The architecture in one sentence

MiCA regulates the issuance and service-provision of crypto-assets. PSD2 regulates payment services. EMTs are crypto-assets and e-money — so when an EMT moves as part of a payment service, both regimes apply, and the firm needs both authorisations.

The 2 March 2026 hardening

The European Banking Authority's No-Action Letter and supervisory commentary established that, with effect from 2 March 2026, EMT-issuing CASPs operating EMT payment flows must hold a Payment Institution or Electronic Money Institution authorisation alongside their MiCA CASP authorisation. The transitional posture under which firms could rely solely on the CASP authorisation for EMT payment activity has closed.

The practical implication is that any CASP whose service catalogue includes:

  • Issuing an EMT and operating its redemption flow.
  • Providing transfer services that constitute payment services involving EMTs.
  • Holding EMT balances that the customer can mobilise in payment-like patterns.

…must have a PI or EMI authorisation in place by 2 March 2026, or cease the activity. Firms that have not closed this gap are operating outside the perimeter and are exposed to supervisory enforcement.

The dual-stack discipline

For an EMT-issuing CASP, the dual MiCA + EMI authorisation is not a paperwork exercise. It is a structural change to the firm's governance and operations. The components an institutional supervisor expects to see:

  • Dual capital stacks. MiCA Class capital plus EMI / PI initial capital and own-funds requirements. The two stacks are not fungible.
  • Dual governance reporting. Distinct governance lines for MiCA-side activity and PSD2-side activity, with a defined boundary the firm can demonstrate.
  • Documented activity classification. Every product flow classified as MiCA-side, PSD2-side, or hybrid — with evidence of the classification methodology and a refresh cadence.
  • Safeguarding architecture. Customer-funds safeguarding under PSD2 / EMD2 alongside crypto-asset segregation under MiCA. Safeguarding accounts must be segregated, documented and regularly reconciled.
  • Outsourcing governance under both regimes. Material outsourcing arrangements must satisfy both MiCA's outsourcing expectations and the PSD2 / EMD2 outsourcing rules. The two regimes overlap but are not identical.

The PSD3 / PSR transition — what is changing

The PSD3 / PSR package was the subject of a provisional political agreement in November 2025; the final texts were published in April 2026; entry-into-force is expected in 2027 with a 21-month transition. The package does several structurally important things for crypto firms:

  1. PI and EMI licences will merge. The current bifurcation between Payment Institution and Electronic Money Institution authorisations will be replaced by a single Payment Institution authorisation with an "e-money" sub-category. Firms holding either today will need to map across to the new framework during the transition.
  2. A streamlined path for MiCA-licensed firms. PSD3 envisages a more proportionate authorisation pathway for firms already holding a MiCA CASP authorisation seeking PI status — recognising that many of the governance and risk components are already in place. The detail will land in Level 2 implementing rules.
  3. Tighter operational-resilience expectations. The package aligns payments operational-resilience expectations with the broader DORA framework that crypto firms are already engaging with.
  4. Open-finance and data-portability rules. The Financial Data Access regulation sitting alongside PSD3 introduces new data-sharing obligations that crypto firms operating customer-balance flows should track closely.

Until PSD3 enters into force, the dual MiCA + EMI / PI discipline is the operative reality. The streamlined pathway is a 2027 / 2028 development, not a 2026 one.

Where this matters most — and where it does not

Not every MiCA CASP needs to hold an EMI / PI authorisation. The overlay is most acute for firms whose service catalogue includes EMT issuance, EMT redemption flows or EMT-denominated payment services. It is materially less acute for firms operating purely in non-EMT crypto-assets — exchanges, custodians, advisors, portfolio managers — where the activity does not constitute payment services under PSD2.

The diagnostic question for any MiCA-authorised firm is therefore: which of the firm's product flows constitute payment services under PSD2, and how many of those flows involve EMTs? If the answer to either question is "none," the EMI overlay is not in scope. If the answer to both is "yes," the firm should already be in advanced execution on the dual-authorisation programme.

Three remediation items most affected firms still owe their boards

  1. A documented PSD2 perimeter assessment mapping every product flow against the PSD2 payment-services definition and the EMT classification, with a defensible methodology and a review cadence.
  2. An EMI / PI authorisation programme with a named NCA, a target submission date, and a Phase 2 plan for migrating into the PSD3 framework.
  3. A dual-stack governance write-up for the board defining the boundary between MiCA-side and PSD2-side activity, the safeguarding architecture, and the supervisory engagement plan under both regimes.

How CASA helps

  • PSD2 perimeter diagnostic — a fixed-fee assessment of the firm's product flows against the PSD2 / EMD2 framework, with a board-ready remediation plan.
  • EMI / PI authorisation programme — co-delivered with named EU counsel in the chosen NCA jurisdiction.
  • PSD3 transition planning — quarterly briefings on the implementing-regulation track and the practical migration sequence.

Holding a MiCA authorisation and unsure how the EMI overlay applies?

Brief our team

References: Directive (EU) 2015/2366 (PSD2); Directive 2009/110/EC (EMD2); Regulation (EU) 2023/1114 (MiCA); EBA No-Action Letter on EMT supervision; PSD3 / PSR provisional political agreement texts (April 2026); EBA Guidelines on outsourcing arrangements.

This briefing is general commentary by CASA and does not constitute regulated legal, financial or investment advice. Firms should confirm specific positions with retained counsel and the relevant supervisory authority.