MiCA Is a Marketing Problem. Here Are the 40 Rules Every Crypto Marketer Should Know.

Why your compliance team finding the issue means your marketing team already failed.

--

Press enter or click to view image in full size

Every quarter I talk to crypto marketing teams who’ve just had a campaign pulled by their compliance team and are trying to figure out what happened. The pattern is almost always the same: the marketing team didn’t know the rules, the compliance team caught it after launch, the budget was already spent. Here is how to break that pattern.

MiCA — the EU’s Markets in Crypto-Assets regulation — is usually framed as a compliance problem. Lawyers read it. Compliance teams interpret it. Marketing finds out about it later, usually after something they shipped gets flagged.

That framing is wrong. MiCA is a marketing constraint long before it is a compliance one. It changes what you can say, in which market, to whom, and with what disclosures attached. If your marketing team isn’t reading it directly, you’re going to ship the wrong copy and pay for it twice — first in legal review delays, then in retracted campaigns.

Here are the rule families every crypto marketer running EU-facing campaigns needs to internalize. Not legal advice — operator-grade pattern recognition.

The “fair, clear, and not misleading” baseline (rules 1–8)

Every promotional communication must be identifiable as such, balanced in its presentation of risk and reward, and free from anything that obscures or downplays material information. In practice this kills a lot of standard crypto growth tactics: APY headlines without the underlying volatility disclosure, “guaranteed returns” framing of any kind, before-and-after price screenshots without context, and influencer testimonials that don’t disclose their compensation.

The principle is simple. The execution is where most teams get caught.

Risk warnings — placement, prominence, language (rules 9–16)

Risk warnings aren’t checkbox items. MiCA prescribes their location (visible without scrolling, alongside the promotional message), their prominence (font size, contrast, language register), and their content (what specific risks must be named). This applies to every channel — social ads, organic posts, landing pages, in-app banners, push notifications, email subject lines.

The most common mistake: localizing the marketing copy but leaving the risk warning in English. Every EU member state has language requirements. If you’re advertising in France, the warning is in French. Romania, Romanian. No exceptions.

Marketing communications targeting retail (rules 17–24)

Retail-facing communications carry the heaviest restrictions. No incentive-based promotions that could distort decision-making (this is where “deposit bonuses” and “trade-to-earn” promotions get scrutinized). No comparison to traditional financial products without a balanced presentation. No claims about future performance, even hedged ones. Past performance disclosures are required, in a specific format.

If your growth team has a retail acquisition funnel running in the EU, this is the section that will most often catch them mid-campaign. Build the audit into the brief, not the review.

White paper consistency (rules 25–32)

Every marketing communication must be consistent with the white paper. This is the rule that breaks the “marketing operates independently from product” model that a lot of crypto teams default to. If your token utility evolves, the marketing must update. If your white paper says one thing about staking rewards and your landing page says another, that’s a MiCA violation regardless of which one is closer to the actual product behavior.

The fix: marketing reads the white paper before drafting, references it directly in copy reviews, and flags any drift back to product before the campaign ships.

Cross-border distribution (rules 33–40)

A campaign that’s compliant in Germany may not be compliant in Spain, Portugal, or Ireland. Each EU regulator has interpretive latitude on the application of the baseline rules. Geo-targeting, language localization, and channel-specific compliance are all in scope. “Pan-European” campaigns in their lazy form — one creative, one language, one disclosure — are now a structural risk.

The teams that handle this well treat MiCA the way they treat GDPR: not as a single compliance check, but as a per-jurisdiction marketing parameter that’s baked into every brief from the start.

I’ve packaged the full 40-rule self-audit as an open-source checklist with a tested AI system prompt — usable inside any campaign review workflow. It lives on the NorthPoint resources page, MIT-licensed, no email gate. Or install it directly as a Claude skill:

npx skills add jukkablomberg/northpoint

For crypto teams that need ongoing senior marketing leadership inside this regulatory environment — that’s what NorthPoint is built for. Three productized services depending on stage: an AI Crypto CMO subscription for pre–Series A teams, a 90-day CMO Operating System install when you need the function built once and handed over, and a Fractional Crypto CMO retainer for teams that need a senior marketing seat without a full-time hire. Faster than hiring. Lower risk than learning MiCA on the job.

Originally published at dev.to/jukkablomberg.

Jukka Blomberg — ex-CMO of international crypto exchanges. Founder, NorthPoint.