Europe’s next crypto battle is no longer about whether to regulate the industry, but who gets to hold the pen. A fundamental disagreement is brewing within the European Union over the future of crypto supervision, centered on a European Commission proposal to shift direct oversight of the bloc’s largest crypto asset service providers (CASPs) to the Paris-based European Securities and Markets Authority (ESMA). This move would centralize front-line control, pulling it away from national regulators that have, until now, been the primary point of contact for licensed firms under the Markets in Crypto-Assets (MiCA) regulation.
The push for centralization has strong backing from France, Austria, and Italy. In a joint position paper published in September 2025, their national market authorities argued that the change is overdue. They called for “a stronger European framework,” citing “major differences” in how member states authorize firms and monitor their activities. This regulatory divergence, they warned, creates opportunities for “regulatory shopping,” where companies might seek authorization in jurisdictions perceived as having lighter-touch supervision before “passporting” their services across the entire EU single market.
The Case for Centralized Oversight
Supporters of the ESMA-led model point to efficiency and harmonization. An ESMA spokesperson told Cointelegraph that a single supervisor for major cross-border CASPs would deliver “more efficient and harmonized supervision,” strengthen consistent investor protection, and reduce “the risk of forum shopping.” The recent experience with a fast-track peer review of a Maltese CASP authorization—widely reported to be for the exchange OKX—is cited as a key example. While the review, conducted in late 2024, found that Malta’s Financial Services Authority (MFSA) generally met expected supervisory standards, it concluded that the firm’s specific authorization “should have been more thorough.” For proponents, this episode underscores the need for a uniform, EU-level gatekeeper.
The argument is not merely administrative. Because MiCA’s passporting system allows a firm authorized in one member state to operate EU-wide, the question of supervision directly impacts the integrity of the single market, the level of investor protection, and the EU’s competitive stance as a global crypto hub.
Malta’s Resistance: Timing, Structure, and Expertise
Malta’s MFSA is pushing back firmly. A spokesperson stated it is “premature to introduce structural changes” like centralized supervision. They noted that MiCA only became fully applicable in December 2024, and its “impact on the market and market players is still being assessed.” The authority’s position, they clarified, is not about national advantage but about “regulatory timing and effectiveness” and preserving Europe’s attractiveness to crypto firms.
Ian Gauci, a partner at Maltese law firm GTG and one of the architects of Malta’s original crypto rulebook (the 2018 Virtual Financial Assets Act), challenges the framing of the debate. “That is not what this is,” he told Cointelegraph, referring to a Bloomberg report that portrayed it as a small state versus the Commission. Gauci stressed that Malta’s concerns “are not jurisdictional” but “go to the structure itself and how it will behave wherever it is applied in the Union.”
Gauci accepts that inconsistencies in national supervision exist but argues the solution lies in perfecting existing tools, not dismantling the current framework. “Make peer reviews bite,” he urged, suggesting the EU should set clear timelines and impose consequences for persistent national failures rather than immediately reassign powers under MiCA.
The OKX Case and the “Political Decision” Question
The role of specific firms is central to the debate. OKX’s European CEO, Erald Ghoos, rejected the notion that companies engage in “regulatory shopping.” He told Cointelegraph that OKX has been under Malta’s supervision since 2021, long before MiCA, operating under what he described as a high-standard regime. Its MiCA authorization, he argued, was the culmination of a multi-year relationship, “not an expedited process.” With MiCA’s implementation still rolling out, Ghoos contended there is no evidence the current, nationally-led model is failing, making the push for centralization appear more like a “political decision” than a necessity.
Gauci shares the concern that the centralization proposal may be a blunt instrument. He warns of a deeper structural flaw: the plan would split oversight of large, integrated firms across ESMA, national authorities, and the new Anti-Money Laundering Authority (AMLA). This conflicts with frameworks like the Digital Operational Resilience Act (DORA), which expects a unified view of a firm’s IT risk. “Once you split supervision like this, that unity disappears,” he cautioned, potentially creating dangerous accountability gaps during a crisis.
The Core Trade-Off: Depth vs. Scale
Ultimately, Gauci frames the choice facing Europe as one between supervisory “depth” and “scale.” Early-moving jurisdictions like Malta built specialized expertise and maintained close, proximate engagement with a fast-evolving industry. Stripping away that national capacity too quickly, he argues, risks replacing it with bureaucratic distance. This could remove the “incentive for jurisdictions to invest in serious supervisory capacity in the first place,” potentially accelerating the very “offshore drift” of crypto activity that policymakers aim to prevent.
As the debate unfolds, the European Commission and Parliament must weigh whether the perceived benefits of a single, powerful EU supervisor outweigh the potential loss of agile, expert national oversight. The outcome will shape not just which authority holds the pen, but how effectively Europe can regulate a borderless industry while fostering innovation and protecting its citizens.
Cointelegraph is committed to independent, transparent journalism. This news article is produced in accordance with Cointelegraph’s Editorial Policy and aims to provide accurate and timely information. Readers are encouraged to verify information independently. Read our Editorial Policy.
