On Wednesday, 24 November, Member States’ permanent representatives approved the EU Council’s position on two legislative proposals—a regulation governing markets in crypto-assets (‘MiCA’ regulation) and a regulation on digital operational resilience (DORA)—from the legislative package on digital financial services that was presented in September 2020 (see EUROPE 12567/2 and 12567/4).
“Digital finance is an increasingly important part of Europe’s economic landscape. It is essential to create a stimulating environment for innovative businesses while mitigating the risks for investors and consumers”, declared Slovenian Minister for Finance Andrej Šircelj, who is convinced that the political agreement in principle by Member States strikes “the right balance between the two”.
The agreement retains the authorisation requirement for issuers of ‘asset-referenced tokens’. The competent Member State authorities will have the last word on the subject, and their decision will be based on a non-binding opinion from the European authorities ESMA and EBA as well as the ECB (or the national central bank if it is a non-eurozone country). They will have the power to prohibit a crypto-asset from being placed on the market—or even suspend trading on a platform—if there are “reasonable grounds” for believing that the future regulation has been infringed.
Nevertheless, an authorisation must be refused when the ECB (or the national central bank concerned) gives a negative opinion in the event of risk to payment systems, monetary policy transmission, or monetary sovereignty (new Article 19 2.a).
Once authorised in one Member State, authorised operators will be able to provide their services throughout the EU as long as they meet certain requirements with regard to capital, asset custody, and investor rights against the issuer. Notably, the Council of the EU has not changed the original proposal requiring crypto-asset issuers to have, at all times, own funds equal to at least €350,000 or amounting to 2% of the average amount of the reserve assets.
Issuers will have to publish a ‘white paper’ that includes all the pertinent information (detailed description of the issuer, the intended use of the funds, and the risks) on the crypto-asset issued.
The legislative proposal also describes the authorisation requirement for an issuer of electronic money tokens, which will only be a credit institution or an electronic money institution.
See the text of the approved regulation: https://bit.ly/3d7fy17
See its annexes: https://bit.ly/314qZnx
DORA. Member States also reached political agreement in principle on the proposed ‘DORA’ regulation, which aims to strengthen the operational resilience of financial actors.
The future rules will bolster the management of digital risks related to information and communication technologies (ICT) through the testing of IT systems.
More aware of cyber risks, European authorities (ESMA, EBA, EIOPA, and the ECB) will have the power to monitor risks arising from financial entities’ dependence on third-party ICT service providers.
During the negotiations on the ‘DORA’ proposal, Member States asked for full consistency between this text and the proposed ‘NIS 2’ directive that aims to ensure a high level of cybersecurity in the EU (see EUROPE 12823/11). Thus, the provisions on the handling of significant cyber threats (classification and reporting requirements) have been approved on a provisional basis until the provisions in the draft ‘NIS 2’ directive are clarified.
See the proposed regulation: https://bit.ly/317X51G (Original version in French by Mathieu Bion)