EBA Issues No-Action Letter on dual licensing of EMT services under MiCA and PSD2
On 10 June 2025, the European Banking Authority (“EBA”) published a No-Action Letter addressed to national competent authorities (“NCAs”) across the EU. The letter provides, amongst others, regulatory guidance on how to treat certain crypto-asset services involving Electronic Money Tokens (“EMTs”) during the transitional period before the Payment Services Regulation (“PSR”) and the Third Payment Services Regulation (“PSD3”) come into effect. EBA’s position is that, for now, some EMT-related services will require dual authorization under both the Markets in Crypto-Assets Regulation (“MiCA”) and the Second Payment Services Directive (“PSD2”).
EBA considers that the following services involving EMTs fall within the PSD2 framework: the transfer of EMTs on behalf of clients, the custody and administration of EMTs, and custodial wallets enabling the sending and receiving of EMTs to and from third parties. CASPs offering any of these services, despite holding a MiCA license, will need to obtain a PSD2 payment service provider (“PSP”) license or establish a formal partnership with a PSP.
Transitional Measures and Supervisory Priorities
To minimize the burden of dual licensing, EBA advises NCAs to apply streamlined authorization procedures, reusing documentation already provided during the MiCA CASP authorization process. NCAs are also encouraged to grant a transition period until 1 March 2026, during which firms can continue providing EMT services while obtaining PSD2 authorization or setting up a PSP partnership. After this deadline, firms without appropriate PSD2 coverage should be prevented from offering such services.
EBA also outlines a differentiated supervisory approach. During the transition, NCAs are instructed to prioritize enforcement of core prudential obligations, particularly strong customer authentication (SCA), fraud reporting, and capital requirements, while temporarily deprioritizing enforcement of conduct rules such as safeguarding of client funds, consumer disclosures, maximum execution times, unique identifiers (e.g. IBANs), and open banking access.
EMT Activities Outside PSD2 Scope
Not all EMT-related services are captured by PSD2. EBA clarifies that the exchange of crypto-assets for fiat or for other crypto-assets, and the intermediation of crypto purchases paid with EMTs, do not qualify as payment services and will remain subject only to MiCA. These exclusions are intended to limit the number of EMT-related activities subject to dual regulation and reduce unnecessary compliance burdens for CASPs.
Legislative Outlook and Market Implications
Looking to the long term, EBA calls on EU institutions to avoid permanent dual licensing for EMT services. Its preferred solution is to amend MiCA to incorporate, or cross-reference, the key payment-related requirements of PSD3 and the PSR. Alternatively, PSD3/PSR could specify how they apply to EMT services without imposing a second license.
The No-Action Letter applies to all entities providing EMT-related services that fall within PSD2, regardless of whether they are already authorized under MiCA or PSD2. While the transitional guidance provides flexibility, EBA makes clear that dual authorization will be required until PSD3 and the PSR are in force. Firms should assess whether their services are in scope and begin preparing for compliance.
For more information on the role and scope of the authorities enforcing MiCAR, contact your CMS client partner or these CMS experts: Ricardo Plasencia, Raquel Lobato, Julia Moreno Moreno, or send an email to crypto@cmslegal.com.
