EU markets regulator demands enhanced cybersecurity audits for crypto firms: report

The EU market watchdog will reportedly call for mandatory external audits of crypto companies’ cyber defenses to boost consumer protection in the face of increasing security breaches.

The European Securities and Markets Authority is said to be preparing to advocate mandatory external audits of cyber defenses for crypto businesses as part of a broader effort to improve consumer protection in the crypto space.

ESMA is considering tougher cyber protection rules and is urging European Union lawmakers to amend upcoming regulations to require third-party audits that assess crypto companies’ resilience to cyber attacks, according to a Financial Times report on Wednesday that did not cite specific sources.

However, the report states that the European Commission has “pushed back against the move” and the commission has suggested that ESMA’s proposals may exceed the intended scope of the legislation.

Cybersecurity has become a pressing issue for the crypto industry; Hackers stole almost $1.4 billion, nearly doubling last year’s figures, according to TRM Labs data. Another blockchain forensics firm, Chainaliz, reported that the number of hacking incidents in 2024 saw a modest 2.8% increase compared to 2023. However, the average value lost per hack increased by 79.5%, from $5.9 million to $10.6 million per incident in 2023. He emphasizes that concerns are growing as cybercriminals increasingly focus on centralized exchanges.

Under the upcoming Crypto Asset Markets framework, crypto companies will be required to obtain licenses from European Union member states from December 31 and demonstrate strong controls against money laundering and other financial crimes. Some aspects of this regulatory framework have begun to reshape the industry; Coinbase recently announced plans to remove non-compliant stablecoins from its European exchange by the end of the year.

Regulatory concerns remain among industry leaders. Paolo Ardoino, CEO of Tether, the largest stablecoin issuer, warned that strict cash reserve requirements could create systemic risks for banks. The delisting trend is not limited to stablecoins; Kraken also recently announced plans to suspend privacy-focused Monero (XMR) trading in the European Economic Area, following similar moves by Binance and OKX.