MiCA’s Title VI market-abuse regime imports a MiFID-style ban on insider dealing and manipulation into EU crypto from December 30, 2024, and as the transitional window closes around July 1, 2026 it forces every crypto-asset service provider (CASP) to run trade surveillance and file suspicious transaction and order reports (STORs) — while the UK’s bespoke regime will not bite until October 25, 2027 and the United States still polices crypto manipulation through general anti-fraud law.
Title VI of the Markets in Crypto-Assets Regulation (MiCA), Regulation (EU) 2023/1114, prohibits insider dealing, the unlawful disclosure of inside information and market manipulation in crypto-assets admitted to trading, and has applied across the European Union since December 30, 2024. Article 92 requires persons professionally arranging or executing transactions to maintain systems to prevent and detect abuse and to file STORs, with detail set by Commission Delegated Regulation (EU) 2025/885 and the European Securities and Markets Authority’s (ESMA) April 2025 guidelines. This analysis walks through what Title VI actually requires, how four jurisdictions diverge, the enforcement precedent set by the Mango Markets case, and what the gaps mean for brokers, exchanges and compliance teams.
Key Facts:
• MiCA Title VI (Articles 86–92) has applied EU-wide since December 30, 2024; the CASP transitional period closes in most member states around July 1, 2026 — Regulation (EU) 2023/1114
• Article 92 obliges persons professionally arranging or executing transactions to run surveillance and file STORs — MiCA
• Technical detail is set by Commission Delegated Regulation (EU) 2025/885 and ESMA’s April 2025 Final Report guidelines — ESMA
• The UK’s Market Abuse Regime for Cryptoassets (MARC) was consulted on in CP25/41 (December 16, 2025) and is expected to come into force on October 25, 2027 — FCA
• In the US, the Mango Markets manipulation involved roughly $110 million; the CFTC charged Avraham Eisenberg on January 9, 2023 — CFTC
• ESMA’s knowledge-and-competence rules under MiCA Article 81(7) apply from July 28, 2026 — ESMA
Methodology and sources
This analysis relies on primary documents: the consolidated text of Regulation (EU) 2023/1114 (MiCA) Title VI; Commission Delegated Regulation (EU) 2025/885; ESMA’s April 2025 Final Report on guidelines for the prevention and detection of market abuse under MiCA and its July 2025 guidelines on supervisory practices; the UK Financial Conduct Authority’s (FCA) Consultation Paper 25/41 and the Financial Services and Markets Act 2000 (Cryptoassets) Regulations 2026; and US enforcement records from the Commodity Futures Trading Commission (CFTC), the Department of Justice (DOJ) and the Southern District of New York (SDNY). The jurisdictional scope is the EU, the UK, the US and Singapore. The time window runs from MiCA’s December 30, 2024 application date to June 2026. Where rules remain in consultation, that status is flagged.
What MiCA Title VI actually requires
Title VI mirrors the structure of the EU Market Abuse Regulation (MAR) that governs traditional securities, but rebuilds it for crypto — part of the same rulebook the EU is already revisiting under a “MiCA 2” review. Article 89 prohibits insider dealing; Article 90 prohibits the unlawful disclosure of inside information; and Article 91 prohibits market manipulation, including wash trading, spoofing, and the dissemination of false or misleading signals about a crypto-asset’s price or supply. Article 88 obliges issuers and offerors to disclose inside information to the public as soon as possible, the crypto equivalent of MAR’s continuous-disclosure duty.
The operational core is Article 92. Persons professionally arranging or executing transactions in crypto-assets — a category ESMA construes broadly to capture trading platforms, brokers and, in some cases, software operators — must build and maintain “effective arrangements, systems and procedures” to prevent and detect market abuse, and must report suspicious transactions and orders to their national competent authority via a STOR. Commission Delegated Regulation (EU) 2025/885 sets the regulatory technical standards for those reports, and ESMA’s April 2025 guidelines tell national authorities how to supervise them. The regime is not optional, and it does not phase in by size: a small CASP and a global exchange face the same baseline surveillance duty.
