LINARI LAW

ESMA supervisory briefing for CASPs under MiCA: The crypto standard

On January 31, 2025, ESMA issued new guidance for crypto-asset service providers (CASPs) under the EU’s MiCA regulation. CASPs must meet strict standards in governance, compliance, and anti-money laundering efforts. A genuine local presence and strong oversight are key for authorisation. Cross-border operations face heightened scrutiny.

How will these changes affect the crypto industry?

The European Securities and Markets Authority (ESMA) issued new supervisory guidance on January 31, 2025, regarding the authorisation of crypto-asset service providers (CASPs) under Regulation (EU) 2023/1114 of the European Parliament and of the Council of 31 May 2023 on markets in crypto-assets, as amended (MiCA). These guidelines aim to establish a harmonised regulatory framework across the EU, setting stringent requirements for CASPs seeking regulatory authorisation. The guidance underscores the importance for firms operating in the crypto-asset space across the EU to meet heightened expectations in governance, compliance, and risk management.

ESMA considers all CASPs to be high-risk entities due to their cross-border operations and exposure to financial crime risks, particularly money laundering and terrorist financing. As a result, national supervisory authorities will subject applications to rigorous assessments, ensuring that firms demonstrate robust operational substance, effective internal controls, and compliance. A key requirement is maintaining a sufficient physical presence within the country of authorisation. CASPs must establish genuine decision-making authority at the local level, with executives and key personnel actively engaged in oversight and governance. “Letter-box” entities will not satisfy MiCA’s authorisation standards.

While outsourcing remains a common practice, special scrutiny will apply to outsourcing arrangements involving non-EU entities. Additionally, all CASPs will be subject to rigorous fit and proper assessments of their senior executives and board members. Prior regulatory violations, governance failings, or ongoing criminal proceedings—even in non-EU jurisdictions—may significantly impact an entity’s ability to secure CASP authorisation.

Given the inherent risks within the crypto-asset industry, MiCA places a strong emphasis on anti-money laundering (AML) and counter-terrorist financing (CFT) measures. Firms must implement comprehensive AML/CFT frameworks that align with EU regulatory expectations, ensuring they can effectively monitor, detect, and mitigate financial crime risks. The ability to demonstrate compliance with these standards will be critical for firms seeking to establish or maintain operations in the pan-European crypto-asset market.

PREVIOUS
Luxembourg’s first vote on EU mobility directive implementation
NEXT
Important updates to Luxembourg’s RCS and RBO

Related posts

Browse All
Know Your Assets: Strengthening ML/TF compliance for registered AIFMs

Know Your Assets: Strengthening ML/TF compliance for registered AIFMs

As regulatory scrutiny grows, Know Your Assets (KYA) is becoming essential for registered AIFMs managing ML/TF risks. This article outlines what KYA compliance means in practice and how AIFMs can strengthen their approach, especially for unlisted assets.
Court of Appeal clarifies the grey zone and sets out employment relationship rules

Court of Appeal clarifies the grey zone and sets out employment relationship rules

In a key judgment on April 3, 2025, the Luxembourg Court of Appeal clarified a common labour law question: when does a role qualify as employment versus a corporate mandate? The case involved claims of abusive dismissal and severance pay but ultimately hinged on the test of subordination. The ruling…
Luxembourg Court of Cassation invalidates excessive reimbursement clause hindering resignation rights

Luxembourg Court of Cassation invalidates excessive reimbursement clause hindering resignation rights

Luxembourg’s Court of Cassation has ruled that excessive financial penalties cannot restrict an employee’s right to resign. The case involved a €25,000 penalty clause imposed on a senior consultant who resigned early. The Court found the clause disproportionate and invalid. It emphasized that resignation rights are protected by public policy.…
Luxembourg retains AAA credit rating: A testament to stability and resilience

Luxembourg retains AAA credit rating: A testament to stability and resilience

Once again, Luxembourg has secured its AAA credit rating for 2025, despite ongoing global economic pressures. This prestigious rating is a testament to Luxembourg's solid economic management, a resilient financial sector, and smart fiscal policies that continue to position the country as a reliable and stable financial hub in Europe.
Investing in Nigeria: Unlocking opportunities through strategic legal partnerships

Investing in Nigeria: Unlocking opportunities through strategic legal partnerships

As global investors turn their attention to West Africa, Nigeria stands out as a vibrant center of opportunity and growth. Navigating this fast-moving market requires more than capital—it demands deep local knowledge and strategic legal support.
CSSF updates on ICT risk management and outsourcing obligations for financial professionals

CSSF updates on ICT risk management and outsourcing obligations for financial professionals

In April 2025, the CSSF introduced updates to Luxembourg’s ICT risk management and outsourcing regulations, which are set to transform compliance for financial professionals. Here’s what you need to know!
Browse All

A LEGACY OF LAW. A FUTURE OF INNOVATION.
25 years of legal excellence – the journey continues.

Contact Info

+352 27 11 60 10

info@linari-law.lu

128 Rue du Cimetière, L-8018 Strassen
Luxembourg

UP