MICA to RegRally: The Crypto Guide, December 2025

Europe’s crypto rulebook is no longer theoretical – it’s operational. In this December 2025 edition, we bring you the most impactful regulatory developments shaping the future of digital assets. From MiCA clarifications and DAC8 tax reporting to tokenisation risks and high-profile enforcement actions, this issue delivers the insights you need to stay compliant, competitive, and ahead of change.

IOSCO Warns of Legal and Stability Risks in Financial-Asset Tokenisation

IOSCO’s final report on the tokenisation of financial assets recognises growing interest in using distributed ledger technology to tokenise traditional instruments such as securities and funds, but notes that real-world adoption remains limited. While tokenisation may offer benefits such as faster settlement, improved collateral mobility and operational efficiencies, IOSCO highlights significant risks, including legal uncertainty around ownership rights, operational and cybersecurity vulnerabilities of DLT-based systems, and reliance on third-party issuers or custodians. The report also cautions that closer links between tokenised assets and crypto markets could create spill-over risks, potentially affecting broader financial stability if disruptions occur.

Key considerations for market participants:

  • Assess tokenisation initiatives with a comprehensive risk lens, taking into account added legal, operational and cyber risks compared to traditional structures.
  • Verify whether tokenised products confer enforceable legal rights to the underlying asset, rather than indirect or contractual claims via intermediaries.
  • Adapt governance, compliance and operational frameworks to address DLT-specific risks, including custody, smart contracts, cybersecurity and asset reconciliation.

ESMA Clarifies MiCA Classification of CASP Activities Based on Actual Order Handling

ESMA’s Q&A under MiCA confirms that the classification of a crypto-asset service provider’s activity depends on how client orders are handled in practice, not on contractual labels. Where a CASP executes orders on behalf of clients as an agent, it provides execution of orders; where it only forwards orders, it provides reception and transmission of orders. If the CASP trades against its own capital as a counterparty, it is providing exchange services and must comply with the corresponding transparency, pricing, and execution obligations. The assessment is fact-specific, and in cases of uncertainty – especially with retail clients – ESMA expects a conservative approach, treating the CASP as acting as an agent and applying best execution and investor protection requirements. Operational practices and documentation must therefore accurately reflect real order flows and counterparty relationships.

  • Ensure internal policies, procedures and licence documentation accurately describe the actual operational handling of client orders, not merely contractual characterisation.
  • Where classification is unclear, particularly in retail-facing models, apply a conservative approach and comply with agent-level best execution and investor protection standards.

MiCA Q&A Clarifies Obligations for Legacy Crypto Assets Admitted Before 30 December 2024

ESMA’s Q&A clarifies how responsibilities under MiCA apply to crypto assets (excluding ARTs and EMTs) that were issued or admitted to trading before 30 December 2024. For these legacy tokens, offerors and applicants for admission to trading are not required to produce a new MiCA-compliant white paper; however, any marketing communications issued after December 30, 2024, must comply with MiCA Articles 7 and 9. Trading platform operators bear the primary forward-looking obligation: by 31 December 2027, they must ensure that a MiCA-compliant white paper is prepared, notified, published, and kept up to date for legacy tokens where a white paper is required. Other CASPs listed in Article 66(3) of MiCA (such as advisory, portfolio management or trading services outside platform operation) are not required to prepare white papers themselves and need only provide a link to an existing registered white paper, if one exists; where none exists, no obligation to create one arises, even after 2027.

  • Review and update marketing communications for legacy tokens to ensure full compliance with MiCA Articles 7 and 9 from 30 December 2024 onward.
  • Trading platform operators should establish a clear implementation plan to prepare, notify, publish and maintain MiCA-compliant white papers for relevant legacy tokens by 31 December 2027.
  • Non-platform CASPs should implement internal procedures to reference existing white papers where available, without assuming any obligation to draft or publish a white paper themselves.

DAC8 Introduces EU-Wide Mandatory Tax Reporting for Crypto-Asset Service Providers

The EU has adopted DAC8, establishing a harmonised tax-reporting regime for crypto-asset service providers. From 1 January 2026, all CASPs – including exchanges, brokers, custodial wallet providers and platforms facilitating crypto transfers – must report customer holdings and transactions to EU tax authorities in a standardised digital format. The framework applies to both EU-established CASPs and non-EU providers serving EU residents, thereby closing offshore reporting gaps. A central EU registry will assign each CASP a unique ten-digit identifier to support cross-border supervision. At the same time, strengthened data-retention rules require providers that cease activity or are delisted to retain customer data for a period of 12 months. DAC8 significantly expands transparency in the cryptocurrency sector and is designed to integrate with MiCA, AML/CFT obligations, and the FATF Travel Rule, despite ongoing concerns regarding data security and proportionality.

  • Map all services, client relationships and transaction flows falling within DAC8 scope, including exposure to self-hosted wallets.
  • Upgrade reporting systems, data architecture and governance processes to meet DAC8 technical and timing requirements by 1 January 2026.
  • Align DAC8 implementation with MiCA, AML/CFT and Travel Rule frameworks to ensure consistency and reduce operational and compliance risk.

Lithuanian Authorities Investigate Bankera ICO for Suspected Financial Crimes

The Financial Crime Investigation Service (FCIS), under the supervision of the General Prosecutor’s Office, is conducting a pre-trial investigation into Bankera’s past initial coin offering. The investigation focuses on suspected money laundering, misappropriation of assets and unlawful dissipation of property, with authorities examining whether ICO funds were diverted for personal benefit through group-company structures. Procedural actions to date include more than 30 searches, multiple seizures and the questioning of approximately 20 individuals. No formal charges have been brought at this stage, and the investigation remains ongoing.

Newsletter SubscriptionGet in touch
Free initial advice now!

Have a question or need more information?

Send us an e-mail message!