The right entry point depends on where the process stands.

If legislation is still being drafted, the most valuable moment is the Commission consultation phase – before a formal proposal is published. This is when the problem definition is open, policy options are not yet fixed, and officials are actively seeking technical input to understand real-world implications.

If legislation has passed but implementation is underway – as is currently the case with MiCA (the Markets in Crypto-Assets Regulation) and the AI Act – the focus shifts to the implementing measures being developed by the Commission and supervisory authorities. For MiCA, this means delegated acts and regulatory technical standards drafted by ESMA and EBA. For the AI Act, it includes codes of practice, guidelines, and standardisation work that will determine how obligations apply in practice.

If a framework is already fully in force, engagement moves to supervisory relationships – building credibility with the national competent authorities responsible for oversight, contributing to industry consultations, and positioning your organisation as a constructive and technically credible voice for future regulatory reviews.

The common thread across all three stages: substance matters more than presence. Regulators engage with organisations that bring genuine technical expertise and propose workable solutions – not just those that show up.

MiCA – the Markets in Crypto-Assets Regulation – creates a single licensing framework for crypto-asset service providers and issuers across all 27 EU member states. For service providers, it means one licence can passport across the EU, but it also means meeting conduct, capital, and governance requirements that vary by service type. For issuers of crypto assets, the white paper requirements and liability regime are the critical details. The most important question is not whether MiCA applies to you-  it almost certainly does – but exactly how, and what your compliance and engagement strategy should be.

During the consultation phase – before the European Commission publishes a formal proposal. This is when the problem definition is still open, when your framing can shape the narrative, and when the officials drafting the text are actively looking for technical input. Once a proposal is published, the negotiating positions of the Parliament and Council are already forming. You can still engage effectively, but the window is narrower and the positions harder to move.

EU legislation starts with the European Commission, which holds the exclusive right to propose new law. Before a formal proposal is published, the Commission runs public consultations and impact assessments – this is the earliest and most valuable moment to engage, when the problem definition is still open and policy options are not yet fixed. Once proposed, the text is negotiated by the European Parliament and the Council of the EU, representing member states. Both develop positions in parallel, which are then reconciled in closed trilogue negotiations. Positions harden as the process advances, which is why early engagement matters. For digital assets and AI, the legislative text is rarely the end. Much of the operational detail is determined through Level 2 technical standards/ implementing measures, – developed by supervisory authorities after the law passes. These standards set the precise definitions, thresholds, and requirements that determine how legislation works in practice. This is often where the most consequential decisions are made, and where well-prepared, technically credible input has the most impact.

A law firm tells you what the rules say and how to comply. Public affairs engages with the process that produces those rules: the consultations, the committee hearings, the technical working groups, the informal conversations with rapporteurs and cabinet members.
Both are necessary. But compliance without engagement means adapting to a framework you had no part in shaping. In a space as fast-moving as Web3 and AI, that is an expensive way to operate.

The AI Act uses a risk-based classification system. High-risk AI systems – including those used in critical infrastructure, employment, education, and law enforcement – face the most stringent requirements: conformity assessments, transparency obligations, human oversight, and registration in an EU database.
General-purpose AI models like large language models and foundation models, above certain capability thresholds, face their own obligations around transparency and systemic risk. The implementation timeline is phased, with different provisions applying at different dates through 2027. The most urgent priority for most companies is understanding which category their systems fall into and engaging with the implementing measures being developed now.

Show up with substance, not just presence. Regulators receive hundreds of consultation responses and meeting requests. What distinguishes the organisations they actually engage with is the quality of their technical input. Responses that identify real implementation challenges, propose workable solutions, and demonstrate that the company understands the regulatory objectives, not just its own interests. One well-crafted consultation response with genuine technical depth is worth more than a dozen introductory meetings.

Lobbying in the EU context typically refers to direct advocacy with decision-makers – Members of the European Parliament, Commission officials, Council representatives. Public affairs is the broader discipline that includes regulatory strategy, stakeholder mapping, coalition building, policy communications, and expert engagement across the full policy cycle. In the EU, the Transparency Register sets the framework for how this engagement is disclosed. nucleus42 operates within this framework across all levels of EU institutional engagement.

These terms are often used interchangeably, but they describe distinct – though related – activities.

Public policy refers to the decisions, laws, and regulations that governments and institutions produce. It is the output of the political and regulatory process, not an activity in itself. When companies talk about "monitoring public policy," they mean tracking what governments are deciding and how it affects their business.

Public affairs is the broader discipline of managing an organisation's relationship with the political and regulatory environment. It encompasses strategy, stakeholder engagement, communications, coalition building, and advocacy – everything involved in ensuring that an organisation's interests are understood and considered by the institutions that shape its operating environment.

Government relations is a subset of public affairs focused specifically on direct engagement with government institutions – ministries, regulators, parliamentary committees, and officials. In the US context, this term is used more broadly; in Europe, it sits within the wider public affairs function.

Lobbying is the most specific of the four – it refers to direct attempts to influence legislation or regulation, typically through direct contact with decision-makers. In the EU, lobbying is regulated through the Transparency Register, which requires organisations engaging with EU institutions to disclose their activities and interests. Lobbying is one tool within public affairs, not a synonym for it.

For companies in Web3, digital assets, and AI navigating EU regulation, all four dimensions are relevant – understanding what policy is being made, building the relationships that create access, and engaging directly with the process at the right moments

Legal counsel and public affairs serve fundamentally different functions. Your lawyers advise on compliance with existing rules. Public affairs engages with the process that produces those rules – the consultations, the technical working groups, the informal conversations that shape how legislation is drafted and how regulators interpret it. For companies in Web3, digital assets, and AI, where the regulatory framework is still being built, the distinction matters enormously.

EU regulation has extraterritorial reach. MiCA applies to any company providing crypto-asset services to EU clients, regardless of where it is based. The AI Act applies to providers placing AI systems on the EU market. Non-EU companies need to understand not just their compliance obligations but also how to engage with the EU regulatory process from outside.
This means identifying the right entry points, consultation responses, industry associations, direct institutional engagement, and building relationships with the supervisory authorities that will be responsible for oversight.

Political communications in emerging tech is about ensuring that the people writing the rules understand what they are regulating. Policymakers and regulators are generalists working across many dossiers simultaneously. The organisations that engage most effectively are those that translate complex technical realities into clear, policy-relevant narratives, positioning their technology not as something to be feared or constrained, but as something worth getting right. This requires a different skill set from consumer or investor communications.

Most public affairs firms understand the political process. Few understand the technology. In Web3, digital assets, and AI, the gap between the two is where regulatory mistakes happen: frameworks that misclassify technology, thresholds set without understanding operational realities, definitions that create unintended consequences.
A specialist who has worked inside the ecosystem, engaged directly with the institutions, and understands both the technology and the policy process can bridge that gap, and a generalist cannot.