Regolamento art MICAR sulle crypto testo multilingue 2023/1114 EN

(2)	‘ distributed_ledger’ means an information repository that keeps records of transactions and that is shared across, and synchronised between, a set of DLT_network_nodes using a consensus_mechanism;

(3)	‘ consensus_mechanism’ means the rules and procedures by which an agreement is reached, among DLT_network_nodes, that a transaction is validated;

(4)	‘ DLT_network_node’ means a device or process that is part of a network and that holds a complete or partial replica of records of all transactions on a distributed_ledger;

(5)	‘ crypto-asset’ means a digital representation of a value or of a right that is able to be transferred and stored electronically using distributed_ledger_technology or similar technology;

(6)	‘ asset-referenced_token’ means a type of crypto-asset that is not an electronic_money_token and that purports to maintain a stable value by referencing another value or right or a combination thereof, including one or more official currencies;

(7)	‘ electronic_money_token’ or ‘e-money token’ means a type of crypto-asset that purports to maintain a stable value by referencing the value of one official_currency;

(8)	‘ official_currency’ means an official_currency of a country that is issued by a central bank or other monetary authority;

(9)	‘ utility_token’ means a type of crypto-asset that is only intended to provide access to a good or a service supplied by its issuer;

(10)	‘ issuer’ means a natural or legal person, or other undertaking, who issues crypto-assets;

(11)	‘applicant issuer’ means an issuer of asset-referenced_tokens or e-money tokens who applies for authorisation to offer_to_the_public or seeks the admission to trading of those crypto-assets;

(12)	‘ offer_to_the_public’ means a communication to persons in any form, and by any means, presenting sufficient information on the terms of the offer and the crypto-assets to be offered so as to enable prospective holders to decide whether to purchase those crypto-assets;

(13)	‘ offeror’ means a natural or legal person, or other undertaking, or the issuer, who offers crypto-assets to the public;

(14)	‘ funds’ means funds as defined in Article 4, point (25), of Directive (EU) 2015/2366;

(15)	‘ crypto-asset service provider’ means a legal person or other undertaking whose occupation or business is the provision of one or more crypto-asset services to clients on a professional basis, and that is allowed to provide crypto-asset services in accordance with Article 59;

(16)

‘ crypto-asset service’ means any of the following services and activities relating to any crypto-asset:

(a)	providing custody and administration of crypto-assets on behalf of clients;

(b)	operation of a trading platform for crypto-assets;

(c)	exchange of crypto-assets for funds;

(d)	exchange of crypto-assets for other crypto-assets;

(e)	execution of orders for crypto-assets on behalf of clients;

(f)	placing of crypto-assets;

(g)	reception and transmission of orders for crypto-assets on behalf of clients;

(h)	providing advice on crypto-assets;

(i)	providing portfolio management on crypto-assets;

(j)	providing transfer services for crypto-assets on behalf of clients;

(17)	‘providing custody and administration of crypto-assets on behalf of clients’ means the safekeeping or controlling, on behalf of clients, of crypto-assets or of the means of access to such crypto-assets, where applicable in the form of private cryptographic keys;

(18)

‘operation of a trading platform for crypto-assets’ means the management of one or more multilateral systems, which bring together or facilitate the bringing together of multiple third-party purchasing and selling interests in crypto-assets, in the system and in accordance with its rules, in a way that results in a contract, either by exchanging crypto-assets for funds or by the exchange of crypto-assets for other crypto-assets;

(19)	‘exchange of crypto-assets for funds’ means the conclusion of purchase or sale contracts concerning crypto-assets with clients for funds by using proprietary capital;

(20)	‘exchange of crypto-assets for other crypto-assets’ means the conclusion of purchase or sale contracts concerning crypto-assets with clients for other crypto-assets by using proprietary capital;

(21)

‘execution of orders for crypto-assets on behalf of clients’ means the conclusion of agreements, on behalf of clients, to purchase or sell one or more crypto-assets or the subscription on behalf of clients for one or more crypto-assets, and includes the conclusion of contracts to sell crypto-assets at the moment of their offer_to_the_public or admission to trading;

(22)	‘placing of crypto-assets’ means the marketing, on behalf of or for the account of the offeror or a party related to the offeror, of crypto-assets to purchasers;

(23)	‘reception and transmission of orders for crypto-assets on behalf of clients’ means the reception from a person of an order to purchase or sell one or more crypto-assets or to subscribe for one or more crypto-assets and the transmission of that order to a third party for execution;

(24)

‘providing advice on crypto-assets’ means offering, giving or agreeing to give personalised recommendations to a client, either at the client’s request or on the initiative of the crypto-asset service provider providing the advice, in respect of one or more transactions relating to crypto-assets, or the use of crypto-asset services;

(25)	‘providing portfolio management of crypto-assets’ means managing portfolios in accordance with mandates given by clients on a discretionary client-by- client basis where such portfolios include one or more crypto-assets;

(26)	‘providing transfer services for crypto-assets on behalf of clients’ means providing services of transfer, on behalf of a natural or legal person, of crypto-assets from one distributed_ledger address or account to another;

(27)

‘ management_body’ means the body or bodies of an issuer, offeror or person seeking admission to trading, or of a crypto-asset service provider, which are appointed in accordance with national law, which are empowered to set the entity’s strategy, objectives and overall direction, and which oversee and monitor management decision-making in the entity and include the persons who effectively direct the business of the entity;

(28)	‘ credit_institution’ means a credit_institution as defined in Article 4(1), point (1), of Regulation (EU) No 575/2013 and authorised under Directive 2013/36/EU;

(29)	‘ investment_firm’ means an investment_firm as defined in Article 4(1), point (2), of Regulation (EU) No 575/2013 and authorised under Directive 2014/65/EU;

(30)	‘ qualified_investors’ means persons or entities that are listed in Section I, points (1) to (4), of Annex II to Directive 2014/65/EU;

(31)	‘ close_links’ means close_links as defined in Article 4(1), point (35), of Directive 2014/65/EU;

(32)	‘ reserve_of_assets’ means the basket of reserve assets securing the claim against the issuer;

(33)

‘ home_Member_State’ means:

(a)	where the offeror or person seeking admission to trading of crypto-assets other than asset-referenced_tokens or e-money tokens has its registered office in the Union, the Member State where that offeror or person has its registered office;

(b)

where the offeror or person seeking admission to trading of crypto-assets other than asset-referenced_tokens or e-money tokens has no registered office in the Union but does have one or more branches in the Union, the Member State chosen by that offeror or person from among the Member States where it has branches;

(c)

where the offeror or person seeking admission to trading of crypto-assets other than asset-referenced_tokens or e-money tokens is established in a third country and has no branch in the Union, either the Member State where the crypto-assets are intended to be offered to the public for the first time or, at the choice of the offeror or person seeking admission to trading, the Member State where the first application for admission to trading of those crypto-assets is made;

(d)	in the case of an issuer of asset-referenced_tokens, the Member State where the issuer of asset-referenced_tokens has its registered office;

(e)	in the case of an issuer of e-money tokens, the Member State where the issuer of e-money tokens is authorised as a credit_institution under Directive 2013/36/EU or as an electronic_money_institution under Directive 2009/110/EC;

(f)	in the case of crypto-asset service providers, the Member State where the crypto-asset service provider has its registered office;

(34)

‘ host_Member_State’ means the Member State where an offeror or person seeking admission to trading has made an offer_to_the_public of crypto-assets or is seeking admission to trading, or where a crypto-asset service provider provides crypto-asset services, where different from the home_Member_State;

(35)

‘ competent_authority’ means one or more authorities:

(a)	designated by each Member State in accordance with Article 93 concerning offerors, persons seeking admission to trading of crypto-assets other than asset-referenced_tokens and e-money tokens, issuers of asset-referenced_tokens, or crypto-asset service providers;

(b)	designated by each Member State for the application of Directive 2009/110/EC concerning issuers of e-money tokens;

(36)

‘ qualifying holding’ means any direct or indirect holding in an issuer of asset-referenced_tokens or in a crypto-asset service provider which represents at least 10 % of the capital or of the voting rights, as set out in Articles 9 and 10 of Directive 2004/109/EC of the European Parliament and of the Council (32), respectively, taking into account the conditions for the aggregation thereof laid down in Article 12(4) and (5) of that Directive, or which makes it possible to exercise a significant influence over the management of the issuer of asset-referenced_tokens or the management of the crypto-asset service provider in which that holding subsists;

(37)	‘ retail_holder’ means any natural person who is acting for purposes which are outside that person’s trade, business, craft or profession;

(38)

‘ online_interface’ means any software, including a website, part of a website or an application, that is operated by or on behalf of an offeror or crypto-asset service provider, and which serves to give holders of crypto-assets access to their crypto-assets and to give clients access to crypto-asset services;

(39)	‘ client’ means any natural or legal person to whom a crypto-asset service provider provides crypto-asset services;

(40)	‘ matched_principal_trading’ means matched_principal_trading as defined in Article 4(1), point (38), of Directive 2014/65/EU;

(41)	‘ payment_services’ means payment_services as defined in Article 4, point (3), of Directive (EU) 2015/2366;

(42)	‘ payment_service_provider’ means a payment_service_provider as defined in Article 4, point (11), of Directive (EU) 2015/2366;

(43)	‘ electronic_money_institution’ means an electronic_money_institution as defined in Article 2, point (1), of Directive 2009/110/EC;

(44)	‘ electronic_money’ means electronic_money as defined in Article 2, point (2), of Directive 2009/110/EC;

(45)	‘ personal_data’ means personal_data as defined in Article 4, point (1), of Regulation (EU) 2016/679;

(46)	‘ payment_institution’ means a payment_institution as defined in Article 4, point (4), of Directive (EU) 2015/2366;

(47)	‘ UCITS_management_company’ means a management company as defined in Article 2(1), point (b), of Directive 2009/65/EC of the European Parliament and of the Council (33);

(48)	‘ alternative_investment_fund_manager’ means an AIFM as defined in Article 4(1), point (b), of Directive 2011/61/EU of the European Parliament and of the Council (34);

(49)	‘ financial_instrument’ means financial_instruments as defined in Article 4(1), point (15), of Directive 2014/65/EU;

(50)	‘ deposit’ means a deposit as defined in Article 2(1), point (3), of Directive 2014/49/EU;

(51)	‘structured deposit’ means a structured deposit as defined in Article 4(1), point (43), of Directive 2014/65/EU.

2. The Commission shall adopt delegated acts in accordance with Article 139 to supplement this Regulation by further specifying technical elements of the definitions laid down in paragraph 1 of this Article, and to adjust those definitions to market developments and technological developments.

TITLE II

CRYPTO-ASSETS OTHER THAN ASSET-REFERENCED TOKENS OR E-MONEY TOKENS

Article 3

Definitions

1. For the purposes of this Regulation, the following definitions apply:

(1)	‘ distributed_ledger_technology’ or ‘DLT’ means a technology that enables the operation and use of distributed_ledgers;

(2)	‘ distributed_ledger’ means an information repository that keeps records of transactions and that is shared across, and synchronised between, a set of DLT_network_nodes using a consensus_mechanism;

(3)	‘ consensus_mechanism’ means the rules and procedures by which an agreement is reached, among DLT_network_nodes, that a transaction is validated;

(4)	‘ DLT_network_node’ means a device or process that is part of a network and that holds a complete or partial replica of records of all transactions on a distributed_ledger;

(5)	‘ crypto-asset’ means a digital representation of a value or of a right that is able to be transferred and stored electronically using distributed_ledger_technology or similar technology;

(6)	‘ asset-referenced_token’ means a type of crypto-asset that is not an electronic_money_token and that purports to maintain a stable value by referencing another value or right or a combination thereof, including one or more official currencies;

(7)	‘ electronic_money_token’ or ‘e-money token’ means a type of crypto-asset that purports to maintain a stable value by referencing the value of one official_currency;

(8)	‘ official_currency’ means an official_currency of a country that is issued by a central bank or other monetary authority;

(9)	‘ utility_token’ means a type of crypto-asset that is only intended to provide access to a good or a service supplied by its issuer;

(10)	‘ issuer’ means a natural or legal person, or other undertaking, who issues crypto-assets;

(11)	‘applicant issuer’ means an issuer of asset-referenced_tokens or e-money tokens who applies for authorisation to offer_to_the_public or seeks the admission to trading of those crypto-assets;

(12)	‘ offer_to_the_public’ means a communication to persons in any form, and by any means, presenting sufficient information on the terms of the offer and the crypto-assets to be offered so as to enable prospective holders to decide whether to purchase those crypto-assets;

(13)	‘ offeror’ means a natural or legal person, or other undertaking, or the issuer, who offers crypto-assets to the public;

(14)	‘ funds’ means funds as defined in Article 4, point (25), of Directive (EU) 2015/2366;

(15)	‘ crypto-asset service provider’ means a legal person or other undertaking whose occupation or business is the provision of one or more crypto-asset services to clients on a professional basis, and that is allowed to provide crypto-asset services in accordance with Article 59;

(16)

‘ crypto-asset service’ means any of the following services and activities relating to any crypto-asset:

(a)	providing custody and administration of crypto-assets on behalf of clients;

(b)	operation of a trading platform for crypto-assets;

(c)	exchange of crypto-assets for funds;

(d)	exchange of crypto-assets for other crypto-assets;

(e)	execution of orders for crypto-assets on behalf of clients;

(f)	placing of crypto-assets;

(g)	reception and transmission of orders for crypto-assets on behalf of clients;

(h)	providing advice on crypto-assets;

(i)	providing portfolio management on crypto-assets;

(j)	providing transfer services for crypto-assets on behalf of clients;

(17)	‘providing custody and administration of crypto-assets on behalf of clients’ means the safekeeping or controlling, on behalf of clients, of crypto-assets or of the means of access to such crypto-assets, where applicable in the form of private cryptographic keys;

(18)

(19)	‘exchange of crypto-assets for funds’ means the conclusion of purchase or sale contracts concerning crypto-assets with clients for funds by using proprietary capital;

(20)	‘exchange of crypto-assets for other crypto-assets’ means the conclusion of purchase or sale contracts concerning crypto-assets with clients for other crypto-assets by using proprietary capital;

(21)

(22)	‘placing of crypto-assets’ means the marketing, on behalf of or for the account of the offeror or a party related to the offeror, of crypto-assets to purchasers;

(23)	‘reception and transmission of orders for crypto-assets on behalf of clients’ means the reception from a person of an order to purchase or sell one or more crypto-assets or to subscribe for one or more crypto-assets and the transmission of that order to a third party for execution;

(24)

(25)	‘providing portfolio management of crypto-assets’ means managing portfolios in accordance with mandates given by clients on a discretionary client-by- client basis where such portfolios include one or more crypto-assets;

(26)	‘providing transfer services for crypto-assets on behalf of clients’ means providing services of transfer, on behalf of a natural or legal person, of crypto-assets from one distributed_ledger address or account to another;

