European Union (MiCA)

The MiCA structure. MiCA is a Regulation (directly applicable in member states without transposition) covering: (a) issuance of crypto-assets and disclosure (whitepaper requirements); (b) issuance and supervision of asset-referenced tokens (ARTs) and e-money tokens (EMTs); (c) authorisation and ongoing requirements for crypto-asset service providers (CASPs); (d) market abuse and insider trading rules for crypto markets; (e) supervisory architecture with EBA / ESMA / NCA coordination.

Scope and exclusions. MiCA explicitly excludes: (a) crypto-assets that qualify as financial instruments under MiFID II (those are governed by securities laws); (b) NFTs that are 'truly unique and not fungible' (though fractional NFTs may fall within MiCA); (c) central-bank digital currencies; (d) pure-utility tokens used only on a specific platform (a narrow exclusion); (e) services provided to a closed group. Many tokenised securities will fall under MiFID II rather than MiCA.

Phased application. MiCA's stablecoin (ART/EMT) provisions applied from June 30, 2024. The remaining provisions (CASP authorisation, whitepaper requirements, market abuse rules) became fully applicable on December 30, 2024. Existing CASPs operating under national regimes were given an 18-month transitional period to obtain MiCA authorisation (extended to July 1, 2026 in most member states).

EU passport. A CASP authorised in one EU member state can passport its services across all 27 member states without additional authorisation — a major operational advantage compared to the US state-by-state model. Notification to host-state regulators is required but additional substantive licensing is not.

CASP authorisation requirements. Crypto-Asset Service Providers must be authorised by an NCA in the EU member state of their head office. Authorisation requires: minimum capital (€50K for small operators, €125K for custodial services, €150K for full exchange operations); governance documentation; fit-and-proper management; AML / CTF programmes; cybersecurity arrangements; safeguarding of customer crypto-assets (typically 95%+ in cold storage); business-continuity plans; complaint-handling procedures; and conflict-of-interest policies.

Customer asset safeguarding. MiCA Article 75 requires CASPs to segregate customer assets from their own, hold them on a per-customer ledger, and protect them from insolvency claims of the CASP. CASPs may not lend, pledge, or otherwise use customer assets without explicit per-customer agreement. The FTX-style commingling that drove that exchange's collapse is explicitly prohibited under MiCA.

Reverse solicitation. MiCA contains a narrow 'reverse solicitation' exemption allowing EU customers to access non-EU CASPs they actively sought out (without solicitation from the CASP). The exemption is interpreted narrowly; any marketing, advertising, or active promotion directed at EU customers brings the activity within MiCA's scope and requires authorisation.

EMTs (single-fiat-backed stablecoins). E-money tokens like EURC, USDC (in EU operations), and EUR-denominated stablecoins must be issued by credit institutions or e-money institutions authorised under the existing Electronic Money Directive. Reserves must be held 1:1 in deposits at credit institutions or in highly-liquid low-risk securities; reserves must be segregated and bankruptcy-remote; daily redemption at par must be available without fees. Significant EMTs (above EU-wide thresholds) face additional EBA supervision.

ARTs (multi-asset-backed stablecoins). Asset-referenced tokens backed by baskets of currencies, commodities, or other crypto-assets face equivalent reserve, redemption, and supervision requirements plus mandatory whitepaper disclosure. ART issuers must hold an MiCA-specific authorisation (not just credit-institution status). Significant ARTs (above €100 million issuance or 1 million users) are supervised directly by the EBA.

Caps and limitations. MiCA imposes daily transaction limits on stablecoin payment use: non-euro-denominated stablecoins are restricted to €200 million in daily transactions used for payment within the EU; e-money tokens denominated in non-EU currencies are limited to 1 million daily transactions or €200 million daily volume. These limits aim to protect the euro's monetary sovereignty.

Algorithmic stablecoins prohibited as ARTs/EMTs. MiCA explicitly prohibits issuance of unbacked algorithmic stablecoins as ARTs or EMTs (MiCA Article 53 limits them substantially). The Terra/Luna collapse was a direct driver of this prohibition during MiCA's drafting.

