Main Points :
- France may block crypto firms from operating domestically under licenses granted elsewhere in the EU (“passporting”) due to concerns over inconsistent enforcement under MiCA.
- France is collaborating with Italy and Austria to shift supervision of major crypto firms to the European Securities and Markets Authority (ESMA), seeking more centralized regulatory oversight.
- The concern is that some member states have licensing standards that are seen as “too lenient,” which might allow regulatory arbitrage and weaken investor protections and market stability.
- Malta, specifically, has been criticized for having weak oversight in some respects, based on peer reviews by ESMA.
- There is resistance from some EU states (including Malta) against centralizing oversight, arguing that it may introduce burdensome bureaucracy and reduce efficiency.
- MiCA (Markets in Crypto-Assets Regulation) is in effect since late 2024 for many aspects; it grants a license in one member state that acts as a passport across all 27 states. But differences in interpretation and enforcement are now seen as problems.
Background: What is MiCA and How Passporting Works
The Markets in Crypto-Assets Regulation (MiCA) is the European Union’s comprehensive regulatory framework for crypto-assets. It aims to standardize how crypto-asset issuers, service providers, and stablecoin issuers operate across all EU member states.
A key feature of MiCA is the “passporting” mechanism: a crypto firm that obtains a license in one EU country can then conduct business throughout the EU without seeking separate approvals in each member state. This mechanism is intended to simplify cross-border operations and reduce regulatory friction.
MiCA came fully into force for crypto-asset service providers in December 2024. Some components, such as stablecoin issuance and public offer rules, had earlier effective dates.
France’s Critique: Why Passporting Might Be Undermined
Regulatory Arbitrage & Inconsistent Standards
Marie-Anne Barbat-Layani, the French AMF president, has expressed concern that certain crypto firms are seeking licenses in jurisdictions with more permissive or less strictly enforced requirements. This “regulatory shopping” could undermine the integrity of EU-wide regulation, because if standards vary sharply between countries, firms might choose the easiest route to compliance.
Investor Protection & Market Stability
France, Italy, and Austria, in public statements and joint position papers, argue that such disparities in licensing and oversight pose risks: weaker supervision could lead to risks for investors, risks of fraud or inadequate cybersecurity, and potentially market instability. The trust in MiCA’s framework depends heavily on how uniformly member states enforce their obligations.
Specific Concerns Over Malta
Malta is frequently cited as a case where licensing approvals may have been given under less rigorous supervision. An ESMA peer review found that Malta’s financial services regulator partially failed to meet “expectations” in its licensing processes. This has intensified scrutiny and fed into calls for tighter oversight.
What France and Allies Are Proposing
- Blocking Passporting: France is openly considering legally refusing to honor licenses granted in other EU states if those jurisdictions are deemed too lax. Barbat-Layani described this option as akin to an “atomic weapon” in regulatory terms.
- More ESMA Power: France, Italy, and Austria want oversight of major crypto firms to be shifted from national regulators to ESMA, the EU’s securities markets authority. This shift is intended to harmonize enforcement, reduce interpretation differences, and strengthen investor safeguards.
- Stronger Rules for Cybersecurity, Token Offerings, Non-EU Activities: In their proposals, they also want to tighten requirements related to cybersecurity, clarify rules for new token offerings, and better regulate crypto activity stemming from outside the EU or cross-border operations.
Pushback & Challenges
- Efficiency vs Bureaucracy: Regulators in jurisdictions like Malta argue that centralization could result in extra layers of rules and slower processes, which might discourage investment or innovation.
- National Sovereignty: Some member states are wary of losing regulatory autonomy. They want to maintain the ability to interpret or enforce rules in ways that align with domestic priorities or competitive concerns.
- Implementation Complexity: How exactly to define which jurisdictions are “too lenient,” what criteria to use for assessing compliance, and how to enforce a refusal of passporting without triggering legal or trade conflicts are all complex questions.
Recent Developments & Trends
- Regulator Statements: France, Italy, and Austria have jointly submitted position papers calling for more centralized supervision. France has explicitly warned that it may refuse recognition of passports.
- Malta’s MFSA Reactions: Malta’s regulator has pushed back, emphasizing that while supervisory convergence is important, full centralization under ESMA may introduce inefficiencies.
- Peer Reviews & ESMA Findings: ESMA’s peer review of Malta found shortcomings in risk assessment and licensing oversight; such findings give credibility to critics calling for tighter EU-level oversight.
- Financial Stability Reports: The European Central Bank and other EU financial bodies have noted that while MiCA has reduced some regulatory uncertainty, risks remain from divergent enforcement, especially in cross-border cases or non-bank entities.
Implications for Crypto Firms & Practitioners
For Firms Seeking Licenses
If you are planning to obtain an EU license in order to “passport” your services across multiple markets, these developments suggest that:
- Choosing a more permissive jurisdiction may carry risk: your license might not be accepted or could face challenges in some countries (e.g. France).
- Beyond satisfying formal licensing requirements, you should be prepared to meet strong enforcement expectations—cybersecurity, consumer protection, disclosures, AML.
For Investors & Risk-Assessment
- Differences in supervisory rigor across jurisdictions may become a differentiator in risk assessment of crypto firms.
- Firms that are licensed in more strictly regulated member states may gain trust and competitive advantage.
For Innovation & Startups
- Compliance costs may increase, especially if firms have to satisfy both national and potential future EU-wide oversight.
- Some startups may delay entry or avoid certain markets if uncertainty over passporting remains.
Possible Scenarios
- France Blocks Passporting: If France actually refuses to recognize passports from certain member states, this could trigger legal challenges (both from affected firms and possibly from those member states).
- ESMA Gains Direct Oversight: Should ESMA acquire more authority, there may be new EU-level supervisory rules, standard interpretations, and possibly harmonization of licensing criteria.
- Harmonization of Standards: EU might develop clearer benchmarks or thresholds for what constitutes acceptable regulatory standards (license-granting, cybersecurity, AML) usable by all member states.
Summary
France’s recent statements signal that the borderless licensing (“passporting”) afforded under MiCA may no longer be considered automatic by all member states. The French regulator, supported by Italy and Austria, is pushing for greater central authority under ESMA to ensure uniform enforcement and avoid regulatory arbitrage. While some jurisdictions fear the loss of regulatory freedom or efficiency, the broader trend is toward tighter supervisory consistency, stronger investor protections, and greater accountability for crypto firms operating across borders. For those interested in crypto as a new asset or business domain, the message is clear: compliance, regulatory reputation, and robustness of oversight will increasingly matter.
