Europe’s next crypto fight isn’t about whether to regulate, but who writes the rules. The European Commission has proposed giving the Paris-based European Securities and Markets Authority (ESMA) direct supervision of the bloc’s largest crypto-asset service providers (CASPs), shifting frontline oversight from national regulators to a single EU body.
France, Austria and Italy say the change is overdue. In a joint September 2025 paper, their market authorities called for “a stronger European framework,” arguing that centralized oversight would address major differences in how member states authorize firms and curb regulatory shopping.
Malta’s Financial Services Authority (MFSA) disagrees. The MFSA told Cointelegraph it is “premature to introduce structural changes” like centralization because the Markets in Crypto-Assets Regulation (MiCA) has only recently become fully applicable and its market impact is still being assessed. Under MiCA, firms can win authorization in one member state and passport services across the EU, so the choice of supervisor affects market integration, investor protection and national regulatory authority.
A Bloomberg report framed the dispute as a small state fighting the commission, but Ian Gauci of Maltese law firm GTG, a drafter of Malta’s original crypto rules, said Malta’s objections are structural rather than merely jurisdictional. The MFSA says its stance is about regulatory timing and effectiveness and protecting Europe’s attractiveness to crypto businesses.
Centralizing supervision under one roof
ESMA already leads supervisory convergence work and conducts peer reviews of national authorities. A fast-track ESMA review of one Maltese CASP authorization—widely reported to be OKX—found Malta met supervisory expectations but that the firm’s authorization “should have been more thorough.”
Supporters of centralization argue that a single supervisor for major cross-border firms would produce more efficient, harmonized oversight, bolster investor protection and reduce forum shopping. France, Austria and Italy warned that divergent national practices risk undermining investor safeguards and fragmenting Europe’s digital-asset market.
Gauci said he is not opposed to a stronger EU role where justified, but centralization should be narrowly targeted at genuinely systemic cross-border firms with clear risks, not applied as a blanket fix for inconsistent supervision.
Malta warns centralization may go too far
OKX rejects the idea that firms deliberately pick smaller regulators to gain advantage. Its European CEO, Erald Ghoos, told Cointelegraph that OKX has been supervised by Malta under a high-standard regime since 2021 and that its MiCA authorization reflects a long-term relationship rather than a rushed process. With MiCA still being implemented, he argued there is no evidence the current model is failing and that centralization risks being a political decision.
Gauci accepts inconsistencies exist but recommends stronger use of existing tools: make peer reviews meaningful, impose timelines and apply consequences for persistent shortcomings rather than reassigning MiCA’s allocation of powers. His deeper concern is structural: large crypto firms operate as unified systems, but the proposal would split oversight among ESMA, national authorities and the European Anti-Money Laundering Authority (AMLA), while the Digital Operational Resilience Act (DORA) expects an integrated view of IT risk. Splitting supervision could fracture accountability during crises.
The broader trade-off is between supervisory depth and scale. Early mover jurisdictions developed expertise and proximity to fast-moving firms; removing national responsibility too quickly could replace that depth with distant supervision, discourage local investment in supervisory capacity, and inadvertently encourage firms to move offshore—the very outcome policymakers aim to avoid.
Cointelegraph is committed to independent, transparent journalism. This article follows Cointelegraph’s Editorial Policy and aims to provide accurate, timely information. Readers should verify information independently. Read the Editorial Policy at https://cointelegraph.com/editorial-policy
