The European Securities and Markets Authority (ESMA) is seeking to become the sole watchdog over the bloc’s cryptocurrency sector. Several countries, including France, Italy, and the Netherlands, are pushing to make this happen to ensure centralised digital asset supervision.
In his keynote speech at the ACPR-AMF Fintech Forum, the Governor of the Banque de France, Francois Villeroy de Galhau, called for ESMA to be given full supervisory authority over all issuers in the region.
The European Council has responded to these calls and is expected to move oversight from national authorities to ESMA. The move aims to close regulatory gaps that have seen many issuers flock to friendlier jurisdictions like Malta.
Verena Ross, the Chair of ESMA, said the change will help build “a capital market that is more integrated and globally competitive.” In addition, she said the move would fix the current “fragmentations in markets”.
On its part, Malta is pushing back on this, fearing a centralised regulatory landscape would diminish its competitive edge. While the tug of war continues, many issuers have embraced the challenges MiCA brings and are working to achieve compliance in anticipation of centralised oversight.
ESMA’s Push for Harmonised Supervision
The market watchdog has already published detailed guidance under the Markets in Crypto Assets Regulation (MiCA) on how national regulators should monitor crypto markets. The move is aimed at preventing regulatory arbitrage and eliminating fraud and abuse.
“The guidelines aim to promote convergence by ensuring that NCAs apply consistent approaches when supervising crypto-asset markets,” the watchdog outlined in its release. “They also underline the need for cooperation between authorities in cross-border cases.”
Under the guidelines, national competent authorities (NCAs) are required to adopt risk-based and proportionate supervision. In addition to on-chain data, ESMA has asked these agencies to monitor social media and trading platforms to identify suspicious off-chain activity.
Increased Focus on Competence
ESMA also requires CASPs who offer information and advice to clients to ensure they have competent staff. “These guidelines will help ensure that staff providing advice or information about crypto-assets have the necessary skills and expertise,” the agency said. “This is essential to protect investors and enhance confidence in these markets.”
CASP employees are required to have appropriate education, professional experience, and ongoing training. The guidelines are expected to go into effect mid-next year.
What Firms Need to Do Now
MiCA implementation represents both a compliance challenge and a competitive opportunity for CASPs and trading platforms. Firms that act early can position themselves as credible partners for institutional investors and avoid costly enforcement risks later.
Strengthen Governance and Staff Competence
Crypto service providers must now conduct a full assessment of the knowledge and competence of their employees. Staff providing information to clients on products or services are now required to have 80 hours of training and 6 months of supervised experience in crypto assets. However, ESMA allows firms to hire or retain untrained employees if they have at least 12 months of supervised experience.
The bar is higher for CASPs that also offer advice to clients. In this particular case, the relevant staff must have at least 160 hours of training and 6 months of advisory experience. Additionally, the advisory team should be well-versed in DLT technology, tax implications, risks, and disclosure obligations.
Improve Surveillance Systems
Firms are now required to do some of the heavy lifting when it comes to detecting market abuse. CASPs can achieve this by creating a surveillance system to detect insider trading, market manipulation, and MEV.
Monitor and Report Suspicious Transactions
The new ESMA guidelines mandate CASPs to develop internal processes to flag suspicious orders and transactions. The watchdog’s guidelines require firms to engage NCAs to effectively monitor trading activity that spans multiple jurisdictions.
Get Audit-Ready Before Supervisors Come Knocking
NCAs are conducting more on-site inspections under MiCA. CASPs in friendlier jurisdictions should expect a tougher environment when ESMA finally centralises oversight. This could include supervisory checks or document requests, and preparing early can come in handy.
One way firms can achieve this is by maintaining complete documentation for training and governance. Additionally, they can run internal mock audits to identify weak spots early. Being audit-ready is more than just compliance hygiene, as it helps firms build credibility with institutional partners.
Tighten Up Marketing and Client Communications
MiCA requires issuers and CASPs to ensure fair marketing and customer communication. All advertising, product descriptions, and client materials must include clear and balanced risk disclosure, and misleading claims can quickly attract the attention of ESMA and NCAs.
Overstating potential returns or omitting volatility warnings could lead to penalties. One of the things firms can do now is monitor their relevant communications to ensure they do not pass on misinformation or unlawful disclosures.
Risks for Lagging Firms
The cost of non-compliance is expected to rise as ESMA centralises supervision. Firms that fail to meet the new standards risk losing their access to the broader EU market.
Besides market access, non-compliance can hurt an issuer’s reputation. Investments in crypto ETFs right now are largely driven by institutional investors, and many wouldn’t come within a mile of a non-compliant service or product.
The Strategic Payoff
While implementation will test the agility of many firms, especially smaller CASPs with limited budgets, those that move early will benefit from increased operational flexibility. MiCA allows a single regulatory passport to operate across all 27 member states, and many firms are expected to lose this access once ESMA centralises oversight.
Coming up with a new strategy early is now necessary to ensure continued compliance while avoiding excessive costs.
