The European Union reached a policy consensus on the MiCA in October 2022. On April 20, 2023, the regulation was finally approved by the European Parliament. This officially makes the MiCA the world’s first crypto asset regulation.
MiCA covers issuers and service providers, aiming to protect consumers and investors while ensuring financial stability and supporting innovation. The regulation, which will most likely take effect between the end of 2024 and early 2025, positions Europe as an attractive region in the crypto market.
What the MiCA entails and how it relates to the GDPR, read this blog!
What is the Mica Regulation and what is its purpose?
The acronym “MiCA” stands for Markets in Crypto Assets. This name accurately reflects the purpose of the regulation. Indeed, MiCA strives to bring regularity to the highly unregulated crypto world.
The regulation will not solve all the problems in the crypto world, there are simply too many and too complex technological developments at the moment for that. However, it is fair to say that this regulation is a nice start to addressing the initial problems.
Europe and the crypto market
In addition, there was a big difference between how different member states addressed the crypto issue. There was no unanimity.
Also, more and more citizens became entangled in the world of Crypto and all the risks involved.
There is no shortage of crypto providers in Europe, yet one can also observe that the value of the crypto market is not in Europe. One might ask, then, why was the MiCA drafted in Europe?
The reason for this can be found in the anti-money laundering regulations and the growing demands placed on crypto providers under these regulations.
Who does the MiCA regulation apply to?
The new European regulations on the cryptocurrency market apply to all individuals and companies operating in this market.
Includes cryptocurrency product providers and platforms that enable cryptocurrency trading.
In more legal terms, this means that the MiCA Regulation applies to those who issue crypto assets or provide services related to crypto assets within the EU.
This means that both individuals and legal entities operating in the cryptocurrency market must comply with regulatory rules.
The full scope of the regulation is contained in Article 2 of the MiCA.
The MICA and the GDPR
The introduction of GDPR regulations has been a major factor in terms of many technological developments.
It is therefore undeniable that the GDPR must somehow blend with the MICA.
After the final text of the MiCA was published on Oct. 4, 2022, a data protection opinion was issued almost immediately by the European Data Protection Supervisor (EDPS).
In this opinion, the EDPS emphasizes that crypto-assets should be issued in a GDPR-compliant manner.
The EDPS clearly states in its opinion that crypto-asset publishers, if the project in question processes personal data, are always data controllers under the GDPR.
Opinion:
The EDPS recommended that the MiCA clearly reflect that crypto issuers are responsible. The final text of the regulation highlights data protection issues in Article 88.
This provision places additional emphasis on requiring crypto-asset issuers to establish systems and procedures adequate enough to ensure that the integrity, confidentiality and security of the information comply with the provisions of the GDPR.
These systems should assist publishers in recording and retaining relevant data and records throughout their operations.
These goals should also be met by third parties when outsourcing.
In such a case, the conditions of this regulation should also always be met through the use of GDPR-compliant policies, the conclusion of agreements with adequate protection and explicit provisions on termination in case of non-compliance with agreed obligations.
What else? :
In addition, the GDPR applies as soon as data is processed from individuals located in the EU.
This applies even if the data is processed by a non-EU-based controller. This is known as the law of venue.
It means that although foreign companies may process data, they must comply with GDPR requirements when entering the EU marketplace.
The European legislature has partially refrained from including a similar system in its MiCA regulations, even though it would have been quite possible given the digital design of the products.
For example, to operate in the EU, issuers of asset-referenced tokens must be incorporated in the form of an EU-based legal entity under Article 15(2) MiCA.
However, there is no similar rule for general crypto-assets, so some sort of place-of-performance principle does apply to them.
What next:
Europe seems increasingly aware of its ability to influence global standards through regulation. This also means that MiCA will undoubtedly have a global impact on the standards used and
duties of care
.
It is not unimportant to note that the new rules are aimed not only at the European market, but also at improving global standards and protecting consumers worldwide.
If Circle chief strategy officer Dante Disparte is to be believed, the MiCA will be for Crypto what the GDPR was for data protection.
Conclusion
With MiCA the European legislator seems to have taken a good first step to bring regulation to the Crypto world.
There is no doubt that the MiCA will be emulated worldwide. Whether the Mica will actually provide the intended protection will become clear in the near future.
The Mica, along with the GDPR, will need to ensure that users and their data are protected in the crypto world.
