July 11, 2026 ChainGPT

ESMA Launches Cross-Border Review of MiCA Custodians — Licences Aren't Enough

ESMA Launches Cross-Border Review of MiCA Custodians — Licences Aren't Enough
The European Securities and Markets Authority (ESMA) has shifted from paperwork to practice — opening a coordinated supervisory review of crypto custodians authorized under the EU’s Markets in Crypto-Assets (MiCA) rulebook. The Common Supervisory Action (CSA) targets a sample of MiCA-authorized crypto-asset service providers (CASPs) and zeroes in on custody operations to test whether firms’ systems hold up against real-world operational risks. What regulators are looking at ESMA’s review examines digital operational resilience across core custody functions: private key and storage management, transaction controls, incident response procedures and reliance on third-party technology providers. The exercise is one of the first cross-border supervisory moves since MiCA’s transitional period ended, and signals that a licence is no longer the end of the road — it’s the baseline. Industry reaction: licences are just the start Sebastien Dessimoz, co-founder and managing partner of digital asset infrastructure firm Taurus, emphasised the changing regulatory tone: a MiCA licence “is only the starting point” for custodians. He said custodians must now prove their operational controls can withstand real-world threats rather than simply asserting security on paper. As digital assets weave into regulated finance, Dessimoz noted, regulators expect comparable security, accountability and resilience to traditional markets. That expectation is already filtering through to institutional clients. Jody Mettler, COO of BitGo and president of BitGo Trust, said institutions increasingly probe how custodians segregate assets, manage access controls, respond to breaches and maintain business continuity during market stress. Regulators, she added, are similarly moving beyond licence checks to scrutinise the operational standards that underpin digital-asset services. Operational resilience — a separate hurdle Multiple industry figures framed operational resilience as a distinct challenge from securing MiCA authorisation. Markus Levin, co-founder of blockchain infrastructure company XYO, told Cointelegraph that proving operational robustness in supervised reviews is a different test that could determine which firms are better placed to attract growing institutional participation. Legal experts also flag a broader regulatory overlay. Yuriy Brisov of law firm Digital & Analogue Partners said the review effectively combines MiCA duties with obligations under the Digital Operational Resilience Act (DORA). He warned that concentration among custody technology vendors raises systemic risk: a single vendor vulnerability could ripple across multiple regulated firms, making supply-chain resilience a critical compliance focus. What’s next for MiCA and stablecoins European regulators are already looking ahead. According to Euronews, the European Commission plans to review elements of MiCA from 2027 — a process partly prompted by global regulatory developments such as the U.S. GENIUS Act. One expected topic is how to apply EU rules to non-EU stablecoin issuers as international crypto regulation evolves. MiCA market landscape Market data suggests the EU’s regulated exchange ecosystem is expanding. DefiLlama’s MiCA exchange dashboard, cited by Wu Blockchain, ranks Kraken as the largest regulated venue by liquidity — showing more than $400 million in spot liquidity and over $220 million in perpetual liquidity — with Coinbase in second place. The figures underscore the growing scale and institutionalisation of platforms operating under Europe’s licensing framework. Bottom line ESMA’s CSA signals a tougher supervisory era: licences get you into the game, but proving operational resilience will determine who stays competitive. Custodians, technology vendors and institutional clients should expect deeper scrutiny on practice, not just paperwork. Read more AI-generated news on: undefined/news