.svg)
On June 10, 2025, the European Banking Authority (EBA) published a “” on the interplay between (revised Payment Services Directive – PSD2) and (Markets in Crypto-Assets – MiCA). This letter, advising the European Commission, Council and Parliament (EU legislature), aims to clarify the interaction between the two frameworks and the potential dual-authorisation requirement arising from their application to electronic money tokens (EMTs).
Specifically, the EBA provides clarifications on whether crypto-asset service providers (CASPs) under MiCA, which transact EMTs, fall within the remit of PSD2. Its conclusions were driven “solely on the acknowledgement that any alternative advice would require these CASPs to obtain a second authorisation”. This pragmatic approach aligns with the to support the Union's competitiveness.
The Bigger Picture
The EBA's letter was issued in response to the European Commission’s on December 6, 2024, seeking clarity on how EMTs should be treated under the two frameworks. Principally, the overlap relates to the treatment of EMTs whereby states: “E-money tokens shall be deemed to be electronic money.”
Meanwhile, provides: “‘funds’ means banknotes and coins, scriptural money or electronic money as defined in point (2) of Article 2 of Directive 2009/110/EC.”
Given the definitions, CASPs transacting EMTs could fall under the purview of PSD2. Consequently, it is conceivable that firms may face dual authorisation and ongoing regulatory requirements, prompting divergent interpretations among member states and creating legal uncertainty for market participants.
To address this, the European Commission sought from the EBA a “no-action letter” — no-action in respect to the enforcement of the requirements in PSD2 as regards services with EMTs provided by CASPs.
The EBA’s Position
In its letter, the EBA clarified that although a significant number of CASPs transacting in EMTs will need only a MiCA authorisation, certain EMT-related services will require dual authorisation under PSD2. Specifically, national competent authorities (NCAs) are advised to treat the following as payment services under PSD2:
- The transfer of crypto-assets involving EMTs on behalf of clients.
- The custody and administration of EMTs.
- The use of custodial wallets (where the wallet is held in the client’s name and facilitates EMT transactions) as payment accounts under PSD2.
In light of this, and to reduce compliance burdens, the EBA has advised NCAs to adopt streamlined PSD2 authorisation procedures for CASPs: to make maximum use of information that legal entities have already provided during their CASP authorisation under MiCA. Further, they are advised to grant a transition period until March 1, 2026 before authorisation needs to be held.
By contrast, the following activities, as defined in MiCA, are not considered payment services and are therefore outside PSD2's scope:
- Exchange of crypto-assets for funds.
- Exchange of crypto-assets for other crypto-assets.
- CASPs that intermediate the purchase of any crypto-asset with EMTs.
Given that certain CASPs will require separate PSD2 authorisation, the EBA also outlined considerations for ongoing requirements. Once authorised as a PSP, or for entities that already hold a PSP licence or are in partnership with a PSP, NCAs are advised not to prioritise the supervision and enforcement of certain PSD2 provisions, including:
- Safeguarding.
- The disclosure of information to consumers on the level of applicable charges.
- The maximum execution time of payment transactions.
- The unique identifier.
- Open banking.
Other PSD2 requirements are instead to be insisted on, including:
- Strong customer authentication.
- Accessing custodial wallets.
- The initiation of EMT transfers.
- Fraud reporting.
- Cumulative calculation of own funds.
However, the above advice applies only until the application date of the forthcoming Payment Services Regulation (PSR) and the transposition date of the future Payment Services Directive 3 (PSD3). In anticipation of these legislative changes, the EBA has also recommended that the European legislators use the PSD3/PSR legislative process to amend MiCA by introducing requirements for crypto-asset services involving EMTs that qualify as payment services.
Specifically, the EBA suggests aligning MiCA with PSD3/PSR in key areas such as:
- Consumer protection.
- Payment security
- Own funds calculation.
- Payment fraud reporting.
- Other relevant aspects.
In the EBA’s view, this alignment could be achieved by MiCA either reproducing or cross-referring to the corresponding requirements set out in the forthcoming PSD3 and PSR.
As a less desirable alternative, PSD3 and the PSR themselves could specify the types of EMT-related services to which they would apply, as well as the manner of their application. However, the EBA warns: “to achieve this in a way that avoids an undesirable second authorisation under PSD3/PSR, the PSD3/R would have to set out requirements for CASPs without requiring CASPs to be authorised under PSD3/PSR”.
Why should you care?
The EBA’s letter is a positive, pragmatic step. Although dual authorisation remains necessary in some instances, which will cause greater regulatory strain, it nonetheless clarifies a majority of the lingering doubt surrounding the applicability of PSD2 to CASPs. These clarifications should help combat regulatory arbitrage to a certain extent, where institutions exploit divergent interpretations across member states, thereby enhancing harmonisation and supporting the efficient functioning of the single market.
However, the letter does still provide certain concerns and uncertainty. Its guidance is time-limited, applicable only until PSD3/PSR take effect, the dates of which are still undetermined, providing its own level of uncertainty. Additionally, certain PSD2 requirements that remain applicable may impose significant compliance burdens on CASPs.
These outstanding issues, and their implications for market participants and regulators alike, will be explored further in part two.
