MiCA CASP License in Czech Republic

Why Choose Czech Republic for Crypto Licensing?

The Czech Republic became one of the first EU member states to demonstrate operational MiCAR throughput at scale. The 248-application pipeline was received by the 31 July 2025 transitional filing cliff.^[1][4] By application volume, the Czech Republic ranks among the largest EU MiCAR filers, behind Germany (53 CASPs authorised) and the Netherlands (around 26) but ahead of France (around 13) and Lithuania (around 6).^[5] Domestic crypto adoption is substantial, with the Czech digital-asset market among the larger in central Europe by user base and projected revenue.^[19]

An Active, Credible Regulator

Three factors carry the Czech offer. First, the regulator itself: the CNB has piloted an internal AI-assisted file-review tool ("CNB Lab") to handle volume while keeping authorisation decisions in human hands.^[1] CNB Bank Board commentary has emphasised that decisions are taken by CNB experts and that AI serves only as a supporting tool.^[1] That posture matters for institutional applicants who need a regulator with both throughput and credibility.

The Strongest Personal-Investor Tax Regime Outside Germany

Second, the tax regime. Effective 15 February 2025 (with retroactive application from 1 January 2025), Act No. 32/2025 Coll. amended the Income Tax Act to introduce a 3-year holding exemption on personal crypto disposals up to CZK 40 million per year, and a CZK 100,000 annual de minimis.^[12][13][22] From 1 January 2026 the CZK 40 million cap was retained for crypto-assets even as it was abolished for securities and business shares.^[13] This is genuinely the most generous personal-investor crypto regime in the EU outside Germany's 1-year rule.

A Working Cost Base

Third, total cost of operation. Prague Class A office rents, Czech-grade legal and consultancy fees, and corporate income tax at 21% combine to a first-year operating budget materially below Frankfurt, Dublin, or Luxembourg comparators. Total first-year all-in cost (excluding initial capital) sits in the €200,000–€475,000 range for a Class 2 or Class 3 CASP.^[10][14]

The Honest Counterweights

The headline counterweights: the CNB no longer offers pre-licensing consultations (formally confirmed by a Freedom-of-Information response dated 10 July 2025);^[2] Czech-language procedural defaults raise translation costs for non-Czech applicants; the English-language consultancy ecosystem in Prague is smaller than Vilnius or Tallinn; and the Czech address lacks the institutional prestige of Frankfurt or Paris. None of these are dealbreakers for operators who have done the work, but each adds cost or planning time that founders routinely underestimate.

Regulatory Framework

The CNB supervises Czech CASPs under MiCAR (Regulation (EU) 2023/1114), domestically transposed by Act No. 31/2025 Coll. (Digital Finance Act), with Act No. 32/2025 Coll. amending sectoral legislation. The Financial Analytical Office retains AML/CFT supervision; the Ministry of Finance handles tax.

The Legislative Stack

Czech MiCAR application sits on four layers of EU and domestic law:

• MiCAR (Reg. (EU) 2023/1114). Directly applicable since 30 June 2024 (Titles III/IV, stablecoins) and 30 December 2024 (Title V, CASPs).^[7]
• EU Level-2 acts directly applicable in the Czech Republic. Commission Delegated Regulation 2025/305 (Art. 62(5), information for CASP authorisation), Implementing Regulation 2025/306 (Art. 62(6), standard forms), Delegated Reg. 2025/414 (qualifying-holding assessment), Delegated Reg. 2025/303 (financial-entity notifications), Delegated Reg. 2025/299 (Art. 68(10) continuity), and Delegated Reg. 2025/294 (Art. 71(5) complaints).^[3]
• Travel Rule (Reg. (EU) 2023/1113). Directly applicable from 30 December 2024.^[8]
• DORA (Reg. (EU) 2022/2554). Applicable to CASPs from 17 January 2025.^[9]

The Czech transposition layer is Act No. 31/2025 Coll. (Zákon o digitalizaci finančního trhu / Digital Finance Act), signed by the President on 6 February 2025 and entering force 15 February 2025.^[10] Section 9 of the Act designates the CNB as competent authority; Section 26 establishes the transitional regime (covered in detail in the Transition section below). Act No. 32/2025 Coll. is the companion amending act covering AML, tax, and trade-licensing law.

