Dominika Waltz-Komierowska, Acting Deputy Director of the Legal Department at the UKNF

New voices from the public have emerged recently, asserting that the proposal for a Polish regulatory framework on crypto-assets represents the most stringent rules in the European Union, so some firms are planning to move their business, for example, to Estonia, where the rules are friendlier.

Are such claims justified and are the Estonian rules really less strict?

Regulation on markets in crypto-assets (MiCA Regulation1) introduces a regulatory framework for operators in markets in crypto-assets. As of 30 June 2024 it’s going to apply to issuers of asset-referenced tokens and e-money tokens, and as of 30 December 2024 – to issuers of tokens other than asset-referenced tokens and e-money tokens and to crypto-asset service providers (e.g. trading platforms). 

Therefore, information that Estonia is already authorising trading platforms and that the platforms operate in accordance with the MiCA Regulation is misleading. 

The proposal for an Estonian act of statutory law implementing the MiCA Regulation (Krüptovaraturu seadus) stipulates that applications for authorisation as a crypto-currency service provider may be made only after 30 September 2024, but the Estonian supervisory authority is not required to grant the authorisation before 30 December 2024.

The only authorisation currently granted in Estonia to platforms engaged in virtual currency business activities is an authorisation granted by the Financial Intelligence Unit (FIU). The FIU monitors compliance with the AML/CTF rules but it doesn’t license or supervise trading platforms to the extent prescribed in the MiCA Regulation. Only the proposal for an Estonian Act implementing the MiCA regulation appoints the authority competent to supervise the issuers of crypto-currencies and crypto-currency service providers, and that competent authority is the Financial Supervision Authority (FSA). 

If the entities authorised by the FIU for compliance with the AML rules want to operate as crypto-currency service providers, including as crypto-currency trading platforms under the MiCA Regulation, they will have to obtain the FSA authorisation. According to the proposal for an Estonian Act implementing the MICA Regulation, all the authorisations granted by the FIU are to expire on 1 January 2025. 

What’s important, under the provisions of Polish law, the equivalent of an authorisation granted by the FIU is the entry in the Register of Virtual Currency Activities kept by the General Inspector of Financial Information (GIIF).

The rules for authorisation of issuers of crypto-assets and crypto-asset service providers as well as the documents and information required are specified directly in the MiCA Regulation. It means that in all EU Member States, the rules and information required are to be the same. Therefore, information that the proposed Polish authorisation rules are to be more stringent than the Estonian rules is also misleading.

Article 94 of the MiCA Regulation lists the supervisory measures that should be applied by a Member State where crypto-asset activities are not performed in accordance with the MiCA Regulation. Again, since it’s the MiCA Regulation that requires Member States to ensure that the supervisory authorities have the necessary competence to apply those measures, the scope of the measures is to be similar in all Member States. § 32 point 11 of the proposal for an Estonian Act implementing the MiCA Regulation directly delegates power to the FSA to apply all the measures referred to in Article 94 of the MiCA Regulation, and the proposal for a Polish Act on crypto-assets doesn’t delegate to Komisja Nadzoru Finansowego any power other than the powers following from that provision.

As regards the claim that the fines are excessive, Article 111 of the MiCA Regulation sets out the minimum amount of the penalties (the provision uses the words ‘at least’) a Member State may impose for infringements of the MiCA Regulation. In simple terms, the penalty is EUR 700 000 in the case of natural persons and EUR 5 million in the case of legal persons for infringements of the MiCA Regulation committed by issuers of crypto-assets and crypto-asset service providers, and EUR 1 million and EUR 5 million in the case of natural persons and EUR 2.5 million and EUR 15 million in the case of legal persons for infringements related to market manipulation and insider dealing. Both Estonia and Poland have adopted those sums as maximum sums which a competent authority may impose, under national legislation, on entities that have infringed the MiCA Regulation. The only difference is that for Estonia the sums are stated in euros and for Poland it’s an equivalent of the sums converted into Polish zlotys as at 29 June 2023, in accordance with the MiCA Regulation. It must be noted that neither Poland nor Estonia have exercised, in their proposals for Acts implementing the MiCA Regulation, the power conferred by Article 111(6) of the MiCA Regulation, under which Member States may provide that competent authorities have additional powers and may provide for higher levels of penalties than those established in those paragraphs, in respect of both natural and legal persons responsible for the infringement.

Similarly to the Polish proposal for an Act on crypto-assets, the Estonian Act implementing the MiCA Regulation confers on the authorities competent to supervise markets in crypto-assets powers to request reports, information, documents as well as oral and written explanations, and powers to carry out inspections. The requirement for national rules to ensure such powers of supervisory authorities in Member States follows from the MiCA Regulation. The powers are conferred for the purposes of the supervision of application of the MiCA Regulation.

In summary, the supervision of crypto-assets in the EU is regulated by the same provisions of the directly applicable MiCA Regulation or by provisions of national law implementing that Regulation within the limits specified in that Regulation.  The key matters, i.e. the authorisation rules, the documents required, the supervisory measures, the powers to carry out inspections, and the minimum level of fines, apply in all Member States according to the same principles. 

The statement that the latest proposal for a Polish Act on crypto-assets is one of the most stringent in the EU is misleading and it fails to consider the fact that the principles for the supervision of markets in crypto-assets, in the most essential aspects, follow from the framework established by the EU legislator in the MiCA Regulation, for all EU Member States.