(27)

(28)	‘ credit_institution’ means a credit_institution as defined in Article 4(1), point (1), of Regulation (EU) No 575/2013 and authorised under Directive 2013/36/EU;

(29)	‘ investment_firm’ means an investment_firm as defined in Article 4(1), point (2), of Regulation (EU) No 575/2013 and authorised under Directive 2014/65/EU;

(30)	‘ qualified_investors’ means persons or entities that are listed in Section I, points (1) to (4), of Annex II to Directive 2014/65/EU;

(31)	‘ close_links’ means close_links as defined in Article 4(1), point (35), of Directive 2014/65/EU;

(32)	‘ reserve_of_assets’ means the basket of reserve assets securing the claim against the issuer;

(33)

‘ home_Member_State’ means:

(a)	where the offeror or person seeking admission to trading of crypto-assets other than asset-referenced_tokens or e-money tokens has its registered office in the Union, the Member State where that offeror or person has its registered office;

(b)

(c)

(d)	in the case of an issuer of asset-referenced_tokens, the Member State where the issuer of asset-referenced_tokens has its registered office;

(e)	in the case of an issuer of e-money tokens, the Member State where the issuer of e-money tokens is authorised as a credit_institution under Directive 2013/36/EU or as an electronic_money_institution under Directive 2009/110/EC;

(f)	in the case of crypto-asset service providers, the Member State where the crypto-asset service provider has its registered office;

(34)

(35)

‘ competent_authority’ means one or more authorities:

(a)	designated by each Member State in accordance with Article 93 concerning offerors, persons seeking admission to trading of crypto-assets other than asset-referenced_tokens and e-money tokens, issuers of asset-referenced_tokens, or crypto-asset service providers;

(b)	designated by each Member State for the application of Directive 2009/110/EC concerning issuers of e-money tokens;

(36)

(37)	‘ retail_holder’ means any natural person who is acting for purposes which are outside that person’s trade, business, craft or profession;

(38)

(39)	‘ client’ means any natural or legal person to whom a crypto-asset service provider provides crypto-asset services;

(40)	‘ matched_principal_trading’ means matched_principal_trading as defined in Article 4(1), point (38), of Directive 2014/65/EU;

(41)	‘ payment_services’ means payment_services as defined in Article 4, point (3), of Directive (EU) 2015/2366;

(42)	‘ payment_service_provider’ means a payment_service_provider as defined in Article 4, point (11), of Directive (EU) 2015/2366;

(43)	‘ electronic_money_institution’ means an electronic_money_institution as defined in Article 2, point (1), of Directive 2009/110/EC;

(44)	‘ electronic_money’ means electronic_money as defined in Article 2, point (2), of Directive 2009/110/EC;

(45)	‘ personal_data’ means personal_data as defined in Article 4, point (1), of Regulation (EU) 2016/679;

(46)	‘ payment_institution’ means a payment_institution as defined in Article 4, point (4), of Directive (EU) 2015/2366;

(47)	‘ UCITS_management_company’ means a management company as defined in Article 2(1), point (b), of Directive 2009/65/EC of the European Parliament and of the Council (33);

(48)	‘ alternative_investment_fund_manager’ means an AIFM as defined in Article 4(1), point (b), of Directive 2011/61/EU of the European Parliament and of the Council (34);

(49)	‘ financial_instrument’ means financial_instruments as defined in Article 4(1), point (15), of Directive 2014/65/EU;

(50)	‘ deposit’ means a deposit as defined in Article 2(1), point (3), of Directive 2014/49/EU;

(51)	‘structured deposit’ means a structured deposit as defined in Article 4(1), point (43), of Directive 2014/65/EU.

TITLE II

CRYPTO-ASSETS OTHER THAN ASSET-REFERENCED TOKENS OR E-MONEY TOKENS

Article 18

Application for authorisation

1. Legal persons or other undertakings that intend to offer_to_the_public or seek the admission to trading of asset-referenced_tokens shall submit their application for an authorisation referred to in Article 16 to the competent_authority of their home_Member_State.

2. The application referred to in paragraph 1 shall contain all of the following information:

(a)	the address of the applicant issuer;

(b)	the legal entity identifier of the applicant issuer;

(c)	the articles of association of the applicant issuer, where applicable;

(d)	a programme of operations, setting out the business model that the applicant issuer intends to follow;

(e)

a legal opinion that the asset-referenced_token does not qualify as either of the following:

(i)	a crypto-asset excluded from the scope of this Regulation pursuant to Article 2(4); or

(ii)	an e-money token;

(f)	a detailed description of the applicant issuer’s governance arrangements as referred to in Article 34(1);

(g)	where cooperation arrangements with specific crypto-asset service providers exist, a description of their internal control mechanisms and procedures to ensure compliance with the obligations in relation to the prevention of money laundering and terrorist financing under Directive (EU) 2015/849;

(h)	the identity of the members of the management_body of the applicant issuer;

(i)	proof that the persons referred to in point (h) are of sufficiently good repute and possess the appropriate knowledge, skills and experience to manage the applicant issuer;

(j)	proof that any shareholder or member, whether direct or indirect, that has a qualifying holding in the applicant issuer is of sufficiently good repute;

(k)	a crypto-asset white paper as referred to in Article 19;

(l)	the policies and procedures referred to in Article 34(5), first subparagraph;

(m)	a description of the contractual arrangements with the third-party entities as referred to in Article 34(5), second subparagraph;

(n)	a description of the applicant issuer’s business continuity policy referred to in Article 34(9);

(o)	a description of the internal control mechanisms and risk management procedures referred to in Article 34(10);

(p)	a description of the systems and procedures in place to safeguard the availability, authenticity, integrity and confidentiality of data as referred to in Article 34(11);

(q)	a description of the applicant issuer’s complaints-handling procedures as referred to in Article 31;

(r)	where applicable, a list of host_Member_States where the applicant issuer intends to offer the asset-referenced_token to the public or intends to seek admission to trading of the asset-referenced_token.

3. Issuers that have already been authorised in respect of one asset-referenced_token shall not be required to submit, for the purposes of authorisation in respect of another asset-referenced_token, any information that was previously submitted by them to the competent_authority where such information would be identical. When submitting the information listed in paragraph 2, the issuer shall expressly confirm that any information not resubmitted is still up-to-date.

4. The competent_authority shall promptly, and in any event within two working days of receipt of an application pursuant to paragraph 1, acknowledge receipt thereof in writing to the applicant issuer.

5. For the purposes of paragraph 2, points (i) and (j), the applicant issuer of the asset-referenced_token shall provide proof of all of the following:

(a)

for all members of the management_body, the absence of a criminal record in respect of convictions or the absence of penalties imposed under the applicable commercial law, insolvency law and financial services law, or in relation to anti-money laundering and counter-terrorist financing, to fraud or to professional liability;

(b)

that the members of the management_body of the applicant issuer of the asset-referenced_token collectively possess the appropriate knowledge, skills and experience to manage the issuer of the asset-referenced_token and that those persons are required to commit sufficient time to perform their duties;

(c)

for all shareholders and members, whether direct or indirect, that have qualifying holdings in the applicant issuer, the absence of a criminal record in respect of convictions and the absence of penalties imposed under the applicable commercial law, insolvency law and financial services law, or in relation to anti-money laundering and counter-terrorist financing, to fraud or to professional liability.

6. EBA, in close cooperation with ESMA and the ECB, shall develop draft regulatory technical standards to further specify the information referred to in paragraph 2.

EBA shall submit the draft regulatory technical standards referred to in the first subparagraph to the Commission by 30 June 2024.

Power is delegated to the Commission to supplement this Regulation by adopting the regulatory technical standards referred to in the first subparagraph of this paragraph in accordance with Articles 10 to 14 of Regulation (EU) No 1093/2010.

7. EBA, in close cooperation with ESMA, shall develop draft implementing technical standards to establish standard forms, templates and procedures for the information to be included in the application in order to ensure uniformity across the Union.

EBA shall submit the draft implementing technical standards referred to in the first subparagraph to the Commission by 30 June 2024.

Power is conferred on the Commission to adopt the implementing technical standards referred to in the first subparagraph in accordance with Article 15 of Regulation (EU) No 1093/2010.

Article 21

Grant or refusal of the authorisation

1. Competent authorities shall, within 25 working days of receipt of the opinions referred to in Article 20(5), take a fully reasoned decision granting or refusing authorisation to the applicant issuer and, within five working days of taking that decision, notify it to the applicant issuer. Where an applicant issuer is authorised, its crypto-asset white paper shall be deemed to be approved.

2. Competent authorities shall refuse authorisation where there are objective and demonstrable grounds that:

(a)	the management_body of the applicant issuer might pose a threat to its effective, sound and prudent management and business continuity and to the adequate consideration of the interest of its clients and the integrity of the market;

(b)	members of the management_body do not meet the criteria set out in Article 34(2);

(c)	shareholders and members, whether direct or indirect, that have qualifying holdings do not meet the criteria of sufficiently good repute set out in Article 34(4);

(d)	the applicant issuer fails to meet or is likely to fail to meet any of the requirements of this Title;

(e)	the applicant issuer’s business model might pose a serious threat to market integrity, financial stability, the smooth operation of payment systems, or exposes the issuer or the sector to serious risks of money laundering and terrorist financing.

3. EBA and ESMA shall, by 30 June 2024, jointly issue guidelines in accordance with Article 16 of Regulation (EU) No 1093/2010 and Article 16 of Regulation (EU) No 1095/2010, respectively, on the assessment of the suitability of the members of the management_body of issuers of asset-referenced_tokens and of the shareholders and members, whether direct or indirect, that have qualifying holdings in issuers of asset-referenced_tokens.

4. Competent authorities shall also refuse authorisation if the ECB or, where applicable, the central bank gives a negative opinion under Article 20(5) on the grounds of a risk posed to the smooth operation of payment systems, monetary policy transmission, or monetary sovereignty.

5. Competent authorities shall, within two working days of granting authorisation, communicate to the single point of contact of the host_Member_States, to ESMA, to EBA, to the ECB and, where applicable, to the central bank referred to in Article 20(4), the information specified in Article 109(3).

ESMA shall make such information available in the register, under Article 109(3), by the starting date of the offer_to_the_public or admission to trading.

6. Competent authorities shall inform EBA, ESMA, the ECB and, where applicable, the central bank referred to in Article 20(4), of all requests for authorisations refused, and provide the underlying reasoning for the decision and, where applicable, an explanation for any deviation from the opinions referred to in Article 20(5).

Article 24

Withdrawal of the authorisation

1. Competent authorities shall withdraw the authorisation of an issuer of an asset-referenced_token in any of the following situations:

(a)	the issuer has ceased to engage in business for six consecutive months, or has not used its authorisation for 12 consecutive months;

(b)	the issuer has obtained its authorisation by irregular means, such as by making false statements in the application for authorisation referred to in Article 18 or in any crypto-asset white paper modified in accordance with Article 25;

(c)	the issuer no longer meets the conditions under which the authorisation was granted;

(d)	the issuer has seriously infringed the provisions of this Title;

(e)	the issuer has been subject to a redemption plan;

(f)	the issuer has expressly renounced its authorisation or has decided to cease operations;

(g)	the issuer’s activity poses a serious threat to market integrity, financial stability, the smooth operation of payment systems or exposes the issuer or the sector to serious risks of money laundering and terrorist financing.

The issuer of the asset-referenced_token shall notify its competent_authority of any of the situations referred to in the first subparagraph, points (e) and (f).

2. Competent authorities shall also withdraw the authorisation of an issuer of an asset-referenced_token when the ECB or, where applicable, the central bank referred to in Article 20(4), issues an opinion that the asset-referenced_token poses a serious threat to the smooth operation of payment systems, monetary policy transmission or monetary sovereignty.

3. Competent authorities shall limit the amount of an asset-referenced_token to be issued or impose a minimum denomination amount in respect of the asset-referenced_token when the ECB or, where applicable, the central bank referred to in Article 20(4), issues an opinion that the asset-referenced_token poses a threat to the smooth operation of payment systems, monetary policy transmission or monetary sovereignty, and specify the applicable limit or minimum denomination amount.

4. The relevant competent authorities shall notify the competent_authority of an issuer of an asset-referenced_token, without delay, of the following situations:

(a)

a third-party entity as referred to in Article 34(5), first subparagraph, point (h), of this Regulation has lost its authorisation as a credit_institution as referred to in Article 8 of Directive 2013/36/EU, as a crypto-asset service provider as referred to in Article 59 of this Regulation, as a payment_institution, or as an electronic_money_institution;

(b)	the members of the issuer’s management_body or shareholders or members, whether direct or indirect, that have qualifying holdings in the issuer have infringed the provisions of national law transposing Directive (EU) 2015/849.

5. Competent authorities shall withdraw the authorisation of an issuer of an asset-referenced_token where they are of the opinion that the situations referred to in paragraph 4 of this Article affect the good repute of the members of the management_body of that issuer or the good repute of any shareholders or members, whether direct or indirect, that have qualifying holdings in the issuer, or if there is an indication of a failure of the governance arrangements or internal control mechanisms as referred to in Article 34.

When the authorisation is withdrawn, the issuer of the asset-referenced_token shall implement the procedure under Article 47.

6. Competent authorities shall, within two working days of withdrawing authorisation, communicate to ESMA the withdrawal of the authorisation of the issuer of the asset-referenced_token. ESMA shall make the information on such withdrawal available in the register referred to in Article 109 without undue delay.

Article 32

Identification, prevention, management and disclosure of conflicts of interest

1. Issuers of asset-referenced_tokens shall implement and maintain effective policies and procedures to identify, prevent, manage and disclose conflicts of interest between themselves and:

(a)	their shareholders or members;

(b)	any shareholder or member, whether direct or indirect, that has a qualifying holding in the issuers;

(c)	the members of their management_body;

(d)	their employees;

(e)	the holders of asset-referenced_tokens; or

(f)	any third party providing one of the functions as referred in Article 34(5), first subparagraph, point (h).

2. Issuers of asset-referenced_tokens shall, in particular, take all appropriate steps to identify, prevent, manage and disclose conflicts of interest arising from the management and investment of the reserve_of_assets referred to in Article 36.

3. Issuers of asset-referenced_tokens shall, in a prominent place on their website, disclose to the holders of their asset-referenced_tokens the general nature and sources of conflicts of interest referred to in paragraph 1 and the steps taken to mitigate them.

4. The disclosure referred to in paragraph 3 shall be sufficiently precise to enable the prospective holders of their asset-referenced_tokens to take an informed purchasing decision about the asset-referenced_tokens.

5. EBA shall develop draft regulatory technical standards to further specify:

(a)	the requirements for the policies and procedures referred to in paragraph 1;

(b)	the details and methodology for the content of the disclosure referred to in paragraph 3.