CNB as Competent Authority

The CNB supervises licensing, ongoing prudential compliance, market abuse, consumer protection, and substance. Three published Kontaktní místo (contact-point) documents on the CNB's MiCA permitting page cover: (i) CASP and non-bank ART issuer applications, (ii) white-paper notifications, and (iii) credit-institution ART white-paper approvals.^[3][4] The CNB also runs a general FinTech contact point at cnb.cz/fintech, operational since 1 November 2019,^[6] but explicitly not a sandbox and explicitly not a pre-licensing consultation channel as of mid-2025.

Secondary Regulators

The Financial Analytical Office (Finanční analytický úřad, FAÚ) retains AML/CFT supervision for CASPs as obliged entities under section 2(1)(b)(15) of the AML Act (No. 253/2008 Coll., amended by Act 32/2025).^[11] The Ministry of Finance (Ministerstvo financí ČR) handles tax legislation including the personal-investor crypto regime. The Czech Capital Markets Act (No. 256/2004 Coll.) applies where a token qualifies as a MiFID II financial instrument rather than a crypto-asset, and the Payment Systems Act (No. 370/2017 Coll.) applies where a CASP's fiat-rail activities overlap a payment-institution or electronic-money-institution licence.

Recent Developments (As of June 2026)

• 11 February 2026. CNB issued the first six MiCA CASP authorisations.^[1][4]
• 10 July 2025. CNB formally confirmed via Freedom-of-Information response that pre-licensing consultations are no longer offered.^[2]
• 31 July 2025. Transitional CASP filing cliff under Art. 26 of Act 31/2025 Coll. closed. New entrants since August 2025 file directly under MiCAR with no grandfathering protection.^[16]
• 15 February 2025. Digital Finance Act plus companion Act 32/2025 in force; CNB became MiCAR competent authority; personal-investor crypto tax amendments effective with retroactive application from 1 January 2025.^{[10][12][13][22]}
• 17 January 2025. DORA applicable to all financial entities including CASPs.^[9]
• 30 December 2024. MiCAR Title V (CASPs) applicable; Travel Rule applicable; legacy Czech VASP regime closed to new entrants.^[7][8]

Regulatory Transition: Trade Licence VASP to MiCA CASP

The Transition Timeline

The Czech transition runs across three phases. Phase 1 closed the legacy regime: from 15 February 2025, the Trade Licensing Act (Act No. 455/1991 Coll.), code 81 ("provision of services related to a virtual asset"), was phased out as a route for new entrants. Phase 2 was the transitional filing window: entities holding a code-81 trade licence before 30 December 2024 had until 31 July 2025 to file a complete CASP application with the CNB.^[10] Phase 3 is the grandfathering grace period: filed applicants may continue operating under their legacy registration until the earlier of (a) the CNB's final decision or (b) 1 July 2026.

Throughput Reality

Bank Board commentary noted that the vast majority of the 248 applications arrived in the final weeks before the cliff rather than early in 2025.^[1] The first six authorisations represent roughly 2.4% of the pipeline; further authorisations are expected to issue in waves through 2026. The CNB has signalled that it expects to clear a significant share of the pipeline before the 1 July 2026 grace-period cut-off, but practitioners have flagged that filings rejected at the completeness stage will not benefit from refiling under the transitional regime.^[1][20]

What This Means for New Applicants

For operators filing after 31 July 2025, three implications follow. First, no operating bridge exists between filing and authorisation; the operator cannot serve clients in or from the Czech Republic until the CNB grants the licence. Second, the CNB has not reopened a pre-licensing consultation channel: applicants submit complete dossiers and respond to CNB completeness queries within the standard Art. 63 timeline.^[2] Third, dossier quality determines timeline: the CNB expects a clear legal and technical description of how each service is structured, not a simple list of services (see Common Mistakes below).