MiCA’s market-abuse regime is a direct transplant of securities-market discipline into crypto. It bans insider dealing, unlawful disclosure and manipulation under Articles 89 to 91 of Regulation (EU) 2023/1114, and Article 92 requires any firm professionally arranging or executing crypto transactions to run surveillance systems and file suspicious transaction and order reports. The detail sits in Commission Delegated Regulation (EU) 2025/885 and ESMA’s April 2025 guidelines, which apply EU-wide. Unlike capital requirements, the duty does not scale with firm size — every authorised CASP must demonstrate the same baseline monitoring capability, and national competent authorities can sanction failures with administrative fines that, for the most serious market-abuse breaches, reach into the millions of euros or a percentage of turnover.
| Jurisdiction / Regulator | Effective date | Scope | Key requirement | Penalty / sanction |
|---|---|---|---|---|
| EU (ESMA / national CAs under MiCA) | December 30, 2024 | CASPs and issuers of crypto-assets admitted to trading | Articles 89–92 ban insider dealing and manipulation; STOR duty under Article 92 | Administrative fines up to several million euros or a percentage of annual turnover under national MiCA transposition |
| UK (FCA) | Expected October 25, 2027 | Qualifying cryptoassets admitted to UK trading platforms | MARC bans insider dealing, unlawful disclosure and manipulation (CP25/41), with safe harbours for coin burning, stabilisation and market making | FCA Final Notice penalties; criminal liability routes under the future regime |
| US (SEC + CFTC) | Existing law (no bespoke crypto statute) | Tokens treated as securities (SEC) or commodities (CFTC) | SEC Rule 10b-5 anti-fraud; CFTC anti-manipulation under CEA §6(c)(1) and Rule 180.1 | Civil money penalties, disgorgement; criminal exposure via DOJ wire/commodities fraud |
| Singapore (MAS) | Existing law (SFA Part XII) | Digital tokens that are capital-markets products | Securities and Futures Act Part XII market-misconduct prohibitions apply; no bespoke crypto market-abuse code yet | Civil penalties and criminal sanctions under the SFA |
Sources: Regulation (EU) 2023/1114 (MiCA); FCA CP25/41; CFTC and SEC enforcement records; Singapore Securities and Futures Act. Last updated: June 22, 2026.
How four jurisdictions compare — and where arbitrage opens up
The four regimes converge on the same prohibited conduct — insider dealing, false signals, manipulative trading — but diverge sharply on timing and architecture. The EU is the only one of the four with a bespoke, in-force, crypto-native market-abuse rulebook backed by a standing STOR pipeline. The UK has designed an arguably more crypto-aware regime in MARC, with explicit safe harbours for coin burning, crypto-stabilisation and market making, but it does not take effect until October 25, 2027 under the Financial Services and Markets Act 2000 (Cryptoassets) Regulations 2026. The US has no crypto-specific market-abuse statute at all; it stretches Securities and Exchange Commission (SEC) Rule 10b-5 and CFTC anti-manipulation authority over conduct case by case. Singapore applies Part XII of the Securities and Futures Act, but only where a token is a capital-markets product.
That timing gap is the arbitrage risk. Between now and late 2027, a manipulative actor barred from an EU venue can migrate to a UK platform not yet covered by MARC, or to offshore venues where the only deterrent is after-the-fact US fraud enforcement. Token issuers face the mirror problem: the same disclosure that satisfies MiCA’s Article 88 inside-information duty may have no UK analogue until 2027, and no US continuous-disclosure equivalent at all unless the token is a registered security.
The divergence is one of timing and architecture, not of principle. All four jurisdictions outlaw the same trio of insider dealing, unlawful disclosure and manipulation, but only the EU has a live, crypto-specific regime with a mandatory STOR pipeline as of mid-2026. The UK’s MARC is the most tailored on paper — it writes in safe harbours for coin burning and market making that MiCA leaves to interpretation — yet it is more than a year from force. The US relies on general anti-fraud statutes applied through litigation, and Singapore covers only tokens that qualify as capital-markets products. For a globally active CASP, that means running EU-grade surveillance now, mapping UK obligations for a 2027 switch-on, and treating US exposure as a fraud-enforcement risk that can attach regardless of where a trade is booked.
