The European Securities and Markets Authority (ESMA) has recently made a significant recommendation to EU lawmakers, urging for stronger regulations in the crypto industry. The call for action comes as cyberattacks on crypto platforms are on the rise, posing a threat to consumer protections. ESMA is proposing amendments to the Markets in Crypto-Assets Regulation (MiCA), scheduled for full enforcement in December 2024.
One of the key proposals put forth by ESMA is the mandate for companies in the crypto sector to undergo external cybersecurity audits conducted by third-party experts. This measure aims to identify and address potential vulnerabilities in crypto platforms, in response to the escalating threats posed by cybercriminals. Recent data shows a staggering $1.5 billion was stolen from crypto platforms in the first half of 2024, representing an 84% increase from the previous year.
High-profile incidents like the $52 million breach of BingX and the $235 million hack of WazirX have underscored the urgent need for enhanced security measures in the industry. Despite the existing licensing requirements and anti-money laundering protocols under MiCA, ESMA believes that mandatory audits are crucial in safeguarding the sector against cyber threats.
However, the proposal for mandatory audits has faced pushback from some quarters, with concerns raised by the European Commission that it may extend beyond the intended scope of MiCA. Nevertheless, regulators and industry experts argue that the growing scale and sophistication of cyberattacks justify the need for additional oversight measures.
The call for enhanced cybersecurity regulations extends beyond Europe, with the European Parliamentary Research Service emphasizing the importance of scrutinizing crypto operations globally. Regions like the US, with less cohesive regulatory frameworks, are also under scrutiny for their oversight of the crypto industry.
As the MiCA regulations approach full implementation, the decision on whether to adopt ESMA’s proposed cybersecurity audit mandate remains uncertain. However, the push for stricter security protocols reflects a broader global effort to fortify the resilience of the crypto industry against cyber threats, ultimately ensuring consumer protection in a volatile market.