Regulatory Roundup #10

Summary 

In this issue, regulators are pulling crypto deeper into the core of the financial system while still arguing over who holds the steering wheel. In Brussels, the Commission is pushing to put all MiCA CASPs under direct ESMA supervision even as Poland’s veto leaves its own MiCA implementation in limbo, and ESMA is reminding firms that transitional periods really do end. In the US, Senate market-structure talks are bogged down, but the CFTC is blessing Gemini’s prediction markets and the OCC has given national banks clearer cover for riskless-principal crypto trades.

🔦 Spotlight

🇪🇺 Brussels wants all CASPs under ESMA’s roof

If passed as drafted, the European Commission’s new Markets Integration & Supervision (MIS) package would completely change the way in which supervision of certain financial activities takes place within the EU. As part of a broader push to deepen capital markets integration and build a genuine Savings and Investments Union, the package proposes to move Crypto-Asset Service Providers (CASPs) out of national hands and into a single European supervisory regime. In plain language, ESMA would no longer just write technical standards and coordinate national regulators on crypto: it would become the direct supervisor of all CASPs authorized under MiCA - not just the largest or most “significant” firms.

Legally, this is wrapped into a sprawling “Master Regulation” and “Master Directive” that amend nineteen existing files, from MiFIR and EMIR to CSDR, the DLT Pilot Regime and, crucially, MiCA and the ESMA Regulation. In the proposal COM(2025) 943, the Commission sets out a new allocation of tasks and powers, coupled with an overhaul of ESMA’s internal set-up: a new Executive Board of full-time members, clearer separation of roles between the Board of Supervisors and the executive, and a harmonized system of supervisory fees. The underlying logic is that if supervision is centralized at EU level, Europe also needs a more “federal” supervisor to match.

For CASPs, the key changes sit in the proposed amendments to MiCA. Today, MiCA follows the classic EU model: authorization and day-to-day supervision sit with national competent authorities, while ESMA focuses on technical standards, guidance and supervisory convergence. Under the MIS package, that logic flips. ESMA would become responsible for granting MiCA licenses, overseeing ongoing compliance, and policing market abuse in the crypto-asset sector, with national regulators acting largely as agents on the ground whenever ESMA chooses to delegate tasks. The draft text does not frame this as a regime for only “significant” CASPs; the default supervisor for all MiCA CASPs would be ESMA.

The proposal marks a sharp break from how supervision works elsewhere in EU capital markets. Under MiFID, investment firms and trading venues are authorized and supervised nationally, with ESMA mostly confined to soft-law tools, data work and a few narrow pockets of direct supervision such as credit-rating agencies and trade repositories. Even in banking, where the Single Supervisory Mechanism already centralizes oversight, the ECB only directly supervises “significant” institutions, leaving smaller banks to national supervisors. By contrast, the CASP proposal would move an entire sector - including relatively small, retail-facing platforms - into a single EU-level supervisor from the outset.

The proposal does, however, draw a line between “pure” CASPs and investment firms that are already authorized under MiFID. Investment firms that add crypto-asset services via an Article 60 MiCA notification, rather than applying for a standalone CASP license, would in principle remain under the supervision of their existing national authority for as long as those crypto services stay ancillary. If, however, more than half of their global turnover for two consecutive years derives from crypto-asset services, supervisory responsibility for all their activities would switch to ESMA under the amendments to MiCA and related rules. Credit institutions are carved out, on the basis that they already sit inside a highly harmonized banking framework with its own centralized architecture.

From the Commission’s standpoint, the argument is straightforward. The impact assessment and accompanying staff working documents argue that a patchwork of national approaches has created barriers to cross-border activity, regulatory arbitrage and uneven levels of investor protection. CASPs, almost by definition, scale digitally across borders faster than traditional intermediaries, so the risks of inconsistent enforcement and weak links in the chain are seen as particularly acute. Putting a single supervisor in charge, backed by a more robust governance and fee framework, is presented as the way to deliver a level playing field, cut duplicative licensing processes and make it easier for CASPs to operate across the single market.

Such an overhaul of supervisory convention is nonetheless controversial. National Competent Authorities (NCAs) have invested heavily in MiCA implementation, IT systems and licensing teams, and under the proposed model many of those functions risk being relegated to delegated tasks that ESMA can reshuffle or retract. Critics also worry that this goes beyond even the SSM in banking, raising questions about subsidiarity, loss of local market knowledge, and whether ESMA can realistically absorb direct supervision of trading venues, CCPs, CSDs and all CASPs at once. What began as a discussion about crypto policy is already widening into a debate on how far the EU should go in building a single, centralized capital-markets supervisor.

