Cash News
The European Securities and Markets Authority (ESMA) has called on EU lawmakers to strengthen crypto regulations by mandating external cybersecurity audits for companies in the sector, the Financial Times reported on Oct. 16.
This recommendation comes as the crypto industry faces an alarming increase in cyberattacks, which are putting consumer protections at risk. It is part of proposed amendments to the upcoming regulatory regime.
Mandatory audits
In a proposal to amend the Markets in Crypto-Assets Regulation (MiCA), set to be fully enforced in December 2024, ESMA advocates for enhanced measures to secure crypto platforms.
Central to the proposal is a requirement for companies to undergo third-party audits to assess and address potential cybersecurity vulnerabilities. ESMA’s appeal highlights the need for tighter safeguards as cybercriminals increasingly target the sector.
ESMA argued urgency for action, citing data showing that more than $1.5 billion was stolen from crypto platforms during the first half of 2024, an 84% jump compared to the same period in 2023.
Recent incidents, such as the $52 million breach of Singapore-based exchange BingX in September and the $235 million hack of India’s WazirX in July, have further illustrated the risks facing the industry.
Pushback
While MiCA has already introduced licensing requirements and anti-money laundering protocols, ESMA’s push for mandatory audits has met some resistance.
The EC has voiced concerns that the proposal could go beyond MiCA’s intended scope. However, some regulators and industry observers argue that the growing scale and sophistication of cyberattacks justify additional oversight measures.
The call for enhanced cybersecurity regulations is not limited to Europe. A report from the European Parliamentary Research Service (EPRS) recently emphasized the need for greater scrutiny of crypto operations beyond the EU, particularly in regions like the US, where regulatory frameworks remain less cohesive.
As the MiCA regulations approach their full implementation, it remains to be seen whether the EU will embrace ESMA’s proposed cybersecurity audit mandate. Nonetheless, the push for stricter security protocols reflects a broader global effort to strengthen the crypto industry’s resilience against cyber threats, ensuring consumer protection in an increasingly volatile market.