25 October 2023

ESMA encourages smooth implementation of EU MiCA, and warns of “forum-shopping” risk

On 17 October 2023, the European Securities and Markets Authority (ESMA) published a statement addressed to cryptoasset providers and the National Competent Authorities (NCAs) that will be responsible for their supervision, in which ESMA clarified the implementation timeline for the upcoming application of the Regulation (EU) 2023/1114 on markets in crypto-assets (MiCA). ESMA also published a letter addressed to the Economic and Financial Affairs Council (ECOFIN), ESMA Chair, Verena Ross, calling on Member States to take action to ensure a smooth transition. In its communications, ESMA highlighted the risk of “forum shopping” by entities in the cryptoasset space, whereby the inconsistent implementation and enforcement of MiCA across Member States may reduce the effectiveness of the new rules.



The Regulation on markets in crypto-assets (MiCA) was published in the Official Journal of the EU on 9 June 2023. During the “implementation phase” of MiCA (i.e. from entry into force until the date of full application in December 2024), ESMA, in close cooperation with the other European Supervisory Authorities (ESAs) and national competent authorities (NCAs) of EU Member States, is preparing the technical standards and guidelines that specify how the new rules will apply to issuers, offerors, and service providers of crypto-assets. As of the date of this article, two (out of three) consultation packages in relation to such technical standards and guidelines have been published for public consultation. Accordingly, holders of crypto-assets and clients of crypto-asset service providers will not benefit from any EU-level regulatory protections introduced by MiCA until at least December 2024.

Additionally, Member States have the option of granting entities already providing crypto-asset services in their jurisdictions up to an additional 18-month “transitional period” during which they may continue to operate without a MiCA license—this is also known as a “grand-fathering clause”. This means that holders of crypto-assets and clients of crypto-asset service providers may not benefit from full rights and protections afforded to them under MiCA until as late as 1 July 2026, depending on the duration chosen by Member States.

“Forum-Shopping” Risk

A key purpose of MiCA is to establish a single, EU-level framework for the regulation and supervision of cryptoasset activities. There is a risk however that divergences in the implementation and enforcement of MiCA by different EU Member States will lead to “forum-shopping” by market players—in other words, where entities seek to take advantage of differences in regulatory frameworks, thereby reducing the effectiveness of the regulation.

In the statement and the letter published on the 17 October 2023, ESMA emphasised the concern that the extensive reliance on the “grandfathering clause” by Member States will lead to an uneven playing field and regulatory arbitrage, and that consistency across the application of MiCA by EU Member States is paramount to reducing this risk of “forum-shopping”.

To address this challenge, ESMA is actively working to promote a stringent approach to supervisory convergence, with a focus on (i) facilitating the exchange of information between competent authorities on authorisation requests and real supervisory cases in their jurisdictions, (ii) encouraging the convergent application of MiCA rules as early as possible, (iii) consulting with the European Commission to provide the basis for a common understanding on MiCA provisions that may require further clarity.

In particular, ESMA urged Member States to take action in the following key areas:

  • To designate without delay the NCAs responsible for carrying out the functions and duties provided for in MiCA, to ensure NCAs are granted adequate powers and resources to exercise their responsibilities, and such NCAs should establish as soon as possible their supervisory procedures related to the authorisation regime set out in the MiCA;
  • To consider reducing the duration of the ‘grandfathering clause’ to a maximum of twelve months. ESMA additionally called on Member States to notify their approach to this grandfathering clause to the European Commission and ESMA well ahead of the 30 June 2024 deadline, ideally by the end of 2023.

Next steps

In light of the above, cryptoasset service providers operating in the EU or intending to provide services to customers in the EU should not assume that the current permissions they hold in relation to providing cryptoasset services (for example, under anti-money laundering and counter financing of terrorism rules of specific EU Member States) will remain valid up until 1 July 2026. It would be prudent to stay abreast of developments relating to the implementation of MiCA, and to begin taking steps to prepare for compliance with the MiCA framework ahead of that date.


Authored by Eimear O' Brien and Christina Wu.