MICA to RegRally: The Crypto Guide, June 2025

ECOVIS brings you a curated selection of significant developments from the European crypto regulatory landscape. It provides viewers with a look at what’s ahead and high-profile insights into the ever-changing crypto industry.

Internal Audit – A Must for Crypto Compliance

Under the Bank of Lithuania rules, Internal Audit is not optional. It’s a key safeguard for crypto companies—ensuring your controls, governance, and compliance are regulator-ready. ECOVIS offers deep, hands-on audit expertise tailored to the crypto space. Trust the team that knows the tech and the rules.

More on internal audit.

Bank of Lithuania Urges Prompt Licensing for Crypto-Asset Service Providers

On 20 May 2025, the Bank of Lithuania called on all entities planning to provide crypto-asset services to initiate the licensing process without delay. The regulator warned that the upcoming legal requirements will mandate authorisation for continued operation, and delays in applying could lead to service disruptions or regulatory non-compliance. The Bank stressed the need for early engagement, adequate staffing, and robust infrastructure to ensure a smooth transition into the regulated regime and safeguard financial system integrity.

Our recommendation:

  • Entities planning to offer crypto-asset services should commence the application process immediately to ensure compliance with upcoming regulatory requirements and to avoid potential operational interruptions.
  • Dedicate sufficient organisational resources, including personnel and technological infrastructure, to meet the compliance obligations associated with the licensing process.

Bank of Lithuania Issues First MiCA CASP Licence to Robinhood Europe, UAB

On 30 May 2025, the Bank of Lithuania granted its first crypto-asset service provider (CASP) licence under the EU’s MiCA Regulation to Robinhood Europe, UAB. The licence allows the company to offer regulated crypto-asset services across the EU. The Bank emphasised that licences will be granted only to firms meeting stringent standards, including transparent ownership, lawful funding sources, and qualified management. This milestone marks a major step in Lithuania’s implementation of MiCA and underscores its commitment to financial stability, consumer protection, and regulatory compliance in the crypto sector.

FCA Proposes Stablecoin and Custody Rules in CP25/14 to Strengthen UK Crypto Regulation

On 28 May 2025, the UK Financial Conduct Authority (FCA) published Consultation Paper CP25/14, proposing a regulatory framework for fiat-backed stablecoins and cryptoasset custody. The draft rules require stablecoins to be fully backed 1:1 by secure, liquid assets held in a statutory trust by an independent custodian. Redemption at face value must be guaranteed. Custodians must segregate client cryptoassets, maintain accurate records, and conduct daily reconciliations. The consultation is open until 31 July 2025, with final rules anticipated in 2026.

MFSA Issues “Dear CEO” Letter Highlighting MiCA Website Compliance Shortcomings Among CASPs

On 7 May 2025, the Malta Financial Services Authority (MFSA) issued a “Dear CEO” letter to all licensed Crypto-Asset Service Providers (CASPs), outlining key findings from its supervisory review of CASP websites. The review, focused on MiCA compliance, identified deficiencies in information clarity, accessibility, and transparency. Issues included complex site design, lack of visible licensing disclosures, missing or unclear risk warnings, and failure to clearly separate regulated from unregulated services. The MFSA urged CASPs to promptly address these issues, warning that non-compliance may trigger enforcement actions.

Our recommendation:

  • Ensure that websites are user-friendly, with straightforward navigation and minimal use of complex graphics or interactive features that could impede accessibility.
  • Include explicit risk warnings adjacent to each product or service offering, avoiding the placement of such information in separate or hard-to-find pages.
  • Clearly distinguish between services that fall under MiCA regulation and those that do not, such as NFTs or staking, to prevent consumer confusion.
  • Present all terms, conditions, and limitations associated with marketing incentives or reward campaigns in a clear and accessible manner.

EUCI Releases AML Handbook Detailing CASP Obligations Under Forthcoming EU AML Regulation

The European Union Crypto Initiative (EUCI) has published a comprehensive AML Handbook outlining upcoming obligations for Crypto-Asset Service Providers (CASPs) under the proposed EU Anti-Money Laundering Regulation (AMLR). Key provisions include a ban on anonymous crypto accounts and privacy tokens, mandatory customer due diligence (CDD) for transactions over EUR 1,000, and enhanced due diligence (EDD) for high-risk cases. From July 2027, select CASPs will be directly supervised by the new Anti-Money Laundering Authority (AMLA), and by 2029, EU member states must implement systems to identify crypto account holders. These changes aim to standardise AML practices, enhance transparency, and reduce financial crime risks across the EU.

The European Securities and Markets Authority (ESMA)

In May 2025, the following entities were granted authorisation to operate as CASPs:

1. Baader Bank Aktiengesellschaft (baaderbank.de/) by the Federal Financial Supervisory Authority.

2. DEBLOCK (https://deblock.com/) by the Autorité des Marchés Financiers.

3. Vivid Money B.V. (https://vivid.money/) by the Netherlands Authority for the Financial Markets.

4. Robinhood Europe, UAB (https://robinhood.com/eu/ ) by the Bank of Lithuania.

Newsletter SubscriptionGet in touch
Free initial advice now!

Have a question or need more information?

Send us an e-mail message!