The European Banking Authority (EBA) has issued a No Action Letter to EU policymakers, advising against dual authorisation requirements for crypto-asset service providers (CASPs) transacting in electronic money tokens (EMTs) under both the Payment Services Directive (PSD2) and the Markets in Crypto-Assets Regulation (MiCA).
The letter, published on 10 June 2025, calls on the European Commission, Council, and Parliament to ensure that, over the long term, EU law prevents overlapping regulation for EMT-related activities. In the short term, the EBA recommends that national competent authorities (NCAs) delay enforcement of PSD2 authorisation requirements for certain CASPs until 2 March 2026, and apply a streamlined approach thereafter.
Streamlined supervision recommended
The EBA suggests that where EMTs are used to make payments, the relevant services—such as the custody, administration, and transfer of EMTs—should be regarded as payment services under PSD2. However, it proposes that NCAs wait until the end of the transitional period in March 2026 before requiring PSD2 authorisation for these services. Even then, authorisations should be granted through simplified procedures that draw heavily on information already provided during MiCA’s CASP authorisation process.
Following authorisation, the EBA advises NCAs to deprioritise the supervision and enforcement of several PSD2 obligations, including safeguarding of funds, standard consumer disclosures (such as charges and execution times), and open banking requirements. Instead, focus should be placed on core protective measures, such as strong customer authentication (SCA), fraud reporting, and the calculation of own funds requirements.
Key clarifications on what falls outside PSD2
The letter also clarifies that several crypto-related activities do not fall within the scope of PSD2, including:
- The exchange of crypto-assets for fiat currency or other crypto-assets.
- The facilitation of crypto-asset purchases using EMTs.
These activities, according to the EBA, should be regulated exclusively under MiCA and not treated as payment services requiring separate PSD2 licensing.
Practical impact for firms
The EBA’s position is expected to significantly ease the regulatory burden for CASPs who might otherwise have faced the prospect of dual authorisation regimes. However, the EBA notes that its stance is not based on the assumption that MiCA alone is sufficient to address the risks of EMT transactions. Instead, the advice stems from a desire to avoid unnecessary duplication and complexity during a transitional period.
Despite this regulatory flexibility, the EBA reaffirms the importance of maintaining high standards of consumer protection. By prioritising areas such as SCA and fraud prevention, the letter underscores the need for confidence and trust in both traditional and crypto-based payment services.
How Neopay can help
Navigating the overlap between PSD2 and MiCA can be complex, especially for firms dealing with EMTs. Neopay helps businesses:
- Understand whether their activities fall under PSD2, MiCA, or both
- Prepare for streamlined authorisation processes
- Align compliance frameworks with evolving regulatory expectations
Whether you’re a crypto-asset service provider, e-money institution, or payments business, our team provides clear, tailored support to help you stay ahead of regulatory change.
To learn more or speak with our team, get in touch today.
