Regulation of the crypto-asset market is undergoing significant changes with the introduction of the MiCA (Markets in Crypto-Assets) Regulation. The new rules will provide a clearer legal framework for crypto-asset service providers, increase transparency, and strengthen investor protection. But what challenges await businesses, and how can they prepare for the new regulatory requirements? Michaela Mokrá of Hronček & Partners, an expert in financial law and crypto-asset regulation, shares her perspective on the key changes, their impact on the market, and how a law firm can help companies effectively ensure compliance with the new legislation.
To start with, could you tell us a bit about your legal background? Where did you study, and what is your experience?
I completed my undergraduate studies at the Faculty of Law at Comenius University in Bratislava. During my studies, I focused on achieving excellent grades, but the faculty wasn’t my primary focus; instead, I tried to split my schedule between early morning and late evening hours so that I could always work as well. Right at the start of my studies, after less than two months, I had my first job at a law firm, so I also got to see the practical side of law. It was a small firm with just a few employees, and at that time, many matters were still handled on paper, so I frequently visited courts and bailiffs and got to know the work of other legal professions as well. Later, I worked at a relatively large firm with international clients, where I was given ample opportunity to work independently. My work style differed from that of other students because I had my own office and my own caseload, for which I was responsible and for which I needed to develop a system, while also collaborating on more complex assignments where I had the opportunity to learn from excellent lawyers.
Because I worked in the legal profession from the very beginning of my studies, I encountered, at least in part, most legal matters and areas—from routine commercial registry matters, and debt collection, through litigation, legal advice to investors and startups, to my current focus on finance. In this way, I have gradually deepened my expertise, learned to respond flexibly to market changes, and at the same time built up a broad range of knowledge and experience across multiple fields.
What areas of law do you specialize in?
Currently, my specialization focuses primarily on commercial and financial law, with significant overlap into the areas of crypto-assets and financial technologies (so-called fintech). This is also related to my work on projects dealing with the provision of cryptoasset services and regulation in this area. At the same time, I focus on compliance and AML issues—that is, adherence to regulatory rules and guidelines designed primarily to protect investors and ensure transparency in financial markets.
In practice, this means that I help clients in this sector establish a legal framework for their business that complies with applicable laws, while also enabling them to meet all legal requirements effectively, while taking into account the growth of their business. In this context, I also address issues of cybersecurity and digital operational resilience, although this is a complex and broad field, and I am still gradually familiarizing myself with it, currently working primarily as legal support for our colleagues – experts in the field.
What led you to the field of crypto-assets and financial market regulation?
After finishing my studies, I didn’t want to specialize in just one area right away; I enjoyed several areas, particularly contract law and labor law, and it was hard for me to rule out certain fields if I hadn’t even tried them yet. Of course, I knew that specialization is very important in law, because the narrower it is, the more of an expert one can truly become in that field. Nowadays, the narrowest possible specialization and division of labor within a team is actually an advantage, because that is the only way one can become an expert in a particular field. The era of polymaths and lawyers with a broad, universal focus is gradually coming to an end, because given the current volume of regulations and the speed of change, it is impossible to sufficiently master multiple areas of law, let alone all or nearly all of them.
As for the financial aspect, for me it was more a matter of circumstances than any initial interest in the topic of finance and digitalization. At the office, I sat next to a colleague who was more interested in these topics and made significant progress and contributions in them, and thanks to him, I also began to recognize the innovation and potential of the sector. We then worked together on some projects; I later went on maternity leave, and in the meantime, he left to work for a regulatory body.
Since I returned to work relatively quickly after maternity leave—which, however, required a role with a high degree of flexibility—and since at that very time there was a need for someone who could oversee these topics, these two circumstances aligned, and I gradually began to delve deeper into them. However, I gradually began to enjoy the topic, and finding a balance between the need for regulation and preserving innovation in such a dynamic sector is both motivating and challenging for me.
What changes will the MiCA Regulation bring to the crypto-asset market?
The MiCA Regulation certainly represents a globally revolutionary legal framework for the previously almost unregulated world of crypto-assets, built on the ideas of decentralization and differentiation from “traditional” financial systems and their regulatory framework. The MiCA Regulation covers all types of crypto-assets that are not yet regulated by existing financial services legislation, and introduces uniform rules, including the requirement for licensing and supervision of crypto-asset service providers—principles that are already standard for many conventional financial institutions.
For the market, this means greater transparency; for investors, increased certainty; but for service providers, it also entails a certain increase in costs and administrative requirements. Overall, however, MiCA should bring greater legitimacy and credibility to the crypto sector in the eyes of the public, business partners, and regulatory authorities.
Who will the regulation apply to?
As of December 30, 2024, the MiCA regulation applies to natural and legal persons and certain other entities that issue crypto-assets, their public offering, and admission to trading, or that provide crypto-asset-related services within the Union.
