Protect yourself from crypto scams with the new MiCA rules
Francesco Petitti, Daniele Turchetta
For years, the cryptocurrency market was a lawless territory. Investing meant venturing into the digital “Wild West”: immense opportunities, but also fraud, manipulation and platforms that absolved themselves behind the mantra “Do your own research”. If a token turned out to be a scam, it was always the investor's fault. Today, this is no longer the case. With the entry into force of the MiCA Regulation (Markets in Crypto-Assets, EU Reg. 2023/1114), the European Union has imposed clear obligations on exchanges in terms of transparency, control and user protection. In essence, if an intermediary does not exercise due diligence, it can be held legally liable for losses incurred by investors.
The new sheriff: MiCA changes the rules of the game
MiCA marks the end of anarchy in the crypto market. Exchanges are no longer mere “digital shop windows”, but actual intermediaries subject to rules of conduct. They must act “honestly, fairly and professionally in accordance with the best interests of their customers”. This seemingly ethical principle now has binding legal force. The regulation imposes a specific duty of control, because an exchange can no longer list any token without prior verification. If a project is clearly fraudulent or lacks a verifiable white paper, the platform promoting it without having checked it may be held jointly liable. Similarly, the duty of transparency comes into play: users must receive complete, clear and non-misleading information about the risks of each crypto-asset. Finally, MiCA imposes a duty of suitability.
Exchange responsibility: a principle that applies even before MiCA
The responsibility of intermediaries did not arise with MiCA. Italian case law had already established the boundaries of diligent behaviour, requiring compliance with disclosure and suitability obligations even in the traditional financial sector. The Civil Cassation Court – in judgments no. 18153 of 2020 and no. 3712 of 2019 – ruled that when an intermediary fails to fulfil its duties, the burden of proof is reversed. It is not the customer who must prove fault, but the intermediary who must prove that it acted with the required diligence. Applying this principle to the crypto world, if a platform allows the sale of a fraudulent token without the necessary checks, the liability may fall directly on it. The law presumes that the economic damage results from a lack of supervision or a lack of information. This is an important reversal: from “personal risk” to “professional liability”.
How to assert your rights: from certified email to legal action
Those who have been defrauded or have purchased worthless tokens now have the option of taking action on two separate fronts. The first is out-of-court, which begins with a formal communication – preferably via certified email – addressed to the exchange. The complaint may contest the breach of disclosure obligations, the unsuitability of the transaction for the investor's profile, and the lack of diligence in selecting the listed tokens. In practice, it is argued that if the intermediary had provided accurate information, the investment would never have been made. If the out-of-court route does not lead to compensation, the judicial route remains. The investor can bring a civil action in the court of their place of residence, the so-called “consumer forum”.
The investor's strengths in court
In court, the investor starts from a position of advantage. The burden of proof is reversed: it is up to the exchange to prove that it acted correctly, provided all the necessary information and complied with the declared risk profile. If it fails to prove this, the law presumes its guilt. Furthermore, case law tends to exclude contributory negligence on the part of the client, unless there is evidence of completely anomalous behaviour, such as handing over cash to unauthorised persons or acting outside official channels. In all other cases, the investor's reliance on the intermediary's professionalism is considered fully legitimate.
The final message: the Wild West is over
The time for excuses is over. Exchanges can no longer hide behind the screen of market freedom to justify their lack of oversight. With MiCA, a clear principle comes into force: those who operate crypto exchange platforms have a direct responsibility towards their customers. The cryptocurrency market is no longer a no-man's land. Investor confidence is a legal asset that must be protected, and when it is betrayed, the law offers concrete tools to hold those who should have been vigilant accountable.
Every transaction must be compatible with the investor's risk profile. If a prudent individual is encouraged to invest in an ultra-speculative token, the exchange can no longer invoke the user's freedom of choice as a shield. These principles, already present in MiFID regulations for traditional financial markets, now extend to the crypto world. Supervisory authorities such as Consob and ESMA may even prohibit the offering of crypto-assets considered excessively risky or opaque.
During the proceedings, it is possible to request the cancellation of the contract due to serious breach, the return of the capital invested and, in the most serious cases, compensation for pre-contractual or extra-contractual liability. Pre-contractual liability arises when the exchange attracts customers with false or misleading information during the token promotion phase, while extra-contractual liability arises from the violation of the principle of neminem laedere, i.e. the general duty not to cause harm to others. Alternatively, compensation for financial damage, including monetary revaluation and interest, may be requested.
edited by Francesco Petitti
Lawyer
edited by Daniele Turchetta
Lawyer
Rome - Italy
Via dei Due Ponti 174, 00189 RM
© 2026 RDC Legal Solutions. All rights reserved.
Colleferro - Italy
Via Galileo Galilei 6, 00034 RM
Damscus - Syria
43, Qassaa, SYR
Our offices