EBA shall submit the draft regulatory technical standards referred to in the first subparagraph to the Commission by 30 June 2024.

Article 34

Governance arrangements

1. Issuers of asset-referenced_tokens shall have robust governance arrangements, including a clear organisational structure with well-defined, transparent and consistent lines of responsibility, effective processes to identify, manage, monitor and report the risks to which they are or might be exposed, and adequate internal control mechanisms, including sound administrative and accounting procedures.

2. Members of the management_body of issuers of asset-referenced_tokens shall be of sufficiently good repute and possess the appropriate knowledge, skills and experience, both individually and collectively, to perform their duties. In particular, they shall not have been convicted of offences relating to money laundering or terrorist financing or of any other offences that would affect their good repute. They shall also demonstrate that they are capable of committing sufficient time to effectively perform their duties.

3. The management_body of issuers of asset-referenced_tokens shall assess and periodically review the effectiveness of the policy arrangements and procedures put in place to comply with Chapters 2, 3, 5 and 6 of this Title and take appropriate measures to address any deficiencies in that respect.

4. Shareholders or members, whether direct or indirect, that have qualifying holdings in issuers of asset-referenced_tokens shall be of sufficiently good repute and, in particular, shall not have been convicted of offences relating to money laundering or terrorist financing or of any other offences that would affect their good repute.

5. Issuers of asset-referenced_tokens shall adopt policies and procedures that are sufficiently effective to ensure compliance with this Regulation. Issuers of asset-referenced_tokens shall establish, maintain and implement, in particular, policies and procedures on:

(a)	the reserve_of_assets referred to in Article 36;

(b)	the custody of the reserve assets, including the segregation of assets, as specified in Article 37;

(c)	the rights granted to the holders of asset-referenced_tokens, as specified in Article 39;

(d)	the mechanism through which asset-referenced_tokens are issued and redeemed;

(e)	the protocols for validating transactions in asset-referenced_tokens;

(f)	the functioning of the issuers’ proprietary distributed_ledger_technology, where the asset-referenced_tokens are issued, transferred and stored using such distributed_ledger_technology or similar technology that is operated by the issuers or a third party acting on their behalf;

(g)	the mechanisms to ensure the liquidity of asset-referenced_tokens, including the liquidity management policy and procedures for issuers of significant asset-referenced_tokens referred to in Article 45;

(h)	arrangements with third-party entities for operating the reserve_of_assets, and for the investment of the reserve assets, the custody of the reserve assets and, where applicable, the distribution of the asset-referenced_tokens to the public;

(i)	the written consent of the issuers of asset-referenced_tokens given to other persons that might offer or seek the admission to trading of the asset-referenced_tokens;

(j)	complaints-handling, as specified in Article 31;

(k)	conflicts of interest, as specified in Article 32.

Where issuers of asset-referenced_tokens enter into arrangements as referred to in the first subparagraph, point (h), those arrangements shall be set out in a contract with the third-party entities. Those contractual arrangements shall set out the roles, responsibilities, rights and obligations both of the issuers of asset-referenced_tokens and of the third-party entities. Any contractual arrangement with cross-jurisdictional implications shall provide for an unambiguous choice of applicable law.

6. Unless they have initiated a redemption plan referred to in Article 47, issuers of asset-referenced_tokens shall employ appropriate and proportionate systems, resources and procedures to ensure the continued and regular performance of their services and activities. To that end, issuers of asset-referenced_tokens shall maintain all of their systems and security access protocols in conformity with the appropriate Union standards.

7. If the issuer of an asset-referenced_token decides to discontinue the provision of its services and activities, including by discontinuing the issue of that asset-referenced_token, it shall submit a plan to the competent_authority for approval of such discontinuation.

8. Issuers of asset-referenced_tokens shall identify sources of operational risk and minimise those risks through the development of appropriate systems, controls and procedures.

9. Issuers of asset-referenced_tokens shall establish a business continuity policy and plans to ensure, in the case of an interruption of their ICT systems and procedures, the preservation of essential data and functions and the maintenance of their activities or, where that is not possible, the timely recovery of such data and functions and the timely resumption of their activities.

10. Issuers of asset-referenced_tokens shall have in place internal control mechanisms and effective procedures for risk management, including effective control and safeguard arrangements for managing ICT systems as required by Regulation (EU) 2022/2554 of the European Parliament and of the Council (37). The procedures shall provide for a comprehensive assessment relating to the reliance on third-party entities as referred to in paragraph 5, first subparagraph, point (h), of this Article. Issuers of asset-referenced_tokens shall monitor and evaluate on a regular basis the adequacy and effectiveness of the internal control mechanisms and procedures for risk assessment and take appropriate measures to address any deficiencies in that respect.

11. Issuers of asset-referenced_tokens shall have systems and procedures in place that are adequate to safeguard the availability, authenticity, integrity and confidentiality of data as required by Regulation (EU) 2022/2554 and in line with Regulation (EU) 2016/679. Those systems shall record and safeguard relevant data and information collected and produced in the course of the issuers’ activities.

12. Issuers of asset-referenced_tokens shall ensure that they are regularly audited by independent auditors. The results of those audits shall be communicated to the management_body of the issuer concerned and made available to the competent_authority.

13. By 30 June 2024, EBA, in close cooperation with ESMA and the ECB, shall issue guidelines in accordance with Article 16 of Regulation (EU) No 1093/2010 specifying the minimum content of the governance arrangements on:

(a)	the monitoring tools for the risks referred to in paragraph 8;

(b)	the business continuity plan referred to in paragraph 9;

(c)	the internal control mechanism referred to in paragraph 10;

(d)	the audits referred to in paragraph 12, including the minimum documentation to be used in the audit.

When issuing the guidelines referred to in the first subparagraph, EBA shall take into account the provisions on governance requirements in other Union legislative acts on financial services, including Directive 2014/65/EU.

Article 41

Assessment of proposed acquisitions of issuers of asset-referenced_tokens

1. Any natural or legal persons or such persons acting in concert who intend to acquire, directly or indirectly (the ‘proposed acquirer’), a qualifying holding in an issuer of an asset-referenced_token or to increase, directly or indirectly, such a qualifying holding so that the proportion of the voting rights or of the capital held would reach or exceed 20 %, 30 % or 50 %, or so that the issuer of the asset-referenced_token would become its subsidiary, shall notify the competent_authority of that issuer thereof in writing, indicating the size of the intended holding and the information required by the regulatory technical standards adopted by the Commission in accordance with Article 42(4).

2. Any natural or legal person who has taken a decision to dispose, directly or indirectly, of a qualifying holding in an issuer of an asset-referenced_token shall, prior to disposing of that holding, notify in writing the competent_authority of its decision and indicate the size of such holding. That person shall also notify the competent_authority where it has taken a decision to reduce a qualifying holding so that the proportion of the voting rights or of the capital held would fall below 10 %, 20 %, 30 % or 50 %, or so that the issuer of the asset-referenced_token would cease to be that person’s subsidiary.

3. The competent_authority shall promptly and in any event within two working days following receipt of a notification pursuant to paragraph 1 acknowledge receipt thereof in writing.

4. The competent_authority shall assess the proposed acquisition referred to in paragraph 1 of this Article and the information required by the regulatory technical standards adopted by the Commission in accordance with Article 42(4), within 60 working days of the date of the written acknowledgement of receipt referred to in paragraph 3 of this Article. When acknowledging receipt of the notification, the competent_authority shall inform the proposed acquirer of the date of expiry of the assessment period.

5. When performing the assessment referred to in paragraph 4, the competent_authority may request from the proposed acquirer any additional information that is necessary to complete that assessment. Such request shall be made before the assessment is finalised, and in any case no later than on the 50th working day from the date of the written acknowledgement of receipt referred to in paragraph 3. Such requests shall be made in writing and shall specify the additional information needed.

The competent_authority shall suspend the assessment period referred to in paragraph 4 until it has received the additional information referred to in the first subparagraph of this paragraph. The suspension shall not exceed 20 working days. Any further requests by the competent_authority for additional information or for clarification of the information received shall not result in an additional suspension of the assessment period.

The competent_authority may extend the suspension referred to in the second subparagraph of this paragraph by up to 30 working days if the proposed acquirer is situated outside the Union or regulated under the law of a third country.

6. A competent_authority that, upon completion of the assessment referred to in paragraph 4, decides to oppose the proposed acquisition referred to in paragraph 1 shall notify the proposed acquirer thereof within two working days, and in any event before the date referred to in paragraph 4 extended, where applicable, in accordance with paragraph 5, second and third subparagraphs. The notification shall provide the reasons for such a decision.

7. Where the competent_authority does not oppose the proposed acquisition referred to in paragraph 1 before the date referred to in paragraph 4 extended, where applicable, in accordance with paragraph 5, second and third subparagraphs, the proposed acquisition shall be deemed to be approved.

8. The competent_authority may set a maximum period for concluding the proposed acquisition referred to in paragraph 1, and extend that maximum period where appropriate.

Article 42

Content of the assessment of proposed acquisitions of issuers of asset-referenced_tokens

1. When performing the assessment referred to in Article 41(4), the competent_authority shall appraise the suitability of the proposed acquirer and the financial soundness of the proposed acquisition referred to in Article 41(1) against all of the following criteria:

(a)	the reputation of the proposed acquirer;

(b)	the reputation, knowledge, skills and experience of any person who will direct the business of the issuer of the asset-referenced_token as a result of the proposed acquisition;

(c)	the financial soundness of the proposed acquirer, in particular in relation to the type of business envisaged and pursued in respect of the issuer of the asset-referenced_token in which the acquisition is proposed;

(d)	whether the issuer of the asset-referenced_token will be able to comply and continue to comply with the provisions of this Title;

(e)

whether there are reasonable grounds to suspect that, in connection with the proposed acquisition, money laundering or terrorist financing within the meaning of, respectively, Article 1(3) and (5) of Directive (EU) 2015/849 is being or has been committed or attempted, or that the proposed acquisition could increase the risk thereof.

2. The competent_authority may oppose the proposed acquisition only where there are reasonable grounds for doing so based on the criteria set out in paragraph 1 of this Article or where the information provided in accordance with Article 41(4) is incomplete or false.

3. Member States shall not impose any prior conditions in respect of the level of qualifying holding that is required to be acquired under this Regulation nor allow their competent authorities to examine the proposed acquisition in terms of the economic needs of the market.

4. EBA, in close cooperation with ESMA, shall develop draft regulatory technical standards specifying the detailed content of the information that is necessary to carry out the assessment referred to in Article 41(4), first subparagraph. The information required shall be relevant for a prudential assessment, proportionate and adapted to the nature of the proposed acquirer and the proposed acquisition referred to in Article 41(1).

EBA shall submit the draft regulatory technical standards referred to in the first subparagraph to the Commission by 30 June 2024.

CHAPTER 5

Significant asset-referenced_tokens

Article 62

Application for authorisation as a crypto-asset service provider

1. Legal persons or other undertakings that intend to provide crypto-asset services shall submit their application for an authorisation as a crypto-asset service provider to the competent_authority of their home_Member_State.

2. The application referred to in paragraph 1 shall contain all of the following information:

(a)	the name, including the legal name and any other commercial name used, the legal entity identifier of the applicant crypto-asset service provider, the website operated by that provider, a contact email address, a contact telephone number and its physical address;

(b)	the legal form of the applicant crypto-asset service provider;

(c)	the articles of association of the applicant crypto-asset service provider, where applicable;

(d)	a programme of operations, setting out the types of crypto-asset services that the applicant crypto-asset service provider intends to provide, including where and how those services are to be marketed;

(e)	proof that the applicant crypto-asset service provider meets the requirements for prudential safeguards set out in Article 67;

(f)	a description of the applicant crypto-asset service provider’s governance arrangements;

(g)	proof that members of the management_body of the applicant crypto-asset service provider are of sufficiently good repute and possess the appropriate knowledge, skills and experience to manage that provider;

(h)	the identity of any shareholders and members, whether direct or indirect, that have qualifying holdings in the applicant crypto-asset service provider and the amounts of those holdings, as well as proof that those persons are of sufficiently good repute;

(i)	a description of the applicant crypto-asset service provider’s internal control mechanisms, policies and procedures to identify, assess and manage risks, including money laundering and terrorist financing risks, and business continuity plan;

(j)	the technical documentation of the ICT systems and security arrangements, and a description thereof in non-technical language;

(k)	a description of the procedure for the segregation of clients’ crypto-assets and funds;

(l)	a description of the applicant crypto-asset service provider’s complaints-handling procedures;

(m)	where the applicant crypto-asset service provider intends to provide custody and administration of crypto-assets on behalf of clients, a description of the custody and administration policy;

(n)	where the applicant crypto-asset service provider intends to operate a trading platform for crypto-assets, a description of the operating rules of the trading platform and of the procedure and system to detect market abuse;

(o)

where the applicant crypto-asset service provider intends to exchange crypto-assets for funds or other crypto-assets, a description of the commercial policy, which shall be non-discriminatory, governing the relationship with clients as well as a description of the methodology for determining the price of the crypto-assets that the applicant crypto-asset service provider proposes to exchange for funds or other crypto-assets;

(p)	where the applicant crypto-asset service provider intends to execute orders for crypto-assets on behalf of clients, a description of the execution policy;

(q)

where the applicant crypto-asset service provider intends to provide advice on crypto-assets or portfolio management of crypto-assets, proof that the natural persons giving advice on behalf of the applicant crypto-asset service provider or managing portfolios on behalf of the applicant crypto-asset service provider have the necessary knowledge and expertise to fulfil their obligations;

(r)	where the applicant crypto-asset service provider intends to provide transfer services for crypto-assets on behalf of clients, information on the manner in which such transfer services will be provided;

(s)	the type of crypto-asset to which the crypto-asset service relates.

3. For the purposes of paragraph 2, points (g) and (h), an applicant crypto-asset service provider shall provide proof of all of the following:

(a)

for all members of the management_body of the applicant crypto-asset service provider, the absence of a criminal record in respect of convictions and the absence of penalties imposed under the applicable commercial law, insolvency law and financial services law, or in relation to anti-money laundering, and counter-terrorist financing, to fraud or to professional liability;

(b)	that the members of the management_body of the applicant crypto-asset service provider collectively possess the appropriate knowledge, skills and experience to manage the crypto-asset service provider and that those persons are required to commit sufficient time to perform their duties;

(c)

for all shareholders and members, whether direct or indirect, that have qualifying holdings in the applicant crypto-asset service provider, the absence of a criminal record in respect of convictions or the absence of penalties imposed under the applicable commercial law, insolvency law and financial services law, or in relation to anti-money laundering and counter-terrorist financing, to fraud or to professional liability.

4. Competent authorities shall not require an applicant crypto-asset service provider to provide any information referred to in paragraphs 2 and 3 of this Article that they have already received under the respective authorisation procedures in accordance with Directive 2009/110/EC, 2014/65/EU or (EU) 2015/2366, or pursuant to national law applicable to crypto-asset services prior to 29 June 2023, provided that such previously submitted information or documents are still up-to-date.

