June 6, 2023

Navigating Regulatory Challenges: MiCA and the DeFi Landscape

Navigating Regulatory Challenges: MiCA and the DeFi Landscape
  • MiCA aims to regulate crypto, but its stand on  DeFi remains unclear.
  • "Compliant DeFi" is becoming a topic on the rise while user security becomes a priority. 
  • The regulatory applicability of MiCA varies based on the degree of decentralization in DeFi services.

Markets in Crypto Assets, which is popularly known as MiCA, came as a proposal from the European Commission on 24th September 2020 with an objective to bring crypto-asset issuers and crypto-asset service providers (CASPs) under one regulatory framework. After significant deliberation and consultation between EU member states, it has been finally voted to enter into force as of 2024.

On 16th May 2023, the council introduced an EU-level legal framework by adopting a regulation on Markets in Crypto Assets. The new rules covered utility token issuers and the issuers of asset-referenced tokens and “stablecoins.” Additionally, it took trading venue providers and crypto-asset wallets under its ambit. However, no specific mention of the DeFi crypto-assets.

The EU-wide regulatory framework that MiCA aims to introduce as of next year is rather broad in its scope and requires a rather thorough understanding. 

Crypto-Assets and Businesses Covered by MiCA

In assets, MiCA applies to asset-referenced tokens, including commodity-backed or currency-backed stablecoins, e-money tokens, and other tokens, including utility ones. E-money tokens are usually stablecoins backed by a single fiat currency, while utility tokens include protocol tokens, access tokens, loyalty tokens, and community tokens. 

In businesses, MiCA applies to crypto asset service providers who deal in custodial wallets, exchanges, crypto-asset advising firms, and crypto-portfolio management agencies or managers involved therein. 

A custodial wallet is a virtual asset wallet that stores both the users' assets and private keys. 

MiCA might also apply to NFTs if the NFT - by its founding nature - is similar to the asset types that MiCA covers. Many NFTs serve as utility tokens or financial instruments at their core. MiCA might also consider large-series NFTs to be fungible and ask for authorization. 

Crypto-Assets and Businesses Not Covered by MiCA

In May 2023, a document came into public titled “Remaining Regulatory Challenges in Digital Finance and Crypto-Assets after MiCA.”

As requested by the European Parliament’s Committee on Economic and Monetary Affairs (ECON), the document said that, in principle, MiCA applied where the overall financial services regulation did not apply. It led to the non-applicability of MiCA to crypto-assets that qualified as financial instruments and were regulated by other EU financial law instruments. Such assets include security tokens or electronic money (excluding e-money tokens). 

The ECON document also highlighted that “partially decentralized” finance services came under MiCA’s scope, while “fully decentralized platforms” that acted without intermediaries fell outside the scope of MiCA. 

However, the ECON document could not yet decide how to deal with gaps where solutions like DeFi came under conditional supervision. And it is where the need arises for a deeper understanding of MiCA’s intricate relationship with DeFi solutions and instruments. 

DeFi and MiCA: An Intricate Relationship

Whether MiCA is fit to regulate DeFi is a contested topic. DeFi, or Decentralized Finance, is not a legal or technical term. 

According to researchers, Decentralized Finance may include multiple elements of multiple tenets, including decentralization, distributed ledger technology, smart contracts, disintermediation, and open banking. 

Decentralization is seen as a countermodel to traditional finance, where power centralized in the hands of a few powerful intermediaries would be replaced by technology. 

However, whether DeFi comes fully under the ambit of MiCA is a function of the decentralization status of the DeFi solution. 

Compliant DeFi: A Notable Development

As discussions about the intersection of DeFi and regulation unfold, the notion of “Compliant DeFi” has garnered increasing attention. This term refers to DeFi systems designed with regulatory considerations in mind, aligning decentralized protocols with existing legal frameworks.

While the essence of DeFi rests on decentralization and democratization, it doesn't inherently resist regulatory structures. The objective remains to construct an equitable and accessible financial system. For some, this mission could involve adopting regulatory measures to safeguard participants and uphold the integrity of the system.

