Futures
Access hundreds of perpetual contracts
CFD
Gold
One platform for global traditional assets
Options
Hot
Trade European-style vanilla options
Unified Account
Maximize your capital efficiency
Demo Trading
Introduction to Futures Trading
Learn the basics of futures trading
Futures Events
Join events to earn rewards
Demo Trading
Use virtual funds to practice risk-free trading
CFD
Stock CFD Derivatives
US Stocks
Access real US stocks and ETFs
HK Stocks
Trade quality Hong Kong-listed stocks
Korean Stocks
SK Hynix
Real Korean stocks and top assets
Stock Futures
High leverage, 24/7 trading
Tokenized Stocks
Backed by real stock assets
IPO Access
Unlock full access to global stock IPOs
GUSD
3.8%
Mint GUSD for Treasury RWA yields
Stocks Activities
Trade Popular Stocks and Unlock Generous Airdrops
Launch
CandyDrop
Collect candies to earn airdrops
Launchpool
Quick staking, earn potential new tokens
HODLer Airdrop
Hold GT and get massive airdrops for free
IPO Access
Unlock full access to global stock IPOs
Alpha Points
Trade on-chain assets and earn airdrops
Futures Points
Earn futures points and claim airdrop rewards
Promotions
AI
Gate AI
Your all-in-one conversational AI partner
Gate AI Bot
Use Gate AI directly in your social App
GateClaw
Gate Blue Lobster, ready to go
Gate for AI Agent
AI infrastructure, Gate MCP, Skills, and CLI
Gate Skills Hub
10K+ Skills
From office tasks to trading, the all-in-one skill hub makes AI even more useful.
Immediately following the full closure of the MiCA transition period, ESMA launched a joint audit action targeting crypto custody service providers, a concrete sign that Europe's crypto regulation is moving from the licensing phase to the actual audit phase.
This Joint Audit Action was announced on July 8th and will run from the second half of 2026 to the first half of 2027, with the final report compiling the findings to be submitted to ESMA's Board of Supervisors in the second half of 2027. This is a truly lengthy process, not a snapshot, but a review spanning months.
The audit will not be conducted by ESMA itself, but by each member state's national regulatory authority, such as BaFin in Germany, AMF in France, and CNMV in Spain. Each national authority will select a risk-based sample of licensed firms within its region to conduct the audit; that is, not every firm will be examined, but those with the largest volume, cross-border operations, or the largest customer assets will be prioritized.
The areas covered by the review are quite technical and in-depth, primarily focusing on private key generation and custody management, transaction authorization controls, incident detection and response processes, smart contract risks, and reliance on third-party technology providers. This last point is particularly important because many custody service providers rely on external technology partners for their core infrastructure, creating a weakness that could otherwise fall outside the scope of the regulatory review. ESMA aims to close this gap by directly including it.
The timing is no coincidence; the MiCA transition period officially closed on July 1st, and the number of registered providers increased from 243 to 280, largely driven by new licensees such as Standard Chartered, FalconX, and Sygnum Europe. Cyprus was also the country with the most licenses, with six new approvals. Just two days before this audit, Ripple also received full CASP authorization from Luxembourg's CSSF, allowing the company to operate throughout the entire thirty-country European Economic Area. Spain's CNMV has unequivocally stated that no extensions will be granted for unlicensed platforms.
The real significance of this oversight lies in the fact that having a license is now seen as a floor, not a ceiling. ESMA wants to test whether firms truly possess operational resilience, not just appear compliant on paper. Much of Europe's crypto custody infrastructure is built on a limited number of infrastructure providers—cloud infrastructure, hardware security modules, or private key management firms. If national regulators find the same third-party provider problematic across multiple firms, this could lead to a costly infrastructure migration across the entire market—a systemic risk precisely that Europe's parallel digital operational resilience law, DORA, aims to prevent.
For those following crypto custody services or MiCA-licensed platforms in Europe via Gate, the crucial point is that the results of this audit will provide a tangible indicator of the security of user assets, and how strictly national authorities enforce this audit will determine how different the audit standards will be for a company licensed in one member state compared to another. This will be the first concrete test of whether MiCA can truly create a unified audit standard.