MiCA Compliance Checklist
Fully applicable since 30 December 2024. Covers taxonomy, issuer white-paper obligations, ART/EMT reserve and redemption, CASP authorisation and conduct, market abuse, and cross-regime interplay.
Counsel-grade external checklist for MiCA (Regulation (EU) 2023/1114 — Markets in Crypto-Assets). Fully applicable since 30 December 2024 (stablecoin titles since June 2024). National transitional and grandfathering windows for pre-existing CASPs vary by Member State — verify the relevant national cut-off. Competent authorities: national authority (Sweden: Finansinspektionen) plus the EBA for significant ART / EMT. This checklist is a working reference, not legal advice.
A. Scope and taxonomy gate
- Each crypto-asset touched classified: ART (asset-referenced token), EMT (e-money token), or other crypto-asset (including utility tokens) — different titles, radically different obligations.
- Out-of-scope check: financial instruments (MiFID II applies instead — apply ESMA guidelines on qualification), deposits, insurance, pure NFTs (unique and non-fungible in fact, not just in name), fully decentralised services without an intermediary.
- Activity mapped to the ten CASP services (custody, exchange of crypto-assets for funds and for other crypto-assets, execution, operation of a trading platform, placing, reception and transmission of orders, advice, portfolio management, transfer services).
- Role determined: issuer / offeror / person seeking admission to trading versus CASP — or both.
- Reverse-solicitation position documented if serving EU clients without authorisation (narrow; ESMA guidance is hostile to circumvention).
B. Issuer / offeror obligations — other crypto-assets (Title II)
- Crypto-asset white paper drafted per Annex I: mandatory content, prescribed summary, risk statements, no misleading claims; marketing communications consistent with it.
- White paper notified to the national authority and published before offer or admission (notification, not approval, regime).
- Exemptions documented where relied on: <€1m over 12 months, qualified-investor-only, free tokens, mining and staking rewards.
- 14-day right of withdrawal for retail purchasers in offers implemented.
- Liability exposure for white-paper misstatements allocated (management body reachable).
C. ART / EMT issuers (Titles III–IV) — the heavy regime
- Authorisation: ART issuer authorised (or credit institution); EMT issuance restricted to credit institutions and e-money institutions.
- Reserve of assets: segregated legally and operationally; daily matching of reserve to outstanding tokens; custody of reserve per requirements; investment of the reserve limited to highly-liquid low-risk instruments.
- Redemption rights: at par, at any time, free of charge for EMT holders; ART redemption mechanics per Title III.
- Own-funds requirements met (baseline €350k or 2% of reserve for ART — verify current RTS).
- Interest prohibition respected (no interest on ART / EMT holdings).
- Significant-token thresholds monitored (holders, market cap, transactions) — triggers EBA supervision and enhanced requirements.
- Recovery and redemption plans filed.
D. CASP authorisation and prudential (Title V)
- CASP authorisation obtained, or national grandfathering-window compliance confirmed; passport notifications for cross-border services.
- Substance in the EU: registered office, effective management, at least one EU-resident director — letterbox structures rejected by supervisors.
- Prudential safeguards: own funds per service class (€50k / €125k / €150k) or a quarter of fixed overheads, whichever is higher — plus the insurance option.
- Management-body suitability (fit and proper) and qualifying-holder assessments completed.
- Governance, business continuity and ICT (DORA applies to CASPs — see the DORA checklist), outsourcing controls, complaints handling, and conflicts-of-interest policies in place.
E. CASP conduct obligations
- Duty to act honestly, fairly and professionally in clients' best interest; clear, fair and non-misleading information including prominent risk warnings.
- Segregation of clients' crypto-assets and funds from own book; custody policy, register of positions, liability regime for lost assets accepted and provisioned.
- Service-specific rules implemented: execution policy and best execution, order-handling, advice suitability (knowledge and experience assessment), trading-platform operating rules and market-surveillance capability, transfer-service transparency.
- Fees, costs and charges disclosure per service.
- Complaints procedure free of charge, published, log kept.
F. Market abuse (Title VI) — applies beyond CASPs
- MAR-style regime operationalised for crypto-assets admitted to trading: inside information identification and public-disclosure duty for issuers; insider-dealing and unlawful-disclosure prohibitions.
- Market-manipulation surveillance proportional to activity; persons professionally arranging or executing transactions: detection and reporting arrangements (STOR-equivalent) to the authority.
G. Cross-regime interplay — where crypto firms actually fail
- AML / CFT: MiCA is not an AML regime — national AML registration and obligations plus the Transfer of Funds Regulation (travel rule, Regulation (EU) 2023/1113) implemented in parallel; AMLR / AMLA transition monitored.
- DORA: CASPs are financial entities — ICT risk framework, incident reporting, and third-party register all apply. See the DORA checklist.
- GDPR: on-chain personal-data position (public keys as personal data, erasure tension) documented.
- Consumer law and marketing rules: finfluencer and social-marketing compliance per national rules and ESMA statements.
- Tax / DAC8 reporting readiness: crypto-asset reporting framework obligations from 2026 onward — connect to existing DAC8 material.
Last reviewed: July 2026. Level 2 RTS / ITS, ESMA and EBA guidelines, and national grandfathering windows evolve — verify current texts before relying on specific thresholds or timelines.