Final approval has landed on the MiCA regulatory framework after extensive periods of contemplation. But instead of optimism, the recent news raises more concerns.
Crypto Identification Mandate
Markets in Crypto-Assets (MiCA), first introduced in 2022, came to a final decision on Tuesday, May 16. The EU’s much-anticipated regulatory framework got approved by the finance ministers and is coming into effect in 2024.
The European Union reached a significant milestone in regulating assets with the council’s final approval of the MiCA frame slated for release in February.
The groundbreaking legislation, designed to establish a standardized approach to cryptocurrencies throughout the EU, faced delays and was rescheduled for April.
However, a key highlight of the MiCA law has stirred controversies following the announcement.
The legal document, titled ‘REGULATION OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL on information accompanying transfers of funds and certain crypto-assets and amending Directive (EU),’ imposes a mandatory identification requirement for all crypto transactions conducted within the boundaries of the 27 EU member states.
To ensure that payment systems work smoothly and to address the risk of illegal activities, there is a proposal to check if the information about the person sending or receiving money is correct.
This identification mandate would only be required for individual money transfers that exceed EUR 1,000.
New Rules for Crypto Users in EU
Exceptions include transfers linked to others that would exceed EUR 1,000, transfers involving cash or anonymous electronic money, or situations where there are reasonable suspicions of money laundering or terrorist financing.
The aim is to balance preventing illegal activities and maintaining a convenient and efficient payment system.
The European Union’s recent decision will create added challenges for other countries, particularly for the United Kingdom and the United States. The move is expected to impact the US more due to existing regulatory uncertainties.
The MiCA law, which aims to protect European investors and prevent crypto-related money laundering and terrorism financing, is scheduled to be implemented in 2024.
Sweden’s finance minister, Elisabeth Svantesson, emphasized the importance of implementing these rules to safeguard European investors and prevent misuse of the crypto industry.
In January, European lawmakers also proposed a crypto tax plan to generate funds for the European Union. Under the new MiCA law, companies wishing to trade, store, and create cryptocurrencies and stablecoins within EU member states must obtain a license.
Ledger in Compliance?
In light of the MiCA news, Ledger has released its latest update for its Nano X.
The new feature – Ledger Recover – enables social recovery of users’ seed phrases. It encrypts users’ seed phrases to 3 shards sent to 3 different entities. Users will rely on these 3 entities to reconstruct the seed if they want to verify their identities.
The question raised by users pertains to the encryption of the seed phrase by Ledger and its transmission without requiring the user to re-enter the seed phrase when social recovery is enabled.
Ledger is a popular hardware wallet known for their non-custodial nature. Non-custody means neither the wallet provider nor any other party should have access to a user’s wallet or its information.
Given this context, the community is understandably skeptical about Ledger’s ability to send out the seed phrase, as it raises concerns about whether Ledger has secretly stored this information. CZ is among those skeptics.
Binance’s CEO left a sarcastic comment, citing Ledger might change its direction.
Some users argue that this indicates Ledger’s addition of social recovery functionality to previously manufactured Nano X wallets rather than upcoming ones.
In other words, there might be a hidden backdoor in the company’s wallet lines, allowing for the storage of the seed phrase. These suspicions highlight the need for further clarification and transparency from Ledger regarding the security measures and handling of user data.