Eba Sounds Alarm: Crypto Firms Exploiting Mica Loopholes Pose ‘Significant’ Threat To Eu

What Happened

The European Banking Authority (EBA) has warned that crypto firms may exploit regulatory gaps during the Markets in Crypto-Assets (MiCA) regulation’s transitional phase, posing a “significant threat” to the EU’s financial system.

The report emphasized the importance of cooperation between EU financial regulators, warning that inadequate coordination could facilitate the exploitation of inconsistencies between jurisdictions by high-risk entities.

However, firms registered before June 2024 under national regimes may continue operating until the end of 2025 without meeting the new EU-wide standards, a period the EBA says could be “exploited by opportunistic actors.”

The EBA also removed its earlier “prudent valuation” requirement, simplifying fair-value assessments while introducing new aggregation methods for long and short positions.

Market Context

Additionally, it emphasized that inadequate due diligence and insufficient oversight of cross-border activities could allow illicit flows to go undetected, thereby undermining MiCA’s objective of establishing a transparent and secure digital asset market.

The EBA urged regulators to intensify their supervision during this window, recommending enhanced scrutiny of governance structures, capital adequacy, and transaction monitoring systems.

In January, the European Securities and Markets Authority (ESMA) directed crypto-asset service providers to delist stablecoins that do not meet MiCA’s requirements, reinforcing earlier warnings from the EBA.

To support this framework, the EBA released draft Regulatory Technical Standards in August, outlining how banks and institutions must manage crypto exposures under the Capital Requirements Regulation.

The proposed rules establish capital treatment methods for various categories of crypto assets, ranging from unbacked tokens like Bitcoin to asset-referenced and e-money tokens, and align closely with the Basel Committee guidelines.

Why It Matters

In its recent supervisory report, the EBA said certain crypto service providers authorized before MiCA’s full implementation in December 2025 could engage in “jurisdiction shopping.”

EBA Flags Weak Supervision Risks During MiCA Transition Period

According to the EBA, such actions could allow firms to evade stricter supervision, leading to opaque governance, inadequate risk management, and potential misuse of customer funds.

The EBA cautioned that this behavior may result in “uneven regulatory standards” and create systemic vulnerabilities.

The authority also noted that money laundering and terrorist financing (ML/TF) risks remain high in the crypto sector.

Additionally, it encouraged firms to begin aligning with MiCA’s risk management and consumer protection requirements ahead of time to avoid disruptions once the transition period ends.

Details

This involves registering in EU member states with weaker oversight and using passporting rights to operate across the bloc.

The law came fully into effect in late 2024, giving the 27-country economic bloc a unified set of rules governing crypto-asset providers for the first time.

It urged national authorities to apply consistent supervision and ensure that firms authorized during the transitional period meet equivalent prudential and governance requirements to those that will apply once MiCA is fully enforced.

The EBA called on member states to share information about license approvals and revocations to help prevent regulatory arbitrage.

Under MiCA, crypto firms must obtain authorization and comply with strict operational, reserve, and disclosure requirements.

The warning comes as the EU prepares for full MiCA enforcement, which seeks to harmonize digital asset regulation across all 27 member states and establish clear rules for stablecoins, crypto custody, and service providers.

EBA Advances MiCA Implementation With Draft Standards for Bank Crypto Exposure

The EBA continues to play a central role in shaping Europe’s crypto regulation following the implementation of the MiCA.

The regulator had already urged firms to assess their compliance status and stop offering non-conforming tokens, indicating a coordinated effort among EU agencies to tighten oversight.