Europe’s next crypto battle is no longer about whether to regulate the industry, but who gets to hold the pen. European Union leaders are weighing a European Commission proposal to hand direct supervision of the bloc’s largest crypto asset service providers (CASPs) to the Paris-based European Securities and Markets Authority (ESMA), shifting front-line control away from national regulators.
France, Austria and Italy believe the move is overdue. In a joint September 2025 paper, their market authorities called for “a stronger European framework,” arguing centralized oversight is needed to address “major differences” in how countries authorize firms and curb regulatory shopping.
Malta’s Financial Services Authority (MFSA) is not convinced. A spokesperson told Cointelegraph it is “premature to introduce structural changes” like centralized supervision. The Markets in Crypto Assets Regulation (MiCA) regulation has only recently become fully applicable, and its “impact on the market and market players is still being assessed,” they said.
The dispute matters because MiCA lets companies win authorization in one member state and then passport services across the EU. That means the question of who supervises crypto firms is no longer just administrative, but goes to how Europe will balance market integration, investor protection and national regulatory authority.
While a recent Bloomberg report framed the fight as one small state against the commission, Ian Gauci of Maltese law firm GTG, one of the architects of Malta’s original crypto rulebook, told Cointelegraph, “That is not what this is.” He said Malta’s arguments “are not jurisdictional” and “go to the structure itself and how it will behave wherever it is applied in the Union.” The MFSA said its position was not about national advantage but about “regulatory timing and effectiveness” and preserving Europe’s attractiveness to crypto firms.
Related: What happens as Europe enforces MiCA and the US delays crypto rules
Centralizing supervision under one roof
The ESMA already leads the supervisory convergence work, coordinating peer reviews of national authorities, including a fast-track review of one of Malta’s CASP authorizations, widely reported to be OKX. The review found Malta met expectations on supervisory settings, but that the firm’s authorization “should have been more thorough.”
Supporters of centralization say that the episode makes the case. A spokesperson from the ESMA told Cointelegraph that a single supervisor for major cross-border companies would deliver “more efficient and harmonized supervision,” strengthen investor protection and reduce “the risk of forum shopping.” France, Austria and Italy similarly warned in their position paper that divergent practices could undermine investor protection and Europe’s digital asset market.
Gauci said he was not opposed to a stronger EU-level role where it is justified. But he argued that centralization should be targeted at genuinely systemic cross-border firms with clearly identified risks, rather than applied as a blanket fix for uneven supervision.
Malta warns centralization may go too far
OKX rejects the idea that companies pick smaller jurisdictions to capture regulators. Its European CEO, Erald Ghoos, told Cointelegraph that, unlike some competitors, the exchange had been supervised by Malta under a high-standard regime since 2021 and its MiCA authorization reflected a multi-year relationship, “not an expedited process.” With MiCA still rolling out, he argued that there was no evidence the current model is failing, making centralization look more like a “political decision.”
Related: What happens as Europe enforces MiCA and the US delays crypto rules
Ghoos said the case for concentrating supervisory power at the EU level had not yet been demonstrated.
Gauci accepts that inconsistencies exist but argues that the solution is to use existing tools. “Make peer reviews bite,” set timelines and impose consequences for persistent failure, rather than rewriting MiCA’s allocation of powers, he said.
His deeper concern is structural: Large firms operate as single systems, but the proposal would split oversight across ESMA, national authorities and the Anti-Money Laundering Authority (AMLA), while the Digital Operational Resilience Act (DORA) expects an integrated view of information technology risk. “Once you split supervision like this, that unity disappears,” he warned, leaving accountability fragmented in a crisis.
The real question, he said, is whether Europe values supervisory depth or scale. Early movers built expertise and proximity in a fast-moving industry; strip that away too quickly, and Europe risks replacing it with distance, removing the “incentive for jurisdictions to invest in serious supervisory capacity in the first place,” and encouraging the offshore drift policymakers want to avoid.
Magazine: 6 weirdest devices people have used to mine Bitcoin and crypto
Read the full article here