For the industry, the implications will hinge on what survives the legislative process. Negotiations are likely to run for years rather than months, and MiCA’s own transitional period will still need to be managed under the current NCA-led framework. But if the package lands broadly as drafted, it would reframe strategic questions for CASPs: the choice of “home” member state would matter less for supervision, ESMA’s interpretations of MiCA would become the de facto standard for everyone, and large enforcement and market-abuse cases would increasingly be handled at EU level. The upshot is that a regime originally sold as a national-supervision model for crypto could evolve, via the Markets Integration Package, into one of the most centralized supervisory set-ups anywhere in the EU financial system.

🌎 Global Developments 

🇺🇸 United States 

Senate crypto market bill runs into a December wall

The Senate’s crypto market structure effort is hitting serious turbulence just as the calendar runs out. After weeks of quiet bipartisan talks, Democrats have circulated a detailed counteroffer on the digital asset bill, accepting much of the Republican framework but demanding significant structural changes. Their asks include tougher disclosure and secondary-market protections for digital assets, stronger tools to fight illicit finance, tighter rules to stop platforms ducking compliance by claiming to be “decentralized,” and hard limits on stablecoin yields to address worries about deposit flight from smaller banks. They also want stricter ethics rules to keep elected officials from issuing or profiting from their own tokens, and firmer guarantees on Democratic representation at the SEC and CFTC, demands the White House is reportedly resisting.

Those divisions are colliding with an unforgiving timetable. The Senate has only a handful of days left in its 2025 work calendar, with a possible government funding crunch looming in January. Progressive groups and unions, including teachers’ organizations and consumer advocates, have mobilized against the current drafts, arguing that the bill could weaken investor protections and expose pension savings to new risks, while long-time skeptics in the Senate continue to question whether the framework leans too far toward industry priorities.  Even with a House market structure bill already passed, a clean Senate companion is far from guaranteed, and genuine regulatory clarity on core questions like SEC-versus-CFTC jurisdiction is unlikely to arrive on a neat year-end timetable.

Gemini’s prediction markets win, and CFTC leans into innovation

Gemini has finally secured what it has been chasing since 2020: a designated contract market license from the CFTC, via its affiliate Gemini Titan. The approval allows the platform to offer regulated event contracts to US customers, effectively bringing a new, fully supervised prediction market into a space currently dominated by Kalshi and Polymarket. After a five-year application slog, the license is a significant milestone for Gemini and a concrete signal that at least one US regulator is prepared to bless real-money betting on discrete outcomes like elections, macro data releases or crypto price thresholds, so long as it sits inside the derivatives framework. Gemini has also signaled that it sees this as a beachhead for a broader regulated derivatives suite, including futures, options and potentially perpetuals.

The move lands alongside a broader institutional push at the CFTC. Acting Chair Caroline Pham has set up a new CEO Innovation Council that brings together the bosses of Gemini, Kraken, Polymarket, Kalshi, Bitnomial and Crypto.com with counterparts from CME, Cboe, Nasdaq, ICE and LSEG to advise on derivatives market-structure issues. The council’s agenda spans tokenization, 24/7 trading, perpetual contracts, prediction markets and blockchain infrastructure.  Coupled with a pilot program to allow crypto collateral in derivatives markets, the package underlines that the CFTC is actively trying to shape how crypto and prediction markets are integrated into the regulated perimeter, even as the SEC remains more combative and Congress struggles to land a comprehensive statute.

OCC clears national banks to run ‘riskless principal’ crypto trades

The Office of the Comptroller of the Currency has issued an interpretive letter confirming that national banks may intermediate crypto-asset trades as “riskless principals” without holding the assets on their balance sheets. In this model, a bank can buy a crypto asset from one customer and simultaneously sell it to another, matching the two legs back-to-back so it never carries inventory risk. The OCC roots this in the traditional “business of banking” under 12 U.S.C. § 24, effectively treating crypto in the same way it treats riskless principal transactions in securities or FX, provided the assets in question are not classified as securities and the activity is conducted safely and soundly.

The letter stresses that banks must still confirm the legal permissibility of any crypto activity, ensure it aligns with their chartered powers, and put robust controls around counterparty and settlement risk.  In practice, though, the guidance opens the door to more familiar brokerage-style offerings where customers can trade Bitcoin and other non-security tokens through their bank, while custody and market-making can be outsourced or tightly ring-fenced. For large institutions and their clients, that could ease some of the reputational and operational friction of dealing with standalone exchanges, and it raises the prospect of more banks quietly adding white-label crypto trading as part of their broader digital-asset playbooks.

