The European Securities and Markets Authority, or ESMA, has kicked off a significant supervisory review focused on crypto custodians authorized under the Markets in Crypto-Assets (MiCA) framework. This initiative marks a shift in regulatory attention, moving from merely granting licenses to scrutinizing how these firms genuinely manage operational risks.
The newly launched Common Supervisory Action (CSA) aims to assess a selection of authorized crypto-asset service providers (CASPs). ESMA's approach emphasizes that having a MiCA license is only part of the equation. Custodians must demonstrate effective operational resilience instead of relying solely on regulatory approval.
Key Areas of Focus
According to ESMA, the review will delve into several critical aspects of digital asset management. Supervisors will evaluate:
- Custody controls
- Management of private keys and storage
- Incident response protocols
- Risks associated with third-party technology providers
This review follows the conclusion of MiCA’s transitional phase, signaling one of the first comprehensive supervisory actions under the EU’s crypto regulatory framework.
Industry experts emphasize the significance of this development. Sebastien Dessimoz, co-founder of the digital asset infrastructure firm Taurus, stated that regulators now expect custodian firms to prove their operational systems can handle practical, real-world risks. As digital assets become more closely intertwined with the traditional financial system, the expectation of security and accountability parallels that found within conventional markets.
In the wake of heightened regulatory scrutiny, institutional clients are increasingly concerned about custody practices. Jody Mettler, COO of BitGo, noted that clients are asking critical questions regarding how custodians manage their assets and respond to security challenges. This demonstrates a growing trend where operational standards in digital asset management are receiving closer attention from both clients and regulators.
Looking Ahead
This review by ESMA could foreshadow how MiCA governance will develop moving forward. As Markus Levin, co-founder of blockchain infrastructure company XYO, pointed out, proving operational resilience in addition to receiving MiCA authorization may become a crucial benchmark for custodians.
The information presented here is for informational purposes only and does not constitute financial advice.


