Skip to main content
Crypto and Blockchain Law

Stablecoins and the Interplay between MiCAR, EMD2, and PSD2 – EBA No-Action Letter

| Dr. Bernd Fletzberger, Mag. Sanijel Ficulovic

On June 10, 2025, the European Banking Authority (EBA) published a No-Action letter (EBA/Op/2025/08) on the interplay between Regulation (EU) 2023/114 on markets in crypto-assets (MiCAR) and Directive (EU) 2015/2366 on payment services (Second Payment Services Directive or PSD2 for short) with regard to crypto asset service providers (CASPs) that provide certain transfer and custody services relating to e-money tokens (EMTs). Such services may simultaneously constitute crypto-asset services and payment services, resulting in overlapping legal requirements and challenges.

Here we explain the background to this topic, which is hugely important for stablecoin offerors and crypto-asset service providers, in particular the specific regulatory relief proposed by the EBA in its No-Action letter.

Update from 15 December 2025: Following the political agreement on the PSR/PSD3 package reached by the European Parliament and the Council at the end of November 2025, we have added below how the regulatory overlaps discussed below are likely to be handled in the future under the third generation of European payment services law.

Update from 18 February 2025: The EBA has published a follow-up; see this blog article on our website.

Background

Stablecoins are cryptographic tokens whose value is linked to an external reference value. Depending on the reference value underlying the token, a stablecoin is considered either an EMT or an asset-referenced token (ART) under MiCAR.

Stablecoins that refer to a single official currency, e.g. EUR or USD, are considered EMTs. They are both a type of crypto asset and electronic money (see Art 48 para 2 MiCAR). This dual nature results in a rather complex interplay between the provisions of MiCAR and the existing framework for electronic money and payment services for business models involving stablecoins:

  • Firstly, the public offering or application for admission to trading of an EMT within the EU requires that the issuer be authorized as a credit institution or e-money institution and that a corresponding white paper be submitted to the competent authority in advance and published. Further requirements must also be observed, regarding redemption rights, prohibition of interest payments, safeguarding obligations, restructuring and redemption plans, and marketing communications, which we will not discuss in detail here.
  • Secondly, due to their e-money nature, EMTs are considered to be funds within the meaning of PSD2 and can therefore be subject to payment services requiring a license. This means that certain EMT-related services performed in practice by CASPs are to be considered payment services to which PSD2 applies. Accordingly, a single CASP activity related to EMTs may fall under both regulatory regimes, potentially subjecting CASPs to both MiCAR and PSD2 requirements and authorizations.

EBA No-Action Letter

Due to the practical difficulties in dealing with these regulatory overlaps, on 10 June 2025, the EBA published a No-Action letter providing detailed guidance on the interplay between MiCAR and PSD2, in particular with regard to CASPs providing EMT-related services.

Specifically, the EBA recommends that the following activities be considered payment services within the meaning of PSD2:

  • Transfer of EMTs on behalf of customers;
  • Custody and administration of EMTs for customers if the corresponding wallet (custodial wallet) enables the sending and receiving of EMTs to and from third parties, as in this case the wallet qualifies as a payment account within the meaning of PSD2.

In practice, this means that the legal requirements relating to the provision of payment accounts, which generally apply to banks and other payment service providers, also extend to wallet providers offering the custody of EMTs. This may include, for example, the reporting of wallets to central account registers set up for anti-money laundering purposes, depending on the legal situation in the respective Member State.

Conversely, the EBA expressly points out that other activities, such as the exchange of crypto assets for fiat currencies or other crypto assets, or the mediation of the purchase of crypto assets using EMTs, should not be considered payment services. Therefore, the PSD2 licensing requirements should not apply to CASPs that engage in these activities. However, the Austrian Financial Market Authority (FMA) points out that this only applies if no other relevant facts are involved (see the corresponding FMA press release dated June 13, 2025).

Short-term solution: No enforcement until 2 March 2026

In view of the administrative burden associated with dual authorization under MiCAR and PSD2, the EBA recommends that national competent authorities should not require PSD2 authorization for payment services related to EMTs during a transitional period until 22 March 2026.

For companies that are already authorized as payment service providers or cooperate with a payment service provider, the EBA recommends that national authorities defer the monitoring and enforcement of certain PSD2 requirements if there are technical or market-specific challenges, including

  • certain consumer protection provisions (e.g. information requirements regarding fees) and the provisions of SEPA Regulation 260/2012/EU;
  • the safeguarding rules under Art 10 PSD2, because MiCAR sets out specific requirements for EMTs held on behalf of customers;
  • and the open banking provisions, insofar as CASPs/payment service providers are concerned that intend to provide (or already provide) custody and adminsitration services in connection with EMTs for customers and/or provide services for transferring EMTs from one distributed ledger address or account to another.