🇪🇺 European Union

ESMA eyes the end of the MiCA transition period

As the Commission gears up to overhaul the supervisory framework, ESMA has issued a fresh statement on the end of MiCA’s transitional periods, in which it warns that time is effectively up for CASPs relying on national grandfathering regimes. ESMA expects any provider that is still not authorized under MiCA to have implemented orderly wind-down plans in member states where the transitional window has already closed, and to have equivalent plans ready in jurisdictions where it is about to expire, including arrangements to transfer client assets to an authorized CASP if needed. It also tells national regulators to treat “last-minute” MiCA applications with considerable caution, to hold them to the same standard as earlier filings even if that means forcing a wind-down while an application is assessed, and to be prepared to enforce against unauthorized services.

🇵🇱 Poland

Presidential Veto

Poland has ended up as the EU’s MiCA outlier after the president vetoed the implementing law and parliament failed to override him, leaving no domestic framework for applying MiCA or the new funds-transfer rules for crypto. The bill was meant to set out the national “plumbing” for CASP authorization, supervision and sanctions, so its collapse has pushed Poland’s crypto-asset services market into a MiCA transition period with no clear route from interim permissions to full licenses.

A big part of the controversy is how far the draft went beyond MiCA. It proposed supervisory fees of up to 0.4 percent of average gross revenues, broad powers for the supervisor to order telecoms operators to block access to domains tied to unlicensed crypto activity, and the ability to freeze client accounts for extended periods in suspected market-abuse cases. Supporters presented this as necessary for security and market integrity, while critics saw it as disproportionate, constitutionally risky and a threat to property rights and online freedoms, triggering a political stand-off between government and president.

For VASPs already operating in Poland, this translates into hard uncertainty. MiCA’s grandfathering rules allow existing providers to continue until mid-2026, but there is currently no functioning national process to receive and approve CASP license applications, no fee framework and no clear sanctions toolkit behind MiCA. Supervisors have already warned that, if the legal vacuum persists, firms may ultimately have to restrict or withdraw crypto services from the Polish market once the transition period ends.

EU-authorized CASPs that had planned to passport into Poland face a similar problem. MiCA’s passport is designed to allow cross-border service provision after a simple notification, but Poland has yet to designate and empower a MiCA national competent authority to receive those notifications, undermining legal certainty for entry into what is a sizable retail market. The vetoed bill has reportedly been re-submitted almost unchanged while some parties push a shorter alternative, but until Warsaw settles on a final model, Poland will remain a MiCA outlier and a planning headache for both domestic VASPs and EU CASPs looking to serve Polish clients.

🇪🇺 MiCA Authorisations Update (per ESMA CASP Register)

• 🇫🇷 COMETH – (04/12/2025)
  
  
• 🇳🇱 Monflo – (04/12/2025)
  
  
• 🇩🇪 Deutsche WertpapierService Bank AG (dwpbank) – (04/12/2025)
  
  
• 🇮🇪 Skrill, NETELLER – (03/12/2025)
  
  
• 🇫🇮 Kvarn X – (02/12/2025)
  
  
• 🇮🇪 Ramp Network – (02/12/2025)
  
  
• 🇱🇮 ZEUS Anstalt für Vermögensverwaltung – (01/12/2025)
  
  
• 🇩🇪 DekaBank Deutsche Girozentrale – (01/12/2025)
  
  
• 🇩🇪 Hauck Aufhäuser Digital Custody GmbH – (28/11/2025)
  
  
• 🇦🇹 21bitcoin – (27/11/2025)
  
  
• 🇦🇹 KuCoin EU – (27/11/2025)
  
  
• 🇳🇱 Blockrise – (25/11/2025)
  
  
• 🇫🇮 NorthCrypto – (25/11/2025)
  
  
• 🇩🇪 Hyphe Markets GmbH – (24/11/2025)
  
  
• 🇩🇪 sino Aktiengesellschaft – (24/11/2025)
  
  
• 🇲🇹 Payhound – (24/11/2025)
  
  
• 🇳🇱 Bitonic B.V. – (21/11/2025)
  
  
• 🇩🇪 EUWAX AG – (21/11/2025)
  
  
• 🇳🇱 Bitmymoney B.V. – (20/11/2025)
  
  
• 🇳🇱 Coinmerce B.V. – (05/11/2025)
  
  
• 🇲🇹 Blockchain.com – (22/10/2025)
  
  
• 🇩🇪 EUWAX AG – (01/04/2025)
  
  
• 🇲🇹 OKX – (27/01/2025)
  
  

🇭🇰 Hong Kong

Consultation on crypto tax reporting (CARF)

Hong Kong has opened a formal consultation on bringing the OECD’s Crypto-Asset Reporting Framework (CARF) and updated Common Reporting Standard (CRS) into local law, locking crypto into the same automatic tax-information exchange machinery that already applies to bank and securities accounts. The government plans to complete Inland Revenue Ordinance amendments in 2026, begin automatic exchanges of tax data on crypto-asset transactions with partner jurisdictions from 2028, and apply the revised CRS from 2029, on a reciprocal basis with jurisdictions that meet confidentiality and data-security standards. Officials frame the move as essential both to tackling cross-border tax evasion and to preserving Hong Kong’s standing as an international financial center.

