On August 17th, in its Supervision Newsletter, the ECB announced that it is taking steps to harmonise the assessment of licensing applications relating to crypto-assets activities, considering that there is no harmonised regulatory framework governing crypto-assets activities in
the European Union. This scenario may however change soon considering, inter alia, the provisional agreement that was recently reached in respect of the markets in crypto-assets regulation (MiCA).
The ECB further clarifies which aspects should be subject to its special attention (as well as to the attention of the relevant national competent authorities) whilst applying the Capital Requirements Directive (CRD) criteria in the assessment of licensing applications for the pursuance of crypto-assets activities, covering: (i) the applicant’s business models (“how the proposed activity matches the overall activity and risk profile of the institution”); (ii) its internal governance policies and procedures (“whether the institution’s policies and procedures are adequate to identify and assess risks unique to crypto-assets”); as well as (iii) the fit proper assessments of the corporate bodies or of the senior managers, in order to ensure that they possess the required level of knowledge and experience in light of the complexity of the crypto business.
In addition, the ECB also highlights types of risks specifically related to crypto-assets activities, namely operational and cyber risks, such as cryptographic key theft or risks linked to the technology used and outsourcing arrangements to third-party providers.
Although there is still a long way to go, it is undeniable that the pursuance of crypto asset activities has become an area of focus for the ECB supervision for the coming years.
Verónica Fernández
Andreea Babicean