5. ESMA, in close cooperation with EBA, shall develop draft regulatory technical standards to further specify the information referred to in paragraphs 2 and 3.

ESMA shall submit the draft regulatory technical standards referred to in the first subparagraph to the Commission by 30 June 2024.

6. ESMA, in close cooperation with EBA, shall develop draft implementing technical standards to establish standard forms, templates and procedures for the information to be included in the application for authorisation as a crypto-asset service provider.

ESMA shall submit the draft implementing technical standards referred to in the first subparagraph to the Commission by 30 June 2024.

Power is conferred on the Commission to adopt the implementing technical standards referred to in the first subparagraph of this paragraph in accordance with Article 15 of Regulation (EU) No 1095/2010.

Article 63

Assessment of the application for authorisation and grant or refusal of authorisation

1. Competent authorities shall promptly, and in any event within five working days of receipt of an application under Article 62(1), acknowledge receipt thereof in writing to the applicant crypto-asset service provider.

2. Competent authorities shall, within 25 working days of receipt of an application under Article 62(1), assess whether that application is complete by checking that the information listed in Article 62(2) has been submitted.

Where the application is not complete, competent authorities shall set a deadline by which the applicant crypto-asset service provider is to provide any missing information.

3. Competent authorities may refuse to review applications where such applications remain incomplete after the expiry of the deadline set by them in accordance with paragraph 2, second subparagraph.

4. Once an application is complete, competent authorities shall promptly notify the applicant crypto-asset service provider thereof.

5. Before granting or refusing authorisation as a crypto-asset service provider, competent authorities shall consult the competent authorities of another Member State where the applicant crypto-asset service provider is in one of the following positions in relation to a credit_institution, a central securities depository, an investment_firm, a market operator, a UCITS_management_company, an alternative_investment_fund_manager, a payment_institution, an insurance undertaking, an electronic_money_institution or an institution for occupational retirement provision, authorised in that other Member State:

(a)	it is its subsidiary;

(b)	it is a subsidiary of the parent undertaking of that entity; or

(c)	it is controlled by the same natural or legal persons who control that entity.

6. Before granting or refusing an authorisation as a crypto-asset service provider, competent authorities:

(a)

may consult the competent authorities for anti-money laundering and counter-terrorist financing, and financial intelligence units, in order to verify that the applicant crypto-asset service provider has not been the subject of an investigation into conduct relating to money laundering or terrorist financing;

(b)

shall ensure that the applicant crypto-asset service provider that operates establishments or relies on third parties established in high-risk third countries identified pursuant to Article 9 of Directive (EU) 2015/849 complies with the provisions of national law transposing Articles 26(2), 45(3) and 45(5) of that Directive;

(c)	shall, where appropriate, ensure that the applicant crypto-asset service provider has put in place appropriate procedures to comply with the provisions of national law transposing Article 18a(1) and (3) of Directive (EU) 2015/849.

7. Where close_links exist between the applicant crypto-asset service provider and other natural or legal persons, competent authorities shall grant authorisation only if those links do not prevent the effective exercise of their supervisory functions.

8. Competent authorities shall refuse authorisation if the laws, regulations or administrative provisions of a third country governing one or more natural or legal persons with which the applicant crypto-asset service provider has close_links, or difficulties involved in their enforcement, prevent the effective exercise of their supervisory functions.

9. Competent authorities shall, within 40 working days from the date of receipt of a complete application, assess whether the applicant crypto-asset service provider complies with this Title and shall adopt a fully reasoned decision granting or refusing an authorisation as a crypto-asset service provider. Competent authorities shall notify the applicant of their decision within five working days of the date of that decision. That assessment shall take into account the nature, scale and complexity of the crypto-asset services that the applicant crypto-asset service provider intends to provide.

10. Competent authorities shall refuse authorisation as a crypto-asset service provider where there are objective and demonstrable grounds that:

(a)

the management_body of the applicant crypto-asset service provider poses a threat to its effective, sound and prudent management and business continuity, and to the adequate consideration of the interest of its clients and the integrity of the market, or exposes the applicant crypto-asset service provider to a serious risk of money laundering or terrorist financing;

(b)	the members of the management_body of the applicant crypto-asset service provider do not meet the criteria set out in Article 68(1);

(c)	the shareholders or members, whether direct or indirect, that have qualifying holdings in the applicant crypto-asset service provider do not meet the criteria of sufficiently good repute set out in Article 68(2);

(d)	the applicant crypto-asset service provider fails to meet or is likely to fail to meet any of the requirements of this Title.

11. ESMA and EBA shall jointly issue guidelines in accordance with Article 16 of Regulation (EU) No 1095/2010 and Article 16 of Regulation (EU) No 1093/2010, respectively, on the assessment of the suitability of the members of the management_body of the applicant crypto-asset service provider and of the shareholders or members, whether direct or indirect, that have qualifying holdings in the applicant crypto-asset service provider.

ESMA and EBA shall issue the guidelines referred to in the first subparagraph by 30 June 2024.

12. Competent authorities may, during the assessment period provided for in paragraph 9, and no later than on the 20th working day of that period, request any further information that is necessary to complete the assessment. Such request shall be made in writing to the applicant crypto-asset service provider and shall specify the additional information needed.

The assessment period under paragraph 9 shall be suspended for the period between the date of request for missing information by the competent authorities and the receipt by them of a response thereto from the applicant crypto-asset service provider. The suspension shall not exceed 20 working days. Any further requests by the competent authorities for completion or clarification of the information shall be at their discretion but shall not result in a suspension of the assessment period under paragraph 9.

13. Competent authorities shall, within two working days of granting authorisation, communicate to ESMA the information specified in Article 109(5). Competent authorities shall also inform ESMA of any refusals of authorisations. ESMA shall make the information referred to in Article 109(5) available in the register referred to in that Article by the starting date of the provision of crypto-asset services.

Article 68

Governance arrangements

1. Members of the management_body of crypto-asset service providers shall be of sufficiently good repute and possess the appropriate knowledge, skills and experience, both individually and collectively, to perform their duties. In particular, members of the management_body of crypto-asset service providers shall not have been convicted of offences relating to money laundering or terrorist financing or of any other offences that would affect their good repute. They shall also demonstrate that they are capable of committing sufficient time to effectively perform their duties.

2. Shareholders and members, whether direct or indirect, that have qualifying holdings in crypto-asset service providers shall be of sufficiently good repute and, in particular, shall not have been convicted of offences relating to money laundering or terrorist financing or of any other offences that would affect their good repute.

3. Where the influence exercised by the shareholders or members, whether direct or indirect, that have qualifying holdings in a crypto-asset service provider is likely to be prejudicial to the sound and prudent management of that crypto-asset service provider, competent authorities shall take appropriate measures to address those risks.

Such measures may include applications for judicial orders or the imposition of penalties against directors and those responsible for management, or the suspension of the exercise of the voting rights attaching to the shares held by the shareholders or members, whether direct or indirect, that have the qualifying holdings.

4. Crypto-asset service providers shall adopt policies and procedures that are sufficiently effective to ensure compliance with this Regulation.

5. Crypto-asset service providers shall employ personnel with the knowledge, skills and expertise necessary for the discharge of the responsibilities allocated to them, taking into account the scale, nature and range of crypto-asset services provided.

6. The management_body of crypto-asset service providers shall assess and periodically review the effectiveness of the policy arrangements and procedures put in place to comply with Chapters 2 and 3 of this Title and take appropriate measures to address any deficiencies in that respect.

7. Crypto-asset service providers shall take all reasonable steps to ensure continuity and regularity in the performance of their crypto-asset services. To that end, crypto-asset service providers shall employ appropriate and proportionate resources and procedures, including resilient and secure ICT systems as required by Regulation (EU) 2022/2554.

Crypto-asset service providers shall establish a business continuity policy, which shall include ICT business continuity plans as well as ICT response and recovery plans set up pursuant to Articles 11 and 12 of Regulation (EU) 2022/2554 that aim to ensure, in the case of an interruption to their ICT systems and procedures, the preservation of essential data and functions and the maintenance of crypto-asset services or, where that is not possible, the timely recovery of such data and functions and the timely resumption of crypto-asset services.

8. Crypto-asset service providers shall have in place mechanisms, systems and procedures as required by Regulation (EU) 2022/2554, as well as effective procedures and arrangements for risk assessment, to comply with the provisions of national law transposing Directive (EU) 2015/849. They shall monitor and, on a regular basis, evaluate the adequacy and effectiveness of those mechanisms, systems and procedures, taking into account the scale, the nature and range of crypto-asset services provided, and shall take appropriate measures to address any deficiencies in that respect.

Crypto-asset service providers shall have systems and procedures to safeguard the availability, authenticity, integrity and confidentiality of data pursuant to Regulation (EU) 2022/2554.

9. Crypto-asset service providers shall arrange for records to be kept of all crypto-asset services, activities, orders, and transactions undertaken by them. Those records shall be sufficient to enable competent authorities to fulfil their supervisory tasks and to take enforcement measures, and in particular to ascertain whether crypto-asset service providers have complied with all obligations including those with respect to clients or prospective clients and to the integrity of the market.

The records kept pursuant to the first subparagraph shall be provided to clients upon request and shall be kept for a period of five years and, where requested by the competent_authority before five years have elapsed, for a period of up to seven years.

10. ESMA shall develop draft regulatory technical standards to further specify:

(a)	the measures ensuring continuity and regularity in the performance of the crypto-asset services referred to in paragraph 7;

(b)	the records to be kept of all crypto-asset services, activities, orders and transactions undertaken referred to in paragraph 9.

ESMA shall submit the draft regulatory technical standards referred to in the first subparagraph to the Commission by 30 June 2024.

Article 83

Assessment of proposed acquisitions of crypto-asset service providers

1. Any natural or legal person or such persons acting in concert who have taken a decision either to acquire, directly or indirectly, (the ‘ proposed acquirer’) a qualifying holding in a crypto-asset service provider or to increase, directly or indirectly, such a qualifying holding so that the proportion of the voting rights or of the capital held would reach or exceed 20 %, 30 % or 50 % or so that the crypto-asset service provider would become its subsidiary, shall notify the competent_authority of that crypto-asset service provider thereof in writing indicating the size of the intended holding and the information required pursuant to the regulatory technical standards adopted by the Commission in accordance with Article 84(4).

2. Any natural or legal person who has taken a decision to dispose, directly or indirectly, of a qualifying holding in a crypto-asset service provider shall, prior to disposing of that holding, notify in writing the competent_authority of its decision and indicate the size of such holding. That person shall also notify the competent_authority where it has taken a decision to reduce a qualifying holding so that the proportion of the voting rights or of the capital held would fall below 10 %, 20 %, 30 % or 50 % or so that the crypto-asset service provider would cease to be that person’s subsidiary.

3. The competent_authority shall, promptly and in any event within two working days following receipt of a notification pursuant to paragraph 1, acknowledge receipt thereof in writing.

4. The competent_authority shall assess the proposed acquisition referred to in paragraph 1 of this Article and the information required pursuant to the regulatory technical standards adopted by the Commission in accordance with Article 84(4) within 60 working days of the date of the written acknowledgement of receipt referred to in paragraph 3 of this Article. When acknowledging receipt of the notification, the competent_authority shall inform the proposed acquirer of the date of expiry of the assessment period.

5. For the purposes of the assessment referred to in paragraph 4, the competent_authority may consult the competent authorities for anti-money laundering and counter-terrorist financing and financial intelligence units and shall duly consider their views.

6. When performing the assessment referred to in paragraph 4, the competent_authority may request from the proposed acquirer any additional information that is necessary to complete that assessment. Such request shall be made before the assessment is finalised, and in any case no later than on the 50th working day from the date of the written acknowledgement of receipt referred to in paragraph 3. Such requests shall be made in writing and shall specify the additional information needed.

The competent_authority shall suspend the assessment period referred to in paragraph 4, until they have received the additional information referred to in the first subparagraph of this paragraph. The suspension shall not exceed 20 working days. Any further requests by the competent_authority for additional information or for clarification of the information received shall not result in an additional suspension of the assessment period.

7. A competent_authority that, upon completion of the assessment referred to in paragraph 4 decides to oppose the proposed acquisition referred to in paragraph 1, shall notify the proposed acquirer thereof within two working days and in any event before the date referred to in paragraph 4 extended, where applicable, in accordance with paragraph 6, second and third subparagraphs. The notification shall provide the reasons for such a decision.

8. Where the competent_authority does not oppose the proposed acquisition referred to in paragraph 1 before the date referred to in paragraph 4 extended, where applicable, in accordance with paragraph 6, second and third subparagraphs, the proposed acquisition shall be deemed to be approved.

9. The competent_authority may set a maximum period for concluding the proposed acquisition referred to in paragraph 1, and extend that maximum period where appropriate.

Article 84

Content of the assessment of proposed acquisitions of crypto-asset service providers

1. When performing the assessment referred to in Article 83(4), the competent_authority shall appraise the suitability of the proposed acquirer and the financial soundness of the proposed acquisition referred to in Article 83(1) against all of the following criteria:

(a)	the reputation of the proposed acquirer;

(b)	the reputation, knowledge, skills and experience of any person who will direct the business of the crypto-asset service provider as a result of the proposed acquisition;

(c)	the financial soundness of the proposed acquirer, in particular in relation to the type of business envisaged and pursued in respect of the crypto-asset service provider in which the acquisition is proposed;

(d)	whether the crypto-asset service provider will be able to comply and continue to comply with the provisions of this Title;

(e)

2. The competent_authority may oppose the proposed acquisition only where there are reasonable grounds for doing so on the basis of the criteria set out in paragraph 1 of this Article or where the information provided in accordance with Article 83(4) is incomplete or false.

4. ESMA, in close cooperation with EBA, shall develop draft regulatory technical standards specifying the detailed content of the information that is necessary to carry out the assessment referred to in Article 83(4), first subparagraph. The information required shall be relevant for a prudential assessment, proportionate and adapted to the nature of the proposed acquirer and the proposed acquisition referred to in Article 83(1).

ESMA shall submit the draft regulatory technical standards referred to in the first subparagraph to the Commission by 30 June 2024.

CHAPTER 5

Significant crypto-asset service providers

Article 149

Entry into force and application

1. This Regulation shall enter into force on the twentieth day following that of its publication in the Official Journal of the European Union.

