Wu learned that the European Securities and Markets Authority (ESMA) announced the launch of a Common Supervisory Action targeting crypto asset service providers (CASPs), focusing on assessing the digital operational resilience of custody services. This is also the first targeted joint supervisory action since MiCA entered its full implementation phase. The review will involve risk-oriented sample inspections of licensed CASPs by regulatory authorities of member states, focusing on areas such as governance structure, private key and storage management, transaction control, incident response, smart contract risks, and third-party dependencies. The relevant work will continue until the first half of 2027.

View Original
This page may contain third-party content, which is provided for information purposes only (not representations/warranties) and should not be considered as an endorsement of its views by Gate, nor as financial or professional advice. See Disclaimer for details.
  • Reward
  • 8
  • 1
  • Share
Comment
Add a comment
Add a comment
NodeUnderTheAurora
· 11h ago
"Only ending in 2027? That timeline is quite long—could there be new regulations in between?"
View OriginalReply0
GateUser-c29c3db9
· 17h ago
After MiCA takes effect, regulators have finally gone full throttle—custody has always been a minefield, and they’re checking it properly.
View OriginalReply0
TideEarningsTable
· 18h ago
How do you assess smart contract risks? Once the code is updated, the standards completely change.
View OriginalReply0
PerpNightRunner
· 18h ago
The joint regulatory action sounds impressive, but whether it can actually uncover many problems remains questionable.
View OriginalReply0
AuroraStone
· 18h ago
Private key management is the lifeline; how many institutions have crashed on this? ESMA is watching closely.
View OriginalReply0
TreatMemesAsBeliefs
· 18h ago
Governance structures, being so vague and insubstantial, are the hardest to quantify and may eventually become a mere formality.
View OriginalReply0
L2ArbitrageTrader
· 18h ago
Third-party dependencies should indeed be checked; outsourcing does not mean outsourcing the risks as well.
View OriginalReply0
MevStreetPhotographer
· 18h ago
Licensed CASPs are probably all rushing to self-check their compliance materials overnight right now.
View OriginalReply0