KYC and AML in MiCA rules: how will crypto change in 2025?

Disclosure: The views and opinions expressed here belong solely to the author and do not represent the views and opinions of’ editorial.

All the talks are about the EU’s Markets in Crypto-Assets, or MiCA, MiCA, and MiCA again. This regulation package, not even fully in force yet, is already causing monumental movement in the blockchain and crypto space. When will it be fully applicable, what exactly is subject to the regulations, and most importantly, how to prepare for the upcoming legislation changes and stay compliant in the brave new world of regulated crypto?

Firstly, when? In June 2024, the European Securities and Markets Authority, together with the European Banking Authority, will prepare a draft of Delegated Acts. At the same time, a part of the MiCA regulations will become fully applicable. These parts of the package cover asset-referenced tokens, which include all real-world assets tokenization tokens, and fiat-backed stablecoins, because the assets they are referenced to are real currencies. When that happens, all entities involved in business operations using asset-referenced tokens will be obliged to introduce many regulatory measures, such as KYC and AML protocols. The rest of the regulations will become applicable in December 2024, or January 2025. The entities regulated will include:

  • Crypto Asset Service Providers (CASPs). Any company that provides such services as exchange, wallet management, or custodial services for crypto assets will be considered a CASP. They will be obliged to integrate KYC measures when onboarding new users, as well as AML programs that will report suspicious transactions. A catch that we have to mention is that many defi will also be considered CASPs. MiCA won’t apply to so-called “fully decentralized defi,” which means that no person or organization actually gets profit from that enterprise, like Bitcoin. However, “partly centralized defi” will be considered CASPs.
  • Asset-Referenced-Tokens issuers. These companies are already regulated by the MiCA rules and have to introduce KYC and AML measures as well. 

The obvious answer is, of course, to introduce KYC and AML measures to stay compliant in the EU crypto market. However, this process has many barriers, especially for crypto companies. 

Developing KYC and AML protocols in-house takes months, if not years, and will set the company back millions of dollars. The biggest banks in the world spend up to $500 million yearly solely on KYC, with an average of $50 million. Most of the crypto companies that already have KYC do it through different KYC providers. Just like any other B2B company, a KYC provider does the whole process for you, which lets the client save resources and not spend it on a completely new business process. The current market situation shows us that going to a KYC provider is the best way in terms of optimization. Even the biggest names in the industry, like Binance, Bybit, and Huobi, all use the KYC provider’s services instead of managing it in-house. 

Another barrier specific to the crypto market is data security. Many people came to the crypto market because of its built-in anonymity features, and not having to undergo KYC. Not necessarily because they are financing terrorism or laundering money, but because they simply believe in data ownership and don’t want to give such sensitive information like their home address, or identification number, to a third-party company. Explaining the benefits of MiCA rules and KYC/AML practices to that specific audience won’t be easy, so it’s a big challenge that the crypto companies will have to overcome in order to keep the users after the regulations are fully in force. 

But what are the actual benefits of the MiCA rules? Why are they being introduced? Is it only because the government wants to control us even more? 

I strongly believe that the MiCA rules will have a very positive effect on the EU crypto market, allowing it to be competitive with other regions that are actively introducing crypto regulations and enabling it to become the global crypto hub. 

First of all, MiCA will replace the current regulations of different EU countries. Germany, Italy, Spain, France, and other countries all have different regulations, with different travel rules, minimum sizes of no-KYC transactions, and many other differences. This leads to companies spending additional resources to adapt their KYC and AML processes to every single legislation separately. For example, Binance had to exit the Netherlands market due to being unable to get a necessary license. With the new MiCA rules covering the whole EU, cases like this won’t happen again, since the companies will have to comply with a unified standard, making operating within the EU crypto market much easier and cheaper. 

Another important thing to note is that MiCA bans things that are obviously dangerous and economically unstable. One of the biggest changes that the regulations will bring is the total ban on algorithmic stablecoins. In simple words, there are two types of stablecoins: currency-backed and algorithmic. Currency-backed stablecoins ensure their stable price by having locked funds in a 1:1 ratio. In other words, if there is 1,000,000 USDT on the market, Tether will have 1,000,000 USD locked somewhere, promising to buy all that currency back with the locked funds. 

Algorithmic stablecoins, on the other hand, use the demand and supply market principles to keep the target price. If the issuer sees that the stablecoin is losing value, it buys out some of the supply with some other tokens. Scale that high enough, and the collateral tokens used to buy out the stablecoins from the market will begin losing value as well, or the company burning through the collateral tokens, which ultimately leads to the company being unable to take enough stablecoins from the market, and both tokens collapsing. This is exactly what happened to UST and LUNA, with the latter falling by 99.99% in price. Algorithmic stablecoins don’t work, and by banning them completely, MiCA regulations better protect investors’ funds. 

Many people in the crypto space are less optimistic about the upcoming regulations, and they have their points. Implementing KYC and AML protocols will definitely increase the operations costs of the crypto companies, and in the end, users will be the ones paying for it. Hiring a KYC provider, storing all the data, and many more added processes will be expensive, forcing the companies to either cut costs somewhere else or increase their fees and commissions. 

Another point to mention is the security issues. If you don’t have users’ data, it won’t get hacked and leaked. Many users are concerned about their privacy, making an argument that even the traditional finance organizations that have had KYC for tens of years are still falling victim to hacks. 

I believe that these problems, while being very serious, will be mitigated and solved with the crypto market gaining maturity, and processes being improved and tested. Fair and clear regulations are obviously the future of the crypto market, and 2025 will be incredibly challenging and interesting for all crypto users. 

Alexander Ray

Alexander Ray is the CEO and a co-founder of Albus Protocol, a regulation-compliant defi framework for public blockchains, and JFactory, a Swiss company specializing in the development of decentralized finance technology. Alexander is a tech executive and entrepreneur with over 20 years of experience developing infrastructure, as well as cloud- and data-based solutions for European businesses. Working for such companies as Deutsche Bank Frankfurt and General Electric as a software architect and development lead, Alexander was involved in designing and developing forecast models of regulatory risk and financial figures, giving him more profound insight into defi algorithms and instruments from an old finance perspective.

Recommended For You

About the Author: Daniel