MiCA and payment services: No dual authorisation for stablecoins required (for now...)

Transactions involving electronic money tokens ('EMTs') are subject to both payment services and crypto-asset regulation, which gives rise to overlapping legal requirements and authorisation challenges. The European Banking Authority ('EBA') is providing short-term relief and proposing long-term solutions.

EMTs: Funds or crypto-assets?

On 10 June 2025, the EBA issued a no action letter providing detailed guidance on the overlap between Regulation (EU) 2023/1114 on markets in crypto-assets ('MiCAR') and Directive (EU) 2015/2366 on payment services ('PSD2'), specifically in relation to crypto-asset service providers ('CASPs') transacting with EMTs.

EMTs, a category of stablecoins under MiCAR, are 'deemed to be electronic money' (Article 48(2) MiCAR) and are considered 'funds' for the purposes of PSD2. This means that a single CASP activity involving EMTs may fall within both regulatory regimes, potentially subjecting CASPs to requirements and authorisations under both.

The dual nature of EMTs created by EU law means that certain CASP activities qualify as both payment services and crypto-asset services. The EBA advises that the following activities should be regarded as payment services under PSD2:

• Transfer of EMTs on behalf of clients;
   
• Custody and administration of EMTs where custodial wallets allow the transfer of EMTs to/from third parties.

Consequently, custodial wallets holding EMTs that can be transferred to/from third parties are also regarded as payment accounts under PSD2. In practice this means that legal requirements related to offering payment accounts, typically aimed at banks and other payment service providers ('PSPs'), will extend to wallet providers offering the safekeeping of EMTs. This may include, for example, the reporting of wallets to central account registries established for AML purposes, depending on the legal situation in the relevant Member State.

Conversely, the EBA explicitly advises that other activities, such as the exchange of crypto-assets for fiat currency or other crypto-assets, or the intermediation of the purchase of crypto-assets using EMTs, should not be regarded as payment services. Therefore, PSD2 authorisation requirements should not apply to CASPs carrying out these activities.

Short-term solution: no enforcement (until 2 March 2026)

Recognising the administrative burden of requiring dual authorisation under MiCAR and PSD2, the EBA recommends that, during the transition period up to 2 March 2026, national competent authorities ('NCAs') shall not require authorisation under PSD2 for payment services involving EMTs.

For entities already licensed as PSPs, or partnered with a PSP, the EBA advises NCAs to prioritise supervision and enforcement of certain PSD2 requirements where technical or market-specific challenges exist, including:

• Information obligations under Title III/IV of PSD2, such as the disclosure of precise charges for on-chain transactions where charges cannot be determined in advance (e.g. due to fluctuating network fees or 'gas' costs); instead, CASPs should provide information on charges as soon as possible and in any case before the user authorises a transaction. Similarly, provisions relating to the maximum execution time of transactions where the maximum execution time cannot be determined in advance should instead provide users with an estimated timeframe.
   
• The SEPA Regulation (in its entirety).
   
• Safeguarding/safekeeping requirements relating to the safeguarding of EMTs (or means of access to such EMTs) received by CASPs.
   
• Open banking obligations relating to custodial wallets holding EMTs.

In addition, CASPs are not expected to comply with the requirements for strong customer authentication ('SCA') or the reporting of payment fraud. However, unlike the more generous exemptions in relation to other PSD requirements, the no-action letter only asks NCAs to deprioritise the supervision and enforcement of SCA and fraud reporting requirements until 2 March 2026.

Finally, the EBA advises that capital requirements under both regimes should be applied cumulatively for hybrid entities. However, efforts should be made to streamline and simplify licensing applications for CASPs when obtaining an additional licence under PSD2 (e.g. by relying on as much information as possible from the application for a CASP licence under MiCAR), as well as for licensed PSPs intending to provide custody, administration, or transfer services for EMTs under MiCAR.

Long-term outlook: single authorisation and harmonised regulation under PSD3/PSR and MiCAR

 In the longer term, the EBA is clear that the overlap of multiple regimes (particularly multiple authorisation requirements) for the same activity is undesirable. The EBA recommends two potential legislative solutions:

1. Amend MiCAR via the ongoing PSD3/PSR legislative process to import relevant payment services requirements (notably from Titles III and IV of PSD2, or the corresponding sections of PSD3/PSR) for EMT-related services.
    
2. If this approach proves unfeasible, PSD3/PSR should clearly specify which CASP services involving EMTs should be subject to payment services requirements and how these requirements would apply — importantly, without imposing an additional authorisation requirement for CASPs that are already authorised under MiCAR.

The EBA firmly rejects the idea of simply excluding EMTs from the future payment services regime without strengthening MiCAR, since it believes that PSD2 provides stronger customer protection for EMTs than MiCAR currently does.