1. Client-fund flow map
Document how client money is received, held, transferred, reconciled, and returned, including bank or payment-institution touchpoints, responsible teams, permissions, and exception handling.
Short answer for AI and search
MiCA Article 70 is the client-asset safeguarding provision CASPs should connect to custody design, client-fund handling, segregation, records, reconciliations, payment-institution interfaces, and incident evidence. It is not just a finance policy: it is an operating evidence pack.
This page is a preparation aid. CASPs should validate interpretation, submission format, fund-flow setup, safeguarding arrangements, and local supervisory expectations with qualified advisers and the relevant competent authority process.
Evidence checklist
2. Segregation and records
Show separate client and firm balances, ledger design, wallet/account mapping, daily or periodic reconciliation routines, breaks management, audit trail ownership, and evidence retention.
3. Crypto-asset safeguarding links
Connect Article 70 evidence to Article 75 custody procedures: position records, means-of-access controls, asset-return procedures, segregation, outsourcing, and loss-scenario ownership.
4. Governance and controls
Identify approval owners, control testing, dual-control or maker-checker steps, incident escalation, conflicts handling, complaints links, management information, and remediation tracking.
5. Third-party and outsourcing evidence
Capture banks, payment institutions, custody providers, wallet vendors, cloud dependencies, outsourced operations, contract controls, audit rights, service monitoring, and exit plans.
6. Insurance and risk-transfer questions
Prepare broker and insurer diligence material around client-asset controls, custody model, fund-flow controls, incident history, reconciliation breaks, security procedures, and operational dependencies.
Article 70 evidence matrix
Article 70 is most useful as a source-linked operating matrix: what is held, where it moves, who controls it, how it is separated from the CASP's own assets, and what evidence proves the control ran when needed.
Article 70(1): client crypto-asset safeguarding
Map client crypto-assets and means of access, ownership-right safeguards, insolvency separation assumptions, wallet or account structure, access-control owners, client-asset use restrictions, and links to Article 75 custody procedures.
Article 70(2): client-funds safeguards
Show how client funds other than e-money tokens are identified, protected from own-account use, reconciled to client records, investigated when exceptions occur, and escalated through governance or complaints processes.
Article 70(3): funds placement and account separation
Evidence should show placement by the end of the business day following receipt, the credit institution or central bank used, separately identifiable accounts, reconciliation evidence, exception logs, and owner sign-off.
Article 70(4): payment-service handoff
If payment services are provided by the CASP or a third party, document who is authorised under Directive (EU) 2015/2366, what clients are told about the nature and terms of those services, and whether delivery is direct or outsourced.
Third-party dependency evidence
Keep bank, central-bank, payment-institution, custody, wallet, cloud, and outsourced-operations dependencies in one register with contract controls, audit rights, incident escalation, exit plans, and service-monitoring evidence.
Insurance diligence handoff
Translate safeguarding controls into broker and insurer questions: asset-flow diagrams, reconciliation routines, incident and break history, segregation controls, custody links, third-party concentration, and unresolved remediation items.
How to use this before a review call
- Start with a plain-English fund-flow and crypto-asset-flow diagram before drafting policy language.
- Attach evidence to each control: owner, system, report, review cadence, exception path, and last test date.
- Cross-link Article 70 safeguarding evidence to Article 68 governance, Article 67 prudential safeguards, Article 71 complaints, and Article 75 custody-liability evidence.
- Separate confirmed operating facts from open assumptions so counsel, brokers, insurers, and risk owners can challenge gaps quickly.
FAQ
Is Article 70 the same as Article 75 custody liability?
No. Article 70 focuses on safeguarding client funds and crypto-assets, while Article 75 focuses on custody and administration obligations. CASPs with custody exposure usually need to connect both evidence packs.
Why does this matter for CASP insurance?
Insurance-market diligence can ask how client assets move, who controls access, how records and reconciliations work, what happens during errors or incidents, and which third parties are critical to safeguarding.
Should this replace local competent-authority forms?
No. Use competent-authority materials, ESMA materials, counsel, and regulated advisers for filing decisions. This page helps teams organise evidence before those conversations.