TABLE OF CONTENTS

    MiCA — the EU’s Markets in Crypto-Assets Regulation — was introduced under Regulation (EU) 2023/1114 and applies from 30 December 2024. It establishes a dedicated market abuse regime for crypto assets. Title VI (Articles 86–92) prohibits insider dealing, unlawful disclosure of inside information, and market manipulation in relation to crypto assets admitted to trading on regulated platforms.

     

    Key Highlights

    • MiCA establishes the EU’s first dedicated market abuse regime for crypto-assets, introducing new requirements to prevent insider dealing, unlawful disclosure of inside information, and market manipulation.
    • Crypto firms must treat insider risk as a formal compliance obligation, requiring policies, controls, and oversight comparable to those used in traditional financial markets.
    • Inside information extends beyond trading activity and may include token listings, partnerships, protocol upgrades, treasury decisions, fundraising events, and other material non-public information.
    • Employee surveillance and monitoring programs play a critical role in detecting potential insider trading, conflicts of interest, suspicious communications, and other market abuse risks.
    • Firms need auditable compliance controls and recordkeeping processes to demonstrate effective supervision and regulatory compliance under MiCA.
    • Technology-enabled compliance programs can help firms identify, investigate, and manage insider risk at scale, supporting more efficient monitoring and defensible decision-making.

    For issuers and crypto-asset service providers (CASPs), insider risk is a compliance obligation across governance, access controls, and surveillance. It applies to non-public information likely to affect crypto asset prices and extends beyond employees to contractors, advisers, and vendors. Firms are required to track access to inside information, disclose it without delay, and implement systems to detect, prevent, and report market abuse.

    What Counts as Inside Information Under MiCA

    Article 87 defines inside information as non-public, precise information about a crypto asset or its issuer that would likely move prices if made public. The definition mirrors the EU's Market Abuse Regulation (MAR) but is adapted for crypto markets.

    In practice, this includes token listings, protocol changes, major partnership announcements, treasury actions, and security incidents — information that is not public and likely to affect price.

    Read About Insider List and Information Management Under MAR

     

    Insider Dealing and Unlawful Disclosure Under MiCA

    Article 89 prohibits using inside information to trade, cancel or amend orders, or recommend that others do so. It also captures persons who ought to have known that information was inside information, not only those with actual knowledge. Article 90 prohibits the disclosure of inside information to third parties outside the normal course of duties.

    The risk extends beyond employees. Contractors, advisers, and vendors involved in token issuance, due diligence, or platform integrations may also have access to inside information.

    Market Manipulation in Crypto Markets

    Article 91 prohibits spoofing, wash trading, spreading false information, and other conduct designed to distort prices or volumes. In crypto markets, social media and community channels can amplify these risks, increasing the need for monitoring and oversight.

    Managing Insider Information is the Key to Managing Trading Risk

    Where MiCA Insider Risk Arises: Key Exposure Points

    Insider risk can arise at multiple points in the lifecycle of a crypto asset or platform. Examples of these include:

    • Token launches and white paper preparation — teams involved before public disclosure have access to price-sensitive information.
    • Exchange listings and due diligence — listing teams know about upcoming listings before announcement.
    • Roadmap and partnership announcements — significant deals or protocol changes not yet public qualify as inside information.
    • Treasury management and incident response — staff handling these functions may hold information that could materially affect price.

    Read a white paper on taking an integrated approach to managing trading compliance.

    What MiCA Requires of Issuers and CASPs

    Article 88 requires issuers to disclose inside information publicly and without delay — requiring firms to track who has access to that information at all times.

    Article 92 requires CASPs to maintain systems and procedures to prevent and detect market abuse and to report suspicious transactions or orders (STORs). The technical requirements for those systems are set out in Commission Delegated Regulation (EU) 2025/885, and ESMA's Final Report on Guidelines for the Prevention and Detection of Market Abuse under MiCA (April 2025) sets out how national competent authorities are expected to supervise compliance.

    Read More About Crypto Regulation Compliance

    Who Is in Scope for MiCA Insider Risk

    Anyone with access to non-public, price-sensitive information — and the ability to trade — is within scope.

    MiCA insider risk is not limited to front-office or capital markets teams. Staff working on crypto issuance, white papers, listings, platform integrations, or tokenisation deals are in scope, as are technology and security teams aware of vulnerabilities or outages that could affect token prices. 

     

    MiCA Insider Risk: What Compliance Teams Should Do Now

    With MiCA in force and national competent authorities empowered to investigate and sanction under Articles 93–94, compliance teams should prioritise:

    • Mapping insider risk across all staff with access to crypto-asset information
    • Extending personal trading controls to digital assets, including pre-clearance and restriction lists
    • Maintaining insider lists and access controls to support Article 88 disclosure obligations
    • Deploying trade surveillance and STOR reporting workflows that meet the requirements of Commission Delegated Regulation (EU) 2025/885
    • Training staff on market abuse obligations and documenting attestation

    Download the 2026 Surveillance Benchmarking Survey & Report to see how your firm stacks up against key industry stats

     

    How MCO Helps Firms Manage Insider Risk Under MiCA

    MCO provides a unified compliance platform that enables firms to manage oversight of employee trading, insider risk, and compliance obligations in a single system.

    • Insider and MNPI enables firms to track access to sensitive data, create and maintain insider lists, and monitor the sharing of insider information in advance of trading and investment deals. 
    • Trade Surveillance enables firms to monitor trading activity for market abuse and identify suspicious activity linked to insider trading or manipulation.
    Together, these capabilities provide firms with a centralized and integrated approach to managing insider risk and meeting regulatory obligations under MiCA.
     

    Ready to learn more about how MCO can help your firm keep pace with MiCA obligations?

    Contact us for a demo today!

     

    Recent Posts