top of page
Search

European Securities and Markets Authority (ESMA) Final Report – Guidelines on supervisory practices for competent authorities to prevent and detect market abuse under the MiCAR

ESMA’s new guidelines stem directly from Article 92(3) of MiCA, which obliges the authority to harmonise how national competent authorities (NCAs) combat market abuse in crypto-asset markets by 30 June 2025. The final report, published on 29 April 2025, therefore fills a regulatory gap that MiCA itself created: the regulation outlawed insider dealing, unlawful disclosure and manipulation involving crypto-assets, yet supervisory cultures and data capabilities still vary widely across the EU.


1. Why ESMA issued these Guidelines


  • Legal mandate – Article 92(3) MiCA instructs ESMA to publish, by 30 June 2025, guidelines that harmonise how national competent authorities (NCAs) prevent and detect market abuse in crypto-asset markets.

  • Regulatory gap – MiCA extends market-abuse rules to crypto, but supervisory cultures, tooling and data availability still differ widely across Member States.

  • Objective – Provide a common, risk-based supervisory framework that builds on experience under the Market Abuse Regulation (MAR) while addressing crypto-specific threats such as maximal extractable value (MEV), token-supply manipulation and the outsized role of social-media hype.


2. Scope, status and implementation timetable

Element

Details

Addressees

All EU NCAs (Article 3(1)(35) MiCA)

Subject matter

Supervision of insider dealing, unlawful disclosure and market manipulation involving crypto-assets (Title VI MiCA, Arts 86-92)

Entry into force

3 months after the multilingual version appears on ESMA’s website

Comply-or-explain

Within 2 months of publication, each NCA must notify ESMA whether it will (i) comply, (ii) comply later, or (iii) not comply, giving reasons. ESMA will publish the list.

Relationship to RTS

Complements the forthcoming Regulatory Technical Standards on Suspicious Transaction or Order Reports (STORs) required under Art 92(2) MiCA.

3. Guiding principles and cross-cutting themes


  1. Proportionality (Guideline 1) – Supervisory intensity must reflect the scale, complexity and risk of local crypto-markets and actors.

  2. Risk-based & forward-looking approach (Guideline 2) – NCAs should continuously scan for emerging abuse typologies (e.g., on-chain front-running, algorithmic manipulation) and adapt oversight swiftly.

  3. Leverage existing MAR know-how (Guideline 3) – Before inventing new controls, map current MAR surveillance to crypto contexts and plug the gaps (e.g., add MEV detection).

  4. Build a common EU supervisory culture (Guideline 4) – Systematic peer-exchange of cases, data and best practices via ESMA working groups; potential ESMA convergence tools where divergent practices persist.

  5. Adequate & specialised resources (Guideline 5) – Dedicated crypto teams, data scientists and bespoke tooling; tap initiatives such as the EU Supervisory Digital Finance Academy for staff up-skilling.

  6. Stakeholder dialogue (Guideline 6) – Maintain open channels with industry, academia, tech providers and public-interest groups to anticipate new threats and co-design solutions.

  7. Market-integrity outreach (Guideline 7) – NCAs should run public-education campaigns, issue Q&As and encourage voluntary best practices (e.g., issuer insider-lists, platform user warnings).


4. Operational supervision and enforcement tools

Area

Key expectations

Market monitoring (Guideline 8)

Adopt data-driven surveillance combining on-chain, off-chain and cross-market feeds; supplement automated scans (pattern/keyword) with human analysis; include social-media, blogs, newsletters and podcasts where they influence prices.

Oversight of PPAETs* (Guideline 9)

Ensure Persons Professionally Arranging or Executing Transactions maintain effective, continuously reviewed abuse-detection systems; apply proportionate intensity (e.g., full trading-venue vs. order-transmission CASPs).

STOR handling (Guideline 10)

Put in place clear internal workflows that assign responsibilities, grade severity/recurrence, and ensure timely follow-up; response must be proportionate to the threat detected.

