Article

Markets in Crypto-Assets Regulation (MiCA): Advantages of the insurance option

The EU requires crypto-asset issuers and providers to implement prudential safeguards. We explore how to mitigate some of the risks in the crypto space.

The EU’s regulatory framework, the Markets in Crypto-Assets Regulation (MiCA), requires crypto-asset issuers and service providers to implement prudential safeguards, either by using their own funds or maintaining an appropriate insurance policy to cover specific risks. In this article, we explore the insurance aspects of MiCA and how a policy can help mitigate some of the risks in the crypto space.

What is MiCA and who does it apply to?

MiCA seeks to address challenges associated with legal certainty, consumer protection, and regulatory fragmentation in the crypto-assets and services market. The rules and guidelines cover the issuance, intermediation, and trading of crypto-assets across EU member states, including:

Licensing requirements
Market abuse prevention
Transparency and disclosure obligations
Liability of custodians

As of December 30 2024, MiCA applies to all entities offering crypto-asset services or issuing crypto assets in the EU, most of which will need to obtain authorisation. These requirements aim to establish consistent regulatory standards, ensuring that qualified and trustworthy entities operate in the crypto-asset market to protect investors and promote market integrity.

Key risks in the crypto investor space

Several risks could significantly impact both crypto-asset service providers and their clients, including:

Misrepresentations or misleading statements by crypto-asset service providers can erode trust and confidence in the industry, leading to financial losses for clients and potential legal repercussions for the service providers.
Acts, errors, or omissions by service providers can result in breaches of legal and regulatory obligations, including the duty to act honestly, fairly, and professionally towards clients. Breaches of confidentiality can also occur.
Failure to implement and maintain appropriate procedures to prevent conflicts of interest can compromise the integrity of the services provided and may lead to biased decision-making or unfair treatment of clients. This issue has contributed to several notable incidents in the crypto industry.
In terms of business interruption, a property loss or cyber event at a crypto organisation could render business activities impossible. Additionally, human error can hinder normal business functioning.
For service providers involved in the custody or management of clients' crypto assets and funds, negligence in safeguarding these assets is a critical risk. Inadequate security measures or negligence in handling clients' assets can result in theft, loss, or unauthorised access, leading to substantial financial losses for clients and liabilities for the service provider.
The loss of documents is a risk that can lead to operational and legal challenges. Important documents, such as client agreements or transaction records, may be misplaced, corrupted, or destroyed, potentially causing delays, disputes, or other legal consequences.

Under MiCA, crypto-asset service providers can be held liable for damages suffered by their clients, highlighting the importance of adhering to legal and regulatory obligations while providing high-quality services.

To mitigate these risks, crypto-asset service providers should prioritise robust risk management frameworks, including strong internal controls, comprehensive compliance programmes, and regular audits. Investing in secure technology infrastructure, implementing effective security measures, and maintaining adequate insurance are also essential. Additionally, staying updated with evolving regulations and industry best practices is crucial for ensuring compliance and mitigating potential risks.

Capital requirements: A choice between funds or insurance

MiCA introduces capital requirements intended to enhance market stability and protect consumers. Crypto-asset organisations must maintain prudential safeguards equal to the higher of the applicable minimum capital requirements in Annex IV of the MiCA regulation or one quarter of their fixed overheads of the preceding year. These safeguards can take the form of an organisation’s own funds or an insurance policy from a third-party entity, or a combination of both.

To comply with MiCA, the insurance must cover the following risks:

(a) Loss of documents.

(b) Misrepresentations or misleading statements.

Legal and regulatory obligations
The obligation to act honestly, fairly, and professionally towards clients
Confidentiality obligations

(d) Failure to establish, implement, and maintain appropriate procedures to prevent conflicts of interest.

(e) Losses arising from business disruption or system failures.

(f) Where applicable to the business model, gross negligence in the safeguarding of clients’ crypto assets and funds.

(g) Liability of the crypto-asset service providers towards clients pursuant to Article 75(8) of MiCA.

Benefits of using insurance to meet capital requirements

The advantage of using an insurance policy to fulfil the capital obligations stipulated by MiCA is two-fold. Organisations can transfer risk, and at the same time, avoid the need to set aside funds for possible adverse events.

A crypto-asset issuer or service provider that uses its own funds to cover risk may face an opportunity cost, as that capital cannot be used for other initiatives, such as research and development or investment.

Organisations can use a MiCA-compliant insurance policy to protect against potential disruptions under a single cover. Previously, multiple insurance policies were necessary to cover these key risks. Even with multiple insurance policies purchased, market standard exclusions could leave certain risks uncovered, raising concerns about whether this approach properly addresses the regulatory requirements.

How to secure insurance

The entry of large financial institutions into the crypto world has incentivised crypto-asset service providers and issuers to prioritise risk management and insurance strategies. However, the absence of regulation has previously deterred some insurers from offering products in this market.

MiCA has made crypto-asset risk more appealing to insurers through its framework for conducting crypto-asset business in a regulated environment. Marsh offers MiCAssure, providing organisations with operational safeguards and the potential to free up capital. The ability to better mitigate risks related to digital assets is likely to play a significant role in driving growth in this market.