MICA to RegRally: The Crypto Guide, July 2025

ECOVIS ProventusLaw brings you a curated selection of significant developments from the European crypto regulatory landscape. It provides viewers with a look at what’s ahead and high-profile insights into the ever-changing crypto industry.

Bank of Lithuania Aligns with EBA

The Bank of Lithuania issued a matching No Action Letter, clarifying that as of 2 March 2026, CASPs engaging in EMT payment services will be required to:

  • Obtain a PSD2 payment institution licence, or
  • Cease/restructure such services to fall outside the PSD2 perimeter.

The Bank encourages:

  • Use of the simplified licensing pathway during the transition,
  • Early compliance planning for safeguarding, security, and operational readiness.

ECOVIS ProventusLaw Recommendations:

  • Identify all EMT-related services, especially those involving EMT transfers on behalf of clients or custodial wallets with third-party payment functionality.
  • Prepare for PSD2 licensing by 1 March 2026, if such services are in scope.
  • Alternatively, restructure or limit services to avoid PSD2 applicability.

Act now to ensure compliance readiness and licensing continuity under the evolving MiCA-PSD2 framework.

ESMA Clarifies Prohibition on Shared Order Books Under MiCA

The European Securities and Markets Authority (ESMA) issued Q&A 2579, interpreting key provisions of Regulation (EU) 2023/1114 on Markets in Crypto-Assets (MiCA).

Key Interpretation:

  • Sharing an order book between an EU-licensed CASP and a non-EU platform, even within the same corporate group, is prohibited.
  • ESMA explicitly states that “management of an order book” qualifies as the operation of a trading platform under Article 3(18) of MiCA.
  • Any cross-border order matching or liquidity pooling without MiCA authorisation constitutes unauthorised trading platform activity under Articles 59, 60, and 63 of MiCA.

Implications:

  • Non-EU platforms participating in shared order books are deemed to be illegally operating in the EU.
  • Corporate structures cannot be used to circumvent MiCA’s licensing requirements through indirect operational models.

ECOVIS ProventusLaw Recommendations

  • Immediately cease any shared order book arrangements between EU and non-EU entities, even if within the same group.
  • Contain all order matching and liquidity operations strictly within the MiCA-authorised EU entity.
  • Review corporate structures and tech stack to ensure no indirect breach of MiCA trading platform provisions.

Strict segregation of EU and non-EU platform activities is now mandatory. Non-compliance may trigger enforcement by EU authorities.

FATF Warns of Global Shortfalls in Virtual Asset Regulation

Sixth Targeted Update on Virtual Assets & VASPs – 26 June 2025

The Financial Action Task Force (FATF) has published its 6th Targeted Update on implementing AML/CFT standards for virtual asset service providers (VASPs) under Recommendation 15. Despite assessments of 138 jurisdictions, only 1 is fully compliant, although 138 jurisdictions have been assessed.

The use of stablecoins in illicit finance has increased significantly, and the Democratic People’s Republic of Korea (DPRK) is identified as the primary actor behind the largest virtual asset theft to date, totalling approximately USD 1.46 billion. Emerging typologies such as scam-as-a-service models, AI-generated deepfake fraud, and romance scams reflect evolving threat vectors. Additionally, approximately half of the most advanced jurisdictions have extended AML/CFT obligations to certain DeFi arrangements, though supervision remains fragmented. More than one-third of jurisdictions now impose registration or licensing requirements on offshore VASPs. The FATF urges all jurisdictions to accelerate full implementation and enforcement of its standards to mitigate the systemic financial crime risks in the virtual asset ecosystem.

FATF Releases Best Practices on Travel Rule Supervision

The Financial Action Task Force (FATF) issued a new Best Practices report to help jurisdictions strengthen supervision of Virtual Asset Service Providers (VASPs) and enforce the Travel Rule more effectively. The report emphasises that legal transposition of the Travel Rule is insufficient in the absence of effective, risk-based supervisory engagement. The FATF reiterates that transactions involving unhosted wallets are not exempt from scrutiny; VASPs are expected to apply appropriate mitigation measures even when the Travel Rule does not directly cover peer-to-peer transactions.

FCIS Extends Supervision of VASPs Until End of 2025

The Lithuanian Financial Crime Investigation Service (FCIS) announced the extension of enhanced supervisory measures over registered virtual asset exchange operators and depositary wallet providers until 31 December 2025.

This follows the extension of the transitional period for obtaining crypto-asset service provider (CASP) licences under MiCA.

ECOVIS ProventusLaw Recommendations

  1. Review and enhance AML/CFT systems, ensuring formal compliance and practical risk mitigation.
  2. Ensure timely and accurate submissions, especially the Strix AML questionnaire and other reporting obligations.
  3. Use Strix findings proactively — adjust your internal risk assessment models accordingly.
  4. Engage with FCIS and supervisory authorities to demonstrate transparency and readiness for inspection.
  5. Document all policies, controls, and systems updates to provide evidence during audits or reviews.

Europol Dismantles €460M Crypto Investment Fraud Ring

Europol announced the successful dismantling of an international cryptocurrency investment fraud network, coordinated by Spanish authorities with support from France, Estonia, and the United States.

The operation led to the arrest of five individuals in the Canary Islands and Madrid, and the identification of a sophisticated international laundering network based in Hong Kong that utilised cash withdrawals, bank transfers, crypto-transfers, corporate vehicles, payment gateways, and proxy exchange accounts across multiple jurisdictions. The case exemplifies the growing complexity of crypto-enabled financial crime, underpinned by international cooperation and advanced investigative techniques.

Newsletter SubscriptionGet in touch