The European Securities and Markets Authority (ESMA) wants to introduce stringent cybersecurity regulations in new EU crypto laws. Through this measure the EU watchdog is trying to address digital asset security concerns as crypto companies will be required to go through external audits of their cybersecurity system.
ESMA’s push for enhanced crypto cyberdefense will come into force in December as part of the Markets in Crypto-Assets Regulation (MiCA). This cybersecurity strengthening measure is crucial to tackle data breaches and hacking attempts across the crypto ecosystem.
In the first 6 months of 2024, crypto companies lost over $1.5 billion due to cybersecurity breaches, which is 84% higher than the 2023 statistics of the same period, says a report by blockchain analytics firm Chainalysis. Close to 150 hacking incidents occurred during this time which shows a rising trend of hackers targeting centralized crypto exchanges.
The new changes in MiCA make third-party audits mandatory for crypto firms to ensure that the cybersecurity system is well-guarded from threat actors. The European Commission initially resisted these new crypto rules saying it goes beyond the scope of MiCA which highlights the problem in balancing security and innovation in the crypto sector.
At present, MiCA is already considered the most comprehensive crypto regulatory framework in the world. With the new crypto rules, high-profile cyberattacks like the BingX hacking in Singapore or WazirX $230 million crypto theft in India can be stopped. Even crypto industry leader Binance lost $570 million in a cyberattack in 2022.
Under the regulation, crypto companies have to follow the standards set by the EU countries to obtain licenses. This includes robust anti-money laundering controls and accurate executive requirements.
CMS law firm partner Charles Kerrigan, highlighted the critical nature of these crypto rules when he said, "Security's not something you can take lightly. You've got to spend money on security." This sentiment is echoed by Arvin Abraham, partner at Goodwin, who noted the benefits of establishing baseline security standards across exchanges.
The new EU crypto rules are in line with global efforts to strengthen cybersecurity in the industry. The US Securities and Exchange Commission (SEC) has been actively pursuing enforcement actions against crypto firms, emphasizing the need for compliance with existing securities laws.