Ordekian, Marilyne;
Becker, Ingolf;
Moore, Tyler;
Vasek, Marie;
(2025)
Raising the bar: Assessing historical cryptocurrency exchange practices in light of the EU’s MiCA and DORA regulation.
Computer Law and Security Review
, 59
, Article 106227. 10.1016/j.clsr.2025.106227.
Preview |
Text
Vasek_1-s2.0-S2212473X25000999-main.pdf Download (1MB) | Preview |
Abstract
Centralized cryptocurrency exchanges have quickly become internal components of the digital finance ecosystem, mirroring traditional institutions by offering custody, investments, and transactional services. Despite their increasing prominence, the regulatory oversight has historically been fragmented and inadequate, leaving them largely relying on self-regulation. The resulting environment has been marked by exchange collapses, connections to criminal activities, cyber attacks, and poor operational security. High-profile failures, such as Mt. Gox and FTX, highlight the systemic risks and failure of internal governance models to properly mitigate or protect user funds from cascading risks or security breaches. In response, the European Union introduced the Markets in Crypto-Assets (MiCA) regulation and the Digital Operational Resilience Act (DORA), intending to standardize regulatory oversight and enhance user protection. This paper presents the first comprehensive interdisciplinary analysis of centralized exchanges under the MiCA and DORA frameworks. Drawing on methods from both law and computer science, we systematically translate regulatory requirements into measurable compliance standards, and develop a novel doctrinal and empirical methodology to evaluate current self-regulatory practices of 75 centralized exchanges operating in Europe. Through a detailed analysis of 143 exchange legal documents, we identify major compliance gaps and regulatory uncertainties. Our findings indicate significant shortcomings in exchange practices relating to asset custody, cybersecurity, and liability. This suggests that serious efforts are needed to change these practices and ensure their alignment with regulatory requirements. Our framework enables a systemic comparison between regulation and practice, and establishes a baseline for evaluating the effectiveness of regulatory measures. This approach can be replicated to study other self-regulating emerging sectors.
| Type: | Article |
|---|---|
| Title: | Raising the bar: Assessing historical cryptocurrency exchange practices in light of the EU’s MiCA and DORA regulation |
| Open access status: | An open access version is available from UCL Discovery |
| DOI: | 10.1016/j.clsr.2025.106227 |
| Publisher version: | https://doi.org/10.1016/j.clsr.2025.106227 |
| Language: | English |
| Additional information: | © 2025 The Authors. Published by Elsevier Ltd. This is an open access article under the CC BY license (http://creativecommons.org/licenses/by/4.0/). |
| Keywords: | Cryptocurrency regulation, Cryptocurrency exchange, MiCA, DORA, Cybersecurity, Mixed methods, Empirical research, CASP, Digital assets, Benchmarking |
| UCL classification: | UCL UCL > Provost and Vice Provost Offices > UCL BEAMS UCL > Provost and Vice Provost Offices > UCL BEAMS > Faculty of Engineering Science > Dept of Computer Science |
| URI: | https://discovery.ucl.ac.uk/id/eprint/10216847 |
Archive Staff Only
 |
View Item |
