MiCA and PSD2 interplay

MiCA and PSD2 Interplay: What It Means for Crypto and Payment Services in the EU

With the Markets in Crypto-Assets Regulation (MiCA) now in force across the European Union, crypto-asset service providers (CASPs) are entering a new era of regulatory oversight. But MiCA doesn’t operate in isolation—it intersects with the EU’s existing payments framework, most notably the Payment Services Directive 2 (PSD2). Understanding how these two regimes interact is crucial for both CASPs and traditional financial institutions seeking to engage in crypto-related services.

Dual Regulation: When Does PSD2 Apply?

Under certain conditions, CASPs that deal with electronic money tokens (EMTs)—a type of stablecoin regulated under MiCA—may also fall under PSD2. According to the European Banking Authority (EBA), a PSD2 authorization is required if:

• The CASP’s crypto-related services involve the transfer of EMTs, and

• These services are provided on behalf of clients, meaning the CASP is acting as an intermediary in transactions.

On the other hand, PSD2 is not required if:

• The CASP only facilitates crypto-to-crypto or crypto-to-fiat exchanges.

• The CASP merely intermediates purchases of crypto assets using EMTs but doesn’t transfer those EMTs between third parties.

Capital Requirements: Cumulative Compliance

If a firm is authorized under both MiCA and PSD2, the capital requirements are cumulative. For example, a company licensed to provide Class 3 crypto services under MiCA and offer payment services under PSD2 must hold a combined minimum capital of €250,000 (€125,000 for each license).

Importantly, national competent authorities (NCAs) cannot impose stricter or more lenient capital rules than those set out in the regulations.

Authorization Timeline: March 2026 Deadline

The EBA has given a clear authorization deadline of 2 March 2026 for CASPs that require a PSD2 license. Until then, regulators are encouraged to take a non-prioritization approach, meaning they will not aggressively enforce some PSD2 provisions to give CASPs time to adjust.

Consumer Protection and Transparency

PSD2 contains strict requirements around:

• Charges payable by users

• Execution times for payments

• Unique identifiers (such as IBANs under the SEPA regulation)

However, the EBA has advised regulators not to prioritize enforcement of these obligations for CASPs in situations where technical limitations (e.g., on-chain gas fees or variable execution times) make full compliance impractical.

Security of Payments

Strong Customer Authentication (SCA) applies to EMT-related payments. If CASPs fail to apply SCA and a fraudulent transaction occurs, they bear liability—unless the payer acted fraudulently. That said, full compliance with payment security reporting obligations is postponed until March 2026.

Safeguarding and Open Banking

MiCA already sets out safekeeping requirements for EMTs, so PSD2’s safeguarding rules do not apply in parallel. The EBA has asked the European Commission to confirm this in future amendments to MiCA.

Likewise, Open Banking provisions under PSD2 are not currently enforced on CASPs dealing with EMTs. However, the EBA has requested clarity from the European Commission on whether these services should eventually fall under Open Banking obligations.

Looking Ahead: MiCA 2.0 or PSD3?

The current coexistence of MiCA and PSD2 is transitional. The EBA has proposed two paths for the future:

• Amending MiCA to include more specific provisions for EMTs and crypto-related payment services (preferred approach)

• Complementing PSD3/PSR with crypto-specific rules to cover CASPs

Either way, further regulatory evolution is expected to better integrate crypto-assets into the EU’s financial and payment systems.