Under MiCA, Who Is Responsible for Your Crypto? You’d Be Surprised.
Tirnu — MiCA & Regulation
Under MiCA, Who Is Responsible for Your Crypto? You’d Be Surprised.
Europe’s landmark crypto regulation answers a lot of questions. But the one most people haven’t thought to ask — who is actually liable when something goes wrong with your assets — has an answer that might change how you store your crypto entirely.
Most people who hold crypto have never seriously thought about custody. You buy it, it sits in a wallet or on an exchange, and as long as the number goes up you don’t think too hard about who technically controls it or what happens if something goes wrong.
Then something goes wrong. An exchange freezes withdrawals. A platform goes under. A wallet is compromised. And suddenly the question of who is responsible for your assets becomes very important, very quickly.
MiCA — the Markets in Crypto-Assets regulation, now in force across the European Union — is the most comprehensive attempt yet to answer that question at a legal level. What it says about custody, liability, and responsibility is something every crypto holder in Europe should understand. Because in some cases, the answer is not what you’d expect.
First, What MiCA Actually Is
MiCA is the EU’s regulatory framework for crypto-assets. After years of fragmented, country-by-country approaches to crypto regulation, it creates a single, unified rulebook that applies across all 27 member states.
It covers a wide range of crypto-related activity: issuance of tokens, operation of exchanges, provision of custody services, and the marketing of crypto products to consumers. It came into full effect at the end of 2024, and any business offering crypto services to European users is now required to comply.
The part most relevant to everyday holders is what MiCA says about crypto-asset service providers — or CASPs. These are the platforms, exchanges, and wallet providers you interact with when you buy, sell, or store crypto. Under MiCA, CASPs face a set of obligations that didn’t exist before. And those obligations directly affect how your assets are handled.
The Custody Question: Who Actually Controls Your Crypto?
Here is where it gets interesting — and where most crypto holders have a significant blind spot.
When you hold crypto on an exchange or a custodial platform, you do not hold the private keys to your assets. The platform does. This means that, in a technical sense, the platform controls your crypto. You have a claim on it, but the actual keys — the cryptographic proof of ownership — sit with them.
This is the distinction between custodial and non-custodial wallets, and it matters enormously under MiCA.
MiCA does not regulate self-custody — it cannot, because there is no service provider involved. What it does regulate is every platform that holds crypto on your behalf. And it holds them to a significantly higher standard than existed before.
What MiCA Requires of Platforms That Hold Your Assets
Under MiCA, any CASP providing custody services must meet a strict set of requirements. These are not guidelines — they are legal obligations with regulatory consequences for non-compliance.
Segregation of assets. Platforms must keep client assets completely separate from their own operational funds. This is the rule that, if it had existed earlier, would have changed the outcome for customers of exchanges that collapsed by mixing client and company funds.
Liability for loss. If a custodial platform loses your assets through its own fault — a security breach, an operational failure, negligence — it is legally liable to return the equivalent value to you. This is a meaningful shift from the pre-MiCA era, where most platforms’ terms of service absolved them of almost all responsibility.
Capital requirements. CASPs must maintain minimum capital reserves. This is designed to ensure that if something does go wrong, there are actual resources available to make clients whole.
Transparent reporting. Platforms must be clear about how they hold assets, what risks exist, and how custody arrangements work. No more burying the important details in terms and conditions.
The Surprising Part: When You Are Responsible
Here is what MiCA does not do: it does not protect you from yourself.
If you use a non-custodial wallet and lose your private key, MiCA offers you nothing. There is no platform to hold liable, no regulator to appeal to, no insurance to claim. The assets are simply gone. This is the fundamental trade-off of self-custody — full control, but full responsibility.
MiCA also does not protect you if you use a platform that is not MiCA compliant. If you hold assets on an exchange operating outside the EU regulatory framework — or one that has not obtained the required CASP licence — none of MiCA’s protections apply to you. The liability question then falls back on that platform’s own terms, which may offer you very little.
This is a more significant risk than most people realise. Not every exchange serving European customers is MiCA compliant. Not every platform advertising to EU users has obtained the required authorisation. And until something goes wrong, there is often no obvious sign that the protections you assume exist simply don’t.
“The protection MiCA offers is real. But it only applies if the platform you’re using has earned the right to operate under it.”
How to Know If You’re Actually Protected
Given all of this, the practical question is: how do you know whether the platform you use meets MiCA’s standards? Here is what to look for:
The Bigger Picture
MiCA represents something genuinely new in the history of crypto: a serious, enforceable legal framework that treats digital assets with the same rigour as traditional financial products. That is good for the industry and good for holders.
But regulation only protects you if you are inside its perimeter. The responsibility question under MiCA ultimately comes down to a decision you make before anything goes wrong — which platform you choose, whether it is compliant, and whether you understand what it does and does not guarantee.
The answer to who is responsible for your crypto is not fixed. It depends on where you hold it, how you hold it, and whether the platform you trust has met the standards that make trust legally meaningful.
Under MiCA, the law has finally caught up with crypto. The question is whether the platform you’re using has caught up with the law.
