France Challenges EU “Passporting” Under MiCA: Toward Centralised Crypto Regulation

Main Points ：

• France is threatening to block crypto firms licensed in other EU countries from operating domestically under the MiCA passporting system.
• The concern arises from inconsistent regulatory enforcement: some member states are seen as “lenient jurisdictions” for obtaining MiCA licences.
• France, Austria, and Italy are jointly pushing for the European Securities and Markets Authority (ESMA) to take over direct supervision of major crypto companies.
• The “passport” system, which allows a licence in one EU state to enable operations across all, is under legal and political scrutiny in light of risks to investor protection and market stability.
• MiCA has been in force (for crypto-asset service providers) since December 30, 2024; transitional (“grandfathering”) periods are in place in many states until July 1, 2026.
• ESMA has released guidelines under MiCA to align how national regulators detect and prevent market abuse and to smooth differences in supervisory practices.
• Other EU concerns include misleading marketing by crypto firms, especially around what is regulated vs unregulated under MiCA.

Background: What Is MiCA and How Passporting Works

The Markets in Crypto-Assets Regulation (MiCA), adopted in 2023 and effective fully for crypto-asset service providers (CASPs) since 30 December 2024, is the European Union’s comprehensive framework for crypto-asset regulation. Under MiCA:

• Crypto-service providers (e.g. exchanges, custody, trading, advice, portfolio management) must be authorised by a “national competent authority” (NCA).
• Once a provider obtains authorization in one EU member state, it can use a “passport” to operate across all 27 member states.
• There is a transitional (“grandfathering”) period: existing service providers under pre-MiCA regulation could continue under national law until either they are authorised/refused under MiCA, or until a fixed deadline (most commonly 1 July 2026) depending on the state.

MiCA also includes Level 2 and Level 3 technical standards (for example, concerning transparency, disclosure, cybersecurity, risk management) which are in the process of being developed and adopted.

France’s Position and Its Implications

Regulatory Arbitrage and Concerns

France’s securities regulator, AMF (Autorité des marchés financiers), led by Marie-Anne Barbat-Layani, has raised concerns that some crypto firms are obtaining MiCA licences in member states perceived to have more lenient enforcement and using those licences to “passport” services across the EU. This is sometimes called “regulatory shopping”.

Specific concerns include:

• That weaker oversight might allow firms to bypass stricter requirements elsewhere, potentially posing risks to investor protection and market stability.
• That certain jurisdictions might issue many licences quickly but without rigorous risk assessments, or may lag in enforcing compliance under MiCA. Malta has been singled out in reports.

Potential Blocking of Passported Firms

France has said it is considering refusing to recognize MiCA licences issued by other EU states in certain cases: i.e. blocking passported operations. Barbat-Layani acknowledges that this would be legally complex and could be seen as an “atomic weapon,” but she emphasizes it’s being held in reserve as a possible remedy.

Push for ESMA Supervision

In response to these enforcement disparities, France, together with Italy and Austria, has proposed that the European Securities and Markets Authority (ESMA) should take over direct supervision of major crypto companies. This would centralize oversight in the EU rather than leave it fully in the hands of each national regulator.

Other Recent Updates & Related Trends

• Market abuse guidelines: ESMA has published guidelines to help national authorities harmonize detection and prevention of market abuse (including insider trading, manipulation, etc.), taking into account crypto-specific features like speed, anonymity, social media influence, cross-border trading.
• Investor protection & misleading claims: ESMA has warned that crypto firms are sometimes confusing consumers by mixing regulated and unregulated products on the same platforms or using regulated status as a marketing tool.
• Compliance progress & licensing trends: According to legal observers, more than 40 MiCA licences have already been granted across EU member states (as of mid-2025) but timing, speed, and stringency vary quite a lot. Some states set shorter grandfather periods and enforced stricter compliance sooner; others allow longer phases.
• Anti-money laundering concerns: The EU’s Anti-Money Laundering Authority (AMLA) has flagged crypto assets as a top money laundering risk due to cross-border transactions, potential regulatory gaps, and inconsistent oversight.

Recent Developments & What to Watch

As of September 2025:

• France may formally refuse passporting for certain firms whose licences are issued in states with weaker enforcement. Legal challenges are still an open question.
• Revisions or clarifying amendments to MiCA may be proposed: e.g. stricter standards for crypto business outside the EU, stronger cybersecurity, more detailed rules for token offerings. France, Italy, Austria support these.
• Member states’ resistance to centralised supervision remains a factor: some see national control as important. The balance between uniform oversight and national sovereignty is likely to be the core of upcoming negotiations.

Why This Matters for Crypto Investors, Builders, and Firms

For anyone building or investing in new crypto projects, or planning to operate in Europe, these developments carry several implications:

• If you’re considering registering or licensing in the EU, it’s no longer enough to pick a “light touch” jurisdiction; enforcement quality matters and could affect whether your licence is accepted elsewhere.
• Firms may face the risk that even with a valid MiCA licence, some states might refuse your current passport, putting operations or expansion in jeopardy.
• Centralised oversight by ESMA could mean stricter, more uniform rules, which could raise compliance costs but also reduce regulatory arbitrage and improve credibility/investor trust.
• Enforcement and clarity around marketing, cybersecurity, AML, token issuance, and cross-border activities are becoming priorities. Projects that integrate compliance early may have an advantage.

Conclusion

In sum, the promise of MiCA—to harmonise EU crypto regulation and enable passporting of licences across member states—is now under strain. France (joined by Austria and Italy) is pushing back, warning that inconsistent enforcement undermines investor protection, and may go as far as rejecting passported licences if issued under perceived weaker oversight regimes. The proposal to shift major crypto supervision to ESMA shows momentum for more centralisation. For stakeholders in the crypto space, the key takeaway is that regulatory compliance in Europe is becoming not only about having a licence, but having it in a jurisdiction whose enforcement is taken seriously. Projects ignoring these nuances may face operational risks, while those who build strong compliance, transparency, and governance could find both opportunity and trust in a market that values stability.