BitStaete & MiCAR
BitStaete & MiCAR
BitStaete was founded in 2021 by Derin Karim and Eric Nijkamp with a clear mission: to bridge the gap between traditional finance and digital assets. By offering tailored investment strategies, the asset management firm provides professional investors with a secure and compliant approach to this emerging asset class.
BitStaete was among the first five companies in the Netherlands to secure a MiCAR license from the Dutch Authority for the Financial Markets (AFM), a milestone that positions them at the forefront of regulated digital asset management.
The introduction of MiCAR makes the EU one of the first major economies to introduce regulation for digital assets. For companies that comply, this means credibility, security, and easy access to the entire EU market. For investors, it means stronger protections and greater trust in crypto investments.
The digital asset industry is evolving, and regulatory clarity is essential for long-term growth and investor trust. With their MiCAR accreditation, BitStaete ensures full compliance with strict regulatory standards. This strengthens its position as a reliable partner for professional investors, offering them assurance in a regulated environment.
Challenges in attaining MiCAR
Attaining their MiCAR license was quite the journey and came with some notable challenges. A major challenge was determining a proportionate approach, applying DORA in a way that would fit a smaller firm such as BitStaete. Initially, the approach was too broad, an overload of policies and controls that, while detailed, made implementation impractical. While detail is appreciated by the AFM, it became clear a more proportionate approach was required where detail is balanced with feasibility. After all, compliance frameworks must not only be thorough, but also practical to implement
As such, our team helped restructure the framework, grouping policies and focusing on the essentials. Ongoing discussions with the AFM were both valuable and well-received, allowing us to clearly communicate our vision and refine our approach based on their feedback.
Increasing regulatory pressure and the need for agility
As regulatory pressure surrounding digital assets continues to intensify, digital asset management firms are faced with the growing challenge of ensuring compliance with emerging frameworks like DORA and MiCAR. These regulations require firms to stay agile and proactive in their approach to risk management and compliance.
When asked about the increasing regulatory pressure, Derin responds positively: “you also need to feel the pressure. We are often focused on things we are passionate about, and then we tend to overlook these types of matters. In other words, we don’t give them the focus they need, so it’s great that the regulator and, in this case, Anove, step in and say, 'Hey, gentlemen, pay attention, this is coming, how are we going to ensure we address it together?' Compliance is always a collaboration with regulators. They make us aware of the risks we face, and that’s very valuable." Derin’s perspective underscores the importance of staying ahead of regulatory developments and working closely with regulators and experts to address compliance proactively.
However, he also recognizes the challenge in maintaining compliance: “You've got everything in order, but is it then for a lifetime? No, of course not.” This is where Derin saw the value of Anove’s tool, it introduced a higher level of oversight, making the compliance process more efficient and structured: “that one-stop-shop approach, helped us keep everything in order. It prevented things like Excel sheets or documents getting scattered and lost. By implementing the system through the Anove application, we now have a clear, organized dashboard showing the status of things.”
Addressing the knowledge gap
When first introduced to DORA and MiCAR, Derin and the BitStaete team quickly realized the complexity of these regulations. Reflecting on his introduction to MiCAR and DORA, Derin quickly recognized the need for external expertise, saying: 'What is that? What does that mean? And then we immediately knew. That’s not our expertise. We need to understand what that means for us and identify the expertise we need to bring in to succeed.'
When reflecting on the collaboration between Anove and BitStaete, Derin highlighted the value Anove brought to the table; not just in regulatory compliance but in understanding BitStaete’s unique needs as a business, saying:
“Anove really wants to contribute and also understand what kind of organization it is, what challenges they face, who they are, how large they are, how complex, and how digitally driven and focused they are.”
The result: A defining achievement
Securing the MiCAR license was a defining achievement for BitStaete, one that opened the door to new opportunities and partnerships. This milestone didn’t go unnoticed. As Derin reflected: “As a result, we received many calls, congratulations, and mentions in articles, as well as from third parties, new appointments, new client relationships, asset managers, and family offices that are interested in collaborating with us.” BitStaete’s security program also garnered recognition from the AFM, which appreciated the continuous communication and clear vision that underpinned the work.
Key takeaways
The key takeaways from BitStaete’s experience offer valuable lessons for other companies facing similar regulatory challenges.
· Compliance is achievable: While compliance may seem daunting, it is entirely achievable, even for smaller businesses, when approached strategically and with the right support.
· Conduct a gap assessment: Conducting a gap assessment provides a clear snapshot of the current state of your business, which may differ from your initial perception and reveal areas for improvement.
· Centralized compliance management saves time: centralized management of all information security practices creates better oversight and can save significant time by streamlining processes and workflows.
Derin’s advice to other organizations is clear: Take a critical look at your compliance framework before challenges arise:
“Organizations, like us, often start out thinking: ‘We’re well-structured, we have everything in order.’ But take a critical look; are you really? Have an expert assess your setup and conduct a gap analysis, a sort of baseline check. You need to act proactively, not wait until something goes wrong.”
