Europe moves to regulate crypto-exchanges

Repairing the damage of mega-hacks and exchange collapses - through legislation?
28 November 2022

How can crypto-exchanges be redeemed? The EU has some ideas. Credit: Stefani Reynolds / AFP

The risk profile of crypto-exchanges has frequently made them too hot for mainstream banks to handle. In the wake of the collapse of FTX though – the second largest crypto-exchange in the world – not only are leading neobanks in the UK joining with traditional banks in blocking payments to and from crypto-exchanges, but the EU is planning to begin the process of regulating the previously unbound industry.

UK-based neobank Starling has joined the crowd that feels cryptocurrency is too high a risk, and has blocked payments to and from exchanges for its customers. It’s the latest in a long line of UK neobanks, including Monzo, Metro Bank, Virgin Money and others – to pull out of the cryptocurrency game on the basis of the high risk profile. Monzo threw in its hand back in July 2021, while most traditional banks in the UK haven’t offered a cryptocurrency payment or withdrawal service, ever.

The rising threat to cryptocurrencies

Cryptocurrency has never especially felt the need to struggle for respectability as defined by traditional banking behemoths, and there’s an argument to be made that traditional banks calling crypto-exchanges “high risk” is a spectacular case of the pot calling the kettle black, and neobanks even more so, but recent crypto-exchange history is against those who would argue that traditional banking’s point is entirely without merit.

Before the sudden and shocking collapse of FTX – which itself was hacked to the tune of $600 million, even as it fell into bankruptcy – in October, 2022, Binance was hacked of an $570 million, before security measures reduced the amount of loss to $110 million. lost $34 million in January, 2022, while in December, 2021, AscendEx lost $80 million to hackers, and BitMart lost $150 million.

While there’s no doubt that every bank can be robbed if you put the effort in, there is an unmistakable trend developing with crypto-exchanges – the hackers are getting away with much more money in 2022, and the mega-hits are coming with an increased regularity. That suggests that some of the better hackers in the world are realizing there’s big money to be made from hacking crypto-exchanges.

The relatively unmonitored and distributed nature of cryptocurrency means it’s used to offer currency options both for those who are themselves considered too high risk for traditional banking, and for those whose goods and services are less than strictly legal or ethical.

Add to that the stunning collapse of FTX and the sense of crypto-exchanges as a house of cards in unavoidable, at least in the short term. While there are a lot of entirely legitimate trades made using cryptocurrency, the rising risk of the hacking threat, the apparent instability of crypto-exchanges, and the heightened potential for ethically and legally dubious transactions has made Starling come, relatively late, to the no-cryptocurrency party.

Cryptocurrency IV: a new hope?

However, hope of greater market stability may be on the horizon for crypto-exchanges, because EU regulators have hardened their position on the hacking threat. Having had concerns since at least 2020, when they began working on the project, they are planning to release a rulebook, Markets in Crypto-assets (MiCA), that they claim will make it harder for something like the FTX collapse to happen in their domain.

The MiCA, which could be on the Eureopean statute books as early as the middle of 2023, would set out a clear framework by which cryptocurrencies and crypto-exchanges would be allowed to operate within the EU. Crucially after the FTX collapse left many asset-owners holding nothing but a promise and their breath, it will also include detailed protections for owners of crypto-assets, and clients of service providers, meaning any FTX-style explosion within the EU would not leave users vulnerable to at least so great an exposure.

Leveraging the power of the EU trading bloc, MiCA would at least in theory provide a unified licensing regime for the EU at a stroke, without the need for individual countries to individually implement the new rules. The upside of that from the currencies’ point of view is that they wouldn’t need to get 27 separate permissions to trade – meeting MiCA criteria would allow them relatively instant access to the whole bloc.

Enforcement powers

For enforcement of the MiCA rules, all crypto-asset service providers (CASPS) would be supervised by competent authorities at the member state level, with ‘significant CASPS’ – those with over 15 million users – subject to an even higher level of supervision.

It’s hoped that the MiCA will follow in the footsteps of Europe’s General Data Protection Regulation – which strictly governs what companies can do with their users’ data in EU countries (including if the company has a headquarters in the EU). According to an EU spokesperson, it is expected that the MiCA will “protect consumers, market integrity and financial stability. It will bring crypto-exchanges, wallet providers and issuers of crypto-assets under EU supervision.”

Stefan Berger, the Member of the European Parliament who helped steer MiCA through the complex process of European law, said he hoped it would be taken up by other countries as a model for dealing with the inherent and rising instability at the heart of crypto-exchanges.

Whether that will happen remains to be seen, given that even major players in big tech regularly fall foul of GDPR rules, but the MiCA represents a relatively bold first step towards returning confidence to the world of cryptocurrency. Will it be enough to allay the fears of traditional and now neobanks?

Only time will tell.