Verena Ross: ESMA Chair and MiCA's Implementation Architect

Verena Ross became ESMA Chair in 2022 from the Financial Conduct Authority, where she had spent most of her career in senior roles spanning securities markets supervision, policy development, and international regulatory coordination. Her FCA background is directly relevant to ESMA’s MiCA implementation: the FCA developed crypto regulatory frameworks under real market pressure, building institutional knowledge about what works in crypto supervision that ESMA is now drawing on.

Her tenure at ESMA has coincided with the most consequential period in EU financial markets regulation in decades — MiCA’s implementation, the Digital Finance Package broadly, and the ongoing development of European capital markets under the Capital Markets Union agenda. Managing these simultaneously while building ESMA’s institutional capacity has been the defining challenge of her chairmanship.

From FCA to ESMA: Institutional Background

Ross’s FCA career gave her a specific perspective on regulatory design: institutions matter as much as rules. The FCA has more direct supervisory authority over UK financial markets than ESMA has over EU markets — ESMA is primarily a standard-setter and coordinator, while national competent authorities (NCAs) hold most direct supervisory powers.

This institutional reality has been a persistent source of tension in ESMA’s effectiveness. When a large European asset manager or exchange requires supervisory attention, ESMA’s role is largely advisory unless it has been explicitly given direct oversight powers — as it has been for specific functions like credit rating agency supervision and certain trade repository oversight. For most securities regulation, supervision runs through the 27 NCAs.

MiCA created a similar architecture for crypto: ESMA sets standards and coordinates, NCAs supervise most CASPs, and ESMA has enhanced roles for “significant” stablecoin issuers. Ross’s centralisation push — her advocacy for ESMA to have direct supervisory authority over large CASPs — is driven by her judgment that 27 NCAs applying the same regulation with different emphases will produce regulatory fragmentation that undermines the single market objective MiCA is designed to serve.

MiCA Implementation: Getting Level 2 Done

The technical substance of Ross’s tenure has been managing ESMA’s Level 2 rulemaking obligations under MiCA — the binding regulatory technical standards and implementing technical standards that translate MiCA’s framework provisions into operational requirements.

ESMA published its Level 2 measures broadly on schedule, covering whitepaper standards, CASP authorisation requirements, conflicts of interest rules, liquidity management for asset-referenced token issuers, and the technical standards for stablecoin reserve management. The timeliness of these publications was important: the crypto industry needed certainty to make authorisation applications, and NCAs needed the standards to assess those applications.

The Q&A and supervisory convergence documents that ESMA has published alongside the formal Level 2 measures have been valuable in addressing the ambiguities that inevitably arise in applying a new framework to a novel market. Ross has oriented ESMA toward active engagement with authorisation questions rather than passive waiting — publishing guidance on common issues rather than allowing divergent NCA interpretations to develop.

By early 2026, over 40 CASPs had received authorisation under MiCA across EU member states. The distribution of authorisations across member states — with Germany, the Netherlands, and several other countries authorising the most firms — reflects the differing regulatory capacities and industry concentrations across the EU rather than any supervisory divergence that Ross would need to address.

The Centralisation Debate: ESMA vs. National Authorities

Ross’s most consequential and contested position has been her consistent advocacy for greater centralisation of CASP supervision at ESMA level. Her argument is straightforward: large CASPs that operate across multiple member states are effectively supervised by no single authority comprehensively. An exchange authorised in one member state but primarily active in several others creates supervisory gaps that fragmented NCA oversight cannot close.

The counter-argument from member states is equally straightforward: national supervisors have the relationships, language skills, and local market knowledge that effective supervision requires. Centralising supervision of large CASPs at ESMA would require significant ESMA resource expansion, would create a single point of failure in European crypto supervision, and would reduce the competitive differentiation that national regulatory approaches provide.

This debate reflects an enduring tension in EU financial regulation between the single market efficiency argument for centralisation and the subsidiarity principle that reserves to member states what they can do effectively. Ross has been careful to frame the centralisation argument in terms of MiCA’s effectiveness rather than ESMA’s institutional ambition — her case is that the current architecture cannot achieve MiCA’s consumer protection and market integrity goals for the largest market participants.

Comparison with Enforcement-First Approaches

Ross’s approach to MiCA implementation — engagement, guidance, collaborative development of supervisory standards — contrasts sharply with the Gensler-era SEC’s enforcement-first posture. Where the SEC issued relatively few formal guidance documents and relied on enforcement actions to communicate regulatory expectations, ESMA under Ross has invested heavily in published guidance, Q&As, and supervisory briefings.

This approach reflects both the EU’s regulatory culture, which emphasises advance guidance over regulatory ambiguity, and Ross’s own FCA training, where the principles-based approach to supervision values regulators communicating their expectations clearly rather than waiting for violations.

The institutional design of MiCA also supports this approach: MiCA has an explicit “comply or explain” provision allowing firms that cannot meet specific requirements in specific circumstances to explain their non-compliance rather than automatically triggering enforcement. This creates space for regulatory dialogue that enforcement-first approaches foreclose.

ESMA’s Institutional Position in EU Crypto Governance

The political economy of ESMA’s position in EU crypto regulation reflects the broader dynamics of European financial governance. ESMA sits between the European Commission (which proposes legislation and has political authority), the European Banking Authority and other sectoral agencies (which have overlapping mandates), and the 27 NCAs (which have supervisory primacy for most functions).

Ross must navigate this institutional landscape while building ESMA’s relevance in an area — crypto regulation — where its role was minimal before MiCA. Her success in this institutional position-building will shape whether ESMA becomes the genuine centre of EU crypto oversight or remains a standard-setter coordinating a fragmented supervisory landscape.

The test will come when a significant CASP faces supervisory challenges across multiple member states. How ESMA responds — whether it asserts coordinating authority effectively, whether NCAs defer to its guidance, and whether the resulting supervisory action reflects a coherent EU approach — will reveal more about ESMA’s institutional effectiveness than any of its policy statements.