2. This Regulation shall apply from 30 December 2024.

3. By way of derogation from paragraph 2, Titles III and IV shall apply from 30 June 2024.

4. By way of derogation from paragraphs 2 and 3 of this Article, Articles 2(5), 3(2), 6(11) and (12), Article 14(1), second subparagraph, Articles 17(8), 18(6) and (7), 19(10) and (11), 21(3), 22(6) and (7), 31(5), 32(5), 34(13), 35(6), 36(4), 38(5), 42(4), 43(11), 45(7) and (8), 46(6), 47(5), 51(10) and (15), 60(13) and (14), 61(3), 62(5) and (6), 63(11), 66(6), 68(10), 71(5), 72(5), 76(16), 81(15), 82(2), 84(4), 88(4), 92(2) and (3), 95(10) and (11), 96(3), 97(1), 103(8), 104(8), 105(7), 107(3) and (4), 109(8) and 119(8), 134(10), 137(3) and Article 139 shall apply from 29 June 2023.

This Regulation shall be binding in its entirety and directly applicable in all Member States.

Done at Brussels, 31 May 2023.

For the European Parliament

The President

R. METSOLA

For the Council

The President

P. KULLGREN

(1) OJ C 152, 29.4.2021, p. 1.

(2) OJ C 155, 30.4.2021, p. 31.

(3) Position of the European Parliament of 20 April 2023 (not yet published in the Official Journal) and decision of the Council of 16 May 2023.

(4) Directive 2014/65/EU of the European Parliament and of the Council of 15 May 2014 on markets in financial_instruments and amending Directive 2002/92/EC and Directive 2011/61/EU (OJ L 173, 12.6.2014, p. 349).

(5) Regulation (EU) No 1095/2010 of the European Parliament and of the Council of 24 November 2010 establishing a European Supervisory Authority (European Securities and Markets Authority), amending Decision No 716/2009/EC and repealing Commission Decision 2009/77/EC (OJ L 331, 15.12.2010, p. 84).

(6) Regulation (EU) No 1093/2010 of the European Parliament and of the Council of 24 November 2010 establishing a European Supervisory Authority (European Banking Authority), amending Decision No 716/2009/EC and repealing Commission Decision 2009/78/EC (OJ L 331, 15.12.2010, p. 12).

(7) Directive 2014/49/EU of the European Parliament and of the Council of 16 April 2014 on deposit guarantee schemes (OJ L 173, 12.6.2014, p. 149).

(8) Directive (EU) 2015/2366 of the European Parliament and of the Council of 25 November 2015 on payment_services in the internal market, amending Directives 2002/65/EC, 2009/110/EC and 2013/36/EU and Regulation (EU) No 1093/2010, and repealing Directive 2007/64/EC (OJ L 337, 23.12.2015, p. 35).

(9) Regulation (EU) 2017/2402 of the European Parliament and of the Council of 12 December 2017 laying down a general framework for securitisation and creating a specific framework for simple, transparent and standardised securitisation, and amending Directives 2009/65/EC, 2009/138/EC and 2011/61/EU and Regulations (EC) No 1060/2009 and (EU) No 648/2012 (OJ L 347, 28.12.2017, p. 35).

(10) Directive 2009/110/EC of the European Parliament and of the Council of 16 September 2009 on the taking up, pursuit and prudential supervision of the business of electronic_money_institutions amending Directives 2005/60/EC and 2006/48/EC and repealing Directive 2000/46/EC (OJ L 267, 10.10.2009, p. 7).

(11) Regulation (EU) No 1094/2010 of the European Parliament and of the Council of 24 November 2010 establishing a European Supervisory Authority (European Insurance and Occupational Pensions Authority), amending Decision No 716/2009/EC and repealing Commission Decision 2009/79/EC (OJ L 331, 15.12.2010, p. 48).

(12) Council Regulation (EU) No 1024/2013 of 15 October 2013 conferring specific tasks on the European Central Bank concerning policies relating to the prudential supervision of credit_institutions (OJ L 287, 29.10.2013, p. 63).

(13) Directive 2013/36/EU of the European Parliament and of the Council of 26 June 2013 on access to the activity of credit_institutions and the prudential supervision of credit_institutions, amending Directive 2002/87/EC and repealing Directives 2006/48/EC and 2006/49/EC (OJ L 176, 27.6.2013, p. 338).

(14) Directive 2005/29/EC of the European Parliament and of the Council of 11 May 2005 concerning unfair business-to-consumer commercial practices in the internal market and amending Council Directive 84/450/EEC, Directives 97/7/EC, 98/27/EC and 2002/65/EC of the European Parliament and of the Council and Regulation (EC) No 2006/2004 of the European Parliament and of the Council (Unfair Commercial Practices Directive) (OJ L 149, 11.6.2005, p. 22).

(15) Council Directive 93/13/EEC of 5 April 1993 on unfair terms in consumer contracts (OJ L 95, 21.4.1993, p. 29).

(16) Directive 2002/65/EC of the European Parliament and of the Council of 23 September 2002 concerning the distance marketing of consumer financial services and amending Council Directive 90/619/EEC and Directives 97/7/EC and 98/27/EC (OJ L 271, 9.10.2002, p. 16).

(17) Regulation (EU) No 575/2013 of the European Parliament and of the Council of 26 June 2013 on prudential requirements for credit_institutions and amending Regulation (EU) No 648/2012 (OJ L 176, 27.6.2013, p. 1).

(18) Directive 2014/59/EU of the European Parliament and of the Council of 15 May 2014 establishing a framework for the recovery and resolution of credit_institutions and investment_firms and amending Council Directive 82/891/EEC, and Directives 2001/24/EC, 2002/47/EC, 2004/25/EC, 2005/56/EC, 2007/36/EC, 2011/35/EU, 2012/30/EU and 2013/36/EU, and Regulations (EU) No 1093/2010 and (EU) No 648/2012, of the European Parliament and of the Council (OJ L 173, 12.6.2014, p. 190).

(19) Regulation (EU) No 806/2014 of the European Parliament and of the Council of 15 July 2014 establishing uniform rules and a uniform procedure for the resolution of credit_institutions and certain investment_firms in the framework of a Single Resolution Mechanism and a Single Resolution Fund and amending Regulation (EU) No 1093/2010 (OJ L 225, 30.7.2014, p. 1).

(20) Directive (EU) 2015/849 of the European Parliament and of the Council of 20 May 2015 on the prevention of the use of the financial system for the purposes of money laundering or terrorist financing, amending Regulation (EU) No 648/2012 of the European Parliament and of the Council, and repealing Directive 2005/60/EC of the European Parliament and of the Council and Commission Directive 2006/70/EC (OJ L 141, 5.6.2015, p. 73).

(21) Regulation (EU) No 596/2014 of the European Parliament and of the Council of 16 April 2014 on market abuse (market abuse regulation) and repealing Directive 2003/6/EC of the European Parliament and of the Council and Commission Directives 2003/124/EC, 2003/125/EC and 2004/72/EC (OJ L 173, 12.6.2014, p. 1).

(22) OJ L 123, 12.5.2016, p. 1.

(23) Directive (EU) 2019/1937 of the European Parliament and of the Council of 23 October 2019 on the protection of persons who report breaches of Union law (OJ L 305, 26.11.2019, p. 17).

(24) Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal_data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (OJ L 119, 4.5.2016, p. 1).

(25) Regulation (EU) 2018/1725 of the European Parliament and of the Council of 23 October 2018 on the protection of natural persons with regard to the processing of personal_data by the Union institutions, bodies, offices and agencies and on the free movement of such data, and repealing Regulation (EC) No 45/2001 and Decision No 1247/2002/EC (OJ L 295, 21.11.2018, p. 39).

(26) OJ C 337, 23.8.2021, p. 4.

(27) Directive 2009/138/EC of the European Parliament and of the Council of 25 November 2009 on the taking-up and pursuit of the business of Insurance and Reinsurance (Solvency II) (OJ L 335, 17.12.2009, p. 1).

(28) Directive (EU) 2016/2341 of the European Parliament and of the Council of 14 December 2016 on the activities and supervision of institutions for occupational retirement provision (IORPs) (OJ L 354, 23.12.2016, p. 37).

(29) Regulation (EU) 2019/1238 of the European Parliament and of the Council of 20 June 2019 on a pan-European Personal Pension Product (PEPP) (OJ L 198, 25.7.2019, p. 1).

(30) Regulation (EC) No 883/2004 of the European Parliament and of the Council of 29 April 2004 on the coordination of social security systems (OJ L 166, 30.4.2004, p. 1).

(31) Regulation (EC) No 987/2009 of the European Parliament and of the Council of 16 September 2009 laying down the procedure for implementing Regulation (EC) No 883/2004 on the coordination of social security systems (OJ L 284, 30.10.2009, p. 1).

(32) Directive 2004/109/EC of the European Parliament and of the Council of 15 December 2004 on the harmonisation of transparency requirements in relation to information about issuers whose securities are admitted to trading on a regulated market and amending Directive 2001/34/EC (OJ L 390, 31.12.2004, p. 38).

(33) Directive 2009/65/EC of the European Parliament and of the Council of 13 July 2009 on the coordination of laws, regulations and administrative provisions relating to undertakings for collective investment in transferable securities (UCITS) (OJ L 302, 17.11.2009, p. 32).

(34) Directive 2011/61/EU of the European Parliament and of the Council of 8 June 2011 on Alternative Investment Fund Managers and amending Directives 2003/41/EC and 2009/65/EC and Regulations (EC) No 1060/2009 and (EU) No 1095/2010 (OJ L 174, 1.7.2011, p. 1).

(35) Directive 97/9/EC of the European Parliament and of the Council of 3 March 1997 on investor-compensation schemes (OJ L 84, 26.3.1997, p. 22).

(36) Regulation (EU) 2017/1129 of the European Parliament and of the Council of 14 June 2017 on the prospectus to be published when securities are offered to the public or admitted to trading on a regulated market, and repealing Directive 2003/71/EC (OJ L 168, 30.6.2017, p. 12).

(37) Regulation (EU) 2022/2554 of the European Parliament and of the Council of 14 December 2022 on digital operational resilience for the financial sector and amending Regulations (EC) No 1060/2009, (EU) No 648/2012, (EU) No 600/2014 and (EU) No 909/2014 and (EU) 2016/1011 (OJ L 333, 27.12.2022, p. 1).

(38) Regulation (EU) 2017/1131 of the European Parliament and of the Council of 14 June 2017 on money market funds (OJ L 169, 30.6.2017, p. 8).

(39) Directive 2002/47/EC of the European Parliament and of the Council of 6 June 2002 on financial collateral arrangements (OJ L 168, 27.6.2002, p. 43).

(40) Commission Directive 2006/73/EC of 10 August 2006 implementing Directive 2004/39/EC of the European Parliament and of the Council as regards organisational requirements and operating conditions for investment_firms and defined terms for the purposes of that Directive (OJ L 241, 2.9.2006, p. 26).

(41) Commission Delegated Regulation (EU) 2015/61 of 10 October 2014 to supplement Regulation (EU) No 575/2013 of the European Parliament and the Council with regard to liquidity coverage requirement for Credit Institutions (OJ L 11, 17.1.2015, p. 1).

(42) Directive 2013/34/EU of the European Parliament and of the Council of 26 June 2013 on the annual financial statements, consolidated financial statements and related reports of certain types of undertakings, amending Directive 2006/43/EC of the European Parliament and of the Council and repealing Council Directives 78/660/EEC and 83/349/EEC (OJ L 182, 29.6.2013, p. 19).

(43) Regulation (EU) 2022/1925 of the European Parliament and of the Council of 14 September 2022 on contestable and fair markets in the digital sector and amending Directives (EU) 2019/1937 and (EU) 2020/1828 (Digital Markets Act) (OJ L 265, 12.10.2022, p. 1).

(44) Regulation (EU) 2021/23 of the European Parliament and of the Council of 16 December 2020 on a framework for the recovery and resolution of central counterparties and amending Regulations (EU) No 1095/2010, (EU) No 648/2012, (EU) No 600/2014, (EU) No 806/2014 and (EU) 2015/2365 and Directives 2002/47/EC, 2004/25/EC, 2007/36/EC, 2014/59/EU and (EU) 2017/1132 (OJ L 22, 22.1.2021, p. 1).

(45) Regulation (EU) No 909/2014 of the European Parliament and of the Council of 23 July 2014 on improving securities settlement in the European Union and on central securities depositories and amending Directive 98/26/EC and 2014/65/EU and Regulation (EU) No 236/2012 (OJ L 257, 28.8.2014, p. 1).

(46) Regulation (EU) 2019/2033 of the European Parliament and of the Council of 27 November 2019 on the prudential requirements of investment_firms and amending Regulations (EU) No 1093/2010, (EU) No 575/2013, (EU) No 600/2014 and (EU) No 806/2014 (OJ L 314, 5.12.2019, p. 1).

(47) Directive (EU) 2019/2034 of the European Parliament and of the Council of 27 November 2019 on the prudential supervision of investment_firms and amending Directives 2002/87/EC, 2009/65/EC, 2011/61/EU, 2013/36/EU, 2014/59/EU and 2014/65/EU (OJ L 314, 5.12.2019, p. 64).

ANNEX I

DISCLOSURE ITEMS FOR THE CRYPTO-ASSET WHITE PAPER FOR CRYPTO-ASSETS OTHER THAN ASSET-REFERENCED TOKENS OR E-MONEY TOKENS

Part A: Information about the offeror or the person seeking admission to trading

Name;

2.	Legal form;

3.	Registered address and head office, where different;

4.	Date of the registration;

5.	Legal entity identifier or another identifier required pursuant to applicable national law;

6.	A contact telephone number and an email address of the offeror or the person seeking admission to trading, and the period of days within which an investor contacting the offeror or the person seeking admission to trading via that telephone number or email address will receive an answer;

7.	Where applicable, the name of the parent company;

8.	Identity, business addresses and functions of persons that are members of the management_body of the offeror or person seeking admission to trading;

9.	Business or professional activity of the offeror or person seeking admission to trading and, where applicable, of its parent company;

10.

The financial condition of the offeror or person seeking admission to trading over the past three years or where the offeror or person seeking admission to trading has not been established for the past three years, its financial condition since the date of its registration.

The financial condition shall be assessed based on a fair review of the development and performance of the business of the offeror or person seeking admission to trading and of its position for each year and interim period for which historical financial information is required, including the causes of material changes.

The review shall be a balanced and comprehensive analysis of the development and performance of the business of the offeror or person seeking admission to trading and of its position, consistent with the size and complexity of the business.

