Effective from 20 December 2024, the EBA Guidelines on Governance Arrangements establish the minimum requirements for internal governance for issuers of ARTs. These measures aim to ensure sound risk management, operational continuity, and robust internal control mechanisms for issuers of ARTs while enhancing consumer and investor protection.

1. Role and composition of the management body

• Provisions on the role and responsibilities of the management body of an ART issuer.

2. Governance framework

• Issuers must implement a clear organisational structure with transparent lines of responsibility and must know their structure.
• Provisions on outsourcing, including a requirement for issuers should maintain at all times sufficient substance and not become ‘empty shells’ or ‘letter-box entities’.

3. Emphasis on risk culture, internal control and risk management frameworks

• Issuers should put in place policies, communications and training programmes to promote a strong risk culture.
• Independent risk management compliance functions must oversee risk mitigation and regulatory adherence.
• Internal audit functions must evaluate governance frameworks and risk management effectiveness.
• Guidance is provided in relation to the persons heading such functions and the roles of each function.

4. Business continuity and operational risk management and resilience

• Issuers must have contingency and business continuity plans, recovery plans and other related procedures to ensure the uninterrupted performance of core activities, supported by robust ICT systems and operational resilience measures, without prejudice to applicable requirements under Digital Operational Resilience Act (DORA).
• A specific policy should be approved, regularly reviewed and updated for arrangements with third-party entities for operating the reserve of assets, for the investment of the reserve assets, the custody of the reserve assets, or the distribution of the ARTs to the public.

5. Proportionality principle

Application should be scaled with the issuer's size and complexity, ensuring flexibility while maintaining compliance with MiCAR standards.

6. Environmental, Social, and Governance (ESG) considerations

Issuers must address environmental impacts, particularly energy consumption related to consensus mechanisms, and integrate ESG risks into their governance frameworks.

Effective from 13 November 2024, the EBA Guidelines on Recovery Plans under Articles 46 and 55 of MiCA Regulation require issuers of ARTs and e-money tokens (EMTs) to prepare detailed recovery plans. The Guidelines focus on the content of such recovery plans.

1. Objectives

• Ensure business continuity during disruptions.
• Enable issuers to meet token holder obligations.
• Facilitate timely corrective actions to restore regulatory compliance.

2. Structure of recovery plans

• Executive summary: Highlights the plan’s core components.
• Information on governance: Includes recovery plan triggers and monitoring processes.
• Recovery options: Details measures to address capital and liquidity issues.
• Communication plan: Outlines stakeholder communication and market management strategies.

3. Governance framework

• Issuers must establish policies in relation to their recover plan, including escalation procedures, triggers for activation of the recovery plan and related indicators and monitoring procedures.
• Emphasis is placed on the de-pegging risk, with a tolerance interval not exceeding 1%. A de-pegging of more than 1% should trigger action under the issuer’s recovery plan.
• Breaches of recovery plan indicator thresholds must promptly and in any event within a maximum 24 hours must be internally escalated to the issuer’s management body and within a maximum of 24 hours after internal escalation to the competent authority.

4. Recovery options

Issuers must include a range of recovery options in their recovery plans, including at least:

• the imposition of a maximum amount on liquidity fees for redemptions;
• limits on the amounts of token that may be redeemed on any working day;
• suspension of redemptions, where necessary;
• one of additional recovery options prescribed by the Guidelines.

5. Alignment with existing frameworks

To prevent duplication, issuers operating under multiple regulatory frameworks should integrate recovery planning with other obligations, such as the Bank Recovery and Resolution Directive (BRRD).

The adoption of these EBA Guidelines by CySEC marks another step in aligning Cyprus with the MiCA’s comprehensive regulatory framework for ARTs. By addressing governance and recovery planning, these measures ensure that issuers operate with resilience, transparency, and accountability.

CySEC’s Circular 666 on EBA Guidelines on the minimum content of the governance arrangements for issuers of asset-referenced tokens can be accessed here.

CySEC’s Circular 664 on EBA Guidelines on recovery plans under Articles 46 and 55 of Regulations (EU)2023/1114 can be found here.