Have We Overregulated? Reflections on MiCA Implementation from DAF3
At the Digital Assets Forum (DAF3), hosted by the European Blockchain Convention, MiCA Crypto Alliance moderated a timely and nuanced discussion: Have We Overregulated? Looking Back on the MiCA Implementation.
Bringing together representatives from the European Banking Authority, leading law firms, and industry infrastructure bodies, the panel explored whether Europe’s landmark crypto framework has struck the right balance between certainty and burden.
Rather than reaching a simple yes or no answer, the discussion revealed a more complex reality.
Regulatory Certainty vs Regulatory Burden
Rowan Varrall reframed the starting point of the debate by recalling that, five years ago, one of the industry’s primary demands was regulatory certainty. In his view, MiCA has clearly delivered this.
With over a thousand pages of technical standards and guidelines, MiCA provides significant regulatory clarity and removes ambiguity. According to Varrall, its most important contribution may be the potential for supervisors to receive standardised data on transactions and activities across the market. This allows regulators to better understand risks, assess how those risks are managed by the industry, and move toward more data-driven supervision over time.
He also noted that industry has a role to play in providing enriched and structured data to support this supervisory evolution, potentially reducing perceptions of overregulation in the long term.
Stéphane Blemus added that overregulation is inherently comparative. As the first major jurisdiction to adopt a regional regulatory framework for crypto-assets, the European Union inevitably appears more heavily regulated than others. However, he argued that MiCA was a necessary convergence step, providing a middle ground between full MiFID treatment and regulatory fragmentation. Like GDPR in data protection, MiCA may be imperfect, but it establishes a foundational reference point that could influence other jurisdictions.
Dr Carola Rathke then offered a counterpoint focused on proportionality concerns. While MiCA applies uniformly across market participants, smaller firms may face disproportionately high compliance costs. Larger institutions are better positioned to absorb regulatory complexity, whereas startups may struggle with cumulative obligations.
The Cumulative Effect: MiCA, DORA, and PSD2
A major theme throughout the discussion was regulatory layering.
Dr Rathke highlighted that MiCA rarely operates alone. Crypto asset service providers must often comply simultaneously with:
- The Digital Operational Resilience Act, governing ICT risk management and cybersecurity across the financial sector
- PSD2 licensing requirements in certain cases
- Additional prudential obligations
Christian Moor clarified that DORA is not crypto-specific. It applies across the financial sector and reflects rising global concerns about cyber and operational risk. From a policy perspective, it is part of a broader resilience agenda.
However, when implemented alongside MiCA, firms face reportedly around 5,000 pages of technical standards in aggregate. The perception of overregulation, therefore, may stem less from MiCA itself and more from the combined regulatory stack.
PSD2 and the CASP Licensing Tension
The discussion turned to a practical example. Under MiCA, custody of crypto-assets such as Bitcoin is permitted. However, custody of certain e-money tokens may trigger PSD2 licensing requirements.
This overlap has created uncertainty for CASPs operating at the intersection of custody and payments.
Christian Moor confirmed that the European Banking Authority issued a temporary no-action letter delaying enforcement in this area. He noted that over 100 CASPs have initiated discussions with national authorities and that follow-up communication is expected. Adjustments are under consideration.
The exchange illustrated a broader tension: when does prudential caution become duplication?
Regulatory Sandboxes as a Model for Iteration
A more forward-looking discussion emerged around regulatory sandboxes.
Dr Rathke pointed to the DLT Pilot Regime as a constructive example. Although formally a trading and settlement regime for financial instruments using distributed ledger technology, it was treated in practice as a sandbox. This created a different dynamic between industry and regulators, with greater scope for dialogue and supervisory interaction.
She noted that the initial framework included strong limitations, particularly on the categories of financial instruments that could be traded on DLT-based multilateral trading facilities. In the updated package, the scope appears significantly expanded, allowing a much broader range of MiFID II financial instruments, subject to higher thresholds.
In her view, this evolution was made possible by structured engagement between regulators and industry. It demonstrates that regulatory calibration can improve through iterative learning.
Prudential Treatment and the 1,250 Percent Risk Weight
A macro-prudential issue raised during the panel was the Basel Committee’s 1,250 percent risk weight for unbacked crypto exposures.
Christian Moor noted that the Basel Committee has indicated there will be an assessment of the framework in light of market developments since the standard was produced. At the time, there were no regulatory frameworks for stablecoins. Today, multiple jurisdictions have introduced such regimes, and the broader market has evolved, including the emergence of crypto ETFs and more established service providers.
