As regulatory frameworks take shape in 2025, businesses operating in the digital assets space are facing new compliance considerations across the United States and the European Union.
The introduction of the Markets in Crypto-Assets Regulation (MiCAR) in the EU, combined with recent legislative signals in the US, is prompting renewed focus on governance, due diligence and operational oversight.
Steven S. McNew, senior managing director and global leader of blockchain and digital assets at FTI Consulting, said the implications are wide-ranging, particularly as digital assets continue to evolve alongside legal requirements.
“There is a tremendous amount of speculation and expectation for what the year will hold for the digital assets industry, particularly in anticipation of more regulatory clarity and market growth,” McNew said.
In the EU, MiCAR has now taken full effect, accompanied by the Transfer of Funds Regulation and the Digital Operational Resilience Act. These three regulatory pillars aim to establish broad oversight over digital assets, addressing market integrity, anti-money laundering risks and operational security.
“MiCAR’s aim is to regulate, simplify and make the post-trading of crypto assets more secure within EU member states,” McNew said. “Supplementary regulations to further reinforce this intention are in development as well. For example, the European Securities and Markets Authority is working on a demarcation of MiCAR from the Markets in Financial Instruments Directive, to provide additional clarity to organisations and consumers.”
He outlined four key objectives identified under MiCAR: “Increased protection against fraud for consumers; the removal of regulatory barriers for dealing with crypto assets; to provide companies with new sources of financing; and to open the development of new business models via crypto payment methods as well as new investment opportunities.”
The strong consumer protection regulations under MiCAR are expected to increase user trust in crypto firms based in the EU, potentially giving them an advantage in attracting a wider customer base, particularly in markets where security and transparency are key concerns
However, McNew also warned of downsides that could come from the regulations.
“Conversely, this focus on transparency and compliance could be a burden to EU-based companies specialising in DeFi or privacy-centric projects, potentially pushing innovation in these areas to less-regulated jurisdictions,” he said.
In the United States, attention is turning to recent action by the executive branch. On January 23, President Donald Trump signed Executive Order 14178, titled "Strengthening American Leadership in Digital Financial Technology."
This order revoked previous directives and established a task force to propose a comprehensive federal regulatory framework for digital assets within 180 days. It also prohibited the establishment or promotion of central bank digital currencies (CBDCs).
“It suggests that there will likely be one dedicated regulatory body set to oversee crypto in the United States, a contrast to the current environment, where numerous agencies have overseen it through regulation by enforcement,” McNew said. “If this is the end result of future regulation, the industry will gain clarity around how to comply and which agency to answer to.”
Market participants are also watching for changes at the US Securities and Exchange Commission, as the entity’s top brass signalled a crypto-friendly position, which suggests that additional crypto exchange-traded funds (ETFs) may receive approval in the coming year.
“Already, the SEC has backed out of crypto enforcement actions, notably dropping a high-profile investigation and lawsuit in early 2025,” he said.
“Further discussions and drafting of the Financial Innovation and Technology for the 21st Century Act (‘FIT21’) bill, which could provide greater regulatory clarity for digital assets, is expected,” he said. “This legislation aims to clarify standards for decentralisation, intermediary requirements and the potential evolution of future regulations, to support innovation and growth in the United States.”
Stablecoins appear to be receiving more attention in legislative discussions than other types of cryptocurrency, primarily because they are generally easier to understand and assess in value, given their linkage to real-world assets.
“With stablecoin regulation, there will be a lot of discussion and decision making needed around whether traditional banks will be allowed to participate in that ecosystem, and if so, whether that activity will be subject to current banking rules,” McNew said.
The conversation also extends into privacy, security and law enforcement. “Digital assets are much easier to trace than fiat; so, when concerns of illicit finance (or cyber ransom payments) arise, investigators and law enforcement have a robust set of tools available to them to follow the funds and see which individuals and entities they are flowing to,” McNew said.
The ability to track and trace transactions can assist law enforcement and government agencies in identifying dark markets, disrupting illicit fund transfers, and monitoring the activities of cyber actors using cryptocurrency.
“In a recent House Financial Services Committee hearing, some lawmakers referenced this benefit of traceability, confirming that there’s increasing recognition of the potential benefits digital assets introduce to financial markets, as well security objectives,” he said.
Challenges persist at the intersection of privacy, compliance and safety. McNew noted that if a company were obligated to publicly disclose the ransoms it had paid, it could face an increased risk of being targeted again in the future.
“So, while it might make sense on one hand to provide disclosure as to where funds are going and what cryptocurrencies were used, doing so could put companies (and by extension, their customers, employees and partners) in harm’s way,” he said.
Depending on how enforcement evolves across jurisdictions, businesses may struggle to align digital asset compliance with privacy and security rules.
“More than just policy could be at issue,” McNew said. “This hypothetical is just one example of how the complex web of regulations around digital assets may create nuanced or unforeseen conflicts for organisations.”
“Therefore, policy decisions around cryptocurrency will require balancing the need for transparency around the use of cryptocurrency in criminal matters alongside the risks such transparency might exacerbate.”
McNew said that organisations will need to invest in internal processes and resources to adapt.
“Knowing how to be compliant and how to prove it will be essential to reduce the risk of violating various financial, crypto and data protection laws,” he said. “Implementation, testing and third-party validation of compliance controls will be paramount, and will require expert guidance.”
What are your thoughts on this story? Please feel free to share your comments below.
