ESMA Calls for Strengthening Crypto Regulations with Mandatory Cybersecurity Audits

The European Securities and Markets Authority (ESMA) is calling for stronger regulations in the crypto industry to combat the rising threat of cyberattacks. ESMA is recommending that EU lawmakers mandate external cybersecurity audits for companies in the sector to protect consumer interests.

The proposed amendments to the upcoming regulatory regime, specifically the Markets in Crypto-Assets Regulation (MiCA), aim to enhance security measures for crypto platforms. ESMA is pushing for companies to undergo third-party audits to identify and address potential cybersecurity vulnerabilities, citing a significant increase in cybercrime targeting the industry.

Recent data shows that over $1.5 billion was stolen from crypto platforms in the first half of 2024, an alarming 84% increase from the previous year. High-profile breaches, such as the $52 million hack of BingX and the $235 million breach of WazirX, have underscored the urgent need for tighter safeguards.

While MiCA already includes licensing requirements and anti-money laundering protocols, ESMA’s proposal for mandatory audits has faced pushback from the European Commission. Some regulators and industry experts argue that the growing scale and sophistication of cyberattacks justify additional oversight measures.

The call for enhanced cybersecurity regulations extends beyond Europe, with the European Parliamentary Research Service emphasizing the need for greater scrutiny of crypto operations globally. As the MiCA regulations near full implementation, the EU will need to decide whether to adopt ESMA’s cybersecurity audit mandate to strengthen the industry’s resilience against cyber threats and protect consumers in an increasingly volatile market.