Part B: Information about the issuer, if different from the offeror or person seeking admission to trading

Name;

2.	Legal form;

3.	Registered address and head office, where different;

4.	Date of the registration;

5.	Legal entity identifier or another identifier required pursuant to applicable national law;

6.	Where applicable, the name of the parent company;

7.	Identity, business addresses and functions of persons that are members of the management_body of the issuer;

8.	Business or professional activity of the issuer and, where applicable, of its parent company.

Part C: Information about the operator of the trading platform in cases where it draws up the crypto-asset white paper

Name;

2.	Legal form;

3.	Registered address and head office, where different;

4.	Date of the registration;

5.	Legal entity identifier or another identifier required pursuant to applicable national law;

6.	Where applicable, the name of the parent company;

7.	The reason why that operator drew up the crypto-asset white paper;

8.	Identity, business addresses and functions of persons that are members of the management_body of the operator;

9.	Business or professional activity of the operator and, where applicable, of its parent company.

Part D: Information about the crypto-asset project

1.	Name of the crypto-asset project and of the crypto-assets, if different from the name of the offeror or person seeking admission to trading, and abbreviation or ticker handler;

2.	A brief description of the crypto-asset project;

3.	Details of all natural or legal persons (including business addresses or domicile of the company) involved in the implementation of the crypto-asset project, such as advisors, development team and crypto-asset service providers;

4.	Where the crypto-asset project concerns utility_tokens, key features of the goods or services to be developed;

5.	Information about the crypto-asset project, especially past and future milestones of the project and, where applicable, resources already allocated to the project;

6.	Where applicable, planned use of any funds or other crypto-assets collected.

Part E: Information about the offer_to_the_public of crypto-assets or their admission to trading

1.	Indication as to whether the crypto-asset white paper concerns an offer_to_the_public of crypto-assets or their admission to trading;

2.	The reasons for the offer_to_the_public or for seeking admission to trading;

Where applicable, the amount that the offer_to_the_public intends to raise in funds or in any other crypto-asset, including, where applicable, any minimum and maximum target subscription goals set for the offer_to_the_public of crypto-assets, and whether oversubscriptions are accepted and how they are allocated;

4.	The issue price of the crypto-asset being offered to the public (in an official_currency or any other crypto-assets), any applicable subscription fee or the method in accordance with which the offer price will be determined;

5.	Where applicable, the total number of crypto-assets to be offered to the public or admitted to trading;

6.	Indication of the prospective holders targeted by the offer_to_the_public of crypto-assets or admission of such crypto-assets to trading, including any restriction as regards the type of holders for such crypto-assets;

Specific notice that purchasers participating in the offer_to_the_public of crypto-assets will be able to be reimbursed if the minimum target subscription goal is not reached at the end of the offer_to_the_public, if they exercise the right to withdrawal foreseen in Article 13 or if the offer is cancelled and detailed description of the refund mechanism, including the expected timeline of when such re funds will be completed;

Information about the various phases of the offer_to_the_public of crypto-assets, including information on discounted purchase price for early purchasers of crypto-assets (pre-public sales); in the case of discounted purchase prices for some purchasers, an explanation why purchase prices may be different, and a description of the impact on the other investors;

9.	For time-limited offers, the subscription period during which the offer_to_the_public is open;

10.	The arrangements to safeguard funds or other crypto-assets as referred to in Article 10 during the time-limited offer_to_the_public or during the withdrawal period;

11.	Methods of payment to purchase the crypto-assets offered and methods of transfer of the value to the purchasers when they are entitled to be reimbursed;

12.	In the case of offers to the public, information on the right of withdrawal as referred to in Article 13;

13.	Information on the manner and time schedule of transferring the purchased crypto-assets to the holders;

14.	Information about technical requirements that the purchaser is required to fulfil to hold the crypto-assets;

15.	Where applicable, the name of the crypto-asset service provider in charge of the placing of crypto-assets and the form of such placement (with or without a firm commitment basis);

16.	Where applicable, the name of the trading platform for crypto-assets where admission to trading is sought, and information about how investors can access such trading platforms and the costs involved;

17.	Expenses related to the offer_to_the_public of crypto-assets;

18.	Potential conflicts of interest of the persons involved in the offer_to_the_public or admission to trading, arising in relation to the offer or admission to trading;

19.	The law applicable to the offer_to_the_public of crypto-assets, as well as the competent court.

Part F: Information about the crypto-assets

1.	The type of crypto-asset that will be offered to the public or for which admission to trading is sought;

A description of the characteristics, including the data necessary for classification of the crypto-asset white paper in the register referred to in Article 109, as specified in accordance with paragraph 8 of that Article, and functionality of the crypto-assets being offered or admitted to trading, including information about when the functionalities are planned to apply.

Part G: Information on the rights and obligations attached to the crypto-assets

1.	A description of the rights and obligations, if any, of the purchaser, and the procedure and conditions for the exercise of those rights;

2.	A description of the conditions under which the rights and obligations may be modified;

3.	Where applicable, information on the future offers to the public of crypto-assets by the issuer and the number of crypto-assets retained by the issuer itself;

4.	Where the offer_to_the_public of crypto-assets or their admission to trading concerns utility_tokens, information about the quality and quantity of goods or services to which the utility_tokens give access;

5.	Where the offers to the public of crypto-assets or their admission to trading concerns utility_tokens, information on how utility_tokens can be redeemed for goods or services to which they relate;

6.	Where an admission to trading is not sought, information on how and where the crypto-assets can be purchased or sold after the offer_to_the_public;

7.	Restrictions on the transferability of the crypto-assets that are being offered or admitted to trading;

8.	Where the crypto-assets have protocols for the increase or decrease of their supply in response to changes in demand, a description of the functioning of such protocols;

9.	Where applicable, a description of protection schemes protecting the value of the crypto-assets and of compensation schemes;

10.	The law applicable to the crypto-assets, as well as the competent court.

Part H: Information on the underlying technology

1.	Information on the technology used, including distributed_ledger_technology, protocols and technical standards used;

2.	The consensus_mechanism, where applicable;

3.	Incentive mechanisms to secure transactions and any fees applicable;

4.	Where the crypto-assets are issued, transferred and stored using distributed_ledger_technology that is operated by the issuer, the offeror or a third-party acting on their behalf, a detailed description of the functioning of such distributed_ledger_technology;

5.	Information on the audit outcome of the technology used, if such an audit was conducted.

Part I: Information on the risks

1.	A description of the risks associated with the offer_to_the_public of crypto-assets or their admission to trading;

2.	A description of the risks associated with the issuer, if different from the offeror, or person seeking admission to trading;

3.	A description of the risks associated with the crypto-assets;

4.	A description of the risks associated with project implementation;

5.	A description of the risks associated with the technology used as well as mitigation measures, if any.

ANNEX II

DISCLOSURE ITEMS FOR THE CRYPTO-ASSET WHITE PAPER FOR AN ASSET-REFERENCED TOKEN

Part A: Information about the issuer of the asset-referenced_token

Name;

2.	Legal form;

3.	Registered address and head office, where different;

4.	Date of the registration;

5.	Legal entity identifier or another identifier required pursuant to applicable national law;

6.	Where applicable, the identity of the parent company;

7.	Identity, business addresses and functions of persons that are members of the management_body of the issuer;

8.	Business or professional activity of the issuer and, where applicable, of its parent company;

The financial condition of the issuer over the past three years or, where the issuer has not been established for the past three years, its financial condition since the date of its registration.

The financial condition shall be assessed based on a fair review of the development and performance of the business of the issuer and of its position for each year and interim period for which historical financial information is required, including the causes of material changes.

The review shall be a balanced and comprehensive analysis of the development and performance of the issuer’s business and of its position, consistent with the size and complexity of the business.

10.	A detailed description of the issuer’s governance arrangements;

11.

Except for issuers of asset-referenced_tokens that are exempted from authorisation in accordance with Article 17, details about the authorisation as an issuer of an asset-referenced_token and name of the competent_authority which granted such authorisation.

For credit_institutions, the name of the competent_authority of the home_Member_State.

12.

Where the issuer of the asset-referenced_token also issues other crypto-assets, or also has activities related to other crypto-assets, that should be clearly stated; the issuer should also state whether there is any connection between the issuer and the entity running the distributed_ledger_technology used to issue the crypto-asset, including if the protocols are run or controlled by a person closely connected to the project participants.

Part B: Information about the asset-referenced_token

1.	Name and abbreviation or ticker handler of the asset-referenced_token;

2.	A description of the characteristics of the asset-referenced_token, including the data necessary for classification of the crypto-asset white paper in the register referred to in Article 109, as specified in accordance with paragraph 8 of that Article;

3.	Details of all natural or legal persons (including business addresses or domicile of the company) involved in the operationalisation of the asset-referenced_token, such as advisors, development team and crypto-asset service providers;

4.	A description of the role, responsibilities and accountability of any third-party entities referred to in Article 34(5), first subparagraph, point (h);

5.	Information about the plans for the asset-referenced_tokens, including the description of the past and future milestones and, where applicable, resources already allocated.

Part C: Information about the offer_to_the_public of the asset-referenced_token or its admission to trading

1.	Indication as to whether the crypto-asset white paper concerns an offer_to_the_public of the asset-referenced_token or its admission to trading;

Where applicable, the amount that the offer_to_the_public of the asset-referenced_token intends to raise in funds or in any other crypto-asset, including, where applicable, any minimum and maximum target subscription goals set for the offer_to_the_public of the asset-referenced_token, and whether oversubscriptions are accepted and how they are allocated;

3.	Where applicable, the total number of units of the asset-referenced_token to be offered or admitted to trading;

4.	Indication of the prospective holders targeted by the offer_to_the_public of the asset-referenced_token or admission of such asset-referenced_token to trading, including any restriction as regards the type of holders for such asset-referenced_token;

A specific notice that purchasers participating in the offer_to_the_public of the asset-referenced_token will be able to be reimbursed if the minimum target subscription goal is not reached at the end of the offer_to_the_public, including the expected timeline of when such re funds will be completed; the consequences of exceeding a maximum target subscription goal should be made explicit;

Information about the various phases of the offer_to_the_public of the asset-referenced_token, including information on discounted purchase price for early purchasers of the asset-referenced_token (pre-public sales) and, in the case of discounted purchase price for some purchasers, an explanation as to why the purchase prices may be different, and a description of the impact on the other investors;

7.	For time-limited offers, the subscription period during which the offer_to_the_public is open;

8.	Methods of payment to purchase and to redeem the asset-referenced_token offered;

9.	Information on the method and time schedule of transferring the purchased asset-referenced_token to the holders;

10.	Information about technical requirements that the purchaser is required to fulfil to hold the asset-referenced_token;

11.	Where applicable, the name of the crypto-asset service provider in charge of the placing of asset-referenced_tokens and the form of such placement (with or without a firm commitment basis);

12.	Where applicable, the name of the trading platform for crypto-assets where admission to trading is sought, and information about how investors can access such trading platforms and the costs involved;

13.	Expenses related to the offer_to_the_public of the asset-referenced_token;

14.	Potential conflicts of interest of the persons involved in the offer_to_the_public or admission to trading, arising in relation to the offer or admission to trading;

15.	The law applicable to the offer_to_the_public of the asset-referenced_token, as well as the competent court.

Part D: Information on the rights and obligations attached to the asset-referenced_token

1.	A description of the characteristics and functionality of the asset-referenced_token being offered or admitted to trading, including information about when the functionalities are planned to apply;

2.	A description of the rights and obligations, if any, of the purchaser, and the procedure and conditions for the exercise of those rights;

3.	A description of the conditions under which the rights and obligations may be modified;

4.	Where applicable, information on the future offers to the public of the asset-referenced_token by the issuer and the number of units of the asset-referenced_token retained by the issuer itself;

5.	Where an admission to trading is not sought, information on how and where the asset-referenced_token can be purchased or sold after the offer_to_the_public;

6.	Any restrictions on the transferability of the asset-referenced_token that is being offered or admitted to trading;

7.	Where the asset-referenced_token has protocols for the increase or decrease of its supply in response to changes in demand, a description of the functioning of such protocols;

8.	Where applicable, a description of protection schemes protecting the value of the asset-referenced_token and compensation schemes;

Information on the nature and enforceability of rights, including permanent rights of redemption and any claims that holders and any legal or natural person as referred to in Article 39(2), may have against the issuer, including information on how such rights will be treated in the case of insolvency procedures, information on whether different rights are allocated to different holders and the non-discriminatory reasons for such different treatment;

10.

A detailed description of the claim that the asset-referenced_token represents for holders, including:

(a)	the description of each referenced asset and specified proportions of each of those assets;

(b)	the relation between the value of the referenced assets and the amount of the claim and the reserve_of_assets; and

(c)	a description how a fair and transparent valuation of components of the claim is undertaken, which identifies, where relevant, independent parties;

11.	Where applicable, information on the arrangements put in place by the issuer to ensure the liquidity of the asset-referenced_token, including the name of the entities in charge of ensuring such liquidity;

12.	The contact details for submitting complaints and description of the complaints-handling procedures and any dispute resolution mechanism or redress procedure established by the issuer of the asset-referenced_token;

13.	A description of the rights of the holders when the issuer is not able to fulfil its obligations, including in insolvency;

14.	A description of the rights in the context of the implementation of the recovery plan;

15.	A description of the rights in the context of the implementation of the redemption plan;

16.	Detailed information on how the asset-referenced_token is redeemed, including whether the holder will be able to choose the form of redemption, the form of transference or the official_currency of redemption;

17.	The law applicable to the asset-referenced_token, as well as the competent court.

Part E: Information on the underlying technology

1.	Information on the technology used, including distributed_ledger_technology, as well as protocols and technical standards used, allowing for the holding, storing and transfer of asset-referenced_tokens;

2.	The consensus_mechanism, where applicable;

3.	Incentive mechanisms to secure transactions and any fees applicable;

4.	Where the asset-referenced_tokens are issued, transferred and stored using distributed_ledger_technology that is operated by the issuer or a third-party acting on the issuer’s behalf, a detailed description of the functioning of such distributed_ledger_technology;

5.	Information on the audit outcome of the technology used, if such an audit was conducted.

Part F: Information on the risks

1.	The risks related to the reserve_of_assets, when the issuer is not able to fulfil its obligations;

2.	A description of the risks associated with the issuer of the asset-referenced_token;

3.	A description of the risks associated with the offer_to_the_public of the asset-referenced_token or its admission to trading;

4.	A description of the risks associated with the asset-referenced_token, in particular with regard to the assets referenced;

5.	A description of the risks associated with the operationalisation of the asset-referenced_token project;

6.	A description of the risks associated with the technology used as well as mitigation measures, if any.

Part G: Information on the reserve_of_assets

1.	A detailed description of the mechanism aimed at aligning the value of the reserve_of_assets with the claim associated with the asset-referenced_token, including legal and technical aspects;

2.	A detailed description of the reserve_of_assets and their composition;

3.	A description of the mechanisms through which asset-referenced_tokens are issued and redeemed;

4.	Information on whether a part of the reserve assets are invested and, where applicable, a description of the investment policy for those reserve assets;

A description of the custody arrangements for the reserve assets, including their segregation, and the name of crypto-asset service providers providing custody and administration of crypto-assets on behalf of clients, credit_institutions or investment_firms appointed as custodians of the reserve assets.

