundering and terrorist financing. If the service provider fails to have effective systems in place to handle these risks, they can have their authorization refused or withdrawn. The legislation also places guidelines on the operation of trading platforms for crypto-assets where a requirement for a set approval process that includes customer due diligence checks is stated.

In addition, starting on December 31st of 2025, the ESMA (European Securities and Markets Authority) will begin submitting reports to the European Parliament and to the Council on the application of this regulation and developments in the crypto-asset market place. These reports includes mapping the geographical locations, KYC level, and customer due diligence procedures of unauthorized exchanges that are providing services to EU residents. This is a way to monitor and target the active crypto-assets service providers that are both unauthorized and have high risk of money laundering and terrorist financing.

The following Articles and Section should be noted:

Section 16: “…Any legislative act adopted in the field of crypto-assets should also contribute to the objective of combating money laundering and terrorist financing. For that reason, entities offering services falling within the scope of this Regulation should also comply with applicable anti-money laundering and counter-terrorist financing rules of the Union, which integrate international standards.”

Article 18 Application for authorisation

Section 2 The application referred to in paragraph 1 shall contain all of the following information:

(g) “where cooperation arrangements with specific crypto-asset service providers exist, a description of their internal control mechanisms and procedures to ensure compliance with the obligations in relation to the prevention of money laundering and terrorist financing under Directive (EU) 2015/849;”

Article 21 Grant or refusal of the authorisation

Section 2 Competent authorities shall refuse authorisation where there are objective and demonstrable grounds that:

(e) “the applicant issuer’s business model might pose a serious threat to market integrity, financial stability, the smooth operation of payment systems, or exposes the issuer or the sector to serious risks of money laundering and terrorist financing.”

Article 24 Withdrawal of the authorisation

Section 1 Competent authorities shall withdraw the authorisation of an issuer of an asset-referenced token in any of the following situations:

(g) “the issuer’s activity poses a serious threat to market integrity, financial stability, the smooth operation of payment systems or exposes the issuer or the sector to serious risks of money laundering and terrorist financing.”

Article 60 Provision of crypto-asset services by certain financial entities

Section 7 For the purposes of paragraphs 1 to 6, the following information shall be notified:

(b) “a description of:”

(ii) the risk assessment framework for the management of money laundering and terrorist financing risks;

Article 62 Application for authorisation as a crypto-asset service provider

Section 2 The application referred to in paragraph 1 shall contain all of the following information:

(i) “a description of the applicant crypto-asset service provider’s internal control mechanisms, policies and procedures to identify, assess and manage risks, including money laundering and terrorist financing risks, and business continuity plan;”

Article 64 Withdrawal of authorisation of a crypto-asset service provider

Section 1 Competent authorities shall withdraw the authorisation of a crypto-asset service provider if the crypto-asset service provider does any of the following:

(f) “fails to have in place effective systems, procedures and arrangements to detect and prevent money laundering and terrorist financing in accordance with Directive (EU) 2015/849;”

Article 76 Operation of a trading platform for crypto-assets

Section 1 Crypto-asset service providers operating a trading platform for crypto-assets shall lay down, maintain and implement clear and transparent operating rules for the trading platform. Those operating rules shall at least:

(a) “set the approval processes, including customer due diligence requirements commensurate to the money laundering or terrorist financing risk presented by the applicant in accordance with Directive (EU) 2015/849, that are applied before admitting crypto-assets to the trading platform;

Section 7 Crypto-asset service providers operating a trading platform for crypto-assets shall have in place effective systems, procedures and arrangements to ensure that their trading systems:

(h) “are sufficiently robust to prevent their abuse for the purposes of money laundering or terrorist financing.”

Article 141 ESMA annual report on market developments

By 31 December 2025 and every year thereafter, ESMA, in close cooperation with EBA, shall submit a report to the European Parliament and to the Council on the application of this Regulation and developments in markets in crypto-assets. The report shall be made publicly available.

The report shall contain the following:

(g) “a mapping of the geographical location and level of know-your-customer and customer due diligence procedures of unauthorised exchanges providing services in crypto-assets to Union residents, including the number of exchanges without a clear domiciliation and the number of exchanges located in jurisdictions included in the list of high-risk third countries for the purposes of Union rules on anti-money laundering and counter-terrorist financing or in the list of non-cooperative jurisdictions for tax purposes, classified by the level of compliance with adequate know-your-customer procedures;”

ValidEntry provides a cost effective and simple integration solution to fulfill the requirements that MiCA imposes. It’s important to make sure your business is within these requirements and that you, your assets, and your clients are all safe and well protected. Our team can empower yours with Web 3.0 focused user access management tools that allow for customizable levels of granularity. This customization can include zero-knowledge proof KYC for your decentralized applications that enhance user privacy while maintaining a safe, secure Web 3.0 e-commerce system.

ValidEntry believes in the benefit of utilizing Web 3.0 technology to benefit your company, while remaining cost effective and simple to integrate. It is now more important than ever to take control over the security of your digital assets and ValidEntry can help you do that. For more information check us out on our website. https://www.validentry.com/

Markets in Crypto-Assets Regulation (MiCA): https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX%3A32023R1114#d1e12515-40-1