No EU-wide tax harmonisation. Crypto taxation remains a national competence; MiCA does not harmonise tax treatment across member states. Member-state approaches vary significantly: Germany exempts crypto gains after a 1-year holding period; France applies a flat 30% PFU to most crypto disposals; the Netherlands taxes crypto wealth under Box 3; Portugal historically had favourable treatment though its framework has tightened.

DAC8 reporting framework. The EU's Directive on Administrative Cooperation, 8th amendment (DAC8), entered into application in 2026 and creates a harmonised reporting framework for crypto-asset transactions across all EU member states. Crypto service providers must report transaction data on EU-resident customers to their national tax authorities, which exchange the data with other member states. This substantially increases tax authorities' visibility into EU crypto activity.

MiCA + DAC8 interaction. A CASP authorised under MiCA must comply with DAC8 reporting from 2026 forward. The combination creates the most comprehensive crypto tax-reporting framework in any major economic bloc, exceeding US 1099-DA in scope (DAC8 covers cross-border transactions explicitly).

This is general background, not tax advice. Consult an EU-licensed tax professional familiar with both your member state's framework and DAC8 obligations.

AMLD5 / AMLD6 framework. The EU's Anti-Money Laundering Directives apply to crypto service providers as 'obliged entities.' KYC requirements apply to all CASPs; transaction monitoring and suspicious-activity reporting are mandatory; beneficial-ownership registers are required for corporate customers.

EU Travel Rule (TFR). The Transfer of Funds Regulation, amended in 2023 to cover crypto transfers, requires CASPs to collect and transmit originator and beneficiary information for crypto transfers above €1,000. The threshold is lower than the US BSA Travel Rule's $3,000, and the TFR explicitly applies to transfers to self-hosted (non-custodial) wallets — a significant policy choice that crypto-industry advocacy unsuccessfully opposed.

EU sanctions enforcement. EU sanctions programmes apply to CASPs operating in the EU. The August 2022 Tornado Cash sanctions (an EU + US joint action) and ongoing sanctions related to Russia, Iran, and North Korea require CASPs to screen transactions against EU sanctions lists. Member-state competent authorities supervise CASP sanctions compliance.

MiCA market-abuse rules. MiCA Title VI prohibits insider dealing, unlawful disclosure of inside information, and market manipulation in crypto markets. Penalties for violations include fines, profit disgorgement, and (for serious violations) criminal sanctions in member states whose national law provides for them. These are the first cross-border market-abuse rules specific to crypto in any major jurisdiction.

Whitepaper disclosure requirements. Issuers of crypto-assets (excluding ARTs/EMTs, which have separate regimes) must publish a whitepaper before public offering. The whitepaper must disclose: issuer information, project description, tokenomics, risks, technology, and rights attached to the token. The whitepaper does not require regulatory approval before publication, but the issuer is liable for the accuracy of its content (similar to a prospectus liability regime).

Marketing communications. All marketing communications related to crypto-assets in the EU must be clearly identified as marketing, must be consistent with the whitepaper, and must include risk warnings. Marketing to retail customers is subject to specific suitability and disclosure rules.

DAC8 transaction reporting. From 2026, EU CASPs must report each transaction to their NCA: customer identification, transaction type, asset, amount, fiat value, counterparty information where available. NCAs exchange data with member-state tax authorities. The DAC8 framework substantially exceeds the data scope of FATCA in scope and frequency.

TFR full traceability. The Transfer of Funds Regulation requires full originator and beneficiary information for crypto transfers of any amount between CASPs (the €1,000 threshold relates to additional verification, not to the basic information-collection requirement). For transfers to self-hosted wallets, CASPs must collect equivalent originator information and verify the customer's beneficial ownership of the destination address.

The MiCA + TFR + DAC8 stack. The combination of MiCA authorisation + TFR transaction-information collection + DAC8 tax reporting creates the world's most comprehensive crypto-regulatory data architecture. Practitioners describe the EU framework as 'high compliance cost but high regulatory clarity' compared to the US's fragmented enforcement-driven model.