ANNEX III

DISCLOSURE ITEMS FOR THE CRYPTO-ASSET WHITE PAPER FOR AN E-MONEY TOKEN

Part A: Information about the issuer of the e-money token

Name;

2.	Legal form;

3.	Registered address and head office, where different;

4.	Date of the registration;

5.	Legal entity identifier or another identifier required pursuant to applicable national law;

6.	A contact telephone number and an email address of the issuer, and the period of days within which an investor contacting the issuer via that telephone number or email address will receive an answer;

7.	Where applicable, the identity of the parent company;

8.	Identity, business address and functions of persons that are members of the management_body of the issuer;

9.	Business or professional activity of the issuer and, where applicable, of its parent company;

10.	Potential conflicts of interest;

11.

Where the issuer of the e-money token also issues other crypto-assets, or also has other activities related to crypto-assets, that should be clearly stated; the issuer should also state whether there is any connection between the issuer and the entity running the distributed_ledger_technology used to issue the crypto-asset, including if the protocols are run or controlled by a person closely connected to project participants;

12.

The issuer’s financial condition over the past three years or, where the issuer has not been established for the past three years, the issuer’s financial condition record since the date of its registration.

The review shall be a balanced and comprehensive analysis of the development and performance of the issuer’s business and of its position, consistent with the size and complexity of the business;

13.	Except for issuers of e-money tokens who are exempted from authorisation in accordance with Article 48(4) and (5), details about the authorisation as an issuer of an e-money token and the name of the competent_authority which granted authorisation.

Part B: Information about the e-money token

1.	Name and abbreviation;

2.	A description of the characteristics of the e-money token, including the data necessary for classification of the crypto-asset white paper in the register referred to in Article 109, as specified in accordance with paragraph 8 of that Article;

3.	Details of all natural or legal persons (including business addresses and/or domicile of the company) involved in the design and development, such as advisors, development team and crypto-asset service providers.

Part C: Information about the offer_to_the_public of the e-money token or its admission to trading

1.	Indication as to whether the crypto-asset white paper concerns an offer_to_the_public of the e-money token or its admission to trading;

2.	Where applicable, the total number of units of the e-money token to be offered to the public or admitted to trading;

3.	Where applicable, name of the trading platforms for crypto-assets where the admission to trading of the e-money token is sought;

4.	The law applicable to the offer_to_the_public of the e-money token, as well as the competent court.

Part D: Information on the rights and obligations attached to e-money tokens

1.	A detailed description of the rights and obligations, if any, that the holder of the e-money token has, including the right of redemption at par value as well as the procedure and conditions for the exercise of those rights;

2.	A description of the conditions under which the rights and obligations may be modified;

3.	A description of the rights of the holders when the issuer is not able to fulfil its obligations, including in insolvency;

4.	A description of rights in the context of the implementation of the recovery plan;

5.	A description of rights in the context of the implementation of the redemption plan;

6.	The contact details for submitting complaints and description of the complaints-handling procedures and any dispute resolution mechanism or redress procedure established by the issuer of the e-money token;

7.	Where applicable, a description of protection schemes protecting the value of the crypto-asset and of compensation schemes;

8.	The law applicable to the e-money token as well as the competent court.

Part E: Information on the underlying technology

1.	Information on the technology used, including distributed_ledger_technology, as well as the protocols and technical standards used, allowing for the holding, storing and transfer of e-money tokens;

2.	Information about the technical requirements that the purchaser has to fulfil to gain control over the e-money token;

3.	The consensus_mechanism, where applicable;

4.	Incentive mechanisms to secure transactions and any fees applicable;

5.	Where the e-money token is issued, transferred and stored using distributed_ledger_technology that is operated by the issuer or a third-party acting on its behalf, a detailed description of the functioning of such distributed_ledger_technology;

6.	Information on the audit outcome of the technology used, if such an audit was conducted.

Part F: Information on the risks

1.	Description of the risks associated with the issuer of the e-money token;

2.	Description of the risks associated with the e-money token;

3.	Description of the risks associated with the technology used as well as mitigation measures, if any.

ANNEX IV

MINIMUM CAPITAL REQUIREMENTS FOR CRYPTO-ASSET SERVICE PROVIDERS

Crypto-asset service providers

Type of crypto-asset services

Minimum capital requirements under Article 67(1), point (a)

Class 1

Crypto-asset service provider authorised for the following crypto-asset services:

—	execution of orders on behalf of clients;

—	placing of crypto-assets;

—	providing transfer services for crypto-assets on behalf of clients;

—	reception and transmission of orders for crypto-assets on behalf of clients;

—	providing advice on crypto-assets; and/or

—	providing portfolio management on crypto-assets.

EUR 50 000

Class 2

Crypto-asset service provider authorised for any crypto-asset services under class 1 and:

—	providing custody and administration of crypto-assets on behalf of clients;

—	exchange of crypto-assets for funds; and/or

—	exchange of crypto-assets for other crypto-assets.

EUR 125 000

Class 3

Crypto-asset service provider authorised for any crypto-asset services under class 2 and:

—	operation of a trading platform for crypto-assets.

EUR 150 000

ANNEX V

LIST OF INFRINGEMENTS REFERRED TO IN TITLES III AND VI FOR ISSUERS OF SIGNIFICANT ASSET-REFERENCED TOKENS

The issuer infringes Article 22(1) by not reporting, for each significant asset-referenced_token with an issue value that is higher than EUR 100 000 000, on a quarterly basis to EBA the information referred to in the first subparagraph, points (a) to (d), of that paragraph.

The issuer infringes Article 23(1) by not stopping issuing a significant asset-referenced_token upon reaching the thresholds provided for in that paragraph or by not submitting a plan to EBA within 40 working days of reaching those thresholds to ensure that the estimated quarterly average number and average aggregate value of the transactions per day are kept below those thresholds.

The issuer infringes Article 23(4) by not complying with the modifications of the plan referred to in paragraph 1, point (b), of that Article as required by EBA.

The issuer infringes Article 25 by not notifying EBA of any intended change of its business model likely to have a significant influence on the purchase decision of any holders or prospective holders of significant asset-referenced_tokens, or by not describing such a change in a crypto-asset white paper.

The issuer infringes Article 25 by not complying with a measure requested by EBA in accordance with Article 25(4).

The issuer infringes Article 27(1) by not acting honestly, fairly and professionally.

The issuer infringes Article 27(1) by not communicating with holders and prospective holders of the significant asset-referenced_token in a fair, clear and not misleading manner.

The issuer infringes Article 27(2) by not acting in the best interests of the holders of the significant asset-referenced_token, or by giving preferential treatment to specific holders which is not disclosed in the issuer’s crypto-asset white paper or, where applicable, the marketing communications.

The issuer infringes Article 28 by not publishing on its website the approved crypto-asset white paper as referred to in Article 21(1) and, where applicable, the modified crypto-asset white paper as referred to in Article 25.

10.

The issuer infringes Article 28 by not making the crypto-asset white paper publicly accessible by the starting date of the offer_to_the_public of the significant asset-referenced_token or the admission to trading of that token.

11.

The issuer infringes Article 28 by not ensuring that the crypto-asset white paper, and, where applicable, the modified crypto-asset white paper, remains available on its website for as long as the significant asset-referenced_token is held by the public.

12.

The issuer infringes Article 29(1) and (2) by publishing marketing communications relating to an offer_to_the_public of a significant asset-referenced_token, or to the admission to trading of such significant asset-referenced_token, which do not comply with the requirements set out in paragraph 1, points (a) to (d), and paragraph 2 of that Article.

13.

The issuer infringes Article 29(3) by not publishing marketing communications and any modifications thereto on its website.

14.

The issuer infringes Article 29(5) by not notifying marketing communications to EBA upon request.

15.

The issuer infringes Article 29(6) by disseminating marketing communications prior to the publication of the crypto-asset white paper.

16.

The issuer infringes Article 30(1) by not disclosing in a clear, accurate and transparent manner in a publicly and easily accessible place on its website the amount of the significant asset-referenced_token in circulation and the value and composition of the reserve_of_assets referred to in Article 36, or by not updating the required information at least monthly.

17.

The issuer infringes Article 30(2) by not publishing as soon as possible in a publicly and easily accessible place on its website a brief, clear, accurate and transparent summary of the audit report, as well as the full and unredacted audit report, in relation to the reserve_of_assets referred to in Article 36.

18.

The issuer infringes Article 30(3) by not disclosing in a publicly and easily accessible place on its website in a clear, accurate and transparent manner as soon as possible any event that has or is likely to have a significant effect on the value of the significant asset-referenced_token or on the reserve_of_assets referred to in Article 36.

19.

The issuer infringes Article 31(1) by not establishing and maintaining effective and transparent procedures for the prompt, fair and consistent handling of complaints received from holders of the significant asset-referenced_token and other interested parties, including consumer associations that represent holders of the significant asset-referenced_token, and by not publishing descriptions of those procedures, or, where the significant asset-referenced_token is distributed, totally or partially, by third-party entities, by not establishing procedures to also facilitate the handling of complaints between holders and third-party entities as referred to in Article 34(5), first subparagraph, point (h).

20.

The issuer infringes Article 31(2) by not enabling the holders of the significant asset-referenced_token to file complaints free of charge.

21.

The issuer infringes Article 31(3) by not developing and making available to the holders of the significant asset-referenced_token a template for filing complaints and by not keeping a record of all complaints received and any measures taken in response to those complaints.

22.

The issuer infringes Article 31(4), by not investigating all complaints in a timely and fair manner or by not communicating the outcome of such investigations to the holders of its significant asset-referenced_token within a reasonable period.

23.

The issuer infringes Article 32(1) by not implementing and maintaining effective policies and procedures to identify, prevent, manage and disclose conflicts of interest between the issuer itself and its shareholders or members, itself and any shareholder or member, whether direct or indirect, that has a qualifying holding in it, itself and the members of its management_body, itself and its employees, itself and the holders of the significant asset-referenced_token or itself and any third party providing one of the functions as referred in Article 34(5), first subparagraph, point (h).

24.

The issuer infringes Article 32(2) by not taking all appropriate steps to identify, prevent, manage and disclose conflicts of interest arising from the management and investment of the reserve_of_assets referred to in Article 36.

25.

The issuer infringes Article 32(3) and (4), by not disclosing, in a prominent place on its website, to the holders of the significant asset-referenced_token the general nature and sources of conflicts of interest and the steps taken to mitigate those risks, or by not being sufficiently precise in the disclosure to enable the prospective holders of the significant asset-referenced_token to take an informed purchasing decision about such token.

26.

The issuer infringes Article 33 by not immediately notifying EBA of any changes to its management_body or by not providing EBA with all necessary information to assess compliance with Article 34(2).

27.

The issuer infringes Article 34(1) by not having robust governance arrangements, including a clear organisational structure with well-defined, transparent and consistent lines of responsibility, effective processes to identify, manage, monitor and report the risks to which it is or might be exposed, and adequate internal control mechanisms, including sound administrative and accounting procedures.

28.

The issuer infringes Article 34(2) by having members of its management_body who are not of sufficiently good repute or do not possess the appropriate knowledge, skills and experience, both individually and collectively, to perform their duties or do not demonstrate that they are capable of committing sufficient time to effectively perform their duties.

29.

The issuer infringes Article 34(3) by not having its management_body assess or periodically review the effectiveness of the policy arrangements and procedures put in place to comply with Chapters 2, 3, 5 and 6 of Title III or by not taking appropriate measures to address any deficiencies in that respect.

30.

The issuer infringes Article 34(4) by having shareholders or members, whether direct or indirect, with qualifying holdings who are not of sufficiently good repute.

31.

The issuer infringes Article 34(5) by not adopting policies and procedures that are sufficiently effective to ensure compliance with this Regulation, in particular by not establishing, maintaining and implementing any of the policies and procedures referred to in the first subparagraph, points (a) to (k), of that paragraph.

32.

The issuer infringes Article 34(5) by not entering into contractual arrangements with third-party entities as referred to in the first subparagraph, point (h), of that paragraph that set out the roles, responsibilities, rights and obligations both of the issuer and of the third-party entity concerned, or by not providing for an unambiguous choice of applicable law.

33.

The issuer infringes Article 34(6), unless it has initiated a plan as referred to in Article 47, by not employing appropriate and proportionate systems, resources or procedures to ensure the continued and regular performance of its services and activities, and by not maintaining all of its systems and security access protocols in conformity with the appropriate Union standards.

34.

The issuer infringes Article 34(7) by not submitting a plan for discontinuation of providing services and activities to EBA, for approval of such discontinuation.

35.

The issuer infringes Article 34(8) by not identifying sources of operational risks and by not minimising those risks through the development of appropriate systems, controls and procedures.

36.

The issuer infringes Article 34(9) by not establishing a business continuity policy and plans to ensure, in the case of an interruption of its ICT systems and procedures, the preservation of essential data and functions and the maintenance of its activities, or, where that is not possible, the timely recovery of such data and functions and the timely resumption of its activities.

37.

The issuer infringes Article 34(10) by not having in place internal control mechanisms and effective procedures for risk management, including effective control and safeguard arrangements for managing ICT systems as required by Regulation (EU) 2022/2554.

38.

The issuer infringes Article 34(11) by not having in place systems and procedures that are adequate to safeguard the availability, authenticity, integrity and confidentiality of data as required by Regulation (EU) 2022/2554 and in line with Regulation (EU) 2016/679.

39.

The issuer infringes Article 34(12) by not ensuring that the issuer is regularly audited by independent auditors.

40.

The issuer infringes Article 35(1) by not having, at all times, own funds equal to amounts of at least the highest of that set in point (a) or (c) of that paragraph or in Article 45(5).

41.

The issuer infringes Article 35(2) of this Regulation where its own funds do not consist of the Common Equity Tier 1 items and instruments referred to in Articles 26 to 30 of Regulation (EU) No 575/2013 after the deductions in full, pursuant to Article 36 of that Regulation, without the application of threshold exemptions referred to in Article 46(4) and Article 48 of that Regulation.

42.

The issuer infringes Article 35(3) by not complying with the requirement of EBA to hold a higher amount of own funds, following the assessment made in accordance with points (a) to (g) of that paragraph.

43.

The issuer infringes Article 35(5) by not conducting, on a regular basis, stress testing that takes into account severe but plausible financial stress scenarios, such as interest rate shocks and non-financial stress scenarios such as operational risk.

44.

The issuer infringes Article 35(5) by not complying with the requirement of EBA to hold a higher amount of own funds based on the outcome of the stress testing.

45.

The issuer infringes Article 36(1) by not constituting and, at all times, maintaining a reserve_of_assets.

46.

The issuer infringes Article 36(1) by not ensuring that the reserve_of_assets is composed and managed in such a way that the risks associated to the assets referenced by the significant asset-referenced_token are covered.

47.

The issuer infringes Article 36(1) by not ensuring that the reserve_of_assets is composed and managed in such a way that the liquidity risks associated to the permanent rights of redemption of the holders are addressed.

48.

The issuer infringes Article 36(3) by not ensuring that the reserve_of_assets is operationally segregated from the issuer’s estate, and from the reserve_of_assets of other asset-referenced_tokens.

