With MiCA Around the Corner, How Mature Is the Crypto Trading Market?
— Perspectives from the Baltics, once a global crypto hub.
Crypto traders receive massive fines as supervisory authorities ramp up ahead of MiCA, the Markets in Crypto-Assets regulation later this year. “In the last couple of years CASP’s (Crypto Asset Service Providers) have taken leaps in regulatory compliance maturity, however some market players have a lot to work on. The market overall is still quite immature, but we are seeing positive efforts to augment governance and risk management,” says Deivydas Razminas Senior, Manager Baltics at Advisense.
Those companies that are not yet fully prepared for upcoming regulatory requirements MICA regulations should be busy. What´s at stake? Expectations to demonstrate assurance that frameworks and processes are adequately developed and effectively in place. Given the general risk environment, they will want to be credible in their provision of safe services to their clients.
Similarly to all financial instruments crypto asset trading can be utilized as part and parcel of corruption and money laundering schemes, tendentially in jurisdictions with less stringent regulations. As the European Union implements the Markets in Crypto-Assets (MiCA) regulation in December 2025, experts are also expecting to see a migration of certain crypto-asset service providers (CASPs) to alternative regulatory environments.
In June, the UK regulator fined the one of the world´s largest cryptocurrency exchanges Coinbase GBP 3.5 million for serving appr 13,000 high-risk customers. In July, Lithuania fined crypto company UAB Payeer a record EUR 9.3 million for sanctions and money laundering violations involving Russian clients. According to a statement from the Lithuanian Financial Crimes Investigations Service, Payeer had given Russian individuals and legal entities the opportunity to receive cryptocurrency wallet, account management or storage services and carry out transactions in Russian rubles by transferring them from European Union-sanctioned Russian banks.
UAB Payeer was operating in Lithuania only since October 2022, setting up shop after having its registration to carry out VASP (Virtual Asset Service Provider) business revoked in its former home market Estonia as its activities were established as incompatible with international sanctions.
CASP migration
According to estimates reported by Estonian news channel Aktuaalne Kaamera, in 2021 nearly half of the world’s crypto service providers were registered in Estonia, making the tiny country with less than 1,5 million inhabitants one of the largest crypto markets globally. The Financial Intelligence Unit (Rahapesu Andmebüroo/ RAB) has managed to reduce their number to around 50.
The Estonian FIU has been quick to adopt stringent regulations for crypto traders in light of MiCA. This has seen a ripple effect in the market, with 900-1000 crypto exchanges moving across the border to Lithuania. Comparing with crypto exchanges in France, Germany and Canada, Lithuania remains in the top five, which may be seen as disproportionate given its population of three million people.
Typically migrating companies that are out ‘jurisdiction shopping’ are not the best players, says Deivydas Razminas Senior Manager Baltics at Advisense. Lithuania is seen as a gateway for some of the less scrupulous CASP’s that operate with a fictitious front, with little or no established physical presence, no reported financial data, in some cases easily recognized by the use of email addresses and phone numbers based in other high -risk jurisdictions including Russia. The legal ownership can also be tied to high-risk ownership and high-risk jurisdiction linked to Russian trading coalition.
Deivydas Razminas describes a certain category of CASP’s as nomads. There has been a clear and substantial shift from Estonia to Lithuania, and as Lithuanian supervisory authorities are sharpening regulations in preparation for MiCA, and with the record fine issued to Payeer in July as a clear sign, he is now observing a new movement from Lithuania to Poland and other jurisdictions with more favourable regulations. As the MiCA regulation closes in, a consistent decline is seen in the number of crypto companies in Lithuania. An important question now is where do players go next?
Crypto, corruption and money-laundering
For obvious reasons crypto exchanges need a payment processor for fiat payments. It is however very hard for crypto exchanges to open accounts with credit institutions. Or, they are simply refused by a lot of banks.
Less mature companies tend to have higher risk appetite. They are often part of very complex structures, linked to Cyprus or similar higher risk jurisdictions, and it is not uncommon for CASPs to have the same ownership and company controls as their payment providers.
Looking at the maturity across the board with the CASPs segment, a significant portion needs to improve their governance and risk management, particularly regarding anti-money laundering and anti-corruption measures, says Deivydas Razminas. Crypto can be misused to launder illicitly gained funds, such as corrupt payments. As technology advances, the adoption of cryptocurrency is expanding beyond everyday users to include a growing number of Politically Exposed Persons (PEPs). Deivydas Razminas has observed that some cryptocurrency accounts are already being held by PEPs.
Based on his observations, it is interesting to see how account owners do not match the typical age dynamic. Those who have accounts in some of the high-risk trading companies do not fit the young, tech-savvy profile that you would likely expect.
