Crypto assets have emerged as one of the fastest-growing sectors in global finance, presenting substantial opportunities for retail and institutional investors alike. With revenues in Europe projected to grow by over 30% annually, Europe is well placed to capitalize on the growth of this dynamic sector, but it must embrace scrutiny and adapt quickly or risk being left behind.
The recent adoption of the Markets in Crypto-Assets (MiCA) Regulation by the European Union (EU) was a significant step forward in supporting the continent’s embrace of the crypto industry and has helped Europe to establish itself as a hub for well-regulated and responsible operators.
The early days of implementing a new continent-wide regulation that covers the complex, novel and fast-moving crypto sector have naturally highlighted areas where additional action or clarity is required. However, ten months after MiCA came into force, Europe finds itself in a uniquely strong position to establish the regulatory gold standard when it comes to oversight of the sector.
To preserve this advantage, European regulators must continue to work quickly, collaboratively, and be willing to learn on the go. This will be essential in ensuring both that regulation does not lag too far behind industry and that it effectively minimizes risk without creating an unnecessary regulatory burden, so that the sector’s inherently innovative nature is protected.
Malta leading by example
Prior to MiCA’s introduction, Malta was the first European country to implement a full licensing regime for Crypto-Asset Service Providers (CASPs). The Virtual Financial Assets (VFA) Act was adopted back in 2018, and was developed based on existing European legislation such as the Markets in Financial Instruments Directive (MiFID), the Markets in Financial Instruments Regulation (MiFIR), the Prospectus Regulation, the Transparency Directive and the Market Abuse Regulation, as well as in consultation with supranational and peer national competent authorities (NCAs).
As the country’s sole regulator of financial services, the Malta Financial Services Authority (MFSA) built considerable capacity and expertise to adequately oversee the country’s crypto industry under the VFA Act, as well as gaining practical experience of supervising crypto companies that have since gone on to secure MiCA licenses in Malta. During this time, it invested in resources through initiatives such as the Financial Supervisors Academy (FSA), a training program created to support the development of a pipeline of talent with the necessary skills to effectively supervise the sector. The MFSA also adopted advanced supervisory tools to complement more traditional financial surveillance mechanisms, such as blockchain analysis and market monitoring systems. Malta did all of this at a time before many jurisdictions were even thinking about regulating digital assets — and, over time, has proven highly effective when it comes to supervising CASPs, as demonstrated by these measures becoming widely adopted by regulators across Europe and beyond.
Embracing scrutiny
As an early adopter of regulation in the crypto sector, the MFSA welcomed the European Securities and Markets Authority (ESMA) peer review process earlier this year, which concluded in July. The final report recognized various strengths and areas of good practice when it comes to the regulation of digital assets in Malta, which are highly encouraging and should give further confidence to firms considering licensing.
Naturally, the report also identified some areas where there was room for improvement, and we began implementing the recommendations the report made, both for Malta and National Competent Authorities (NCAs) across Europe, immediately. We are finalising the implementation and review of all internal processes in order to ensure compliance with the ESMA Peer Preview.
Enhanced Supervision and Enforcement
In recognition of the need to scale up capabilities and capacity to ensure effective implementation, the MFSA has also increased investment in its supervisory and enforcement teams and processes. In 2024 the MFSA conducted 1,345 supervisory interactions, a 33% increase on 2023 and three-fold increase since 2020. In the same year 134 enforcement actions were undertaken, including 126 administrative penalties, 4 directives, 2 cancellations of licence and 2 reprimands.
Setting the record straight
The peer review process was also an opportunity to address the myth that Malta has been rushing to grant licenses at the expense of in-depth scrutiny in application processing. This is a misconception. Throughout our preparatory phase, the MFSA demonstrated exceptional responsiveness and agility — but under no circumstances did we compromise on rigour, oversight, or regulatory integrity. We were able to move quickly because preparations for MiCA implementation have been comprehensive and began two years ago. Additionally, ahead of licensing any firm, a robust and extensive process was and is followed. This kicked off as early as November 2023 when the first industry event to raise awareness of the various requirements for securing a MiCA license was convened. A series of supervisory meetings were held throughout 2024, as well as in-depth reviews of the readiness of prospective applicants. This process involved a comprehensive assessment toolkit and the verification of all requirements by at least two officials to avoid error. Underpinning all this preparation was the prior seven years of supervisory experience that we had under our belt through the Malta VFA Act.
The MFSA is an agile regulator. That said, a quick look at the ESMA interim register shows that Malta is not alone in issuing MiCA licenses, with 58 CASP licences issued so far across 11 countries. To be clear, no operator has been granted a MiCA license by the MFSA in a matter of days.
Looking forward, not back
On the back of these first nine months of MiCA implementation, there is a clear but time-sensitive opportunity for NCAs in Europe and beyond to learn and improve. As we look to raise the bar, scrutiny is not something to be feared or shy away from but instead should be embraced as an opportunity for learning, improvement and showcasing what is working well, along with identifying areas where more clarity is needed. It should be a reason to move forward with greater speed and determination, not to slow down and risk falling behind. After all, there must be a continual and ongoing process of learning and adapting if Europe is to successfully capitalize on the $100 billion opportunity the digital assets sector represents.
