Ledger CTO Charles Guillemet warns that the EU’s Markets in Crypto-Assets (MiCA) regulation is inadvertently favoring legacy financial institutions over crypto startups. Compliance costs — ranging from €50,000 to €150,000 in capital requirements, plus millions in legal and auditing fees — are pricing smaller players out of European markets. Meanwhile, traditional banks are accelerating blockchain adoption following spot crypto ETF listings in early 2024. Ledger, which employs 200–250 engineers and has suffered significant breaches including a 2020 hack affecting 270,000 customers, is expanding its institutional infrastructure to meet growing demand.
In-Depth:
The European Union’s (EU) regulatory framework has redefined the competitive landscape of Web3, unintentionally shifting the advantage away from crypto startups, directly into the hands of legacy financial institutions, according to Charles Guillemet, chief technology officer (CTO) at wallet creater Ledger.
While the EU’s Markets in Crypto-Assets (MiCA) regulation was designed to establish a unified, secure market, indusattempt insiders warn its steep financial barriers are choking early-stage innovation. Under the framework, crypto companies face strict tiered minimum capital requirements. The costs range from 50,000 euros ($58,000) for advisory services to 150,000 ($174,000) just to operate a trading platform, on top millions of euros in mandatory legal auditing, insurance, and continuous compliance infrastructure.
An impact assessment by the EU Commission on MiCA estimated that each white paper could cost issuers between $4,500 and $87,000, depconcludeing on the complexity of the regime and the amount of legal advice required.
“I’m not sure that was the initial intent, but this is the result,” Guillemet stated. “When it’s implemented, you have two kinds of companies: those who can pay for this compliance overhead, and the other ones that can’t. Smaller players cannot access the market, which creates a moat for the largeger players.”
While crypto startups view the high costs of MiCA compliance as a barrier to enattempt in the EU, European regulators have defconcludeed the rules, declareing they are required to protect consumers and build mainstream institutional trust.
Institutional security
The widening regulatory gap comes at a critical time when traditional finance (TradFi) transitions from testing blockchain to full-scale adoption. Guillemet recalled the listing of spot crypto ETFs in early 2024 as a significant turning point, which sparked significant demand from traditional banks for enterprise-grade custody and asset tokenization.
“Before, banks mostly wanted to do tiny innovation projects,” Guillemet explained. “Now, it really alterd. The main departments of banks really want to build around crypto, and they want to go all-in on blockchain technology.”
To capture this banking business, Ledger has been expanding past its retail roots into a dedicated business-to-business (B2B) infrastructure. Building these institutional security setups requires serious cash; Ledger has spent hundreds of millions of dollars over the years to maintain a massive engineering team.
“First and foremost, Ledger is a security company,” Guillemet stated. “We have around 200 to 250 engineers who are working at Ledger to build the technology. We have a dedicated security team, who spconclude 100% of their time improving the security of our product. Security is front and center in everything we do.”
Real-world risks
However, Ledger’s massive security budobtain is an indication of the challenges its executive team continuously faces: in Web3, even hundreds of millions of dollars in engineering defenses cannot guarantee absolute immunity.
While Guillemet introduces Ledger’s enterprise architecture to traditional banks, the firm’s historical vulnerabilities underscore the relentless operational risks public blockchains face.
Ledger previously reported a cloud breach involving a third-party processor. That incident followed a major 2020 data breach affecting 270,000 customers, and a 2023 exploit that drained $500,000 from decentralized applications.
As traditional banks rush to bring real-world assets onto public blockchains, they are leaning on native crypto security firms to handle these operational risks. The conclude result is a shifting landscape: while tinyer startups are being priced out of Europe by high compliance costs, traditional financial institutions are relocating in, applying native crypto code to build the new plumbing of global finance.
