The European Markets in Crypto Assets Regulation (MiCAR) will require crypto asset service providers (CASP) to obtain a MiCAR license from their competent authority prior to operating their business from December 30, 2024. CASP based in Germany will then require a BaFin license. One of the crypto services regulated by MiCAR is portfolio management of crypto assets. It occurs when a crypto asset service provider manages portfolios of its clients on a client-by-client basis in the sense that it is allowed to make investment decisions regarding crypto assets with its own discretion according to guidelines agreed upon with the clients. In order to obtain the required BaFin license, the crypto portfolio management provider will have to fulfill the general requirements for the issuance of a MiCAR license. In this respect, it will be required to possess a proper business organization, to have professionally suitable and reliable business managers, and to be able to demonstrate the regulatory initial capital of at least 50,000 euros. Additionally, however, it will also be required to meet specific conditions with regard to the way in which it conducts its business. This includes, in particular, a careful examination of the suitability of recommended crypto assets for the respective customer. In doing so, the crypto portfolio manager must take into account the clients’ investment objectives as well as their risk tolerance, financial circumstances and ability to bear losses. In addition, crypto portfolio managers must not accept monetary benefits from third parties in the course of crypto portfolio management that could influence the investment decisions to be made for the client. Furthermore, crypto portfolio managers for crypto assets are obliged to inform their clients in detail about all crypto-specific risks.

Interaction with DeFi Protocols and Smart Contracts by Crypto Portfolio Managers

In connection with the regulatory requirements to be fulfilled by crypto portfolio managers, it is interesting to see to what extent they are allowed by regulatory law to interact with protocols that actually function in a decentralized manner. For example, if a crypto portfolio manager were to implement investment decisions for its client in each case in an automated manner via decentralized smart contracts from the DeFi sector, it would first have to be clarified whether this activity could still be classified as a “managing activity” or whether it would require, as an execution activity, that the MiCAR license granted to the crypto portfolio manager additionally covers executions for clients. Crypto portfolio management is, for all intents and purposes, advisory business. This is already evident from the fact that the specific regulatory obligations of crypto service providers for crypto advisory and crypto portfolio management are jointly regulated in Article 81 MiCAR. Traditionally, and apparently also according to the idea of the MiCAR drafter, a procurement of crypto assets as part of the management activity should regularly be carried out through third-party providers licensed to exchange crypto assets for other crypto assets. These are contracted by the crypto portfolio manager to deliver or take delivery of certain crypto assets with effect for its client’s wallet. However, such third-party providers would not exist in DeFi. In the absence of European interpretative guidance currently being prepared by EBA and ESMA, BaFin has not yet commented on how broadly the definition of crypto portfolio management should be interpreted. In the spirit of a cautious approach, crypto portfolio managers should therefore assume for the time being that execution activities are not covered. Crypto portfolio managers would therefore be on the safe side if they involve an intermediary crypto service provider authorized to execute crypto transactions for the client.

Execution Service Providers with MiCAR License Also Face Problems with DeFi Trades via Liquidity Pools

While the regulatory problems may be solved for the crypto portfolio manager by involving an execution service provider with a MiCAR license to swap crypto assets for other crypto assets, they arise again in a different guise for the execution service provider. This is because the latter is also subject to numerous regulatory obligations in the performance of its activities. Insofar as a crypto asset service provider acquires crypto assets for a customer via an interaction with a DeFi protocol, it will also be required to fulfill obligations related to money laundering law. Since clarification of the transaction partner is regularly impossible in the case of an automated liquidity pool without a tangible operator, this may result in the executing crypto asset service provider being unable to execute a corresponding transaction. Particularly problematic are cases in which the procurement of crypto assets is to be carried out systematically via DeFi protocols and decentralized liquidity pools. In these cases, the execution service provider will usually never be able to clarify the origin of the crypto assets he receives from the liquidity pool. The development of an adequate and appropriate administrative practice on this topic should therefore be carried out as soon as possible by the responsible ESMA and EBA, as well as on a national level by BaFin. Crypto asset service providers can accelerate this process by clarifying corresponding business models with BaFin in advance.

Attorney Lutz Auffenberg, LL.M. (London)



The competent lawyer for questions regarding crypto asset services and BaFin license under MiCAR in our law firm is Attorney Lutz Auffenberg, LL.M. (London).