Monitoring Market Abuse in Crypto – What Lessons Can We Learn from Existing Surveillance Best Practices?

Throughout the past 12 months, high-profile issues with established crypto players have placed a spotlight on the repercussions of the lack of regulatory clarity. While trading in digital assets isn’t new, a clear-cut regulatory framework has yet to be systematized.

As many regions work to determine how they will govern crypto activity, the European Union (EU) is leading the way with their Markets in Crypto Assets (MiCA) regulation.

Tony Sio, Head of Regulatory Strategy and Innovation for Nasdaq’s Anti-Financial Crime business, was recently invited by the European Securities and Markets Authority (ESMA) to host a training session for over 500 attendees from National Regulatory Authorities (NRAs) on key areas of focus for surveillance practitioners when it comes to MiCA.

We sat down with Sio to highlight some of the training’s key takeaways:

What exactly is MiCA? What do surveillance practitioners need to know about it?

MiCA is a part of a comprehensive digital finance package that is being rolled out in the EU, with a likely effective date in 2024. Outside of Europe, MiCA could help to set global standards for the regulation of crypto-assets.

Any services and activities relating to crypto-assets, including custody and exchange services, are subject to MiCA. Crypto-asset issuers that meet the criteria will be permitted to offer crypto-assets to the public or admit them to trading anywhere in the EU. This approach should lead to a harmonized system across the EU.

Why is crypto surveillance different than traditional surveillance? What are some challenges unique to this landscape?

The big differences are the Distributed Ledger Technology (DLT), the innovative new products that are being developed and the types of actors that participate in the ecosystem. However, if you look at the bulk of activity, over 90% occurs on centralized exchanges through an orderbook style approach which happens off-chain. This activity is susceptible to most of the same risks that need to be controlled in traditional markets.

When looking at the whole ecosystem, many of the manipulative behaviors that take place in the crypto ecosystem are like those that take place in traditional markets. For example, wash trading is a well-documented problem. In 2019, most of the volume on tier two crypto venues was estimated to be wash trading,  and people do it for the exact same reason as in traditional markets, it attracts further volume.

There are also key differences in the nature of the markets themselves. Crypto markets are 24/7, have a history of being extremely volatile and include more novel forms such as perpetual futures. This means that surveillance analysts are dealing with massive data sets across several markets and regions.

Given these challenges, what do surveillance practitioners need to be aware of to prepare for impending regulation?

MiCA is aligned with the EU’s existing Market Abuse Regulation (MAR), which applies to securities and derivatives. It is also aligned with the EU Transfer of Funds Regulation and the recommendations of the Financial Action Task Force (FATF). This will make it more difficult for crypto-assets to be used for criminal purposes such as money laundering, terrorist financing and fraud.

There are five key articles of relevancy for surveillance practitioners:

  • Article 76: Scope of the rules on market abuse.
  • Article 77: Disclosure of inside information.
  • Article 78: Prohibition of insider trading.
  • Article 79: Prohibition of unlawful disclosure of inside information.
  • Article 80: Prohibition of market manipulation.

The onus is on CASPs and other participants that facilitate trades in crypto-assets in the EU to implement rigorous surveillance programs. To detect market abuse, CASPs should be able to determine a baseline for normal behavior in a particular market—down to the order book level—and pick out events or patterns that are abnormal.

They also need to follow ongoing developments in behavior over time. Monitoring the full depth of book is a must because that is where manipulative behavior often occurs. It is also important to build a process around unstructured data contained in news releases and social media posts.

What are some of the key lessons we can learn from existing surveillance best practices?

One of the big lessons that we, as an industry, learned in the past from events like the flash crash, is that markets and asset classes are inter-related. Different asset classes like equities, derivatives and fixed income shouldn’t be looked at in isolation. As we create our surveillance programs for crypto-assets we should be mindful that we don’t create new isolated silos.

To learn more about how best to prepare for MiCA and other impending crypto regulation read our whitepaper, Clearing the Path for Crypto-Asset Regulation: The EU’s MiCA Explained here  

Nasdaq Anti-Financial Crime Regulatory Newsletter

Regulatory Roundup

Get insights on the latest regulatory news and trends around the world.


Tony Sio


Tony Sio is the Head of Regulatory Strategy and Innovation at Nasdaq, this includes responsibility for the Nasdaq Market Surveillance solution which is used by over 50 marketplaces and 17 regulators globally.

Read Tony's Bio