France, Austria, and Italy’s market watchdogs are pushing for enhancements to the EU’s crypto-asset regulatory regime. (Pixabay)The Autorité des Marchés Financiers (AMF), Austria’s Finanzmarktaufsichtsbehörde (FMA), and Italy’s Commissione Nazionale per le Società e la Borsa (CONSOB) issued a joint statement on 15 September 2025, proposing a series of changes to ensure a more robust and harmonized oversight system across the European Union. Their concerns primarily relate to uneven national enforcement, inadequate protections in cross-border transactions, and ongoing cyber-security vulnerabilities.
The MiCA regulation officially entered into force on 30 December 2024, marking a major step toward a unified regulatory environment for the crypto-asset market across the EU. Under the framework, crypto service providers are required to obtain authorization, meet transparency obligations, and follow specific rules for stablecoin issuers. The goal is to harmonize oversight and provide greater clarity and protection across member states.
However, regulators including the AMF, FMA, and CONSOB have observed that implementation has not been uniform. Supervisory practices are diverging, creating the risk of an inconsistent landscape in which regulatory arbitrage could flourish. Some jurisdictions have taken a stricter interpretation of MiCA’s provisions, while others have opted for a more permissive approach, resulting in an unlevel playing field for market participants.
A major concern highlighted by the authorities is the exposure of European investors to platforms based outside the EU. In many cases, these platforms are accessed through intermediaries within the Union. While these intermediaries may be regulated under MiCA, the platforms themselves often fall outside the scope of European rules. This leaves investors vulnerable to risks not covered by MiCA’s protections. Without equivalent standards in place, such platforms may bypass essential compliance obligations such as disclosure, custody safeguards, or conflict-of-interest rules.
Cybersecurity also remains a significant issue. Although MiCA touches upon some operational risk requirements, the joint authorities have flagged that crypto‑asset service providers continue to present weak points in cyber resilience. Risks include vulnerabilities in digital asset custody, poor incident response protocols, and exposure to targeted attacks. Given the digital nature of the crypto industry, these weaknesses could cause wide-reaching damage, not only to individual platforms but also to market confidence and financial stability.
To address these emerging risks, the three regulators have jointly proposed four key reforms. First, they recommend that the European Securities and Markets Authority (ESMA) be given direct supervisory authority over major crypto‑asset service providers. They argue that for firms operating on a pan-European basis, central oversight would ensure consistent enforcement of MiCA standards, reducing the potential for regulatory loopholes and fostering a more predictable business environment.
Second, they call for stricter obligations on intermediaries dealing with platforms outside the EU. Specifically, the proposal would require intermediaries operating under MiCA to execute orders only on platforms that are either MiCA-compliant or subject to an equivalent third-country regulatory regime. This is intended to reduce investor exposure to unregulated offshore markets and align non-EU interactions with European compliance standards.
Third, the regulators advocate for strengthened cybersecurity requirements. They propose mandatory independent audits of crypto‑asset service providers’ cyber risk management systems both before licensing and on a recurring basis. These audits would cover digital asset protection measures, incident response capabilities, and overall IT resilience. The proposal reflects growing concern about the potential for systemic risks emerging from security breaches or technological failures within crypto platforms.
Fourth, the authorities propose clarifying the rules around crypto white papers, the documents that issuers must publish when offering crypto-assets to the public. Currently, national interpretations vary widely regarding their content and approval process. A more harmonized procedure, they argue, would help ensure fairness, reduce confusion, and streamline compliance. They also propose establishing a central European portal for filing and managing these white papers (excluding stablecoins, which are subject to a different procedure). This would create a one-stop platform for issuers, investors, and regulators alike, facilitating transparency and administrative efficiency.
The adoption of these proposals would likely tighten compliance obligations for crypto firms operating in the EU. For example, requiring external cybersecurity audits and more rigorous white paper submissions may increase operational costs and extend authorisation timelines. Cross-border firms might need to reorganise their legal and corporate structures to meet both local and central supervisory expectations. Some may also face limitations on interacting with non-EU platforms unless they meet MiCA equivalence requirements.
At the same time, such measures could improve investor protection by limiting exposure to unsafe or fraudulent platforms and enhancing the operational resilience of service providers. For EU-based crypto firms, stronger and more consistent oversight could provide a level playing field across member states and reduce legal uncertainty. While some in the industry may see the proposals as regulatory overreach, others may welcome clearer rules that support long-term growth and reduce reputational risk.
The three authorities noted that their proposals are in line with global regulatory trends and echo previous recommendations from the Financial Stability Board (FSB) and the International Organization of Securities Commissions (IOSCO). Implementing these changes would, however, require further legislative steps at the EU level. Any such revisions to MiCA would likely involve detailed negotiations and consultation with stakeholders to balance innovation with financial stability and investor protection.
The joint effort by France, Austria, and Italy highlights growing consensus among major EU economies that stronger, more consistent crypto regulation is essential. As the digital asset market continues to grow in complexity and scale, the regulatory infrastructure must evolve with it to ensure that the EU remains a secure and attractive environment for both investors and innovators.
UK’s FCA outlines prudential reforms for crypto firms
SEC delays Franklin Templeton’s Solana ETF to late 2025
Congress demands Treasury detail bitcoin reserve
SEC launches cross-border fraud task force
Stay ahead with the latest updates, insights, and trends shaping the world of cryptocurrency and blockchain technology.
