Sponsored
Higher odds. Every game.
Join Stake and claim the latest TokenTopNews partner offer.
Stake
18+ | T&Cs apply
Join Now
Sponsored
Stake
Higher odds. Every game.
Join Now
MACRO

ESMA Launches Review Process for Crypto Custody Providers in Europe

Share:
ESMA Launches Review Process for Crypto Custody Providers in Europe

The European Securities and Markets Authority has launched a review process targeting crypto custody providers, stepping up supervisory scrutiny around digital asset safekeeping and operational resilience across the EU.

ESMA announced a common supervisory action focused on crypto-asset service providers and digital operational resilience. The initiative coordinates national regulators to examine how custody firms manage controls, security arrangements, and continuity planning. For related coverage, see Bitcoin steadies as CFTC Chair meets Lummis on crypto bill.

The review targets CASPs, the licensed entities responsible for holding and safeguarding digital assets on behalf of clients under the EU’s Markets in Crypto-Assets (MiCA) framework. These firms sit at the center of investor protection because failures in custody, whether from hacks, mismanagement, or weak internal controls, can lead directly to client losses.

Why custody draws regulatory focus

Custody is among the highest-risk functions in the crypto industry. Unlike trading platforms or advisory services, custodians bear direct responsibility for asset security, key management, and operational continuity. A breakdown at the custody layer can be irreversible.

ESMA’s action specifically links the review to digital operational resilience, signaling that regulators are testing whether firms can withstand technical disruptions, cyberattacks, and infrastructure failures. This aligns with the broader EU push under the Digital Operational Resilience Act (DORA), which sets baseline requirements for ICT risk management across financial services.

The move comes as the EU regulatory environment for crypto firms has tightened considerably under MiCA compliance costs. Firms operating without proper licensing face growing pressure, with unlicensed crypto firms in Europe facing potential wipeout as final regulatory deadlines pass.

What this means for crypto firms in Europe

The supervisory action is a review process, not an enforcement outcome. ESMA has not announced penalties or identified specific firms falling short. Firms providing custody services should expect closer examination of their internal controls, IT resilience, and safeguarding arrangements.

This builds on a pattern of increasing EU-level oversight proposals for crypto service providers. National competent authorities across EU member states will conduct the coordinated reviews, with ESMA setting the supervisory priorities and methodology.

For firms already operating under MiCA authorization, the review is an opportunity to demonstrate compliance. For those still in transition, it adds urgency to bringing custody operations up to regulatory standards before supervisory findings are published.

Readers tracking how global regulators are approaching crypto oversight will note that the EU continues to move faster than most jurisdictions on operational supervision, particularly around custody and derivative services within European markets.

ESMA is expected to publish findings from the coordinated review in the coming months, which will offer the first detailed look at how well EU-licensed custody providers meet resilience standards in practice.

Disclaimer: This article is for informational purposes only and does not constitute financial or investment advice. Cryptocurrency and digital asset markets carry significant risk. Always do your own research before making decisions.