Crypto in the context of sanctions and conflict
At the time of the Russian invasion of Ukraine, dozens of pro-Russian groups were reported to use cryptocurrency donations to fund the war in Ukraine.
Meanwhile, the onset of the war saw an increase of 12 million crypto transactions from Russia to Lithuania according to Chainalysis. It is also noted that the Wagner group, a private military company (PMC) which is widely believed to have close ties to the Russian government, particularly the Kremlin and Russia’s military intelligence service (GRU) was paid in crypto, as an increasing crypto activity is observed in Russia to circumvent sanctions, or for trading on places as the Darknet. Because of the nature of instant and borderless blockchain transfers, crypto payments are hard for gatekeepers to stop, report and cease funds. It is also hard for law enforcement to deal with. Hence, it becomes equally advantageous for major actors like Russia to engage with criminal entities.
On the other hand, Elliptic released a report saying that one year after the invasion, for every dollar’s worth of crypto raised by Russian military fundraisers, Ukraine had raised about $44 – with crypto contributing a fifth of overall grassroots fundraising to Ukrainian causes.
For sure, crypto technology has been very useful to collect financial support to Ukraine to start with, this is an important point. With the 14th Eu sanctions package, sanctions enforcement is strengthened, including a strengthened focus on co-operation with third countries to prevent sanctions evasion, particularly in areas where Russia has been finding loopholes. With the 14th package also comes tougher payments for non-compliance.
Deivydas Razminas
Measuring maturity
At present, governance across the crypto industry does not correlate to any systematic approach, and a lot of online players are failing due diligence. Internal control frameworks are lacking even in major CASPs, exemplified by the case of the crypto exchange FTX in the US, where the co-founder Sam Bankman-Fried was sentenced to 25 years in prison for defrauding customers and investors.
Advisense in the Baltics have supported crypto clients to validate their anti-financial crime risk management frameworks, methodologies for scoring of funds and detection of suspicious accounts. The core issue is often the need to understand what is different from fiat trading companies.
According to Deivydas Razminas, there is now a more proactive approach, and traders that move forward will gain an advantage ahead of mandatory requirements. It is very positive to see more crypto traders focusing efforts on fixing their frameworks and processes, to assure that services to clients are safe and that they are positioned when the MiCA regulation is fully enforced.
Based on experience assisting crypto trading companies in the Baltics, there are a number of recommendations that can be made going forward.
- Fulfill specific experience and competence requirement for the managers of VASP.
- Create assurance around proper and proportionate consumer protection.
- Validate policies and procedures to ascertain that they match needs according to the current risk exposure and operating model of their business
- Ensure an effective implementation of Transfer of Funds regulation (aka Travel Rule)
- Lastly, urgency in developing controls. There is a first mover advantage to be had in this market, with the general assumption that the largest players will likely move first.
As the market matures, governments and financial intelligence units will strengthen their capabilities to identify suspicious activities. Given the nature of the technologies in place, it is impossible to delete activities, hence logically the possibilities to trace activities is greater.
With respect to Lithuania in particular, the national risk assessment report is due this year, and will allow everyone to see tendencies with their risk environment, most likely with an even stronger focus on crypto. And considering the MiCA implementation, we should expect to see government agencies to launch a larger number of investigations and reports in near future. CASPs should follow not only the national risk assessments within their licensed home jurisdiction, but also take into account trends across the most recent national risk assessments worldwide and supplement their internal risk controls accordingly. And lastly, information-sharing and international collaboration will only become more important.
Deivydas Razminas
Background on MiCA
The purpose of the Markets in Crypto-Assets Regulation (MiCA) is to establish a uniform market rule for crypto assets in the EU. MiCA came into force in June 2023, and the first implementation phase comes to an end by December 2024, which is also the deadline for ESMA to issue guidance on the requisites and criteria for classification of crypto assets as financial instruments.
MiCA covers crypto-assets that are not currently regulated by existing financial services legislation. Key provisions for those issuing and trading crypto-assets (including asset-reference tokens and e-money tokens) cover transparency, disclosure, authorisation and supervision of transactions. The new legal framework aims to support market integrity and financial stability by regulating public offers of crypto-assets and by ensuring consumers are better informed about their associated risks.
The deadline in December will be followed by transition period up until June 2026, during which ESMA will be working with national competent authorities (NCAs) on a convergent approach to authorisations of crypto-asset service providers (CASPs). Key is to achieve consistent practices and alignment of supervisory expectations related to entities offering crypto-asset services across EEA jurisdictions.
Article written by Louise Brown.
Find more related news on this topic here.