Charles Guillemet. Ledger CTO, said the unintended outcome of MiCA has affected crypto startups in the EU. (Olivier Acuna/CoinDesk)
What to know:
The European Union’s MiCA rules impose steep capital, legal and compliance costs that industry figures say effectively shut out smaller crypto startups while favoring large, well-funded financial institutions.
Regulators argue that MiCA’s stringent requirements are necessary to protect consumers and build trust, even as traditional banks accelerate their move into blockchain and crypto services.
As banks turn to specialized firms like Ledger for enterprise-grade custody and tokenization despite past security breaches, native crypto companies are increasingly powering the infrastructure of mainstream finance in Europe.
An impact assessment by the EU Commission on MiCA estimated that each white paper could cost issuers between $4,500 and $87,000, depending on the complexity of the regime and the amount of legal advice required.
“I’m not sure that was the initial intent, but this is the result,” Guillemet said. “When it’s implemented, you have two kinds of companies: those who can pay for this compliance overhead, and the other ones that can’t. Smaller players cannot access the market, which creates a moat for the bigger players.”
While crypto startups view the high costs of MiCA compliance as a barrier to entry in the EU, European regulators have defended the rules, saying they are required to protect consumers and build mainstream institutional trust.
Institutional security
The widening regulatory gap comes at a critical time when traditional finance (TradFi) transitions from testing blockchain to full-scale adoption. Guillemet recalled the listing of spot crypto ETFs in early 2024 as a significant turning point, which sparked significant demand from traditional banks for enterprise-grade custody and asset tokenization.
“Before, banks mostly wanted to do small innovation projects,” Guillemet explained. “Now, it really changed. The main departments of banks really want to build around crypto, and they want to go all-in on blockchain technology.”
To capture this banking business, Ledger has been expanding past its retail roots into a dedicated business-to-business (B2B) infrastructure. Building these institutional security setups requires serious cash; Ledger has spent hundreds of millions of dollars over the years to maintain a massive engineering team.
“First and foremost, Ledger is a security company,” Guillemet said. “We have around 200 to 250 engineers who are working at Ledger to build the technology. We have a dedicated security team, who spend 100% of their time improving the security of our product. Security is front and center in everything we do.”
Real-world risks
However, Ledger’s massive security budget is an indication of the challenges its executive team continuously faces: in Web3, even hundreds of millions of dollars in engineering defenses cannot guarantee absolute immunity.
While Guillemet introduces Ledger’s enterprise architecture to traditional banks, the firm’s historical vulnerabilities underscore the relentless operational risks public blockchains face.
As traditional banks rush to bring real-world assets onto public blockchains, they are leaning on native crypto security firms to handle these operational risks. The end result is a shifting landscape: while smaller startups are being priced out of Europe by high compliance costs, traditional financial institutions are moving in, using native crypto code to build the new plumbing of global finance.
