As the EU’s MiCA regulation comes into effect, crypto companies will be required to fight money laundering and terrorist financing.
This article explores the fundamental AML (anti-money laundering) and CTF (counter-terrorism financing) obligations under MiCA and how they will impact businesses in the crypto space.
The MiCA (Markets in Crypto-Assets) regulation is a framework established by the European Union to regulate crypto-assets.
The regulation aims to harmonise the regulatory framework and facilitate operations across the EU member states, promote consumer protection and safeguard the markets' integrity, specifically against market abuse and money laundering.
A crypto asset is a digital representation of value or rights that can be transferred and stored electronically using distributed ledger technology or similar technologies.
The regulation was adopted in May 2023, and the rules concerning e-money and asset-linked tokens have been enacted since June 2024.
The transition period for the MiCA regulation will continue until July 2026. After this date, all EU crypto asset service providers (CASPs) must comply with these regulations.
A comprehensive framework for crypto-asset markets is deemed necessary for several reasons, such as:
The actors that MiCA aims to regulate are the following:
With the implementation of the MiCA regulation, crypto companies will face stricter AML and CTF requirements.
These regulations require businesses to adopt comprehensive systems for collecting customer data and verifying customer identities (KYC), monitoring transactions for suspicious activity, and promptly reporting to authorities.
Key aspects include performing enhanced due diligence on high-risk customers, monitoring cross-border transactions, and maintaining detailed records of transactions for at least five years.
Crypto firms must also implement real-time transaction surveillance and ensure their platforms can detect and flag potential money laundering or terrorist financing activities.
Additionally, MiCA introduces tighter controls on crypto-to-fiat transactions, obligating firms to report suspicious activities and collaborate with financial intelligence units across the EU. Firms must also set up internal policies to train employees on AML and CTF risks.
By aligning with MiCA’s AML and CTF standards, crypto companies can enhance trust, mitigate fraud risks, and avoid hefty penalties for non-compliance. As the regulatory environment becomes more stringent, proactive compliance will be essential for businesses aiming to thrive in the evolving crypto market.
Per Friberg, Senior Financial Crime Surveillance Officer at Trapets, notes that:
“Since there's ongoing progress regarding the implementation of MiCA, it's important to stay informed and leverage the transition period to ensure early compliance with the regulations.”
Companies can already begin the authorisation process, as each EU country is allowed to set a transition period for firms already registered or authorised with its supervisory authority.
In Sweden, for instance, companies already registered with the Swedish Financial Supervisory Authority (Finansinspektionen) need to apply for permission by September 30, 2025.