49.

The issuer infringes Article 36(6) where its management_body does not ensure effective and prudent management of the reserve_of_assets.

50.

The issuer infringes Article 36(6) by not ensuring that the issuance and redemption of the significant asset-referenced_token is always matched by a corresponding increase or decrease in the reserve_of_assets.

51.

The issuer infringes Article 36(7) by not determining the aggregate value of the reserve_of_assets using market prices, and by not having its aggregate value always at least equal to the aggregate value of the claims against the issuer from holders of the significant asset-referenced_token in circulation.

52.

The issuer infringes Article 36(8), by not having a clear and detailed policy describing the stabilisation mechanism of the significant asset-referenced_token that meets the conditions set out in points (a) to (g) of that paragraph.

53.

The issuer infringes Article 36(9) by not mandating an independent audit of the reserve_of_assets every six months, as of the date of its authorisation or as of the date of approval of the crypto-asset white paper pursuant to Article 17.

54.

The issuer infringes Article 36(10) by not notifying to EBA the result of the audit in accordance with that paragraph or by not publishing the result of the audit within two weeks of the date of notification to EBA.

55.

The issuer infringes Article 37(1) by not establishing, maintaining or implementing custody policies, procedures and contractual arrangements that ensure at all times that the conditions listed in the first subparagraph, points (a) to (e), of that paragraph are met.

56.

The issuer infringes Article 37(2) by not having, when issuing two or more significant asset-referenced_tokens, a custody policy in place for each pool of reserve_of_assets.

57.

The issuer infringes Article 37(3) by not ensuring that the reserve assets are held in custody by a crypto-asset service provider providing custody and administration of crypto-assets on behalf of clients, a credit_institution or an investment_firm by no later than five working days after the date of issuance of the significant asset-referenced_token.

58.

The issuer infringes Article 37(4) by not exercising all due skill, care and diligence in the selection, appointment and review of crypto-asset service providers, credit_institutions and investment_firms appointed as custodians of the reserve assets, or by not ensuring that the custodian is a legal person different from the issuer.

59.

The issuer infringes Article 37(4) by not ensuring that the crypto-asset service providers, credit_institutions and investment_firms appointed as custodians of the reserve assets have the necessary expertise and market reputation to act as custodians of such reserve assets.

60.

The issuer infringes Article 37(4) by not ensuring in the contractual arrangements with the custodians that the reserve assets held in custody are protected against claims of the custodians’ creditors.

61.

The issuer infringes Article 37(5) by not setting out in the custody policies and procedures the selection criteria for the appointment of crypto-asset service providers, credit_institutions or investment_firms as custodians of the reserve assets or by not setting out the procedure for reviewing such appointment.

62.

The issuer infringes Article 37(5) by not reviewing the appointment of crypto-asset service providers, credit_institutions or investment_firms as custodians of the reserve assets on a regular basis, by not evaluating its exposures to such custodians or by not monitoring the financial conditions of such custodians on an ongoing basis.

63.

The issuer infringes Article 37(6) by not ensuring that custody of the reserve assets is carried out in accordance with the first subparagraph, points (a) to (d), of that paragraph.

64.

The issuer infringes Article 37(7) by not having the appointment of a crypto-asset service provider, credit_institution or investment_firm as custodian of the reserve assets evidenced by a contractual arrangement, or by not regulating, by means of such a contractual arrangement, the flow of information necessary to enable the issuer of the significant asset-referenced_token, the crypto-asset service provider, the credit_institution and the investment_firm to perform their functions as custodians.

65.

The issuer infringes Article 38(1) by investing the reserve_of_assets in any products that are not highly liquid financial_instruments with minimal market risk, credit risk and concentration risks or where such investments cannot be liquidated rapidly with minimal adverse price effect.

66.

The issuer infringes Article 38(3) by not holding in custody in accordance with Article 37 the financial_instruments in which the reserve_of_assets is invested.

67.

The issuer infringes Article 38(4) by not bearing all profits and losses and any counterparty or operational risks that result from the investment of the reserve_of_assets.

68.

The issuer infringes Article 39(1), by not establishing, maintaining and implementing clear and detailed policies and procedures in respect of permanent rights of redemption of holders of the significant asset-referenced_token.

69.

The issuer infringes Article 39(1) and (2) by not ensuring that holders of the significant asset-referenced_token have permanent rights of redemption in accordance with those paragraphs, and by not establishing a policy on such permanent rights of redemption that meets the conditions listed in Article 39(2), first subparagraph, points (a) to (e).

70.

The issuer infringes Article 39(3) by applying fees in the event of the redemption of the significant asset-referenced_token.

71.

The issuer infringes Article 40 by granting interest in relation to the significant asset-referenced_token.

72.

The issuer infringes Article 45(1) by not adopting, implementing and maintaining a remuneration policy that promotes the sound and effective risk management of issuers of significant asset-referenced_tokens and that does not create incentives to relax risk standards.

73.

The issuer infringes Article 45(2) by not ensuring that its significant asset-referenced_token can be held in custody by different crypto-asset service providers authorised for providing custody and administration of crypto-assets on behalf of clients, on a fair, reasonable and non-discriminatory basis.

74.

The issuer infringes Article 45(3) by not assessing or monitoring the liquidity needs to meet requests for redemption of the significant asset-referenced_token by its holders.

75.

The issuer infringes Article 45(3) by not establishing, maintaining or implementing a liquidity management policy and procedures or by not ensuring, with those policy and procedures, that the reserve assets have a resilient liquidity profile that enables the issuer of the significant asset-referenced_token to continue operating normally, including under scenarios of liquidity stress.

76.

The issuer infringes Article 45(4) by not conducting, on a regular basis, liquidity stress testing or by not strengthening the liquidity requirements where requested by EBA based on the outcome of such tests.

77.

The issuer infringes Article 46(1) by not drawing up and maintaining a recovery plan providing for measures to be taken by the issuer of the significant asset-referenced_token to restore compliance with the requirements applicable to the reserve_of_assets in cases where the issuer fails to comply with those requirements, including the preservation of its services related to the significant asset-referenced_token, the timely recovery of operations and the fulfilment of the issuer’s obligations in the case of events that pose a significant risk of disrupting operations.

78.

The issuer infringes Article 46(1) by not drawing up and maintaining a recovery plan that includes appropriate conditions and procedures to ensure the timely implementation of recovery actions as well as a wide range of recovery options, as listed in the third subparagraph of that paragraph.

79.

The issuer infringes Article 46(2) by not notifying the recovery plan to EBA and, where applicable, to its resolution and prudential supervisory authorities, within six months of the date of authorisation pursuant to Article 21 or of the date of approval of the crypto-asset white paper pursuant to Article 17.

80.

The issuer infringes Article 46(2) by not regularly reviewing or updating the recovery plan.

81.

The issuer infringes Article 47(1) by not drawing up and maintaining an operational plan to support the orderly redemption of each significant asset-referenced_token.

82.

The issuer infringes Article 47(2) by not having a redemption plan that demonstrates the ability of the issuer of the significant asset-referenced_token to carry out the redemption of the outstanding significant asset-referenced_token issued without causing undue economic harm to its holders or to the stability of the markets of the reserve assets.

83.

The issuer infringes Article 47(2) by not having a redemption plan that includes contractual arrangements, procedures or systems, including the designation of a temporary administrator, to ensure the equitable treatment of all holders of the significant asset-referenced_token and to ensure that holders of the significant asset-referenced_token are paid in a timely manner with the proceeds from the sale of the remaining reserve assets.

84.

The issuer infringes Article 47(2) by not having a redemption plan that ensures the continuity of any critical activities that are necessary for the orderly redemption and that are performed by the issuer or by any third-party entity.

85.

The issuer infringes Article 47(3) by not notifying the redemption plan to EBA within six months of the date of authorisation pursuant to Article 21 or of the date of approval of the crypto-asset white paper pursuant to Article 17.

86.

The issuer infringes Article 47(3) by not regularly reviewing or updating the redemption plan.

87.

The issuer infringes Article 88(1), except where the conditions of Article 88(2) are met, by not informing the public as soon as possible of inside information as referred to in Article 87, that directly concerns that issuer, in a manner that enables fast access and complete, correct and timely assessment of the information by the public.

ANNEX VI

LIST OF INFRINGEMENTS OF PROVISIONS REFERRED TO IN TITLE IV IN CONJUNCTION WITH TITLE III FOR ISSUERS OF SIGNIFICANT E-MONEY TOKENS

The issuer infringes Article 22(1) by not reporting, for each significant e-money token denominated in a currency that is not an official_currency of a Member State with an issue value that is higher than EUR 100 000 000, on a quarterly basis to EBA, the information referred to in the first subparagraph, points (a) to (d), of that paragraph.

The issuer infringes Article 23(1) by not stopping issuing a significant e-money token denominated in a currency that is not an official_currency of a Member State upon reaching the thresholds provided for in that paragraph or by not submitting a plan to EBA within 40 working days of reaching those thresholds to ensure that the estimated quarterly average number and average aggregate value of the transactions per day are kept below those thresholds.

The issuer infringes Article 23(4) by not complying with the modifications of the plan referred to in paragraph 1, point (b), of that Article as required by EBA.

The issuer infringes Article 35(5) by not conducting, on a regular basis, stress testing that takes into account severe but plausible financial stress scenarios, such as interest rate shocks, and non-financial stress scenarios, such as operational risk.

The issuer infringes Article 35(5) by not complying with the requirement of EBA to hold a higher amount of own funds based on the outcome of the stress testing.

The issuer infringes Article 36(1) by not constituting and, at all times, maintaining a reserve_of_assets.

The issuer infringes Article 36(1) by not ensuring that the reserve_of_assets is composed and managed in such a way that the risks associated to the official_currency referenced by the significant e-money token are covered.

10.

11.

The issuer infringes Article 36(3) by not ensuring that the reserve_of_assets is operationally segregated from the issuer’s estate, and from the reserve_of_assets of other e-money tokens.

12.

The issuer infringes Article 36(6) where its management_body does not ensure effective and prudent management of the reserve_of_assets.

13.

The issuer infringes Article 36(6) by not ensuring that the issuance and redemption of the significant e-money token is always matched by a corresponding increase or decrease in the reserve_of_assets.

14.

The issuer infringes Article 36(7) by not determining the aggregate value of the reserve_of_assets by using market prices, and by not having its aggregate value always at least equal to the aggregate value of the claims against the issuer from the holders of the significant e-money token in circulation.

15.

The issuer infringes Article 36(8) by not having a clear and detailed policy describing the stabilisation mechanism of the significant e-money token that meets the conditions set out in points (a) to (g) of that paragraph.

16.

The issuer infringes Article 36(9) by not mandating an independent audit of the reserve_of_assets every six months after the date of the offer_to_the_public or admission to trading.

17.

18.

19.

The issuer infringes Article 37(2) by not having, when issuing two or more significant e-money tokens, a custody policy in place for each pool of reserve_of_assets.

20.

21.

The issuer infringes Article 37(4) by not exercising all due skill, care and diligence in the selection, appointment and review of crypto-asset service providers, credit_institutions and investment_firms appointed as custodians of the reserve assets or by not ensuring that the custodian is a legal person different from the issuer.

22.

23.

24.

25.

The issuer infringes Article 37(5) by not reviewing the appointment of crypto-asset service providers, credit_institutions or investment_firms as custodians of the reserve assets on a regular basis, and by not evaluating its exposures to such custodians, or by not monitoring the financial conditions of such custodians on an ongoing basis.

26.

The issuer infringes Article 37(6) by not ensuring that the custody of the reserve assets is carried out in accordance with the first subparagraph, points (a) to (d), of that paragraph.

27.

The issuer infringes Article 37(7) by not having the appointment of a crypto-asset service provider, credit_institution or investment_firm as custodian of the reserve assets evidenced by a contractual arrangement, or by not regulating, by means of such a contractual arrangement, the flow of information necessary to enable the issuer of the significant e-money token, the crypto-asset service provider, the credit_institutions and the investment_firm to perform their functions as custodians.

28.

29.

The issuer infringes Article 38(3) by not holding in custody in accordance with Article 37 the financial_instruments in which the reserve_of_assets is invested.

30.

The issuer infringes Article 38(4) by not bearing all profits and losses and any counterparty or operational risks that result from the investment of the reserve_of_assets.

31.

The issuer infringes Article 45(1) by not adopting, implementing and maintaining a remuneration policy that promotes the sound and effective risk management of issuers of significant e-money tokens and that does not create incentives to relax risk standards.

32.

The issuer infringes Article 45(2) by not ensuring that its significant e-money token can be held in custody by different crypto-asset service providers authorised for providing custody and administration of crypto-assets on behalf of clients on a fair, reasonable and non-discriminatory basis.

33.

The issuer infringes Article 45(3) by not assessing or monitoring the liquidity needs to meet requests for redemption of the significant e-money token by its holders.

34.

The issuer infringes Article 45(3) by not establishing, maintaining or implementing a liquidity management policy and procedures or by not ensuring, with those policy and procedures, that the reserve assets have a resilient liquidity profile that enables the issuer of the significant e-money token to continue operating normally, including under liquidity stressed scenarios.

35.

36.

The issuer infringes Article 45(5) by not complying, at all times, with the own funds requirement.

37.

The issuer infringes Article 46(1) by not drawing up and maintaining a recovery plan providing for measures to be taken by the issuer of significant e-money tokens to restore compliance with the requirements applicable to the reserve_of_assets in cases where the issuer fails to comply with those requirements, including the preservation of its services related to the significant e-money token, the timely recovery of operations and the fulfilment of the issuer’s obligations in the case of events that pose a significant risk of disrupting operations.

38.

39.

40.

The issuer infringes Article 46(2) by not regularly reviewing or updating the recovery plan.

41.

The issuer infringes Article 47(1) by not drawing up and maintaining an operational plan that supports the orderly redemption of each significant e-money token.

42.

The issuer infringes Article 47(2) by not having a redemption plan that demonstrates the ability of the issuer of the significant e-money token to carry out the redemption of the outstanding significant e-money token issued without causing undue economic harm to its holders or to the stability of the markets of the reserve assets.

43.

The issuer infringes Article 47(2) by not having a redemption plan that includes contractual arrangements, procedures or systems, including the designation of a temporary administrator, to ensure the equitable treatment of all holders of the significant e-money token and to ensure that holders of the significant e-money token are paid in a timely manner with the proceeds from the sale of the remaining reserve assets.

44.

45.

The issuer infringes Article 47(3) by not notifying the redemption plan to EBA within six months of the date of the offer_to_the_public or admission to trading.

46.

The issuer infringes Article 47(3) by not regularly reviewing or updating the redemption plan.

whereas

Seguiamo le blockchain dal 2017. Disponibili per formazione e affiancamento agli avvocati. Sul podcast QUI disponibili le novità in materia