top of page


ESMA MiCA third consultation paper: a deep-dive into proposed market abuse requirements for crypto-assets


Milan Juhasz

Insights from ESMA's MICA Third Consultation Paper

TL:DR – the proposed market abuse rules for crypto-assets under MiCA are based heavily on the existing TradFi rules set out in MAR. Potential challenges facing crypto firms operating in the EU include: the expansive scope of Persons Professionally Arranging or Executing Transactions (PPAETs); prohibition of certain business practices (e.g. MEV); and difficulty attributing responsibility for STOR submission.

Introduction to the Third Consultation Paper

The European Securities and Markets Authority (ESMA) recently released its third consultation paper on the Regulation on Markets in Crypto-Assets (MiCA). This document, a critical step in defining the regulatory landscape for crypto-assets within the European Union, focuses on the prevention and detection of market abuse in crypto-asset transactions. This regulation aims to ensure that the burgeoning crypto market operates under the same scrutiny and standards as traditional financial markets, thereby enhancing investor protection and market integrity.

The consultation paper provides detailed technical standards for detecting and reporting suspected market abuse in crypto-assets. It draws heavily on existing rules from the traditional financial markets, particularly the Market Abuse Regulation (MAR). However, adapting these rules to the unique characteristics of the crypto market poses several challenges. This article delves into the key aspects of the proposed standards, particularly focusing on Persons Professionally Arranging or Executing Transactions (PPAETs), the requirements for Suspicious Transaction and Order Reports (STORs), and the implications for various crypto firms operating within the EU.

Proposed Technical Standards for detecting and reporting suspected Market Abuse

PPAETs: expansive scope and new challenges

One of the critical components of the proposed regulations is the broad definition and scope of PPAETs. According to MiCA, PPAETs include entities that professionally arrange or execute transactions in crypto-assets. This category encompasses a wide range of activities, including trading platforms, portfolio management services, and entities involved in the exchange of crypto-assets for funds or other crypto-assets. The expansive scope ensures comprehensive coverage of all potential market participants who could influence market behavior.

However, this broad definition introduces challenges, particularly for entities that must now implement extensive monitoring systems to comply with these regulations. These systems must be capable of real-time and deferred analysis of trading activities, including the ability to replay order book data and generate alerts for potential market abuse. For many crypto firms, especially smaller ones, developing and maintaining such sophisticated systems could be resource-intensive and complex.

STORs: ensuring compliance and effective reporting

Suspicious Transaction and Order Reports (STORs) are central to the new market abuse regime. PPAETs are required to submit STORs to the relevant national competent authorities (NCAs) whenever they suspect market abuse. The STORs must be detailed, providing a clear and comprehensive account of the suspicious activity, including the rationale behind the suspicion and any relevant supporting documentation.

The requirement for STORs to include aspects of the functioning of the distributed ledger technology (DLT), such as consensus mechanisms, adds another layer of complexity. Firms must ensure that their monitoring systems can analyze and detect suspicious activities related to DLT operations. Additionally, the confidentiality of these reports must be maintained, with stringent procedures to prevent unauthorized access to the information contained within STORs .

Scope of the new obligations

The definition of Market Abuse in Crypto Assets

Title VI (Articles 86 – 92) of MiCA establishes regulations designed to safeguard market integrity and deter market abuse. These regulations cover the handling of insider information regarding crypto assets, the public release of such information, and the prohibition of insider trading and broader market manipulation. The behaviors outlined in the regulation are similar to the ones described in the Market Abuse Regulation (MAR).

For clarity, Article 8 and 12 in the EU MAR outlines the behaviors which constitute market abuse. These can be summarized in the following categories:

Behaviours Categorised by the EU MAR

Firm types and scope of prevention mechanisms

The new regulations apply to various firm types within the crypto-asset ecosystem. This includes crypto-asset service providers (CASPs) operating trading platforms, entities involved in the execution and transmission of orders, and those providing portfolio management services. The rules mandate these entities to implement robust arrangements, systems, and procedures to monitor and detect market abuse effectively.

The scope of these prevention and detection mechanisms is extensive. Firms must ensure continuous monitoring of all orders and transactions, regardless of whether they occur on or off a trading platform. This comprehensive approach aims to leave no loophole that could be exploited for market manipulation or insider trading.

Implications for the Crypto-Asset industry

The new requirements bring significant implications for the crypto-asset industry. For PPAETs and CASPs, the need to establish and maintain sophisticated monitoring systems presents both a technical and financial challenge. These firms must invest in advanced software capable of handling high-frequency trading environments and producing real-time alerts. Additionally, firms must ensure an appropriate level of human oversight, with trained staff capable of interpreting and acting on the data generated by these systems.

The prohibition of certain business practices, such as front-running and manipulative trading strategies, aligns the crypto market's regulatory framework more closely with traditional financial markets. This alignment could lead to a more stable and trustworthy market environment but also requires firms to reassess and possibly overhaul their current business practices.

Appropriate arrangements, systems, and procedures

A holistic compliance framework that includes policies, procedures, and controls for market abuse detection is essential. This framework should be regularly reviewed and updated to adapt to evolving market conditions and regulatory changes.

Firms must establish arrangements, systems, and procedures that are not only effective but also proportional to the scale and nature of their activities. This proportionality ensures that the regulatory burden is manageable for smaller firms while maintaining high standards for larger entities. Regular assessments and updates to these systems are mandatory, ensuring they remain fit for purpose as market conditions and technologies evolve.

Moreover, firms are encouraged to document all procedures clearly and maintain these records for at least five years. This documentation serves as a crucial audit trail for regulatory authorities to review and ensures accountability within the firm  . Training for staff involved in monitoring and detection is also emphasized, ensuring they are equipped with the necessary skills and knowledge to handle complex market abuse scenarios.

Regular training and development programs

Ensuring that staff are well-versed in the latest market abuse tactics and regulatory requirements is crucial for effective compliance. Regular training programs and workshops are not just a regulatory checkbox but a strategic necessity. These should be tailored to the specific roles and responsibilities within the organization. For instance, traders, compliance officers, and IT staff should each receive training relevant to their functions. Compliance officers need to understand the intricacies of market abuse detection and reporting, while IT staff should be adept at maintaining and updating the surveillance systems.


The proposed market abuse rules for crypto-assets under MiCA mark a significant step towards aligning the regulatory standards of the crypto market with those of traditional financial markets. While the adoption of MAR-like rules ensures a robust framework for preventing and detecting market abuse, the unique characteristics of the crypto market present new challenges for firms. The expansive scope of PPAETs, the stringent requirements for STORs, and the need for sophisticated monitoring systems highlight the significant compliance efforts required from market participants.

As the crypto-asset market continues to grow and evolve, these regulations will play a crucial role in safeguarding its integrity and protecting investors. Firms operating within the EU must proactively adapt to these changes, investing in the necessary technologies and training to meet the high standards set by MiCA. The future of the crypto market hinges on its ability to operate within a transparent and fair regulatory environment, ensuring trust and stability for all participants.


This article was written in collaboration with Anna Nicolis and James Nicholls from Braithwate.

We are specialist advisors in financial services. We help our clients: navigate the regulatory landscape; launch and scale regulated businesses; embrace digital assets with confidence; and focus on running their business, while we take care of compliance. With consultants in London and New York, we are experts in cross-border compliance, with a particular focus on banks, brokers, digital assets and trading firms.

Milan Juhasz & Ankur Mehta

bottom of page