Understanding MiCA: The EU's Rulebook for Crypto-Assets
If you operate in the European Union and you do anything that touches crypto-assets — issue them, trade them, custody them, advise on them — you operate under MiCA. The Markets in Crypto-Assets Regulation, Regulation (EU) 2023/1114, is the EU's first comprehensive, harmonized rulebook for the entire crypto-asset category. It is also the first such rulebook anywhere in the world that covers an economic bloc the size of the EU.
This post is a plain-English orientation to MiCA: where it came from, what it requires, who it applies to, what it doesn't cover, and how it shapes the operation of regulated tokenized-asset platforms like Nextoken Capital.
How we got here
Before MiCA, regulation of crypto-assets in the EU was a patchwork. Each member state had its own rules, with substantial divergence. Some countries — Germany, France, Lithuania, Estonia, Malta — had created national licensing regimes for crypto service providers. Others had not. Crypto-assets that didn't qualify as financial instruments under MiFID II were essentially unregulated at the EU level.
This was a bad situation for everyone. Investors didn't know what protections, if any, they had. Service providers didn't know which member states they could operate in. National regulators couldn't easily coordinate on cross-border supervision. And the EU had no clear answer to global crypto incidents like the Terra-Luna collapse in May 2022 or the FTX failure in November 2022, both of which significantly affected European investors.
MiCA was proposed by the European Commission in September 2020 as part of the broader Digital Finance Package. It was adopted by the European Parliament and Council in May 2023. It applies in two phases:
- From 30 June 2024: the provisions covering stablecoins (asset-referenced tokens and e-money tokens).
- From 30 December 2024: the provisions covering Crypto-Asset Service Providers (CASPs).
A transitional period applies to providers already authorised under national regimes; they can continue operating under their national authorisation while applying for MiCA authorisation through 1 July 2026 in most member states.
What MiCA actually covers
MiCA defines three categories of crypto-asset and one category of service provider.
Crypto-asset categories
Asset-Referenced Tokens (ARTs). A crypto-asset whose value is referenced to multiple fiat currencies, commodities, other crypto-assets, or a combination thereof. The historical example is Facebook's Libra/Diem project. ARTs face the strictest issuer requirements under MiCA — capital, governance, custody, redemption rules.
E-Money Tokens (EMTs). A crypto-asset whose value is referenced to a single fiat currency. Stablecoins backed 1:1 by EUR (like Monerium's EURe) or by USD (like USDC, USDT, PYUSD) are EMTs. Issuance of EMTs requires the issuer to be authorised as either a credit institution or an electronic money institution.
Other crypto-assets. Everything else — Bitcoin, Ether, utility tokens, governance tokens, NFTs of fungible characteristics. These are the least restricted but still subject to MiCA's disclosure, marketing, and consumer-protection rules.
What MiCA explicitly does not cover:
- Crypto-assets that qualify as financial instruments under MiFID II (e.g., equity tokens, bond tokens, derivatives, units in collective investment schemes). These remain under MiFID II.
- Crypto-assets that qualify as deposits, structured deposits, or pension products. These remain under the relevant directive.
- Non-fungible tokens that are genuinely unique (e.g., a one-of-a-kind digital artwork). NFTs in series or with fungible-like characteristics may still be covered.
- Crypto-assets created in the course of a fully decentralised protocol. This carve-out has been the source of significant interpretive debate.
Crypto-Asset Service Providers (CASPs)
MiCA defines eight crypto-asset services. Anyone providing any of them in the EU on a professional basis needs CASP authorisation:
1. Custody and administration on behalf of clients 2. Operation of a trading platform for crypto-assets 3. Exchange of crypto-assets for funds 4. Exchange of crypto-assets for other crypto-assets 5. Execution of orders on behalf of clients 6. Placing of crypto-assets 7. Reception and transmission of orders on behalf of clients 8. Advice on crypto-assets 9. Portfolio management of crypto-assets 10. Transfer services for crypto-assets
A platform like Nextoken Capital, which operates a trading platform, executes orders, and provides custody of crypto-assets, requires authorisation for the relevant subset of these services.
What MiCA requires of a CASP
Once authorised as a CASP, a platform operates under a long list of requirements. The most material are:
Authorisation. You must be authorised by a national competent authority of an EU member state. For Nextoken Capital, that authority is the Bank of Lithuania (Lietuvos bankas). Authorisation is "passportable" — once granted in one member state, you can operate across all 27 member states and the wider European Economic Area without separate authorisation in each.
Capital and prudential requirements. A CASP must hold minimum own funds, the amount of which depends on the services provided. Operating a trading platform requires €150,000 of own funds. Providing custody requires €125,000. Combined services have additive requirements. Above certain volumes, the requirements scale up.
Governance. A CASP must have a clear governance structure, fit-and-proper management, segregated functions (compliance, risk, internal audit), and a documented internal control framework. Key personnel are subject to fit-and-proper review by the supervisor.
Conduct of business. A CASP must act honestly, fairly, and professionally. It must publish clear pricing. It must avoid conflicts of interest, and where conflicts are unavoidable, manage and disclose them. It must execute orders on the best terms available.
