ESMA Targets Crypto Custodians with Operational Resilience Review
The European Securities and Markets Authority (ESMA) has initiated a supervisory review of MiCA-authorized crypto custodians, shifting its focus from licensing to operational risk management. The review aims to assess the resilience of these firms in handling real-world risks.
Regulators will examine custody controls, key management, incident response procedures, and third-party risks to ensure that authorized crypto-asset service providers (CASPs) have effective operational measures in place.
The review comes as the EU prepares to revisit parts of MiCA following the U.S. GENIUS Act, which has prompted European regulators to consider how non-EU stablecoin issuers should be treated under existing rules.
Industry participants see this review as an early indication of how MiCA supervision could evolve and a chance for firms to demonstrate strong operational controls before supervisory reviews conclude.




