The following is a guest post by Sebastian Heine, Chief Risk and Compliance Officer at Noordstake.
In the rapidly evolving landscape of digital finance, the rise of crypto assets has introduced unprecedented challenges and opportunities for regulators providing proactive frameworks around the world. The European Union is the largest government body to have done this through the EU Crypto asset markets regulations (MiCAR) regulations; However, it is now at a critical juncture and faces the task of coping with the complexity introduced by non-custodial crypto asset service providers.
Non-custodial crypto asset service providers, often operating in the decentralized finance (DeFi) sector, offer services related to crypto assets without actually taking custody of the assets themselves. These crypto asset service providers now represent a significant and growing segment of the crypto finance ecosystem, managing approximately $100 billion in locked value, according to defillama.com/.
MiCAR, which aims to introduce a harmonized prudential and business conduct framework for crypto asset services, defines CAS providers as legal entities or other enterprises engaged in professionally offering one or more crypto asset services to customers. The regulation outlines various types of crypto asset services, including the operation of trading platforms, custody and management of crypto assets, and advice on crypto assets, among others.
However, MiCAR’s current definitions and provisions do not include non-custodial crypto asset service providers. This omission highlights a critical gap in the EU regulatory framework, as the definitions within MiCAR and their interrelationships with other regulatory policies mean that non-custodial crypto asset service providers are not required to comply with anti-money laundering – or sanction laws to follow and therefore major loopholes for financial crime.
Without the obligation to operate under and comply with EU Anti-Money Laundering (AML) legislation or the MiCAR, these entities operate in a space where the potential for fraud, financial loss and illicit financial activity is significantly increased for investors and consumers.
Innovation before prudence
The rise of non-custodial crypto asset service providers is a testament to the innovative spirit of digital finance. However, this innovation has outpaced the speed at which current regulatory frameworks are updated. As a result, the European Union, with its commitment to consumer protection and financial stability, is now faced with the need to address these shortcomings.
A core debate is whether non-custodial providers should be subject to AML legislation. The Financial Action Task Force (FATF) recognizes the potential illegal risks of DeFi, while the EU proposal excludes these entities, leaving gaps. Similarly, the European Banking Authority (EBA) guidelines also highlight the AML risks associated with transactions from Crypto Asset Service Providers (CASPs).
In particular, the EBA highlights the risks associated with transactions involving transfers to or from self-hosted addresses, decentralized platforms, or transfers involving crypto asset service providers that are not authorized or regulated.
While the MiCAR framework is a cornerstone of the EU strategy for the regulation of crypto assets, it mainly focuses on providers that hold client assets in custody or operate within traditional financial models. As such, it ignores a significant portion of the crypto asset ecosystem.
This underlines the urgent need for a more comprehensive and forward-looking regulatory framework such as MiCAR 2 and an updated AML regulation. These exclusions were done at the time to push back on hard-to-discuss topics like DeFi regulation, but ultimately only delayed these discussions while providing no path to compliance.
Charting a safe path
The regulation of cryptocurrencies is not a challenge unique to the European Union. It is a global business that requires international cooperation and harmonization of standards to effectively manage the risks associated with digital finance. The insights from international organizations will be invaluable as we navigate the challenges and opportunities presented by this dynamic sector.
The European Commission is currently tasked with producing a report to assess the benefits and challenges of DeFi, which could potentially lead to future legislation. This move is part of a broader, cautious approach to regulating emerging crypto sectors, prioritizing insight and market evolution over immediate comprehensive regulation.
Therefore, it only seems to be a matter of when non-custodial platforms offering services such as staking will require additional AML and risk management for consumer protection, but for now the two-class system will remain.