In principle, however, some obligations apply more broadly; for example, Article 92(1) of the MiCA Regulation imposes market abuse prevention obligations on any person who professionally arranges or executes transactions in crypto-assets—a concept broader than that of a crypto-asset service provider and which may also include persons who trade professionally on their own account. According to certain statements by the European supervisory authority ESMA, however, this applies more to persons who also have employees and a structure through which they systematically trade in crypto-assets on their own account.
It is certainly important to note, however, that even a company that is not directly a crypto-asset service provider may, under this provision, be required to report suspicious transactions if it encounters them in the course of its business.
Persons who, prior to December 30, 2024, were authorized under a special regulation to provide virtual currency exchange services, provide virtual currency wallet services, or provide services and activities that, by their nature, meet the criteria of crypto-asset services, may continue to carry out such activities until December 30, 2025, at the latest. The transition period is therefore only 12 months, meaning it will end in Slovakia 6 months earlier than the maximum transition period set by the MiCA Regulation. This is not entirely appropriate, as there has been virtually no regulation of the crypto sector in Slovakia to date; there was only a restricted trade license, which was not particularly difficult to obtain, and while entities already had obligations under AML, but in most cases, their compliance is insufficient for the purposes of the licensing process to the extent required of a licensed entity, and these AML policies must also be properly established by applicants, and thus entities must move, as it were, from a regulatory level of zero to a relatively strict level of regulation comparable to other entities in the financial sector, while the timeframe within which they must have this in place and by which they must also have obtained a license is truly extremely short. Therefore, it is certainly necessary for crypto-asset service providers, if they wish to continue operating, to enter the licensing process as soon as possible.
I would also add here that if an entity provides crypto-asset services under the “grandfathering” principle, i.e., during this transitional period, it cannot yet benefit from passporting and therefore cannot simply transfer its services to another Member State unless the host country had already authorized such services under the old regulations prior to the entry into force of the MiCA Regulation. Importantly, such entities cannot transfer their services to a Member State that has already ended its transition period.
How will MiCA affect crypto-asset service providers?
Crypto-asset service providers will have to obtain the appropriate authorization to provide their services within the EU, which involves preparing to meet a broad list of licensing conditions and subsequently undergoing a relatively complex licensing process before the supervisory authority. At the same time, they will be required to comply with strict rules regarding security, segregation of client assets, and user information. Significant changes are primarily in the area of digital operational resilience of entities, where they are subject to a wide range of obligations stemming from the separate regulation of the DORA, which is also linked to numerous technical implementing regulations. There will also be new requirements for disclosing risk information and rules for marketing communications, which will help investors make informed decisions. In practice, this means more administrative work for crypto-asset service providers, as well as the need to modify certain processes and align them with the requirements of the new regulation; however, it should also lead to a more transparent and secure environment for all participants.
What are the main challenges associated with the implementation of MiCA?
For service providers, the main challenges are adapting their business model and ensuring the necessary technical and personnel resources to meet all obligations. Service providers will have to undergo a demanding adaptation process, including reorganizing internal processes and updating contracts and internal regulations, in order to obtain the necessary authorization. All of this will require time, financial resources, and ideally expert legal assistance.
The crypto-asset market consists primarily of smaller startups and technology companies that may not be able to meet all the relatively broadly defined conditions, and this may represent a disproportionate regulatory burden for them. The MiCA Regulation will certainly bring about significant consolidation in the market and among crypto-asset service providers, which is primarily due to the very complexity of the licensing process compared to the previous practice of conducting this activity solely on the basis of a licensed trade. A smaller number of crypto-asset service providers may lead to a lack of competition in the market as well as the unavailability of certain services and types of crypto-assets.
Among the main regulatory challenges is certainly the harmonization of existing national regulations and the alignment of Member States’ various approaches with the new rules.
Another regulatory challenge is rapid technological development—in this sector, both European and national legislators must ensure that regulation is sufficiently flexible and does not hinder innovation. Although the MiCA regulation is written in relatively general terms, discussions are already emerging regarding the inclusion of certain new phenomena within the scope of the regulation. At the same time, ESMA, as the European supervisory authority, has already launched consultations on decentralized finance (DeFi), which blurs the traditional boundaries between service providers and users, complicating regulatory options. It is precisely with DeFi that questions arise regarding who should fulfill regulatory obligations or bear legal liability, while there is growing talk of the need for further legislative measures beyond the scope of the MiCA Regulation itself.
Is MiCA a step in the right direction for the crypto market?
In my opinion, MiCA is a significant step toward clearer rules of the game. It helps reduce legal uncertainty and prevents “regulatory arbitrage,” where companies relocate to countries with more lenient laws. Crypto is no longer a new topic, and the market has grown to the point where it is capable of shaking up the financial sector globally, so the need for regulation is truly essential.
MiCA represents a significant harmonization of legislation within the EU, as it replaces the diverse and inconsistent rules that have existed across EU member states since its entry into force.
