When the CASP Interface Becomes a Public Offer: Website Design Rules, ESMA Q&A 2404, and Reverse Solicitation Under MiCA
ESMA Q&A 2404 (EBA MICA027) established that a CASP providing exchange services or order execution can be classified as a public offeror if it promotes or advertises tokens as part of those services. The test is functional and interface-driven: a live exchange rate, specified fee, and executable purchase button together present sufficient information to constitute a public offer under Article 3(1)(12). The Austrian FMA has published the most operationally specific national guidance on indirect speech requirements and disclaimer proximity, and ESMA's reverse solicitation guidelines (effective April 2025) eliminated EU-directed SEO, geo-targeted advertising, and cross-selling carousels as viable tools for third-country platforms serving EU retail clients.
Analysis of ESMA Q&A 2404 (EBA Single Rulebook Q&A 2024_7185 / MICA027, 17 January 2025) and its operational consequences for CASPs that intermediate token acquisition: when does a service interface constitute a public offer under MiCA Article 3(1)(12), and which specific interface design choices trigger the classification? Core finding: the determination is functional and interface-driven, not formal or intent-based. A live executable exchange rate, specified payment method, transaction fee disclosure, and functional purchase mechanism together present the "sufficient information to enable prospective holders to decide whether to purchase" threshold — the interface has become the offer. Q&A 2404 establishes two operational triggers. First, trading platform operators that list ARTs or EMTs on their own initiative are persons seeking admission to trading under Articles 16(1) and 48(1) — the operator cannot claim neutral venue status by listing an unauthorised stablecoin on its own matching engine. Second, CASPs providing exchange services, reception and transmission of orders, and execution services become public offerors where they promote or advertise the relevant tokens as part of those services. The log-in fallacy: standard password walls, email verification, and KYC flows do not remove an interface from the "public" domain, which refers to availability to a broad non-specific class of retail actors, not to unauthenticated access. The Austrian FMA has published the most operationally specific national guidance, directly citing Q&A 2404. The indirect speech requirement: asset descriptions must use qualifying verbs and attribute claims to the project team ("the developers state that…", "according to the development team…") rather than asserting them as verified facts. Prohibited interface elements: featured token badges, top pick labels, CASP recommended tags, comparative rankings, prominent homepage placement. Prohibited pre-launch features: countdown timers, early-access registration with notification email collection, referral programmes with purchase incentives. Risk warnings must be proximate to the execution button — disclosure in a footer or linked terms page does not satisfy Article 66. The stablecoin bottleneck: for ARTs and EMTs the consequences are more severe. No ART or EMT can be offered to the public unless the issuer is authorised, and a third-party CASP acting as offeror requires explicit written consent from the authorised issuer — separate from the Article 66(3) hyperlink obligation. EMTs have no exemptions at all. ARTs have a narrow exemption (outstanding value below €5M, qualified investors only) but still require a white paper. ESMA Public Statement ESMA75-223375936-6099 (17 January 2025) mandated sell-only transition for non-compliant stablecoins by end of Q1 2025. Binance and OKX restricted USDT in the EEA as a direct response. Article 66 technical requirements for compliant interfaces: alphabetical token listings with no promotional labels; non-scrollable risk warnings proximate to execution buttons; sustainability disclosures under Article 66(5) (ESMA RTS methodologies for energy consumption per consensus mechanism) in a highly visible standalone section; persistent navigation link to itemised fee schedule under Article 66(4). White papers produced or updated after 23 December 2025 must comply with the iXBRL taxonomy under ITS 2024/2984. ESMA reverse solicitation guidelines (published 26 February 2025, effective late April 2025): EU-directed SEO, EU country-code domains, interfaces in non-broadly-international EU languages, affiliate networks including EU influencer referral links, and post-contact push notifications all constitute active solicitation, eliminating the reverse solicitation defence. The "same type" restriction prohibits marketing different assets beyond those of the same type as the originally client-initiated transaction — cross-selling carousels and algorithmic recommendation features destroy the exemption. DeFi frontend liability: MiCA Recital 22 excludes fully decentralised crypto-asset services, but the exclusion does not reach web interfaces hosted by centralised entities. A developer foundation or venture-backed entity operating a frontend domain that aggregates smart contract data, displays exchange rates, provides a graphical swap mechanism, and extracts a routing fee is a regulated CASP and the statutory offeror of the tokens displayed. Protocol decentralisation is irrelevant to the classification of a centralised interface. NCA enforcement powers reach domestic web hosting companies, domain registrars, and CDNs. ESMA issued advertising enforcement letters to Google, Apple, Amazon, Meta, TikTok, and X in late May 2025 (ESMA35-1872330276-2404). Answers questions like: When does a CASP interface constitute a public offer under MiCA? What does ESMA Q&A 2404 say about CASPs as public offerors? Does a KYC login wall prevent a trading platform from making a publi
