European Banking Authority

European regulators are raising alarms about cryptocurrency firms attempting to circumvent the EU’s landmark MiCA framework, which took full effect in late 2024. The European Banking Authority released findings documenting instances where companies have shifted operations between member states to avoid stricter oversight, a practice known as regulatory forum shopping that threatens the integrity of Europe’s unified digital asset market.

The MiCA Framework and Early Evasion Tactics

MiCA, the Markets in Crypto-Assets Regulation, represents the European Union’s first harmonized rulebook for the crypto industry across all 27 member states. When implemented, it was designed to create consistent standards for crypto service providers, eliminating the patchwork of national approaches that previously characterized European crypto regulation.

Yet the EBA’s recent report documents concerning patterns. One unnamed entity submitted applications for registration in multiple member states within a compressed timeframe. When faced with rigorous scrutiny or application challenges in certain jurisdictions, the firm withdrew those submissions and proceeded to operate in countries with less demanding approval processes.

Entities with weak AML/CFT controls have already entered and are operating in the EU market by selecting jurisdictions with lighter supervisory practices.

— European Banking Authority Report

This strategy exemplifies what regulators call “regulatory arbitrage”—the deliberate selection of jurisdictions perceived as having more lenient enforcement mechanisms.

The Transition Window Creates a Compliance Gray Zone

MiCA’s implementation included a transition period extending until July 1, 2026, allowing firms time to achieve compliance or face removal from the market. This window, designed to facilitate orderly market adjustment, has introduced an unintended vulnerability.

The EBA warns that some companies previously licensed in individual member states but failing to meet MiCA’s new authorization standards are exploiting this gap. Rather than ceasing operations immediately, these firms are filing appeals and continuing to serve customers—operating in legal limbo while their cases proceed.

This creates a perverse incentive structure. A company denied a MiCA license might generate revenue for months or years during the appeals process, potentially moving funds and obstructing oversight before any final enforcement action.

Forum Shopping and the Single Market Challenge

Dr. Hendrik Müller-Lankow, a crypto law specialist at Berlin-based Kronsteyn firm, confirmed that regulatory forum shopping is actively occurring across EU member states. His assessment carries particular weight given his direct experience advising firms navigating these rules.

Müller-Lankow makes a nuanced argument: regulatory arbitrage may be an inevitable byproduct of maintaining both a unified market and distributed supervisory authority. Different national regulators, shaped by distinct legal traditions and enforcement philosophies, naturally apply rules with varying rigor.

It is well known that people—and thus also authorities—in different Member States have different mentalities when applying laws. This is a phenomenon regulators must accept if they want to establish a single market.

— Dr. Hendrik Müller-Lankow, Kronsteyn Law Firm

However, he also identified a potential solution: greater centralization. The EU is already moving in this direction, progressively consolidating supervisory powers at the continental level. A more unified enforcement infrastructure could reduce the incentive to shop between jurisdictions.

Opaque Ownership Structures Compound Systemic Risk

Beyond jurisdictional shopping, the EBA flagged another vulnerability: crypto firms establishing themselves in the EU through obscure corporate structures with unclear beneficial ownership. This opacity makes it nearly impossible for regulators to determine accountability or trace illicit fund flows.

When a crypto firm’s true ownership remains hidden behind layers of shell companies or foreign entities, regulators cannot conduct proper risk assessments. This creates blind spots that bad actors can exploit, whether for financial crime, sanctions evasion, or terrorist financing.

The EBA emphasized that even before MiCA’s formal implementation, entities with inadequate anti-money laundering and counter-financing of terrorism (AML/CFT) protocols had successfully entered European markets. They did so by targeting member states with either lighter supervisory practices or legacy requirements that predated MiCA’s stricter standards.

Market Implications and Competitive Distortions

The prevalence of regulatory forum shopping creates meaningful competitive distortions within Europe’s crypto market. Firms that invest substantially in compliance infrastructure and governance frameworks must compete against less scrupulous operators with lower compliance costs. This dynamic disadvantages legitimate market participants and creates an uneven playing field across the EU.

Industry observers note that this competitive asymmetry may ultimately drive consolidation in the European crypto sector. Smaller, compliant operators lack the resources to match the aggressive growth strategies of forum-shopping competitors, while well-capitalized platforms already invested in robust governance structures face margin compression from underregulated rivals.

The EBA’s findings have already prompted preliminary discussions among national financial authorities about establishing mutual recognition agreements that would make regulatory shopping less viable. However, such coordination remains challenging given the varying degrees of crypto market maturity across EU member states and differing approaches to digital asset policy.

Industry Context and Broader Regulatory Momentum

MiCA’s implementation occurs within a broader context of intensifying global crypto regulation. Following the 2022 collapse of FTX and subsequent erosion of public trust, policymakers worldwide have prioritized digital asset oversight. The EU’s comprehensive regulatory approach differs markedly from the fragmented frameworks in the United States, where crypto regulation remains distributed across multiple agencies with overlapping jurisdictions.

This disparity creates interesting dynamics for international crypto platforms. European operations must comply with MiCA’s stringent requirements, while the same firms operating in the United States may face a less prescriptive regulatory landscape. Some market participants have begun establishing separate European entities with distinct governance structures specifically designed to satisfy MiCA requirements, treating European operations as regulated subsidiaries distinct from their global platforms.

The EBA’s enforcement focus may actually accelerate this trend. As regulatory pressure increases, sophisticated operators will likely establish bona fide European entities with genuine compliance infrastructure rather than continuing to operate through forum shopping. This could ultimately strengthen market integrity, though it will likely increase operational costs for all market participants.

Looking Forward: Closing the Gaps

The EBA’s findings suggest that regulatory implementation is only half the battle. Even well-designed rules can be undermined if enforcement remains fragmented or transition periods are too lengthy.

Several concrete measures could tighten oversight. Harmonized beneficial ownership registries across member states would eliminate the opaque structures that currently shield firm operators from scrutiny. Coordinated cross-border enforcement actions could make jurisdiction shopping less profitable. Expedited appeal processes might prevent extended gray-zone operations. Additionally, establishing a centralized MiCA enforcement body with direct authority to audit and sanction operators across all member states would significantly reduce arbitrage opportunities.

For crypto market participants and investors, the broader implication is clear: regulatory clarity remains a work in progress. While MiCA represents genuine progress toward unified standards, enforcement gaps persist. This environment rewards firms that invest in genuine compliance while disadvantaging honest competitors that bear higher administrative costs. Consumer protections, custody standards, and operational resilience requirements will vary in practice until enforcement mechanisms achieve true harmonization across the EU.

The crypto industry’s maturation depends partly on whether regulators can close these loopholes before bad actors entrench themselves further within the European financial system. The EBA’s transparent acknowledgment of these risks suggests regulators are alert to the problem. Whether they can solve it remains to be seen. The coming eighteen months leading up to the July 2026 deadline will be crucial in determining whether MiCA becomes a genuine unified framework or merely a patchwork of national implementations that sophisticated operators can continue to circumvent.