ABSTRACT Crypto-finance is becoming increasingly popular, but the area is still unregulated in many ways. Its innovations promise to bring benefits by decreasing costs and increasing choices for intermediaries and customers. At the same time, and among other things, the breakdown of important exchanges and lawsuits against prominent figures illustrate potential challenges for investors, financial stability, and monetary sovereignty. How does the EU navigate the crypto verse? In this article, we analyse three regulations of the EU’s Digital Finance Package through the lenses of discursive and historical institutionalism to understand when and where concerns about digital sovereignty motivate action. We argue that EU actors aim to regulate digital finance and retain sovereignty by employing different narratives that justify their policy choices. EU regulators upgrade existing regulations to cover digital finance areas that resemble traditional financial services and justify it by existing rationales on investor protection and financial stability. Digital finance poses security challenges that are new to financial regulation. EU actors employ a narrative of security threats to increase control in areas traditionally dealt with in cybersecurity.