ESMA guidance on CASP Authorisation under MiCA 

The European Securities and Markets Authority (ESMA) has released a Supervisory Briefing aimed at fostering a convergent approach among National Competent Authorities (NCAs) in the EU regarding the authorisation of Crypto-Asset Service Providers (CASPs) under the Markets in Crypto-Assets Regulation (MiCA). 

From a legal perspective, we highlight the following takeaways from ESMA's guidance: 

Risk-Based Approach: ESMA firmly states that there are no low-risk CASPs. NCAs will adopt a risk-based approach, subjecting entities with specific risk factors to elevated scrutiny. These factors include size (e.g., over 1,000,000 yearly active users or €3,000,000,000 balance sheet), complex group structures, significant cross-border activity, a crucial role in the ecosystem, a combination of crypto-asset services, novel business models (like combining ART/EMT issuance with CASP services), extensive outsourcing, and adverse supervisory history.

Substance and Governance: NCAs will closely evaluate whether CASPs have sufficient local autonomy to make decisions on their EU policy and ensure they have adequate in-country personnel, including at least one executive management board member located in their jurisdiction. A business setup where more key functions are performed outside the EU than within will be critically assessed.

Outsourcing: ESMA emphasises that outsourcing should not lead to a delegation of responsibility by the CASP or prevent NCAs from exercising their supervisory functions. Particular attention will be paid to the outsourcing of key functions and outsourcing to third countries.

Fit and Proper Assessment: NCAs will conduct thorough assessments of the individual and collective suitability of executive and supervisory board members, considering their experience, technical knowledge of crypto-assets, and any prior supervisory transgressions.

Business Plan: CASPs must present a realistic business plan with projections for at least three years and clearly defined intermediate points to allow for monitoring. NCAs will also expect CASPs to consider pessimistic scenarios where revenues fall below projections.

Notifications: ESMA provides guidance on the administration of notified MiCA services in national registers and outlines the process for dealing with incomplete notifications.

ESMA’s Supervisory Briefing underscores the importance of a robust and risk-aware approach to CASP authorisation under MiCA. Ensuring compliance with these expectations will be crucial for firms seeking to operate within the EU's regulatory framework for crypto-assets.

To read the full ESMA’s Supervisory Briefing, follow the link: https://buff.ly/DNZSOOs