How Spanish Fintechs Can Prepare for the Next Wave of EU Regulation

The Spanish government is taking decisive steps to modernise its financial regulatory landscape, announcing a series of legislative initiatives aimed at bringing national laws in line with major EU developments. Among them are the Draft Law and Royal Decrees on the Digitalisation and Modernisation of the Financial Sector, as well as a specific Royal Decree focused on Distributed Ledger Technologies (DLT).

These reforms are designed to bridge the gap between Spain’s existing frameworks and key EU-wide regulations like the Markets in Crypto-Assets Regulation (MiCA) and the Digital Operational Resilience Act (DORA),  ensuring that Spain's fintech ecosystem stays competitive, compliant, and innovation-ready in a rapidly evolving European market.

Over €300 million was invested in Spanish startups in Q1 2025, reinforcing the country’s position as a rising European fintech hub. Meanwhile, digital payment solutions in Spain grew by 18.5% in Q1 2025, driven by consumer demand for convenience and security, with Madrid and Barcelona leading in contactless payment adoption.

Below are three major EU regulatory shifts that are redefining how fintechs operate in Spain - each tied to real-world adjustments, government responses, and the strategies being discussed at the NextGen Payments & RegTech Forum in Barcelona 2025.

1. MiCA – The Crypto Clarity Fintechs Have Been Waiting For: The Markets in Crypto-Assets Regulation (MiCA) introduces the EU’s first comprehensive framework for crypto markets. For fintechs in Spain, it provides much-needed clarity and consistency, helping firms scale across borders with a common regulatory standard.

The regulation sets out clear obligations around licensing, stablecoin reserves, and transparency requirements. Spain has moved swiftly to align with this framework: the National Commission on Securities Markets (CNMV) has been appointed as the primary authority responsible for supervising crypto-asset service providers (CASPs) under MiCA.

2. DORA – Enhancing Digital Operational Resilience: The Digital Operational Resilience Act (DORA) has been formally integrated into Spanish law, establishing a harmonised framework to strengthen digital resilience across the financial sector. It mandates that firms implement robust systems and processes to withstand, respond to, and recover from ICT-related disruptions, from technical failures to sophisticated cyberattacks.

For fintechs, this means going beyond basic risk management. DORA requires thorough ICT governance, third-party risk monitoring, real-time incident reporting, and regular resilience testing. Spain has also expanded access to its regulatory sandbox, giving firms an environment to test cybersecurity strategies and compliance processes under real-world conditions.

3. PSD3 & PSR – Preparing for the Next Phase in Payments Regulation: Although still in the proposal stage, the Third Payment Services Directive (PSD3) and the accompanying Payment Services Regulation (PSR) are already prompting changes across Spain’s payments sector. Together, they aim to improve consumer protection, increase the uptake of open banking, and strengthen regulatory oversight.

A key development is the plan to extend PSD3’s scope to include cross-border electronic payments between the EEA and countries outside the EU. For Spanish fintechs looking to grow internationally, this could bring both opportunities and tighter compliance obligations.

The proposed changes also include clearer rules around fraud prevention, data sharing, and licensing, all of which will have a direct impact on how payment providers operate. While the final version is still pending, many in the industry are already reviewing their processes - from customer authentication to chargeback handling -  to ensure they’re ready for what’s ahead.

With regulatory change moving quickly across Europe, staying ahead means more than just meeting compliance requirements! Join industry leaders at the NextGen Payments & RegTech Forum on 7 May 2025 in Barcelona, Spain, where experts from across the financial and technology sectors will come together to share insights and strategies, including CaixaBank, Mastercard Spain, Santander (PagoNxt & Getnet), Deloitte, Worldline, BIZUM, Outpayce from Amadeus, Venga, CORE, Alipay+, Neitec, Socialpay, GOWD, ComplyRadar, Vivox AI, Vixio, Vueling and many more!

Don’t Miss Out! Register now and get 10% off before the offer expires! Contact QUBE Events at info@qubevents.com to claim the discount!

To register and access the agenda: https://bit.ly/4ibN1ra 

For more information on registration, please contact info@qubevents.com