Furthermore, according to the EBA, CASPs should not be expected to comply with the requirements for strong customer authentication (SCA) or the reporting of payment fraud on a temporary basis. However, in contrast to the more generous exemptions for other PSD2 requirements, the No-Action letter only calls on national competent authorities to defer the monitoring and enforcement of SCA and fraud reporting obligations until 2 March 2026.

Finally, the EBA recommends that the capital requirements of both regulations should be applied cumulatively to hybrid entities.

However, efforts should be made to combine CASP license applications with applications for an additional PSD2 license (e.g. by using as much information as possible from the application for a CASP license under MiCAR) and for licensed payment service providers wishing to provide custody, administration, or transfer of EMTs under MiCAR.

Longer-term perspective: Uniform authorization and harmonized regulation under PSR/PSD3 and MiCAR

In the longer term, the EBA makes it clear that the overlap of several regulations (in particular several authorization requirements) for the same activity is undesirable. To this end, the EBA recommends two possible solutions:

  1. Amend MiCAR as part of the ongoing legislative process on PSR/PSD3 by inserting relevant payment service requirements (in particular from Titles III and IV of PSD2 or the corresponding sections of PSR/PSD3) for EMT-related services.
  1. If this approach proves unfeasible, the PSR/PSD3 should clearly specify which CASP services related to EMTs should be subject to payment service requirements and how these requirements should be applied – whereby it is important that no additional authorization requirements are introduced for CASPs that are already authorized under MiCAR.

The EBA strongly opposes simply excluding EMTs from the future payment services regime without strengthening MiCAR, as it believes that PSD2 offers greater customer protection for EMTs than MiCAR currently does.

Political agreement on PSR/PSD3

In the meantime, specifically at the end of November 2025, the Council and the European Parliament have reached a political agreement on a high-level compromise regarding PSR/PSD3 (see our blog article on the political agreement).

This compromise essentially stipulates that payment transactions carried out exclusively in EMTs directly from the payer to the payee without intermediaries do not fall within the scope of the PSR. In order to create the necessary consistency between the two sets of rules, PSR and PSD3, it is also stipulated that PSD3 shall not apply to payment services excluded from PSR. This also applies to payment transactions carried out by a CASP acting as an intermediary between a buyer and a seller, whereby EMTs are exchanged for other EMTs or for crypto assets. Furthermore, the exchange of EMTs for funds (including EMTs) or crypto assets carried out by a CASP acting in its own name as the buyer or seller of these EMTs is to be exempt.

However, if none of the above exceptions apply, CASPs will probably continue to require a payment institution license when providing transfer and custody services in relation to EMTs, or alternatively will have to cooperate with a suitably licensed institution.

In the case of licensing, the European Parliament and Council provide for a simplified authorization procedure. This is characterized in particular by the fact that CASPs can partially rely on information and documents already submitted in the MiCAR licensing procedure, with any necessary updates and additions.

Conclusion

The EBA's No-Action letter was an important step toward temporarily addressing regulatory uncertainties regarding EMT services. Nevertheless, the requirement for dual authorization for certain EMT service providers will soon take effect. CASPs that are already authorized, as well as those that wish to become authorized, must therefore urgently review their business models to determine whether they provide EMT services that additionally require a PSD2 license.

However, it remains to be seen how the final PSR/PSD3 legal acts will be structured in detail, in particular the associated delegated acts. The political compromise already indicates that dual licensing – under crypto and payment services law – will continue to be required in certain constellations in the future.

It currently remains unclear whether the reform of payment services law will also entail adjustments to MiCAR.

How can we help you?

With our comprehensive expertise in the area of payment services and crypto assets, we are happy to support you in the legally compliant and efficient implementation of your business model, in particular in

  • reviewing business models for their licensing requirements and subsequently supporting you in licensing procedures,
  • the drafting and review of crypto asset white papers, B2C and B2B terms and conditions, service provider and outsourcing agreements, or
  • early preparation for the new requirements of the PSR/PSD3 regulation.
News Categories
Subscribe to Newsletter

Subscribe to our newsletter and never miss any news from PFR again!

Latest News

You have questions?
We have answers.

+43 1 877 04 54
Contact us