ESMA coordination (Guideline 11)

Seek ESMA-led joint inspections/investigations in cross-border cases involving multiple NCAs, risk of conflicting actions, or undue burden on firms.

Third-country obstacles (Guideline 12)

Alert ESMA and peers when non-EU trading flows, legal barriers or uncooperative foreign authorities hamper abuse detection; strive for a common supervisory stance toward such obstacles.

*PPAET = firms (often CASPs) that professionally arrange or execute crypto transactions.


5. Crypto-specific risk considerations woven into the Guidelines


  • MEV & front-running – Recognised as potential insider dealing/market manipulation vectors that require bespoke detection logic.

  • Token mechanics – Sudden changes in supply, reserve backing (for asset-referenced/stablecoins) or governance decisions can be exploited for price manipulation.

  • Social-media virality – Higher risk of pump-and-dump or misinformation campaigns; NCAs are urged to monitor high-reach accounts and coordinated posting patterns.

  • Cross-border trading & DeFi – Surveillance must cover platforms and liquidity venues outside the EU; data-gathering may depend on blockchain analytics and cooperation agreements.


6. Stakeholder feedback and ESMA’s adjustments


  • Securities & Markets Stakeholder Group (SMSG) broadly endorsed the draft but asked for stronger emphasis on NCA staffing, training and consumer-protection links.

  • ESMA’s response (Annex II) –

    • Added explicit encouragement for dedicated crypto resources and ongoing training (Guideline 5).

    • Suggested voluntary dialogue with other authorities (consumer-protection, AML) under Guideline 4, while noting legal-basis constraints.

    • Reaffirmed proportionality so smaller markets are not over-burdened.


7. Next steps for NCAs and industry


  1. Translation & publication – ESMA will release the final Guidelines in all EU languages.

  2. NCA notices – Within 2 months, each NCA must file its comply/intentions statement. ESMA will disclose any non-compliance publicly.

  3. Practical adoption – NCAs integrate the Guidelines into national frameworks; market participants (especially PPAETs and trading-venue CASPs) should align internal surveillance and STOR processes accordingly.


8. Key take-aways for market participants


  • Expect more uniform and data-intensive surveillance across the EU, including scrutiny of your social-media communications.

  • STOR obligations will soon follow detailed RTS templates; start enhancing your detection logic now (on-chain & off-chain reconciliation, MEV scenarios, cross-asset signals).

  • Prepare for dialogue with supervisors—NCAs will actively seek feedback on new risks and may issue guidance or best-practice checklists.

  • Cross-border models (routing flow to non-EU venues, DeFi aggregators) may attract heightened attention where they frustrate EU supervision.


Prokopiev Law Group is a forward-thinking Web3 legal consultancy that bridges breakthrough blockchain ideas with the world’s fast-moving regulatory frameworks. Operating from Kyiv yet connected to a network that spans more than 50 jurisdictions, the firm delivers end-to-end support—from incorporating and structuring crypto ventures to drafting DAO governance, token-sale and data-protection documentation, and securing the licences and cross-border compliance investors expect under regimes such as MiCA. Its lawyers pair deep, specialised expertise with clear, business-oriented advice, letting founders and funders focus on building while PLG shoulders the legal heavy lifting.


The information provided is not legal, tax, investment, or accounting advice and should not be used as such. It is for discussion purposes only. Seek guidance from your own legal counsel and advisors on any matters. The views presented are those of the author and not any other individual or organization. Some parts of the text may be automatically generated. The author of this material makes no guarantees or warranties about the accuracy or completeness of the information. 



 
 
 

Comments

Let's Connect

To learn more about our services get in touch today.

  • LinkedIn
  • X

PLG Consulting LLC 

Main Office: Kyiv, Ukraine

Administrative Operations: Kingstown, Saint Vincent and the Grenadines

admin@prokopievlaw.com

Contact Us

Privacy Policy

© 2024 by Prokopiev Law Group

bottom of page