In the context of Compliant DeFi, protocols might integrate mechanisms to align with guidelines related to Anti-Money Laundering (AML), Know Your Customer (KYC) procedures, and other regulatory criteria, while upholding the decentralized nature of blockchain-based systems.

It's crucial to note that the emergence of Compliant DeFi doesn't mandate a particular direction for the evolution of DeFi. It represents a trend, not a dictate. It is one of the diverse paths that DeFi innovation might take, combining traditional financial safety measures with DeFi principles.

However, the broader DeFi ecosystem continues to explore a variety of solutions, each with unique perspectives on the intricate balance between decentralization, democratization, and regulatory compliance.

More on the topic: Compliant DeFi - the way out of Commingling Clean and Illicit Funds in a Decentralized Finance Economy

Fully or Partially Decentralized: That is the Question

The ECON document, which is the latest to come out from the most appropriate authorities in this regard, explains the current situation by saying that “partially decentralized services are in scope of MiCA, while MiCA exempts (only) fully decentralized services in crypto assets.” 

Afterward, it points towards an anomaly, where legal entities claim themselves to be fully decentralized to avoid transaction risks but “develop and maintain, directly or indirectly, the platform and market its services.” However, the legal entity continues to serve as an “infrastructure provider and sales intermediary.” 

In this regard, the ECON document analysis poses a crucial question, “is this intermediary function sufficient to apply MiCA?”

Is the Rationale Driving Regulatory Leniency for “Fully Decentralized Services” Adequate?

There are ‘fully decentralized’ lending platforms that create an asset pool from various users prior to lending. It could be seen as liquidity centralization, similar to what a trad-fi institution - such as a bank - does. 

Fully decentralized platforms also see a concentration of influence at a governance level. While studies point towards evidence of developers and founders retaining control over their protocols after the Initial Token Offering, there are developers who receive compensation for their stack development and maintenance efforts. 

Keeping these inconsistencies in mind, the ECON document advocated for “including fully decentralized platforms in the scope of EU financial regulation and harmonizing thresholds across EU financial, legislative acts.” 

Regulatory Challenges of Decentralization

Be it partial decentralization or full, intensified decentralization, some challenges exist. 

Concepts related to private ordering must possess legal certainty. These include concepts pertaining to property rights, title-based asset separation, segregation, tracing, and lawsuits. The current EU financial regulations also lack legal certainty in these aspects. 

There is also a lack of clarity concerning the functioning and governance of crypto ecosystems. The final barrier arises in the form of cross-border enforcement and supervisory cooperation issues.

The Road Ahead

Effectively incorporating decentralized services into the MiCA regulatory framework necessitates a thorough understanding of the intricate concept of decentralization.

Given the diversity and novelty inherent in fields like decentralized finance, it is crucial to comprehend the associated risks.

A risk-based approach, focusing on mitigating potential harm to users, is more productive than an approach merely targeting the nature of the service. Whether platforms are partially or fully decentralized, risks associated with technological incompetence could emerge. Accordingly, regulation should address root causes rather than merely managing the symptoms or outcomes.

Various risks may arise depending on the level of decentralization. These could include issues related to leverage in crypto lending or crypto staking and risks that AML/CFT provisions must mitigate.

Consequently, it would be both prudent and efficient to focus less on the degree of centralization in a DeFi solution and more on identifying and eliminating risks at their source.


Shyft Network powers trust on the blockchain and economies of trust. It is a public protocol designed to drive data discoverability and compliance into blockchain while preserving privacy and sovereignty. SHFT is its native token and fuel of the network.

Shyft Network facilitates the transfer of verifiable data between centralized and decentralized ecosystems. It sets the highest crypto compliance standard and provides the only frictionless Crypto Travel Rule compliance solution while ensuring user data is protected.

Visit our website to read more, and follow us on Twitter, LinkedIn, Telegram, Medium, and YouTube. Sign up for our newsletter to keep up-to-date on all things privacy and compliance.