MiCA Decoded is a 12-article weekly collection for Bitcoin.com Information, co-authored by LegalBison’s Co-Founding and Managing Administrators: Aaron Glauberman, Viktor Juskin and Sabir Alijev. LegalBison advises crypto and FinTech firms on MiCA licensing, CASP and VASP purposes, and regulatory structuring throughout Europe and past.
Below MiCA, a white paper is a compulsory authorized disclosure instrument. Its closest analogy in conventional finance is a securities prospectus, not a advertising doc. The regulation prescribes who should put together one, in what format, containing what identifiers, topic to what automated validation, and with legal responsibility hooked up to a selected named individual.
Getting any of these parts flawed means the doc doesn’t exist within the eyes of European regulators, no matter how well-written it’s.
This sixth installment of MiCA Decoded unpacks what that truly means, piece by piece.
The Delusion: A MiCA White Paper is Only a GitBook or a PDF
A MiCA white paper carries the burden of a proper regulatory submitting.
Fee Implementing Regulation (EU) 2024/2984, which governs kinds, codecs, and templates for crypto-asset white papers, requires that the doc be ready in a structured digital format designed in order that ESMA and nationwide competent authorities throughout all EU member states can run equivalent automated evaluation on each submission, no matter who filed it or the place.
The authorized objective of that design alternative issues greater than the technical specifics. MiCA is a single-market regulation, and comparability throughout filings is a core enforcement instrument.
A white paper that can’t be learn by the identical machine as each different white paper filed in Europe isn’t compliant, no matter its content material says. ESMA revealed the required taxonomy (the structured framework that defines what a compliant white paper should comprise) on 5 August 2025. The principles apply as of 23 December 2025.
The disclosure obligations differ relying on the kind of crypto-asset concerned. MiCA attracts three distinct classes, every with its personal white paper template and discipline necessities:
The class determines not simply the content material of the white paper, however your entire authorized path to submitting one. A mission can not select which class applies primarily based on choice. The asset’s traits decide it, and the preparation obligations observe from there.
Who Carries the Authorized Obligation – and the Legal responsibility
For the overwhelming majority of tokens out there (categorized as “Different” crypto-assets, or OTHR), the duty doesn’t mechanically fall on the entity that created the token. For these belongings, MiCA locations the duty on the offeror or the individual searching for admission to buying and selling, that are outlined roles that will or could not coincide with the unique issuer.
This distinction has actual penalties. A mission falling into the OTHR class, launched from the British Virgin Islands, the Caymans, or every other offshore jurisdiction, may be the offeror underneath MiCA and carry the white paper obligation instantly, with none requirement to relocate its authorized seat to Europe.
(Be aware: This structural flexibility strictly applies to OTHR tokens. For Asset-Referenced Tokens and E-Cash Tokens, the authorized obligation and strict civil legal responsibility for the white paper relaxation fully with the approved EU issuer and can’t be delegated).
As we examined within the second installment of this collection, the ESMA registers verify that is already commonplace follow: the vast majority of unbiased token filings come from entities headquartered outdoors the EU.
A CASP working a buying and selling platform may also tackle the white paper obligation, both by itself initiative or by written settlement with the mission staff. That isn’t a loophole or an administrative comfort.
When a CASP information, it assumes obligation for the accuracy and completeness of the disclosure. If the white paper incorporates deceptive info or fails regulatory requirements, the legal responsibility belongs to whoever submitted it.
The individual signing off on the white paper can not delegate that publicity to a software program vendor, a technical integrator, or a legislation agency. Authorized evaluation of content material and technical validity are two separate compliance obligations, and each relaxation with the offeror. That is the purpose most tasks underestimate.
Two Codes That Should Exist Earlier than Submitting Begins
Two necessary identifiers are stipulations for any compliant white paper. Each are drawn from worldwide requirements that predate MiCA. The regulation didn’t create them, it made them obligatory.
The primary is the Authorized Entity Identifier (LEI), an ISO 17442 code assigned to authorized entities and maintained within the World LEI database administered by GLEIF. The mandate for its use spans a number of regulatory requirements: whereas Article 14 of the record-keeping RTS (Fee Delegated Regulation EU 2025/1140) enforces LEI necessities on CASPs for his or her shoppers, Article 3 of the white paper classification RTS (Fee Delegated Regulation EU 2025/421) strictly mandates that every one white paper preparers should establish their very own authorized entity with a legitimate LEI code. For any entity that doesn’t already maintain one, the LEI software course of should be accomplished earlier than white paper preparation begins.
