ESMA’s push for direct control on crypto: less about safety, more about market turf
On 4th December, the European Commission published a proposal that would give direct oversight of significant crypto players to the European Securities and Markets Authority (ESMA) over national regulators. This followed a coordinated campaign by France’s Autorité des Marchés Financiers, Italy’s Commissione Nazionale per le Società e la Borsa, and Austria’s Financial Market Authority who argue that centralising supervision is about protecting investors and avoiding regulatory arbitrage. Scratch the surface, though, and the proposal looks less like neutral housekeeping and more like a turf war among national regulators — a struggle for market share disguised as a campaign for stability.
At stake is who controls the lucrative gateway into Europe’s fast-growing crypto economy. Under MiCA, a crypto asset service provider (CASP) licensed in one Member State can “passport” its services across the bloc. This single-market principle is designed to encourage competition and scale. But competition cuts both ways. Smaller, faster jurisdictions that moved early to set up crypto frameworks, like Malta, have attracted applicants and attention. Larger players, meanwhile, are now crying foul, framing speed and efficiency as “leniency” — and calling for centralisation to clip their rivals’ wings.
Malta’s early leadership and efficiency — conveniently recast as weakness
Malta stands as a case study in how politics can flip the narrative. In 2018, Malta introduced the Virtual Financial Assets (VFA) Act — Europe’s first comprehensive framework for crypto and DLT regulation. This put the island nation ahead of the curve, providing certainty for innovators long before MiCA. Efficient processing and clear rules helped attract businesses, skills, and investment.
Now, Malta’s efficiency is being repackaged as “laxity.” While ESMA’s peer review flagged areas for closer scrutiny, it emphasised that its findings were guidance for all National Competent Authorities (NCAs) and not only Malta. Additionally, the peer review recognised several of Malta’s strengths and capacity, describing the country as a leading jurisdiction in this sector. Malta’s regulator, the Malta Financial Services Authority, immediately accepted the recommendations and has been implementing them. That is how supervisory convergence is meant to work: identify gaps, fix them, raise standards. Yet instead of strengthening these processes, some Member States prefer to shift the goalposts and centralise control — conveniently neutralising a competitor.
Why centralisation is the wrong answer
Centralising supervision risks stifling innovation through one-size-fits-all oversight that curtails smaller markets, while adding bureaucratic layers that slow authorisations and market responsiveness. It also threatens EU single-market principles if Member States begin blocking passported firms, creating uncertainty that ultimately harms businesses, consumers and investors alike.
Moreover, centralised supervision by ESMA will not benefit retail clients, who would experience loss of accessibility, as local regulators provide crucial, language-specific support and complaint handling. Clients would be losing in recourse and unnecessary complexity. ESMA decisions are made at the EU level, but there is no clear, direct line of accountability to individual citizens.
Currently there is a two-tier level of control for governance to protect clients. Local NCAs supervise local licensed entities. ESMA supervises local NCAs via its framework and peer reviews. If ESMA became the direct regulator of licensed entities, then who would supervise ESMA?
Direct ESMA supervision of crypto operators without external oversight would create a dangerous governance deficit, leaving individual retail clients disenfranchised. ESMA would wield significant, centralised regulatory power over client protections and market standards, but with no transparent, democratically accountable body above it to scrutinise its decisions or provide an accessible avenue for citizen complaints. This lack of “supervision of the supervisor” means clients lose both their local advocate (the NCA) and any effective mechanism to hold the EU-level regulator directly responsible, fundamentally undermining public trust and regulatory fairness.
What Europe should do instead
If the EU is serious about safety and competitiveness, it should strengthen existing convergence tools; fund targeted capacity building for national regulators where gaps are found; and preserve passporting by creating clear, transparent escalation mechanisms. This approach raises standards without undermining the diversity and competitiveness of the European financial system.
Call it what it is
The push for ESMA to directly supervise CASPs is not just about investor protection. It is about politics and competition (or rather the fear of it when you cannot compete). You have larger Member States, crippled by a strong language barrier, who were late to the table, now see smaller, more agile jurisdictions pulling ahead — and they don’t like it. By recasting efficiency as weakness, they are paving the way for a power grab that reshapes who wins and who loses in Europe’s crypto market. A power grab that also re-engineers the whole EU concept: free movement of goods, capital, services and people across all borders.
*Fiorentina D’Amore, CEO Malta – senior director of business operations Europe, Blockchain.com
