EU Markets in Crypto-Assets Regulation (MiCA)
Comprehensive EU regulation for cryptoasset markets, fully applicable since December 2024. Covers cryptoasset service provider (CASP) authorisation, governance, safeguarding of client assets, ICT system requirements, operational resilience, AML/CFT, stablecoin issuance (asset-referenced and e-money tokens), reserve management, market abuse prevention, and regulatory reporting. Applies to all CASPs operating in the EU.
Clauses: 41
Avg Coverage: 43.5%
Publisher: European Parliament and Council Version: Regulation (EU) 2023/1114 | Clause | Title | SP 800-53 Controls |
|---|---|---|
| Art.34(1) | ART governance arrangements — management body requirements | |
| Art.34(5) | ART governance arrangements — internal controls and risk management | |
| Art.35(1) | ART risk management — identifying and managing risks | |
| Art.36(1) | ART conflicts of interest — policies and procedures | |
| Art.40(1) | ART reserve of assets — custody and safeguarding | |
| Art.41(1) | ART reserve assets — investment policy and risk | |
| Art.43(1) | ART — independent audit of reserve | |
| Art.47(1) | ART — redemption rights and liquidity management | |
| Art.54(1) | EMT governance — management body and internal controls | |
| Art.55(1) | EMT reserve of assets — custody and safeguarding | |
| Art.59(1) | CASP authorisation — application and conditions | |
| Art.62(1) | CASP ongoing requirements — prudential and ICT requirements | |
| Art.62(5) | CASP ICT systems — security, reliability, and adequate resources | |
| Art.62(6) | CASP business continuity — ICT continuity policy | |
| Art.62(7) | CASP security policies — ICT and cyber security | |
| Art.62(8) | CASP incident management — detection and reporting | |
| Art.62(9) | CASP data protection — personal data handling | |
| Art.63(1) | CASP safeguarding — clients' crypto-assets and funds | |
| Art.63(2) | CASP safeguarding — segregation and record-keeping | |
| Art.64(1) | CASP complaints-handling — procedures and records | |
| Art.65(1) | CASP conflicts of interest — identification and management | |
| Art.66(1) | CASP outsourcing — conditions and ongoing oversight | |
| Art.66(3) | CASP outsourcing — contractual provisions and audit rights | |
| Art.67(1) | Custody and administration of crypto-assets — specific service requirements | |
| Art.68(1) | Operation of a trading platform for crypto-assets — rules and systems | |
| Art.68(5) | Trading platform — system resilience and business continuity | |
| Art.69(1) | Exchange services — policies for determining crypto-asset prices | |
| Art.70(1) | Execution of orders — best execution and order handling | |
| Art.72(1) | Reception and transmission of orders — client order handling | |
| Art.73(1) | Providing advice and portfolio management — suitability | |
| Art.76(1) | Transfer services — handling crypto-asset transfers | |
| Art.82(1) | Record-keeping — transaction and order records | |
| Art.83(1) | Information to clients — disclosures and marketing communications | |
| Art.84(1) | Crypto-asset white paper — publication requirements | |
| Art.86(1) | Prohibition of insider dealing — policy and access controls | |
| Art.88(1) | Market manipulation — prohibition and detection | |
| Art.92(1) | CASP detection and prevention of market abuse — policies and procedures | |
| Art.94(1) | Powers of competent authorities — supervisory and investigatory powers | |
| Art.97(1) | Professional secrecy — confidentiality of supervisory information | |
| Art.98(1) | Data protection — processing of personal data | |
| Art.111(1) | EBA/ESMA guidelines — technical standards and regulatory cooperation |