Europe’s crypto rulebook has given digital-asset firms the certainty they long demanded, but the cost of that clarity is now becoming a harder question for the industry.

The issue is no longer whether crypto should be regulated. It is whether Europe’s first broad framework for digital assets has created a compliance structure that large firms can absorb, while smaller players struggle to stay competitive.

“Five years ago, one of the biggest industry asks was for regulatory certainty. I don’t think anyone can argue that there hasn’t been regulatory certainty with MiCA (Markets in Crypto-Assets Regulation ),” said Rowan Varrall, regulatory affairs director at ANNA. “It is 1,000-plus pages of technical standards and guidelines. That does give a huge amount of certainty.”

“I do see that there is some type of overregulation, because it is a one-size-fits-all approach,” said Dr. Carola Rathke, partner at YPOG. “This might be difficult, in particular when we talk about smaller players in the market.”

MiCA was designed to provide the European Union with a single framework for crypto assets, stablecoins and crypto-asset service providers (CASPs). It replaced a fragmented national approach with a more consistent rulebook across the bloc.

For firms that want legal clarity, that is a strategic asset. Varrall said MiCA has removed much of the ambiguity that previously surrounded crypto activity in Europe. It also provides regulators with a basis for collecting standardized data on transactions and market activity.

That data could help supervisors understand risks more clearly, assess how firms manage them and move toward more data-driven oversight. In that sense, the burden of standardization could also become the basis for a more mature market.

But Rathke said the problem is the cumulative effect. MiCA does not stand alone. Firms must also deal with the Digital Operational Resilience Act (DORA), the Payment Services Directive 2 (PSD2) and multiple layers of technical standards.

She said large firms can cope with the extra workload, but smaller firms may not have the same resources. Some are already looking outside Europe to set up their businesses.

That creates the central policy dilemma. Europe may have given the crypto market the legal framework it asked for, but it now has to make sure certainty does not become a barrier to innovation.

Compliance stack

The comments were made during a panel titled “Have We Overregulated?: Looking Back on the MiCA Implementation” at Digital Assets Forum 2026 in London, an event organized by European Blockchain Convention. The panel was moderated by Juan Ignacio Ibañez, general secretary of MiCA Alliance.

Rathke said Europe’s regulatory burden has become more complicated because MiCA is being implemented alongside other rules. For some crypto firms, the problem is not only the original crypto framework, but the way it interacts with DORA and PSD2.

“We have MiCA, which is good because we need regulation,” she said. “But with DORA on top of that, together with MiCA, there are not only thousands but 5,000 pages with all the regulatory technical standards.”

E-money tokens are one area where firms may face additional licensing requirements. Crypto-asset service providers (CASPs) that have already worked through MiCA may still need to consider PSD2 obligations when handling certain payment-related tokens.

That creates practical questions for firms that thought they had already completed the main regulatory process. Rathke said clients ask why safekeeping Bitcoin worth a large amount can be handled under one framework, while safekeeping an e-money token can trigger another layer of licensing.

“Big players can cope with that,” she said. “But for the smaller ones, they tend to look outside Europe currently to set up their businesses.”

Christian Moor, principal policy officer at the European Banking Authority (EBA), pushed back against the view that MiCA itself had gone too far. He said the framework is already functioning, with issuers and more than 150 CASPs operating under it.

“Compared to banking regulation, I would say it is quite light,” Moor said. “On that side, I don’t think we have overregulated.”

DORA is broader than crypto because cybersecurity and operational resilience risks apply across financial services. The EBA has also built oversight capacity around DORA because technology and third-party risk have become central concerns for financial markets.

The smaller-firm challenge is also wider than digital-asset regulation. Europe’s shortage of venture capital and limited tax incentives for small businesses also affect young firms' ability to scale.

Still, the exchange underscored why Europe’s debate over crypto competitiveness is becoming more urgent. The question is not simply whether MiCA is too strict. It is whether the full regulatory stack gives Europe a credible market structure, or makes it easier for firms to grow elsewhere.

Sandbox route

Rathke said one way forward is to make greater use of regulatory sandboxes, where firms and supervisors can test new market structures before rules become too fixed.

“We should use more sandboxes in Europe,” she said. “The DLT Pilot Regime is a perfect example of that.”

Distributed ledger technology (DLT) refers to systems that record and share transactions across a network, rather than through a single centralized database. The DLT Pilot Regime allows certain market infrastructures to test trading and settlement of tokenized financial instruments.

“There was a very different interaction between industry and regulators,” Rathke said. “Not everything was set in stone, and I had the feeling that regulators could discuss and interact more.”

That approach helped regulators and industry participants identify practical changes. The DLT Pilot Regime originally had strict limits on the financial instruments that could be traded, but proposed updates appear to allow a much broader set of instruments under the Markets in Financial Instruments Directive II (MiFID II).

Varrall said the European Commission’s market integration and supervision package also shows that the framework is developing. Some proposals would require DLT infrastructure operators to work with industry organizations on technical standards for cross-border settlement of DLT-based financial instruments.

“They are putting the obligation back on the industry,” he said. “This is how the industry is working out these problems itself, and then it feeds back into the regulation.”

Stéphane Blemus, digital finance expert and lawyer at White & Case LLP, said Europe’s first-mover role should not be dismissed. In his view, the EU’s decision to regulate crypto assets at a regional level made imperfections unavoidable, but also gave Europe influence.

“MiCA is imperfect, and it should be recalibrated,” Blemus said. “But at the very least, the EU has provided that golden source. It is just the beginning of something broader.”

Capital markets and crypto-asset markets are like software because they require successive updates. Technology evolves, entrepreneurs adjust and regulators then need to refine the framework.

Moor also said regulation is a learning process. The market is now developing, allowing regulators to see what works, what does not and where changes may be needed.

“This is a good moment, considering what is happening in the US and what we expect the UK to do, to have a conversation with industry,” he said. “We need to see what we can change, improve or do differently.”

The next phase of Europe’s crypto regulation will therefore depend on whether policymakers can keep the benefits of legal certainty while reducing unnecessary friction. For the industry, the priority is not deregulation, but a framework that can adapt quickly enough to keep capital, talent and innovation inside Europe.