BaFin publishes guidance note on crypto asset services according to MiCAR

With the Markets in Crypto-Assets Regulation (MiCAR), the European Union has created a European regulatory framework for the crypto sector (see Road to MiCAR). The regulation has been fully applicable since 30 December 2024 and applies to natural and legal persons and certain other companies that are involved in the issuance, offer to the public and admission to trading of crypto-assets or that provide services related to crypto-assets in the EU.

On 3 January 2025, BaFin published a guidance note on crypto-asset services under MiCAR, which contains basic information on crypto-asset services. It sets out BaFin’s understanding of crypto-asset services under MiCAR and goes into more detail on eligibility for authorisation, notification and the authorisation requirement and exemptions for the provision of crypto services.

Determination of crypto asset services

MiCAR conclusively defines the cases in which services and activities in connection with crypto-assets are to be regarded as crypto-asset services. In connection with these, services include custody and administration, the operation of a trading platform, exchange for funds or other crypto-assets, the placing, execution, receipt and transmission of orders, advice and portfolio management as well as transfer services. The services listed in MiCAR are based on the investment services regulated by MiFID II.

In its guidance note, BaFin addresses the individual crypto-asset services in accordance with MiCAR and as defined in detail in MiCAR. Its interpretation is largely based on comparable regulations already existing in the KWG and MiFID II. For the interpretation of the individual elements of crypto-asset services, it draws on its already published guidance notes accordingly, for example with regard to the execution of orders for crypto-assets, the placing of crypto-assets and advice on and portfolio management of crypto-assets. In addition, BaFin corrects existing translation errors in the German language version of MiCAR, for example with regard to the exchange of crypto assets for other crypto assets and the placing of crypto assets. These clarifications are to be welcomed.

Eligibility for authorisation

In its guidance notes, BaFin clarifies who can be the holder of a MiCAR licence. Legal persons can be authorised to provide crypto-asset services. These include, for example, stock corporations (Aktiengesellschaft - AG) or limited liability companies (Gesellschaft mit bechränkter Haftung - GmbH). Other undertakings (which are not legal persons) can also be granted a licence if their legal form ensures a level of protection equivalent to that of legal persons with regard to the interests of third parties and they are subject to equivalent prudential supervision. According to BaFin, a equivalent level of protection should exist, for example, for commercial partnerships (OHG, KG, GmbH & Co. KG).

Notification of certain financial entities

In addition, instead of a MiCAR authorisation, MiCAR provides for a notification procedure for companies that are already financial licensed. This "only" requires the transmission of certain information specified in MiCAR to the competent supervisory authorities, in Germany to BaFin, at least 40 working days before the crypto asset service is offered for the first time. In accordance with MiCAR, BaFin summarises that the following institutions are permitted to provide the aforementioned crypto asset services following notification:

• CRR credit institutions - all crypto-asset services 
• Authorised central securities depositories - custody and management of crypto assets
• Investment firms and financial services institutions as well as credit institutions with a licence for underwriting business and/or financial commission business – Crypto-asset services equivalent to the investment/ancillary services and financial services or banking business for which they have a licence
• Electronic money institutions - custody and administration of crypto-assets as well as transfer services in relation to electronic money tokens (EMT) issued by them
• Funds management companies – receipt and transmission of orders for crypto-assets for clients, advice on crypto-assets and portfolio management of crypto-assets if they have a licence for investment brokerage, investment advice and/or financial portfolio management
• Market operator within the meaning of MiFID II - trading platform for crypto-assets (here BaFin points out another translation error in the German language version of MiCAR: in Art. 59 MiCAR, market operator is translated as market participant).

Authorisation requirement for the provision of crypto-asset services

According to MiCAR, a crypto-asset service requires that the service is provided to the customer on a commercial basis. In this case, there is an authorisation requirement under MiCAR. According to the guidance note, BaFin specifically requires for a commercial basis that the operation is designed for a certain duration and that the operator pursues it with the intention of making a profit. This corresponds to BaFin's previous administrative practice, as expressed in connection with the obligation to obtain a licence for banking transactions. In contrast to the services requiring a licence under the KWG, WpIG or ZAG, it is not sufficient to operate on a scale that requires a commercially organised business if this is not done on a commercial basis.

The scope of application of MiCAR relates to the provision of services in the EU. In its guidance notes on crypto-asset services under MiCAR, BaFin takes the position that the provision of crypto-asset services is subject to authorisation if the service is (also) provided in Germany. This approach is linked to the licensing requirement for banking business and financial services within the meaning of the KWG. Accordingly, a licence is required for anyone wishing to conduct banking business or provide financial services in Germany on a commercial basis. BaFin also considers such a domestic connection to be given in the newly published guidance note (as in its previous administrative practice) if the company based in Germany specifically conducts the business from within Germany only with non-residents or if the company establishes a legally dependent branch here or maintains another physical presence from which it conducts the business - even if only specifically with non-residents. Based on the guidance note "Information on the authorisation requirement pursuant to Section 32 (1) KWG in conjunction with Section 1 (1) and (1a) KWG for cross-border banking transactions and/or cross-border financial services", BaFin considers it sufficient for a domestic connection that the service providers based abroad actively target natural or legal persons who have their registered office or habitual residence in Germany. BaFin allows an exception within the scope of the passive freedom to provide services, i.e. in the event that the service is provided on the customer's own initiative. BaFin is thus continuing its previous administrative practice under MiCAR. At the same time, BaFin is thus complying with the requirements of MiCAR (for reverse solicitation in MiCAR, see here and here).

Conclusion

BaFin’s guidance note on crypto-asset services under MiCAR contains basic information on crypto-asset services. BaFin is essentially continuing its previous administrative practice. For the interpretation of the individual services and activities, it refers to its previously published guidance notes accordingly. This is to be welcomed, as MiCAR is a new regulation and there is still little practical experience with it. Even if the guidance note is not legally binding and does not claim to provide an exhaustive description of all issues relating to crypto-asset services, it at least provides crypto-asset service providers with an indication of how MiCAR regulations on crypto-asset services can be interpreted and applied in BaFin's practice in the future.

With the kind support of Apostolos Mitsios (research assistant)