The second is the Digital Token Identifier (DTI), an ISO 24165 code that identifies the crypto-asset itself, maintained within the DTIF registry. Article 15 of the record-keeping RTS and Article 3 of the white paper classification RTS (Fee Delegated Regulation EU 2025/421) require its use. The operative level for any mission launching a brand new token: if the DTI doesn’t but exist within the registry, somebody should request its creation earlier than the white paper may be submitted. The place a CASP is submitting for an asset with no centralized issuer and no present white paper, the platform is liable for retrieving or requesting the DTI instantly from the DTIF.
Supply: the DTIF Registry for crypto-assets
A white paper that doesn’t comprise a legitimate LEI and DTI fails automated validation earlier than any human reviewer sees it. Tasks that attain the submission stage with out each codes in hand face a full restart.
The Automated Gate and What It Means Legally
No human at a nationwide competent authority evaluations a white paper that fails its automated checks. The ESMA taxonomy defines 257 existence checks (verifying that required fields are current) and 223 worth checks (verifying that discipline content material is legitimate). A submitting that fails a test rated “Error” severity is technically invalid. The doc doesn’t proceed.
The authorized implication of that structure is direct: technical validity and content material accuracy are equally the offeror’s duty. A wonderfully drafted authorized disclosure within the flawed construction fails. A structurally legitimate file with deceptive content material additionally fails; it merely fails at a distinct stage and with completely different penalties.
Tasks providing tokens in a number of EU member states face a further layer. Every language model of the white paper requires its personal individually structured file. All language variations should be internally constant and never simply translated, however identically organized on the discipline degree. A translation that doesn’t mirror the construction of the unique is technically non-compliant, no matter its linguistic accuracy.
Sustainability disclosures add an extra constraint. The taxonomy mandates particular models of measure for power consumption and CO2 emissions: kWh and tCO2, respectively. These are authorized disclosure necessities, not non-obligatory environmental reporting. Submitting with completely different models or omitting the fields triggers a validation failure.
The sample throughout all of those necessities is identical: the white paper is a authorized submitting with machine-enforced requirements. Tasks that strategy it as a document-writing train, somewhat than a compliance course of with structured stipulations and automatic gatekeeping, will encounter that enforcement earlier than they attain a human regulator.
What This Means in Apply
The favored understanding of a crypto white paper as a story pitch (one thing written to steer somewhat than to reveal) describes a doc sort that MiCA has changed with one thing categorically completely different.
The MiCA white paper is a authorized instrument with prescribed content material, necessary identifiers, a structured format designed for automated cross-border comparability, and named private legal responsibility hooked up to whoever indicators off on it. The entry gate to the European crypto market runs via it. Tasks that perceive the submitting for what it legally is, somewhat than what the time period traditionally steered, are those that don’t get turned again on the automated test.
Key Takeaways:
The white paper isn’t a advertising doc. MiCA redefined the time period. The closest equal in conventional finance is a securities prospectus, and it must be handled with the identical authorized weight. Three asset classes, three completely different paths. OTHR, ART and EMT every carry distinct white paper necessities and completely different authorization stipulations. The asset’s traits decide which class applies, the mission doesn’t select. Legal responsibility follows the filer, however the guidelines depend upon the asset. For the overwhelming majority of tokens (OTHRs), the authorized obligation belongs to the offeror or the individual searching for admission to buying and selling, not essentially the token’s authentic creator. When a CASP (equivalent to a buying and selling platform operator) agrees to organize and publish a white paper on behalf of an OTHR mission, it takes on important regulatory duties, nevertheless it doesn’t assume the legal responsibility totally. Below MiCA Article 14(3), the unique individual searching for admission to buying and selling stays legally accountable if they supply incomplete, unfair, unclear, or deceptive info to the CASP. You possibly can outsource the paperwork, however you can’t fully outsource the legal responsibility. For Asset-Referenced Tokens (ARTs) and E-Cash Tokens (EMTs), strict civil legal responsibility for the white paper doesn’t relaxation solely with the approved issuer as a company entity; it explicitly extends to the members of its administrative, administration, or supervisory physique. Any contractual try and restrict or exclude this legal responsibility is legally void. LEI and DTI are stipulations. Each identifiers should be in place earlier than white paper preparation begins. If a DTI doesn’t exist for the asset, it should be requested from the DTIF registry earlier than anything strikes ahead. Automated validation is the primary gatekeeper. 257 existence checks and 223 worth checks run earlier than any human evaluations the file. A doc that fails an Error-level assertion doesn’t attain a regulator. Multilingual filings carry a hidden technical obligation. Every language model requires its personal individually structured file, organized identically to the unique. A translation that doesn’t match the supply construction on the discipline degree is non-compliant. Content material accuracy and technical validity are two separate obligations. Authorized evaluation covers the primary. Technical structuring covers the second. Each relaxation with the offeror, and neither substitutes for the opposite.
This text relies on a examine carried out by LegalBison in April 2026. The content material is for informational functions solely and doesn’t represent authorized recommendation.
