France’s financial watchdog (AMF), Austria’s Financial Market Authority (FMA), and Italy’s market regulator Consob have called for urgent reforms to the EU’s new crypto rulebook, warning that gaps in supervision could weaken investor protection and encourage regulatory arbitrage.
In a joint statement issued on 15 September 2025, the three regulators said that the Markets in Crypto-Assets Regulation (MiCA), which took effect on 30 December 2024, has revealed “major differences” in how EU member states are enforcing the rules.
They cautioned that inconsistent oversight could leave European investors exposed, while also giving non-EU platforms an advantage by allowing them to operate without following MiCA’s standards. This includes bypassing requirements such as restrictions on “matched principal” trading and safeguards against cyber risks.
The regulators also pointed to global watchdogs like the Financial Stability Board (FSB), which in July 2023 urged governments to prepare for the risks of crypto and potential challenges from quantum computing, and the International Organization of Securities Commissions (IOSCO), which in November 2023 set out recommendations for stronger global standards.
Your completely free resource hub designed to boost your knowledge of cryptocurrencies
Their message: unless the EU tightens MiCA’s rules and ensures consistent enforcement, Europe could lose ground in the race to regulate and profit from the growing crypto industry.
What Reforms Do Regulators Want for MiCA?
In their joint statement, France’s AMF, Austria’s FMA, and Italy’s Consob outlined four main changes they believe are needed to strengthen the new EU crypto rulebook.
Centralised Supervision by ESMA
The regulators want the European Securities and Markets Authority (ESMA) to directly oversee major crypto-asset service providers. They noted that around 90% of global crypto trading is concentrated in just 10 large platforms, many of which are entering Europe via MiCA’s “passporting” regime. A central supervisor, they said, would help curb regulatory shopping and lower compliance costs, similar to how the European Banking Authority (EBA) monitors major stablecoin issuers.
Tougher Rules for Non-EU Platforms
Some international exchanges currently serve EU customers through local intermediaries, keeping their main operations outside the bloc’s oversight. The three watchdogs recommended that EU intermediaries only execute client orders on platforms directly subject to MiCA or on those covered by equivalent international regulation, with the European Commission and ESMA in charge of assessing that equivalence.
Mandatory Cybersecurity Audits for CASPs
To build trust, the regulators said all crypto-asset service providers (CASPs) should undergo independent cybersecurity audits before receiving a license and at regular intervals afterwards. These checks would focus on asset protection, cyberattack resilience, and incident response, while also ensuring consistency with the Digital Operational Resilience Act (DORA).
Single EU Access Point for Token Offerings (Excluding Stablecoins)
Instead of the current system where each national authority reviews token white papers separately, the regulators proposed centralising token offering submissions under ESMA. They argued this would simplify processes, provide uniform supervision, and reduce costs for issuers.
The three regulators cautioned that MiCA’s impact will fall short unless the framework is strengthened. They stressed that the growing overlap between crypto and traditional finance demands consistent protections for investors, including clearer information standards and checks to ensure clients fully understand complex products.
In their conclusion, the AMF, FMA, and Consob said that tougher oversight is essential not only to safeguard investors but also to keep European firms competitive in an increasingly globalised crypto market.