“While MiCA provides a much-needed regulatory framework, it does not eliminate the fundamental risks associated with the crypto market. Investors must remain fully aware of these risks before engaging in this space.”
— Verena Ross, Chair, European Securities and Markets Authority (ESMA)
Enforcement context: the Mango Markets precedent
The defining crypto-manipulation case to date arose in the US, not the EU. In October 2022, trader Avraham Eisenberg drained roughly $110 million from Mango Markets, a decentralised exchange, by inflating the price of perpetual futures tied to its MNGO token and borrowing against the artificial collateral value. The CFTC charged him on January 9, 2023 (CFTC Press Release 8647-23) with a manipulative and deceptive scheme, asserting jurisdiction through the swap tied to the token; the SEC alleged the token was a security; and the DOJ charged commodities fraud, commodities manipulation and wire fraud.
On April 18, 2024, a federal jury convicted Eisenberg on all three counts — the first jury conviction in what the DOJ called the first-ever cryptocurrency open-market manipulation case. The story did not end there. On May 23, 2025, the SDNY overturned the commodities-fraud and manipulation convictions and entered a judgment of acquittal on the wire-fraud count, exposing how poorly traditional fraud statutes map onto smart-contract mechanics where the “manipulation” was executed exactly as the protocol’s code permitted. Eisenberg still faces civil suits from the SEC and CFTC. The case is precedent in two directions at once: it shows US authorities will pursue open-market crypto manipulation, and it shows how fragile those cases can be without a bespoke statute — precisely the gap MiCA Title VI and the UK’s MARC are built to close.
What this means for brokers, exchanges and compliance teams
For exchanges and CASPs, the EU duty is immediate and concrete. Any firm professionally arranging or executing crypto transactions must have surveillance capable of flagging wash trading, spoofing, layering and insider patterns, plus a documented STOR workflow into its national competent authority under Commission Delegated Regulation (EU) 2025/885. Boards should expect supervisory reviews to test whether alerts are calibrated and whether staff escalate them; a dormant system is itself a breach. Firms that built MAR surveillance for securities can extend it, but crypto’s 24/7 trading, cross-venue fragmentation and self-listing conflicts demand recalibration.
For brokers and introducing firms, the question is whether they fall within “professionally arranging or executing” — ESMA reads it broadly, so order-routing and execution intermediaries should assume they are in scope. For fund managers and custodians, inside-information handling around token listings, delistings and protocol changes — including events such as staking-rule changes that themselves diverge across the US, EU and UK — now carries Article 89 insider-dealing exposure in the EU. For legal and compliance teams operating across borders, the practical task is a three-speed map: run EU-grade surveillance today; prepare UK systems for the October 25, 2027 MARC switch-on, including its coin-burning and market-making safe harbours; and treat US activity as subject to fraud enforcement that can attach regardless of venue. Documentation — surveillance calibration logs, STOR decisions, inside-information lists — is the evidence supervisors will demand first.
“conduct like Eisenberg’s will be subject to enforcement action in accordance with our mandate.”
— Kristin N. Johnson, Commissioner, Commodity Futures Trading Commission (CFTC)
What’s next — the forward view
Three timelines now run in parallel. In the EU, the CASP transitional period closes around July 1, 2026 in most member states, ending the grandfathering that let pre-MiCA firms operate while authorisation was pending; ESMA’s knowledge-and-competence requirements under Article 81(7) apply from July 28, 2026, raising the bar on staff handling surveillance and STORs. National competent authorities are expected to move from onboarding to supervision in the second half of 2026, with the first market-abuse sanctions likely to follow.