Custody. Client crypto-assets must be segregated from the CASP's own assets, recorded separately, and protected from CASP insolvency. The CASP must maintain a register of custodied assets. Loss of clients' assets (e.g., through a hack) gives rise to a presumption of liability for the CASP, unless the CASP can show the loss was due to events outside its control.
Marketing communications. All marketing material must be clearly identifiable as such, must be fair and not misleading, and must include risk warnings prescribed by the regulation. Influencer marketing of crypto-assets is regulated.
Complaints handling. A CASP must have a documented complaints procedure and respond within defined timeframes.
Operational resilience. A CASP is subject to DORA (Digital Operational Resilience Act) requirements — incident reporting, cyber security, third-party risk management, business continuity.
AML/CFT compliance. A CASP must apply EU anti-money-laundering and counter-terrorism-financing requirements, including KYC, sanctions screening, transaction monitoring, suspicious activity reporting, and the FATF Travel Rule.
Market abuse. A CASP must monitor for and prevent market abuse — insider dealing, market manipulation, front-running.
This is not a complete list. The full MiCA regulation runs to roughly 280 pages of primary regulation plus extensive secondary technical standards. Compliance is operationally significant.
What this means for an investor
If you're an EU resident investing on a CASP-authorised platform, MiCA gives you a set of protections that didn't reliably exist before:
You can verify that the platform is authorised. ESMA maintains a public register of CASPs. If a platform isn't on the register, it isn't authorised to offer services to you.
Your custodied crypto-assets are segregated from the platform's own assets. If the platform fails, your assets are not part of its insolvency estate.
The platform owes you a duty of best execution on orders.
Marketing material must include prescribed risk warnings.
You have a documented complaints route, with response timeframes.
The platform must be capitalised to defined minimums.
You can complain to the national supervisor if the platform fails to meet its obligations, and the supervisor has enforcement powers.
These protections are meaningful. They are also not a guarantee of investment returns or platform success. MiCA is a framework for honest operation, not a guarantee of profit.
What this means for an issuer
If you are issuing crypto-assets in the EU, MiCA's framework matters in a few key ways.
Issuance of a non-financial-instrument crypto-asset (other than EMTs and ARTs) requires you to publish a "white paper" containing prescribed information about the crypto-asset, the issuer, the rights and obligations attaching to the asset, the technology, and the risks. The white paper must be notified to the national supervisor before publication.
Issuance is subject to fair-marketing rules. Misleading advertising is prohibited.
Issuance of an ART or EMT requires you to be a specific category of authorised entity — generally a credit institution or an EMI.
Issuance of a crypto-asset that qualifies as a financial instrument under MiFID II is not subject to MiCA; it remains under the existing MiFID II prospectus regime.
For tokenized securities specifically — the kind of tokens Nextoken Capital lists — the relevant regime is generally MiFID II's prospectus rules, not MiCA's white-paper rules. The platform's MiCA authorisation covers the trading and custody of the tokens; the issuance of the tokens themselves is governed by the securities regime applicable to the underlying asset.
What MiCA does not do
A few things to be clear-eyed about.
MiCA does not eliminate investment risk. A MiCA-authorised platform is well-supervised, but the crypto-asset you buy through it can still lose value, can still be illiquid, can still default. MiCA is about how the platform operates; it is not a backstop against bad investments.
MiCA does not harmonise tax treatment. Each member state continues to tax crypto-assets according to its own rules. A token gain in Germany is taxed differently than the same gain in Portugal or Lithuania.
MiCA does not cover decentralised finance. Protocols that operate without an identifiable issuer or service provider — fully decentralised lending protocols, decentralised exchanges with no operator — are explicitly outside MiCA's scope. ESMA has published guidance on what counts as "fully decentralised" and the bar is high.
MiCA does not regulate the underlying technology. The choice of blockchain, the consensus mechanism, the smart contract architecture — these are not specified by MiCA. The regulation is technology-neutral.
MiCA's enforcement is, by design, at the national level. ESMA coordinates and publishes guidelines, but day-to-day supervision is by the national competent authority (e.g., the Bank of Lithuania, BaFin, ACPR, CNMV).
How Nextoken Capital fits into MiCA
Nextoken Capital is in active engagement with the Bank of Lithuania for authorisation as a CASP under MiCA. The platform already operates under the EMI regime (or its application process) and the EU's AML framework. The CASP authorisation, when granted, will explicitly authorise the platform to:
- Operate a trading platform for crypto-assets (the secondary market)
- Execute orders on behalf of clients
- Provide custody and administration on behalf of clients
For the avoidance of doubt: tokenized securities listed on Nextoken Capital, where they qualify as financial instruments under MiFID II, are issued under the relevant member-state securities regime, not under MiCA's white-paper regime. MiCA governs the platform's operation; the underlying issuance is governed by the securities regime applicable to each specific asset.
The platform publishes an up-to-date compliance status disclosure at /compliance. For specific regulatory enquiries, the contact is compliance@nextokencapital.com.
Resources
The full MiCA regulation: Regulation (EU) 2023/1114.
ESMA's MiCA hub: https://www.esma.europa.eu/policy-activities/crypto-assets-mica.
The Bank of Lithuania's crypto-asset supervision page: https://www.lb.lt/.
For Nextoken Capital's whitepaper covering the platform's regulatory positioning in detail, see /whitepaper.