Blog

Token sales are usually massively digitally advertised and often in creative ways. However, marketing communications for public offerings of crypto assets are now very strictly regulated under MiCAR. What do providers need to consider in this regard?

Artificial intelligence (AI) is penetrating more and more areas of life and the economy. AI-as-a-Service (AIaaS) as a cloud-based service is subject to its own legal peculiarities, not least due to the European AI Act. An overview:

Die DORA gilt seit dem 17. Januar 2025 und schon bis zum 11. April 2025 müssen Finanzunternehmen ihre Informationsregister gemäß DORA-Vorgaben bei der BaFin einreichen. Finanzunternehmen sollten sich frühzeitig vorbereiten und sicherstellen, dass die Register formgerecht eingereicht werden.

How are wrapped tokens and token bridges regulated under MiCAR? What obligations apply to providers and issuers and are there possibilities to realize a token bridge outside the scope of MiCAR?

How are wrapped tokens and token bridges regulated under MiCAR? What obligations apply to providers and issuers and are there possibilities to realize a token bridge outside the scope of MiCAR?

From January 2025, DORA will introduce uniform requirements for ICT security, but exceptions for smaller financial institutions will provide a degree of relief. Nevertheless, differences between EU member states will remain due to national implementation leeway.

Tied agents can currently provide regulated crypto-asset services in Germany under the liability umbrella of a supervised institution without requiring an own license. However, MiCAR no longer provides for this concept. How can liability umbrellas and tied agents respond to this?

The German government has broken up. But what does this mean for the long-delayed adoption of the accompanying legislation for the MiCAR transition and which legal framework will the German crypto industry operate within as of 30 December 2024?

DORA places new demands on the digital resilience of financial companies, while the distinction between financial and ICT services raises questions in detail. Clear principles for interpreting the regulations are urgently needed to create legal certainty for the industry.

Crypto service providers from non-European countries such as the USA, Switzerland and the UK are also interested in doing business on the old continent under MiCAR. However, ESMA is making it more difficult for such companies to enter the market with its recommendations to the relevant national supervisory authorities.

With the Cyber Resilience Act (CRA), the EU has created a framework for cyber security in digital products that will apply from 2027. Software, smartphones and household appliances are all affected. Manufacturers, importers and retailers must take extensive measures to ensure compliance with the requirements and avoid sanctions.

The DORA significantly restricts the contractual freedom of financial companies and ICT third-party service providers by imposing a number of mandatory requirements on the drafting of contracts. This could put medium-sized financial companies in particular in a stronger negotiating position, while even large ICT providers will be obliged to implement the new requirements.