In the UK, the FCA closed its CP25/41 consultation and intends to publish final MARC rules in policy statements during 2026, ahead of the October 25, 2027 commencement set by the Financial Services and Markets Act 2000 (Cryptoassets) Regulations 2026. Contested questions remain: how the safe harbours for stabilisation and market making will be drawn, and how the UK will treat cross-border conduct on overseas venues. In the US, the policy direction is toward market-structure legislation that would allocate crypto-asset oversight between the SEC and CFTC, which would change the statutory basis for future manipulation cases. Until then, the Eisenberg appeal fallout leaves prosecutors leaning on wire-fraud and commodities theories that the SDNY has shown can fail. Singapore, meanwhile, is more likely to extend existing Securities and Futures Act conduct rules than to write a standalone crypto market-abuse code in the near term.
TL;DR
MiCA Title VI (Articles 86–92) has banned crypto insider dealing and manipulation EU-wide since December 30, 2024, and Article 92 forces every crypto-asset service provider to run trade surveillance and file suspicious transaction reports — a duty that bites hard as the CASP transitional period closes around July 1, 2026. The UK’s tailored MARC regime, consulted on in CP25/41, will not commence until October 25, 2027, and the US still polices crypto manipulation through general anti-fraud law, as the roughly $110 million Mango Markets case showed when an SDNY court overturned Avraham Eisenberg’s 2024 conviction in May 2025. The result is a timing gap that invites regulatory arbitrage until 2027.
FAQ
When did MiCA’s market-abuse rules take effect?
Title VI of MiCA, Regulation (EU) 2023/1114, has applied across the European Union since December 30, 2024. It bans insider dealing, unlawful disclosure of inside information and market manipulation in crypto-assets admitted to trading, and its STOR obligations under Article 92 operate alongside Commission Delegated Regulation (EU) 2025/885 and ESMA’s April 2025 guidelines.
What is a STOR under MiCA?
A suspicious transaction and order report (STOR) is the filing a CASP or other person professionally arranging or executing crypto transactions must submit to its national competent authority when it detects possible insider dealing or manipulation. Article 92 of MiCA requires the surveillance systems behind it, and the regulatory technical standards are set in Commission Delegated Regulation (EU) 2025/885.
When does the UK’s MARC regime start?
The FCA’s Market Abuse Regime for Cryptoassets (MARC) was consulted on in CP25/41, published on December 16, 2025. The Financial Services and Markets Act 2000 (Cryptoassets) Regulations 2026 were made on February 4, 2026, with the new cryptoasset regime expected to come into force on October 25, 2027.
How does the US regulate crypto market manipulation?
The US has no bespoke crypto market-abuse statute. The SEC uses anti-fraud Rule 10b-5 where a token is a security, and the CFTC uses its anti-manipulation authority where a token is a commodity. The Mango Markets prosecution showed both the reach and the fragility of that approach when convictions were overturned in 2025.
What was the Mango Markets case?
In October 2022, Avraham Eisenberg extracted roughly $110 million from the decentralised exchange Mango Markets by manipulating the price of MNGO perpetual futures. He was convicted in April 2024 in what the DOJ called the first crypto open-market manipulation case, but the SDNY overturned the convictions on May 23, 2025. He still faces SEC and CFTC civil suits.
Does MiCA’s surveillance duty depend on firm size?
No. Unlike capital requirements, the Article 92 duty to prevent and detect market abuse and file STORs applies to every person professionally arranging or executing crypto transactions, regardless of size. A small CASP and a global exchange face the same baseline surveillance obligation, though the sophistication expected scales with the business.
This article is informational analysis only and does not constitute legal, regulatory, tax, or investment advice. Regulatory frameworks change frequently and interpretation depends on facts and circumstances; primary documents and official regulator guidance always supersede summaries. Firms should consult qualified legal counsel and their relevant supervisory authority before taking any action based on the analysis above.
Rick Steves
Rick Steves has seen business and economics through many lenses. He joined the financial services industry in 2009, and has been a financial journalist since 2011. He holds a degree in Business Administration and has experience producing real-time news, from both buy-side and sell-side, as well as for retail traders, brokers and service providers. Steves' work has appeared in a variety of online publications including FX Street, NewsBTC, FinanceFeeds, and The Industry Spread. Rick has great interest in the dynamics of the trading industry. The never-ending clash between technology, economics, regulation, and more importantly, the people.
