Crypto: MiCA’s flaws allow malicious actors to thrive

The European Banking Authority (EBA) sounds the alarm: during the MiCA transitional period, crypto service providers take advantage of regulatory disparities to bypass the rules. Between forum shopping, abusive reverse solicitation, and compliance gaps, these practices threaten the integrity of the European market. Analysis of the risks and solutions.

MiCA: Crypto actors bypass AML/CFT supervision

Some crypto actors operate in Europe without regulatory approval, exploiting gaps in national frameworks. Before MiCA regulation, companies provided services from third countries or other member states without licenses, despite legal obligations. Authorities have noted cases where providers, after refusals or warnings, re-registered elsewhere to avoid supervision.

“Forum shopping” illustrates this trend: companies deliberately target jurisdictions with less stringent requirements to obtain a license, then expand their activities across the EU. This practice, already seen before MiCA, continues during the transitional period, where some member states offer more permissive regimes. A situation that irritates crypto users.

Exemption from reverse solicitation is also misused. Providers claim that their European clients contact them spontaneously, while they conduct targeted marketing campaigns. This tactic allows them to avoid controls while accessing the European crypto market without authorization.

Persistent risks to European financial integrity

Weaknesses in AML/CFT compliance expose the European financial system to major risks. Audits reveal recurring gaps: 

• Insufficient identity verification;
• Lack of enhanced due diligence for high-risk clients;
•  Failing sanctions detection tools. 

These shortcomings facilitate money laundering and terrorist financing. Moreover, opaque governance and unclear ownership structures worsen these risks. MiCA and authorities therefore struggle to identify beneficial owners, especially in multi-jurisdictional setups. These entities, often linked to high-risk partners, evade effective supervision, creating breaches in the system.

Finally, unfair competition erodes trust. Unregulated actors avoid compliance costs, distorting the market to the detriment of licensed providers. This situation undermines the crypto sector’s credibility in Europe and discourages institutional investors, essential for its maturation.

MiCA’s safeguards and the challenges of their implementation

MiCA introduces a harmonized authorization and passporting framework to strengthen crypto service supervision. This regime aims to standardize rules and give authorities broad powers, but its success depends on their vigilance. Member states must actively monitor unauthorized activities and sanction abuses to prevent loopholes from persisting.

Furthermore, cross-border cooperation and transparency are crucial. Authorities must share information and coordinate actions to prevent regulatory arbitrage. Without this collaboration, malicious crypto actors will continue exploiting jurisdictional differences. This could increase crypto scams and fuel beginners’ fears of bitcoin and altcoins.

Strict MiCA enforcement remains a challenge. Authorities must ensure that legacy providers, often with questionable practices, comply with new requirements. Without proactive supervision, money laundering and terrorism financing risks will persist, threatening the stability of the European crypto market.

The MiCA transitional period reveals the limits of crypto regulation in Europe. While safeguards exist, their effectiveness will depend on authorities’ ability to enforce them flawlessly. That is why the Bank of France is calling to strengthen MiCA. However, how to reconcile financial innovation and protection against abuse without stifling the sector’s competitiveness?