MiCA whitepapers are not approved. They are notified. The distinction matters: National Competent Authorities (NCAs) cannot bless the project, but they can — and do — raise objections, request modifications, and ultimately prevent the offer from proceeding. Article 12 gives the NCA the power to suspend or prohibit an offer when the whitepaper does not comply.
Across BaFin, AMF, CSSF, CONSOB, and the Bank of Spain, the public observations from the first 18 months of MiCA enforcement converge on the same patterns. The whitepapers that come back with objections are not the ones written by lawyers who failed to read the regulation. They are the ones written by teams who read it but treated the requirements as a checkbox exercise. Here are the seven mistakes that recur.
Why Whitepapers Get Rejected
Under MiCA Title II, the offeror or person seeking admission to trading drafts a whitepaper, notifies it to the NCA at least 20 working days before publication, and publishes it on the offeror's website. The NCA does not issue an approval. It reviews against the mandatory content requirements in Article 6 and Annex I, and against the form requirements in the ESMA Regulatory Technical Standards.
If the whitepaper is non-compliant, the NCA can demand modifications, suspend the offer for up to 30 working days under Article 12(4), or prohibit it entirely under Article 12(5). The offeror remains civilly liable for misleading or incomplete information under Article 15. Administrative fines under Article 111 reach EUR 5,000,000 or 3% of annual turnover for legal persons.
The 7 Mistakes
1. Generic, copy-paste risk factors
Annex I requires risk factors specific to the offeror, the crypto-asset, the offer, and the technology. A risk section that lists "market volatility, regulatory uncertainty, and cybersecurity risk" without explaining how those risks manifest for this specific project is the single most common deficiency. NCAs read these in batches and they see the same template. If the risk section could be lifted into another whitepaper without changes, it does not meet the standard.
2. Marketing language inside the whitepaper itself
The whitepaper is a disclosure document, not a sales document. Words like "revolutionary," "guaranteed," "industry-leading," or projections framed as expectations rather than scenarios trigger immediate objections. ESMA's 2024 guidance was explicit: factual, balanced, not misleading. Marketing communications under Art. 7 are a separate document with separate rules; do not confuse the two.
3. Inconsistency between whitepaper and smart contract
The whitepaper says total supply 1,000,000,000. The contract has a mint function with no cap. The whitepaper says vesting over 4 years. The contract has no time-locks. NCAs increasingly read the contract source alongside the whitepaper. Any divergence is treated as misleading information under Art. 15 and triggers a request for either contract redeployment or whitepaper amendment — both delay the offer by weeks.
4. Missing or weak environmental impact disclosure
Article 6(1)(j) and the ESMA RTS on environmental and climate-related disclosures require quantified information on the consensus mechanism, energy consumption per transaction, and the renewable-energy share where measurable. "Proof-of-Stake, therefore low energy" is not a disclosure. The RTS specifies metrics, units, and methodology. A weak environmental section is the second-most-flagged deficiency in published NCA observations.
5. Issuer identity and governance gaps
Annex I requires identification of the offeror, the management body, key personnel, beneficial owners above 25%, and a description of governance arrangements. Whitepapers that name the foundation but omit the operating company, list directors without CVs, or describe "a decentralised community of contributors" in lieu of a governance structure will be sent back. The NCA needs to know who is legally responsible.
6. Rights, refund, and complaint procedures omitted or vague
Article 13 grants retail holders a 14-day right of withdrawal for crypto-assets offered to the public (other than ARTs and EMTs, which have their own regime). The procedure for exercising that right, the refund mechanism, the contact point, and the complaints procedure must be in the whitepaper. Burying the right-of-withdrawal in a clickwrap or omitting the complaints contact is a Title II compliance gap that NCAs routinely flag.
7. Language and jurisdiction coverage mismatched to the offer
The whitepaper must be drawn up in an official language of the home Member State or in a language customary in the sphere of international finance. For offers in multiple Member States, the offeror must comply with each host NCA's language requirements. Marketing the token in seven countries while filing the whitepaper only in English — with no host-NCA notification — is a passporting failure that compounds the original deficiency.
The Common Thread
Six of these seven mistakes are not subtle. They are visible on the first read. The reason they recur is that whitepaper drafting often happens late in the project timeline, by people who did not write the smart contract or design the tokenomics, against a launch deadline. NCAs see what teams under deadline pressure produce. The fix is process, not legal knowledge: start the whitepaper alongside the contract, not after it.
Who Gets Rejected Most
The patterns in public NCA communications point to three profiles that disproportionately encounter objections:
- First-time issuers using non-specialist counsel — generic disclosure language, weak risk factors, inconsistent terminology between whitepaper sections
- Foreign issuers entering the EU via a single Member State — passporting and language requirements underestimated, host-NCA notifications missed
- Projects with tokenomics changes between drafting and deployment — the whitepaper describes the old design, the contract implements the new design, the gap is unflagged
Established issuers with in-house securities-law experience and a single jurisdiction file generally clear the 20-day window without objections. The pattern is not about company size; it is about the discipline of treating the whitepaper as a disclosure document that must survive an adversarial read.
What a Clean Dossier Looks Like
Pre-Notification Checklist
- Annex I content mapped section-by-section to whitepaper sections, with explicit cross-references
- Project-specific risk factors, each tied to a concrete scenario or precedent — no copy-paste language
- Whitepaper and deployed (or to-be-deployed) smart contract reconciled clause-by-clause on supply, mint, burn, vesting, and admin functions
- Environmental disclosure following the ESMA RTS metrics and methodology, not a free-form paragraph
- Operating company, management body, key personnel, and beneficial owners above 25% all identified with documentary backup
- Right-of-withdrawal procedure, refund mechanism, and complaints contact set out in the whitepaper body, not annexed or hyperlinked away
- Language coverage matched to every Member State in which the offer will be made, with host-NCA notifications prepared in parallel
- Marketing communications drafted as a separate document, independently compliant with Art. 7
For the broader regulatory context, see our MiCA Compliance Guide and What MiCA Bans Crypto Influencers From Doing. The white-paper compliance perimeter and the marketing-communication perimeter are two sides of the same Article 7 / Article 15 liability surface — teams that get one right and the other wrong end up sanctioned just the same.
Get your token offering MiCA-ready before you file
Screen wallets, monitor entities, and generate compliance reports with 1B+ labeled addresses and 305+ data sources.
See Compliance Solutions