The European Securities and Markets Authority (ESMA) has raised concerns over Malta’s fast-track authorization of a crypto asset service provider (CASP) under the Markets in Crypto Assets (MiCA) regulation, highlighting unresolved compliance issues at the time of approval.
Peer Review Exposes Regulatory Gaps
As part of a peer review conducted by ESMA’s Peer Review Committee (PRC), a specific CASP entity was found to have been authorized in Malta despite several key compliance matters remaining unresolved. The review questioned why the Malta Financial Services Authority (MFSA) did not ensure that deficiencies were fully addressed before granting regulatory clearance.
“It is unclear to the PRC why MFSA did not leverage the authorization process to ensure the entity would remedy key deficiencies before becoming effective,” the report stated.
This raises broader questions about regulatory rigor in MiCA implementation across EU member states, especially as crypto firms seek favorable jurisdictions under the evolving EU-wide crypto framework.
OKX Under Speculation Amid $500M DOJ Settlement
Top crypto exchange OKX, which received pre-authorization in Malta earlier this year, has not confirmed whether it is the entity referenced in the ESMA report. This comes amid revelations of a $500 million settlement with the U.S. Department of Justice, raising speculation around the timing and thoroughness of Malta’s regulatory approval.
While Malta’s MFSA declined to comment on specific entities, it welcomed the findings, stating they will help reinforce regulatory frameworks moving forward.
Authorization Timing and Oversight Under Scrutiny
According to the ESMA review, Malta’s authorization process lacked sufficient time and depth to properly evaluate business plans, governance structures, and risk management systems. Areas flagged include:
- Incomplete assessment of the entity’s supervisory history
- Weak oversight of AML/CFT controls and ICT infrastructure
- Insufficient review of client onboarding models and growth plans
- Potential conflicts of interest not adequately addressed
The ESMA report added that Malta had otherwise met expectations in supervisory infrastructure and resources, but the authorization track specifically fell short.
Broader Implications for MiCA Compliance
This probe may prompt other EU regulators to reassess their authorization timelines under MiCA, especially as high-profile firms rush to gain regulatory status ahead of full MiCA implementation.
The MiCA regime, which aims to unify crypto regulations across the EU, places significant emphasis on transparency, governance, AML compliance, and investor protection.
Conclusion
As Malta emerges as a go-to jurisdiction for crypto licensing, regulatory scrutiny from ESMA signals the need for caution, due diligence, and balanced oversight. With MiCA setting the standard for the EU’s crypto future, national regulators will be expected to uphold both speed and substance—especially when authorizing firms with complex compliance histories.
Disclaimer
This content is for informational purposes only and does not constitute financial, investment, or legal advice. Cryptocurrency trading involves risk and may result in financial loss.