Transparency and information are certainly key; this is further linked to investor protection, increased security of financial systems, and the clarification of measures to prevent money laundering and terrorist financing in the crypto-asset sector.
For retail clients of crypto-asset-related services, the new rules may increase the availability, quality, and clarity of the services provided, as well as the level of client protection when using them, as they will, to a certain extent, limit the abuse of the crypto-asset market.
At the same time, entities that successfully obtain a license to provide crypto-asset services will enjoy a more credible standing in the eyes of both investors and traditional financial institutions, particularly banks and credit institutions, which may consequently be more open to cooperation.
In my view, MiCA represents a significant and positive step by the EU, reflecting the need for meaningful regulation of such an important market. Although it is already clear that the regulation will need to be adapted in the future based on practical experience, it provides investors with greater legal certainty and contributes to a more transparent environment, which will naturally help the market weed out dubious projects.
How do you see the future of cryptoasset regulation? Do you think it will become even stricter?
I expect regulation to gradually grow and improve. Cryptoassets are no longer a fringe phenomenon—they are changing the way people invest, transfer value, and use various financial products. More and more people are investing in cryptoassets, and they are also becoming more accessible. At the same time, however, transactions involving cryptoassets remain largely anonymous, which naturally leads to growing interest from governments and international institutions seeking to protect consumers and prevent financial crime. However, it is important that the new regulatory framework does not stifle innovation; on the contrary, it should help create an environment of trust for responsible players while eliminating fraudulent projects.
What legal aspects do you consider the most complicated in the regulation of cryptoassets?
One of the fundamental elements is the correct classification of cryptoassets—further legal implications stem from this; it is necessary to assess their nature as a financial instrument and the application of securities regulations, and subsequently determine the obligations of the issuer and the entity bringing these cryptoassets to market.
For crypto-asset service providers, security is key, particularly the protection of private keys, AML (Anti-Money Laundering) and KYC (Know Your Customer) compliance, as well as cybersecurity. This is not just an internal document sitting in a drawer, but rather a set of ongoing processes that entities establish at the outset, requiring them to be as specific as possible, taking into account the entity’s specific business model as well as the specific risks associated with their own products, services, and clients, technical infrastructure, supply chains, and third parties—but it doesn’t end there. These processes require constant monitoring, development, and refinement, and they are often financially and administratively demanding for entities.
On the part of supervisory authorities, it is important to address international cooperation, as crypto-asset markets are global and thus inherently cross-border. The Union should therefore continue to support international efforts to promote convergence in the treatment of crypto-assets and crypto-asset services through international organizations or bodies. At the global level, a major question is how to coordinate and approach this crypto-asset market, as well as the need for more universal global regulation across jurisdictions. Some international organizations are addressing this agenda; for example, the World Economic Forum has published a white paper on a global approach to cryptoasset regulation, and the International Organization of Securities Commissions has issued a detailed manifesto of 18 principles for global regulation of the crypto sector. Of course, some form of global uniform regulation is not realistic at this time, but these principles and the outputs of international organizations can serve as soft law, can be incorporated into legal frameworks across jurisdictions worldwide, and can contribute to greater regulatory consistency.
How can a law firm help businesses adapt to the new MiCA regulation?
A law firm can provide clients with comprehensive advice in preparing for legislative changes. Specifically, this includes, for example, the proper identification and categorization of crypto-assets, assistance in drafting internal policies and establishing processes to ensure the entity meets all legislative requirements, representation in proceedings to obtain necessary licenses, and the review of contractual documentation and internal processes, including post-licensing compliance efforts. This helps entrepreneurs avoid the risk that their activities will conflict with the MiCA Regulation, which could lead to sanctions or a loss of investor confidence.
What legal risks should investors in the crypto-asset sector be aware of?
Investors should bear in mind the volatility and technical complexity of crypto-assets, which may be prone to rapid price fluctuations.
Even though we have the MiCA regulation, which will allow only licensed and supervised entities to operate on the European market, cryptoassets should still be viewed as a risky investment, and one should only invest funds for which one can accept the associated level of risk. European institutions continue to highlight this and raise awareness about the risks associated with this type of investment. Protecting personal access credentials is also crucial, as the loss or theft of private keys can result in the irreversible loss of your investment.
Retail clients must always be properly informed about the characteristics, functions, and risks of the crypto-assets they intend to purchase, through a crypto-asset white paper, which is also reported to the NBS. The crypto-asset white paper contains general information about the issuer, the person offering the crypto-assets, the project to be implemented using the raised capital, the public offering of crypto-assets or their admission to trading, the rights and obligations associated with the crypto-assets, the underlying technology used in such crypto-assets, and the relevant risks. Information contained in relevant marketing communications, such as advertisements and marketing materials, is also subject to review; such information must be impartial, clear, and not misleading, and consistent with the information provided in the crypto-asset white paper.
