MiCA (Markets in Crypto-Assets Regulation)

Before MiCA existed, crypto regulation in Europe was a patchwork. Germany had its own licensing regime. France ran a separate registration system called PSAN. Malta marketed itself as a “blockchain island” under its own rules. Estonia handed out licences by the thousands before tightening up. A crypto business authorized in one country had no automatic right to operate in another, and users in different EU countries had different levels of protection depending purely on where their exchange happened to be based.

MiCA changed that. A single regulation, applied uniformly across the entire EU, replacing the national piecemeal approach with one framework that every crypto business operating in Europe now has to follow.

What Is MiCA?

MiCA is a regulation passed by the European Parliament that creates a unified legal framework for crypto-assets and crypto-asset service providers across the EU. It entered into full force on December 30, 2024, after a phased rollout that began with stablecoin rules in June 2024.

The regulation does two things at once. First, it defines and regulates the crypto-assets themselves, categorizing them into three distinct types and setting rules for anyone who issues them. Second, it regulates the businesses that provide services around those assets, from exchanges and custody providers to portfolio managers and crypto advisors.

Before MiCA, EU crypto law was built largely on anti-money laundering (AML) directives that treated crypto businesses as obligated entities for financial crime purposes, but said almost nothing about how they should treat customers, hold funds, or manage operations. MiCA fills that gap with a comprehensive rulebook that more closely resembles traditional financial services law than the AML-focused frameworks it replaces.

The regulation applies directly in all EU member states without needing to be transposed into national law. Every country in the EU operates under the same rules from the same date, which is unusual for financial regulation and reflects how seriously the EU treated crypto as a cross-border problem requiring a unified solution.

Why Was MiCA Created?

The short answer is FTX and Terra/Luna. The longer answer starts several years earlier.

European regulators had watched crypto grow from a niche technology into a multi-trillion dollar market while operating under rules designed for traditional financial products. The risks were obvious: exchanges holding billions in customer funds with no segregation requirements, tokens launched with no disclosure obligations, and no consistent framework for handling insolvencies when things went wrong.

The Terra/Luna collapse in May 2022 wiped out an estimated $40 billion in value in under 48 hours, much of it from retail investors who had no idea a supposedly “stable” token could go to zero. FTX’s collapse in November 2022 erased another $32 billion and revealed catastrophic misuse of customer funds at a regulated level that no existing EU framework was equipped to address.

MiCA had been in development since 2020, but these collapses accelerated political momentum for its passage. The European Parliament approved it in April 2023. The regulation represents the EU’s answer to a question regulators had been circling for years: how do you apply financial services law to assets that don’t fit neatly into existing categories?

The answer was to build something new rather than stretch existing frameworks. MiCA is purpose-built for crypto, not an adaptation of securities law or banking regulation.

What Does MiCA Cover?

MiCA covers two parallel tracks: the assets themselves and the service providers around them.

• On the asset side, MiCA regulates anything that qualifies as a crypto-asset under its definition, which is a digital representation of value or rights that can be transferred and stored electronically using distributed ledger technology. The regulation sets rules for anyone issuing such assets to the public, including white paper requirements, disclosure obligations, and in some cases, capital and reserve requirements.
• On the service provider side, MiCA creates the CASP (Crypto-Asset Service Provider) category and defines a comprehensive list of services that require authorization, from exchange and custody to portfolio management and crypto advice.

What MiCA does not cover is equally important. Bitcoin and Ethereum are specifically excluded from the asset-side rules because they are sufficiently decentralized and do not have an identifiable issuer. NFTs that are truly unique and non-fungible fall outside the main framework, though the regulation includes provisions for assets that are nominally NFTs but function more like fungible tokens in practice. DeFi protocols with no identifiable legal entity behind them are largely outside scope, though this is an area regulators are actively reviewing for future legislation.

What Are the Three Crypto-Asset Categories Under MiCA?

MiCA defines three distinct categories of crypto-assets, each with its own set of rules for issuers.

• Asset-Referenced Tokens (ARTs) are tokens whose value is tied to multiple assets, such as a basket of currencies, commodities, or other crypto-assets. The category was designed primarily with Facebook’s failed Libra/Diem project in mind, which proposed a global currency backed by a basket of national currencies. ART issuers face the most stringent requirements under MiCA, including authorization from a National Competent Authority, significant own funds requirements, and strict reserve asset management rules.
• E-Money Tokens (EMTs) are tokens backed by a single fiat currency, functioning as electronic money in digital asset form. A euro-backed stablecoin is the clearest example. EMT issuers must be authorized as credit institutions or electronic money institutions and must maintain full backing of the token’s outstanding supply in secure, liquid assets. Redemption at par value must always be available to holders.
• Other crypto-assets covers everything else: utility tokens, governance tokens, and assets like Bitcoin and Ethereum that fall outside the first two categories. This is the catch-all category. Issuers of these assets must publish a white paper with defined minimum disclosures before offering their token to the public, but the requirements are significantly lighter than those for ARTs or EMTs.