For the industry, CARF means that virtual asset service providers will be dragged firmly into the tax-reporting perimeter. Intermediaries that fall in scope will need systems to identify reportable clients, determine their tax residence, and report transaction-level data and balances to the Hong Kong tax authority for onward exchange with foreign revenue services, much as banks already do under CRS. The consultation paper also proposes mandatory registration for reporting financial institutions, higher penalties and tougher enforcement tools, partly in response to the OECD’s ongoing peer review of Hong Kong’s transparency framework.

🇦🇪 United Arab Emirates

Binance secures full ADGM “global” license

Binance has secured a landmark approval from Abu Dhabi Global Market’s Financial Services Regulatory Authority, becoming the first crypto exchange to obtain what is being billed as a “global” license under the ADGM framework. The authorization covers Binance.com itself and is structured through three separately regulated entities within ADGM: a Recognized Investment Exchange for on-exchange spot and derivatives trading, a Recognized Clearing House providing clearing, settlement and custody, and a broker-dealer handling off-exchange and OTC activity. Together they mirror traditional market infrastructure, giving ADGM end-to-end oversight of trading, clearing and safekeeping under a single, comprehensive rulebook, with regulated operations due to go live in early January 2026.

For Binance, the approval is both a regulatory rehabilitation moment and a strategic bet on the UAE as a core hub for its global operations, after years of patchy licensing outcomes in other major markets. For Abu Dhabi, it is a flagship win in the contest to attract blue-chip digital-asset players and to position ADGM as a “gold-standard” venue for institutional-grade crypto trading and infrastructure. If the model works, it may become a template for how other financial centers seek to pull large exchanges into a more conventional, vertically unbundled supervisory framework, rather than treating them as monolithic offshore platforms.

🔎 Things to Watch

• 🏛 US Senate progress/bickering on market structure regulation
• 🇬🇧 Imminent final Statutory Instrument for the UK crypto regime, and commencement date
• 🇪🇺 The next set of MiCA grandfathering periods are set to expire at the end of 2025. Relevant EU member states include Austria, Germany, Greece, Ireland, Lithuania, Slovakia, Spain. Of the EEA states, Norway and Liechtenstein are in the same boat.

Coming into view:

• 🌐 OECD Crypto-Asset Reporting Framework (CARF) implementation timeline across EU and G20 nations ahead of 2026 start
• 🇬🇧 Further FCA consultations on the UK crypto regime

^{DISCLAIMER: The views and opinions expressed herein are those of the author(s) and do not necessarily reflect the views of Talos Global, Inc. or its affiliates (collectively, "Talos") and summarizes information and articles with respect to cryptocurrencies or related topics. This material is for informational purposes only and is only intended for sophisticated institutional investors, and is not (i) an offer, or solicitation of an offer, to invest in, or to buy or sell, any interests or shares, or to participate in any investment or trading strategy, (ii) intended to provide accounting, legal, or tax advice, or investment recommendations, or (iii) an official statement of Talos. No representation or warranty is made, expressed or implied, with respect to the accuracy or completeness of the information or to the future performance of any digital asset, financial instrument or other market or economic measure. The information is believed to be current as of the date indicated and may not be updated or otherwise revised to reflect information that subsequently became available or a change in circumstances after the date of publication. Talos and its employees do not make any representation or warranty, expressed or implied, as to accuracy or completeness of the information or any other information transmitted or made available. Investing in cryptocurrency comes with risk. Certain statements in this document provide predictions and there is no guarantee that such predictions are currently accurate or will ultimately be realized. Prior results that are presented here are not guaranteed and prior results do not guarantee future performance. Recipients should consult their advisors before making any investment decision. Talos may have financial interests in, or relationships with, some of the assets, entities and/or publications discussed or otherwise referenced in the materials. Certain links that may be provided in the materials are provided for convenience and do not imply Talos's endorsement, or approval of any third-party websites or their content. Any use, review, retransmission, distribution, or reproduction of these materials, in whole or in part, is strictly prohibited in any form without the express written approval of Talos.}