EU/Luxembourg Update On The Regulation On Markets In Crypto-Assets And The Digital Operational Resilience Act

K&L Gates


At K&L Gates, we foster an inclusive and collaborative environment across our fully integrated global platform that enables us to diligently combine the knowledge and expertise of our lawyers and policy professionals to create teams that provide exceptional client solutions. With offices spanning across five continents, we represent leading global corporations in every major industry, capital markets participants, and ambitious middle-market and emerging growth companies. Our lawyers also serve public sector entities, educational institutions, philanthropic organizations, and individuals. We are leaders in legal issues related to industries critical to the economies of both the developed and developing worlds—including technology, manufacturing, financial services, health care, energy, and more.
The Regulation on Markets in Crypto-assets (MiCA)1 is part of the European Commission's Digital Finance Package of September 2020.
European Union Technology
To print this article, all you need is to be registered or login on

MiCA Update

The Regulation on Markets in Crypto-assets (MiCA)1 is part of the European Commission's Digital Finance Package of September 2020, which includes other regulatory initiatives, such as the Pilot Regime for market infrastructures based on distributed ledger technology2 and the Digital Operational Resilience Act (DORA).3

MiCA will apply:

  • First, as of 30 June 2024, regarding asset-referenced tokens (ART) and e-money tokens (EMT); and
  • Second, as of 30 December 2024, for all other matters, in particular regarding crypto-asset service providers (CASP).

With MiCA, the European Union (EU) is adopting for the first time a harmonized regulatory framework for the crypto-asset market, which applies to both traditional institutions of the financial sector and new players emerging in the crypto ecosystem.4 These entities must meet a set of specific requirements to benefit from a regulated status recognized across the EU in the form of a European passport and need to either (depending on their current regulatory status) notify, or submit an authorization request with, their national financial sector supervisory authority.

The Luxembourg financial sector supervisory authority (CSSF) is preparing itself for the upcoming application of MiCA. As is usually the case, the CSSF intends to apply a proactive approach and already invites entities with specific projects to (i) provide services as a CASP or (ii) issue ART or EMT to contact it now to initiate a preliminary dialogue. Entities already supervised by the CSSF should contact their usual point of contact at the CSSF; entities not yet supervised by the CSSF should contact the CSSF at

DORA Update

In view of the increasing risks with respect to information and communication technology (ICT) and the growth in digitalization and interconnectedness, DORA was established to further strengthen the digital operational resilience in the EU financial sector by introducing a common legal framework. DORA contains comprehensive rules with respect to ICT risk management, ICT incident management, ICT third-party risks, digital operational resilience testing, and voluntary exchange of information/intelligence on cyber threats.

DORA largely covers the EU financial sector with a scope of application extended to the 20 different types of financial entities listed in article 2 of DORA. DORA will be directly applicable to those financial entities in the EU as of 17 January 2025.

The corresponding Directive (EU) 2022/2556, the aim of which is to include in all financial sector directives a cross-reference to DORA, needs to be implemented into national law by each EU member state. Luxembourg has started the implementation process in August 2023.


1 Regulation (EU) No 2023/1114.

2 Regulation (EU) 2022/858; see our blog post of 7 March 2023.

3 Regulation (EU) 2022/2554.

4 MiCA is complementary to the existing EU framework, such as to Directive 2014/65/EU on markets in financial instruments (MiFID II).

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.

See More Popular Content From

Mondaq uses cookies on this website. By using our website you agree to our use of cookies as set out in our Privacy Policy.

Learn More