The CASP authorization framework applies to all three categories. An exchange trading any of these asset types must hold CASP authorization regardless of which category the assets belong to.

Who Does MiCA Apply To?

MiCA applies to any person or entity issuing crypto-assets to EU residents, or providing crypto-asset services to EU clients, regardless of where that person or entity is based.

This extraterritorial scope is deliberate and significant. An exchange based in the Cayman Islands that actively markets to French or German users must comply with MiCA and obtain CASP authorization to serve those users legally. Physical location outside the EU is not a carve-out.

For businesses already operating in the EU under national frameworks, MiCA included transition provisions. Companies that held national registrations or licences in EU member states had an 18-month window from December 2024 to bring their authorization up to full CASP standard. The specific duration of this transition period varied by member state, with some national regulators offering the full window and others imposing earlier deadlines.

Issuers of crypto-assets have no equivalent transition period. Any token offered to EU investors after December 30, 2024 must comply with MiCA’s white paper and disclosure requirements from day one.

There are carve-outs for small issuances. Token offerings to fewer than 150 people per member state, or with a total consideration under €1 million over 12 months, are exempt from the white paper requirement. Offers exclusively to qualified investors are also exempt.

What Changed When MiCA Came Into Force?

The practical shift MiCA created is most visible in two areas: passporting and consumer protection.

• Passporting means that a CASP authorized in any single EU member state can serve customers across all 27 countries without separate authorization in each. Before MiCA, a crypto business authorized in Germany still needed to navigate French, Italian, and Spanish regulatory requirements separately to serve those markets. MiCA eliminated that barrier, making the EU a genuine single market for crypto services for the first time.
• Consumer protection rules now apply uniformly where they did not before. Exchanges must segregate client assets from operational funds. They must publish clear fee information before a client commits to a transaction. They must have formal complaint handling procedures. They must manage and disclose conflicts of interest. And they must provide clients with a right of redemption, meaning users can always get their assets back at fair value. None of these requirements existed consistently across the EU before MiCA.

For issuers, the white paper requirement changed how tokens can be launched in Europe. A token offering without a published, compliant white paper is now illegal across the entire EU market, which raises the cost and legal exposure of launching projects that were previously little more than a website and a promise.

Understanding what changed under MiCA also helps clarify what a crypto license actually means and why the distinction between old-style AML registrations and full CASP authorization matters for users choosing a platform.

How Does MiCA Affect Crypto Users?

For people buying, selling, or holding cryptocurrency, MiCA’s most direct impact is on the platforms they use and the protections those platforms must provide.

Any exchange serving EU clients under MiCA must hold client assets separately from the company’s own funds. This is a fundamental shift from the pre-MiCA landscape, where many EU-registered exchanges operated without formal segregation requirements. If an exchange becomes insolvent, segregated assets are not treated as company property, giving users a cleaner claim to recovery.

Fee transparency is mandatory. Exchanges cannot bury costs in spreads or disclose fees only after a transaction. Pre-transaction cost disclosure is a regulatory requirement, not a best practice.

Exchanges must also provide clear information about the risks of specific crypto-assets before a user buys. The white paper disclosure requirements that apply to issuers feed directly into what exchanges must make available to their clients.

For users in the EU, the practical question is simple: is the platform you are using CASP-authorized? An exchange operating in the EU without MiCA authorization is doing so illegally, which creates counterparty risk that no amount of good-looking UI can offset. Checking authorization status takes under a minute using the relevant national regulator’s public register.

Does Paybis Operate Under MiCA?

Paybis holds the MiCA CASP licence issued by the Bank of Latvia, covering crypto-asset services across all 27 EU member states and the broader EEA through MiCA’s passporting mechanism.

The licence was granted alongside the Payment Institution (PI) licence under PSD2, both issued on the same day in May 2026 by the same authority that supervises traditional financial institutions in Latvia. The official announcement confirmed that Paybis is now regulated by the same national authority governing conventional banks and financial services firms. Most exchanges operating in the EU today still hold legacy AML registrations. Full CASP authorization represents a higher tier of regulatory oversight.

Under MiCA’s obligations, client crypto funds at Paybis are held separately from the company’s own assets. Fee information is disclosed upfront. Formal complaint procedures are in place.

Paybis has operated since 2014 and serves 6.9 million+ users across 190+ countries. Users can buy crypto and buy Ethereum through a platform operating under the EU’s full CASP authorization framework. The Paybis MiCA coverage goes deeper on what the regulation means for the platform’s operations.

Key Takeaway

MiCA is the EU’s answer to a decade of fragmented, inadequate crypto regulation. It creates a single licensing framework for crypto service providers, sets consistent rules for asset issuers, and gives retail users across all 27 member states the same baseline protections regardless of which EU country their exchange is based in. For anyone buying, selling, or holding crypto through a European platform, CASP authorization under MiCA is the most meaningful regulatory indicator to check.