In recent weeks, one praiseful post follows the other regarding the Markets in Crypto Assets Regulation (MiCAR). But what implications does MiCAR have for so-called crypto asset service providers (CASP) regarding technology infrastructure, processes, and organizational requirements?
First, it should be noted that various services and activities related to crypto assets fall under the definition of a CASP of MiCAR. Logically, this includes crypto exchanges that grant investors access to crypto assets. The underlying process of an order and its settlement is straightforward if the crypto exchange provides custody to its clients. However, for banks that grant their customers access to crypto assets, the value chain often consists of many intermediaries to settle an order. All of the aforementioned players, as well as issuers of crypto assets, have in common that they will have to manage the requirements of MiCAR to be able to passport their services throughout the EU in the future. Therefore, in the coming weeks, we will highlight the different crypto services subject to authorization under MiCAR (see Figure 1.).
The general requirements for CASPs are based on the equivalent services in the securities sector (MiFID II), which have been established for many years. While banks are very familiar with this regulation, the services covered by the definition of CASP must now be examined concerning conformity with MiCAR. For crypto-native firms, this poses a far greater challenge.
But what are the basic requirements in practice?
1. Record-Keeping: MiCAR mandates that CASPs maintain accurate and complete client orders, transactions, and communications records. This includes electronic records, which may require appropriate IT infrastructure and systems for capturing, storing, and retrieving data.
2. Data Security and Integrity: CASPs are responsible for ensuring the security and integrity of client data and other sensitive information. They must implement appropriate IT systems and processes to protect against unauthorized access, data breaches, and cyber threats.
3. Best Execution: MiCAR requires CASPs to take reasonable steps to achieve the best possible execution of client orders. This may involve using sophisticated IT systems and algorithms for order routing, execution monitoring, and capturing market data to ensure compliance with best execution obligations.
4. Reporting Obligations: MiCAR imposes reporting requirements on CASPs, including transaction reporting to competent authorities. This necessitates robust IT systems capable of accurately and timely reporting transactions, maintaining audit trails, and providing relevant data to regulatory authorities.
5. Compliance Monitoring and Surveillance: CASPs must have systems and processes in place to monitor and detect potential market abuse, insider trading, and other misconduct. These may involve IT tools and surveillance systems that analyze trading activities and communication patterns and detect suspicious behaviors.
6. Systems Resilience and Business Continuity: MiCAR emphasizes the importance of ensuring the resilience of IT systems and maintaining business continuity in the event of disruptions or disasters. CASPS are expected to have robust IT infrastructure, backup systems, and disaster recovery plans to minimize service disruptions and protect client interests.
7. Transparency requirements for trading activities and prices: CASPs must make their pricing, cost, and fee policies, as well as related crypto white papers, publicly available on their websites.
Conclusion
MiCAR is a comprehensive and complex regulatory framework with numerous requirements and obligations. CASPs may find navigating and interpreting these regulations challenging, especially without dedicated compliance teams or prior experience in dealing with such regulatory frameworks. Meeting the compliance obligations of MiCAR can require significant investments in technology, infrastructure, compliance processes, and skilled personnel.
Questions and open issues? Leverage our expertise at intas.tech to conduct comprehensive assessments and identify potential gaps in your organization’s adherence to MiCAR regulations, ensuring you stay ahead of the curve and mitigate risks.
About intas.tech
intas.tech is a blockchain consultancy founded by the Frankfurt School and Plutoneo Consulting and is specifically tailored to the needs of financial organizations. intas.tech focuses on the integration and handling of digital assets and the strategic evaluation of blockchain deployment opportunities and their implementation.