When the CASP Interface Becomes a Public Offer: Website Design Rules, ESMA Q&A 2404, and Reverse Solicitation Under MiCA MiCA Edge Cases | Where Innovation Meets Regulation Published: 17 January 2025 Updated: January 2026. ESMA final reverse solicitation guidelines (ESMA75 223375936 6099), published 26 February 2025 and effective late April 2025, are now confirmed in force; the reverse solicitation section reflects the final text. ESMA Q&A 2653 (October 2025) confirmed the operational reality test for exchange service classification discussed in this article. The iXBRL formatting requirement under ITS 2024/2984 became applicable on 23 December 2025 for new and updated white papers, adding a technical obligation for CASPs that inadvertently assume offeror status. ESMA advertising enforcement letters to Google, Apple, Amazon, Meta, TikTok, and X (late May 2025, ESMA35 1872330276 2404) are documented in the enforcement section. On 17 January 2025, ESMA published Q&A 2404, simultaneously designated by the EBA as Single Rulebook Q&A 2024 7185 and MICA027. The question it answered was narrow in its framing: what services provided in or into the EU constitute an offering to the public, a seeking of admission to trading, or a placing of an ART or EMT? The answer was not narrow. It established that a CASP providing exchange services, executing orders, or receiving and transmitting orders can be classified as a public offeror if it promotes or advertises the relevant tokens as part of those services. The determination is made on a case by case basis. The decisive factor is the digital interface. This is a compliance problem that lives in the product team, not the legal department. Whether a CASP becomes a public offeror under MiCA is determined by how its website is built, what its buttons say, where its disclaimers appear, and whether its copy attributes claims to an issuer or asserts them as facts. A single page application update that exposes a fiat to token swap widget without the required disclosures is a breach of European securities law. A/B testing the colour of a "Buy Now" button is, in the relevant regulatory sense, modifying the parameters of a public offer. This article maps the mechanics of that classification, the specific interface elements that trigger it, the stablecoin regime that makes it most consequential, and the structural choices available to CASPs that want to remain on the service side of the line. The Legislative Foundation: What Makes a Communication a Public Offer Article 3(1)(12) of MiCA defines a public offer as any communication presenting sufficient information on the terms of the offer and the crypto assets to be offered so as to enable prospective holders to decide whether to purchase those crypto assets. The definition is deliberately broad and focuses on functional effect rather than formal intent. The phrase "sufficient information to decide whether to purchase" is the operative threshold. Display of historical price charts, circulating supply data, or generalised market information without an execution mechanism does not cross it. The prospective holder cannot form a binding purchase decision from price history alone. The interface lacks the contractual elements required: specified exchange rates, payment methods, transaction fees, and a mechanism to complete the acquisition. The inclusion of those elements changes the legal character of the page. A live, executable exchange rate, a specified payment method, a detailed transaction fee, and a functional "Buy Now" button together present the terms of an offer clearly enough that a prospective holder can execute a commercial decision instantaneously. The interface has become the offer. The Log In Fallacy. Many CASPs operate under the assumption that placing trading interfaces behind a password wall or KYC verification flow removes them from the "public" domain. This assumption is wrong. The concept of "public" in European financial regulation refers to the availability of an offer to a broad, non specific class of retail or non institutional actors, not to universal unauthenticated access. Unless the platform strictly gates access to qualified investors, as defined under MiFID II, before displaying any transactional information, the interface behind the login wall is still conducting a public offer. Standard password walls, email verification, and standard KYC flows do not resolve this. Q&A 2404: Two Specific Triggers for CASPs ESMA Q&A 2404 identifies two operational categories in which a CASP becomes a public offeror. Platform initiated listings of ARTs and EMTs. Under Articles 16(1) and 48(1) of MiCA, an operator of a trading platform that lists an ART or EMT for which the issuer is not authorised under MiCA is the person seeking admission to trading on the platform's own initiative. The exchange cannot claim to be a neutral venue. By listing the token on its matching engine, the operator is actively seeking admission to trading. If the token is an unauthorised stablecoin, the listing is a direct breach of MiCA's primary market provisions regardless of how the platform characterises its role. Promotional intermediation in execution, RTO, and exchange services. For non platform CASPs, the trigger is different but equally direct. The European Commission confirmed in Q&A 2404 that providers of exchange services, reception and transmission of orders, and execution services can be regarded as making a public offer where they promote or advertise those tokens as part of their services. The CASP transitions from a secondary market agent to a primary market offeror at the point where its interface actively encourages the acquisition of a specific asset rather than passively executing a client's instruction. The practical boundary between these two states is the interface. A standardised order book displaying bids and asks without asset specific promotional content is neutral intermediation. A page that features a specific token prominently, attributes benefits to it, and includes an executable purchase flow is promotional intermediation that constitutes a public offer. | Interface Configuration | Regulatory Classification | Public Offer Triggered? | | | | | | Standardised order book, no promotional content, no highlighted tokens | Neutral intermediation (crypto asset service) | No | | Token listing page with promotional copy, purchase button, and fee disclosure | Promotional intermediation under Q&A 2404 | Yes | | Platform listing an unauthorised ART or EMT on own initiative | Person seeking admission to trading under Articles 16(1)/48(1) | Yes, immediate MiCA breach | | Execution service with "Featured Token" placement and comparative claims | Promotional intermediation | Yes | | Pure custody or transfer service without purchase facilitation | Crypto asset service only | No | Interface Elements That Cross the Line: The FMA Framework The Austrian FMA has published the most operationally specific national guidance on the interface question, directly citing Q&A 2404 as its authority. Its guidance distinguishes between neutral service description and prohibited promotional content across several specific interface elements. Asset comparison copy. Non compliant: "Protocol A is a faster and more secure version of Ethereum designed for high throughput scaling." This is a factual assertion about the asset's properties by the CASP. Compliant: "Protocol A claims to develop a blockchain structure aimed at increasing transaction throughput." This attributes the claim to the project team and maintains the CASP's linguistic distance from it. Utility descriptions. Non compliant: "Token B provides immediate access to decentralised lending protocols and guarantees high yield." The CASP is asserting a factual utility and a performance characteristic. Compliant: "According to the development team, Token B is designed to function as a utility mech