He emphasised that a number of issues will be discussed as part of that assessment, but cautioned that no outcome is predetermined. The timing and implications of any review remain uncertain, particularly given differing approaches emerging internationally.
Moor underlined that the core question is whether unbacked crypto-assets such as Bitcoin and Ethereum can be regarded as a sufficiently mature asset class. Considerations around historical data, performance through crises, and systemic risk remain central to the prudential debate.
Tokenised Securities vs Unbacked Crypto Assets
Dr Rathke questioned whether technological neutrality is fully reflected in prudential treatment.
Christian Moor clarified that under the Capital Requirements Regulation 3 (CRR3), tokenised traditional financial instruments fall into Category 1 and receive standard capital treatment under existing banking rules. They are not treated as a new asset class simply because they use distributed ledger technology.
By contrast, unbacked crypto-assets such as Bitcoin and Ethereum fall into a separate category, raising questions about maturity, historical data, and performance through crises.
Technological Neutrality in Practice
The European Union frequently emphasises technological neutrality.
Stéphane Blemus clarified that the objective is not to regulate technology itself, but to regulate gateways into the financial system, including issuers, exchanges, custodians, and payment intermediaries. The challenge, he noted, is balancing rapid private sector innovation with public sector responsibility for financial stability.
In areas such as decentralised finance (DeFi), this means focusing on market structure and consumer protection without stifling innovation.
However, the panel acknowledged that neutrality in theory does not always translate seamlessly into practice. Limited familiarity with emerging technologies may lead to more cautious or conservative interpretations.
Policy Objectives Shape Perceptions of “Overregulation”
Christian Moor introduced a broader framing: whether regulation appears excessive depends on the objective it seeks to achieve.
The panel identified several policy drivers:
- Consumer protection through disclosure and transparency
- Financial stability via prudential buffers
- Operational resilience under DORA
- Environmental accountability through ESG disclosures
- Geopolitical sovereignty and control over payment systems
Moor noted that geopolitical risk and monetary sovereignty have become increasingly central in recent years.
In this context, what some perceive as overregulation may reflect shifting macro priorities rather than sector-specific targeting.
The Political Reality of Recalibration
Even where recalibration is warranted, legislative reform in the EU follows a structured democratic process.
Stéphane Blemus pointed out that amendments require Commission proposals, followed by Council and Parliament review, trilogue negotiation, and formal adoption. While this ensures consultation and legitimacy, it also slows reform.
He also cautioned that transitional regimes are politically difficult to revisit. Even where originally framed as temporary, recalibration requires navigating Commission proposals, Council and Parliament review, and trilogue negotiation.
International divergence, especially with the United States, further complicates alignment.
Data as the Foundation of Smarter Supervision
Returning to the theme of data, Rowan Varrall emphasised that effective regulation depends on structured and interoperable information.
Standardised token identifiers, issuer identifiers, and entity identifiers can enhance comparability and supervisory clarity. Cross-border data interoperability supports consistent oversight.
If crypto is perceived as immature, he suggested, this may partly reflect insufficient structured data. Industry engagement in providing enriched, standardised information could support more proportionate, evidence-based supervision.
Over time, this may reduce regulatory friction rather than increase it.
Forward-Looking Recommendations
The panel converged around several constructive proposals:
- Launch a public consultation on MiCA to identify redundancies and clarify ambiguities
- Expand regulatory sandboxes to accelerate supervisory learning
- Reassess prudential treatment at Basel to reflect market developments
- Strengthen transatlantic collaboration to avoid fragmentation
- Maintain technological neutrality while refining risk-based application
Conclusion: A Foundational Layer, Not a Final State
The panel did not conclude that Europe has definitively overregulated.
Instead, MiCA was framed as a foundational layer that has delivered long-awaited regulatory certainty. The current challenge lies in calibration.
As Dr Rathke highlighted, cumulative obligations create pressure, particularly for smaller firms. As Christian Moor noted, prudential and geopolitical considerations shape regulatory posture. As Rowan Varrall emphasised, data-driven supervision may enable more proportionate oversight. And as Stéphane Blemus cautioned, reform must navigate political realities.
The question is therefore not whether MiCA went too far, but whether Europe can recalibrate efficiently while preserving legal certainty, competitiveness, and global leadership in digital asset regulation.
Watch the recording of the panel below.