Special Procedure (MiCAR Art. 143(6))

For entities already CNB-authorised under existing Czech law to provide comparable financial services (credit institutions, investment firms, EMIs, central securities depositories, management companies, regulated market operators), MiCAR Art. 143(6) permits a notification procedure under Art. 60 (40 working-day objection window) rather than a full Art. 63 application. The Czech Republic has not introduced a bespoke fast-track beyond MiCAR Art. 143(6).

License Types and Activities Covered

The MiCAR CASP authorisation is granted for one or more of ten defined crypto-asset services. Each service falls into one of three capital classes, and the initial capital requirement reflects the highest class among the services for which the CASP is authorised.

The Ten CASP Services and Their Capital Classes

A CASP authorised for any Class 2 service satisfies the capital floor for any combination of Class 1 services without adding more capital. A CASP that also operates a trading platform sits in Class 3 regardless of which other services it provides.

Activities Outside CASP Scope

MiCAR Art. 2(3)–(4) carve out several activities. Fully unique and non-fungible NFTs are out of scope where they are not fungible and not substitutable for other crypto-assets. Non-custodial wallet software (where the provider never holds client keys) is out of scope. Fully decentralised protocols without an identifiable operator are out of scope, although ESMA has signalled a narrow interpretation. Tokens that qualify as MiFID II financial instruments fall under the Capital Markets Act (Act No. 256/2004 Coll.) rather than MiCAR. Central bank digital currencies, deposits, structured deposits, and securitisation positions are outside MiCAR entirely. NFTs and other non-MiCAR crypto activity may still trigger AML obligations under the Czech AML Act and require FAÚ notification.^[11]

The EMT–PSD2 Cumulation Trap

In June 2025 the European Banking Authority confirmed that a CASP providing custody or transfer services for e-money tokens must hold capital under both MiCAR Art. 67 (Class 2 minimum €125,000) and PSD2 Art. 7 (EMI minimum €350,000 or PI minimum €125,000).^[17] The two requirements cannot be netted: one euro of own funds cannot count toward both. A Czech CASP offering EUR stablecoin custody on this model therefore needs to scope its services as a dual licence (Czech CASP plus Czech EMI under Act 370/2017 Coll.) and budget accordingly. In practice, many operators run the EMI rail through a separate group entity in another EU member state and pair it with a Czech CASP for the crypto leg.

Tokenised Securities and RWA

MiCAR Art. 2(4) excludes crypto-assets that qualify as financial instruments, so a tokenised security (a tokenised share, bond, or fund unit) is not a MiCAR crypto-asset. In the Czech Republic such instruments are regulated under MiFID II, the Prospectus Regulation, and the EU DLT Pilot Regime (Regulation (EU) 2022/858), and supervised by the CNB rather than under MiCAR. The boundary is set by ESMA's Guidelines on the qualification of crypto-assets as financial instruments. A Czech MiCA CASP authorisation does not cover tokenised securities or real-world-asset (RWA) tokens that are financial instruments; those follow the MiFID securities regime, and we scope that route through the relevant securities perimeter while pairing crypto custody or exchange permissions only where the operating model needs them. See our dedicated fund licensing guide for the tokenised-fund route.

The Czech Republic is one of the few EU member states hosting live DLT market infrastructure. CSD Prague, the Czech central securities depository, was authorised as a DLT Settlement System under the EU DLT Pilot Regime following a positive ESMA opinion, making it one of only a handful of authorised DLT market infrastructures in the EU. For an issuer weighing tokenised debt or equity against a MiCAR crypto-asset structure, this gives the Czech Republic a credible securities-settlement venue alongside its CASP regime, provided the instrument is scoped to the correct perimeter from the outset.

For systematic EEA market access, a non-EEA provider cannot rely on reverse solicitation under MiCAR Art. 61, which ESMA interprets narrowly: any EU-targeted marketing voids the exemption.^[15] See the dedicated reverse solicitation under MiCA guide for the third-country compliance pattern.

Requirements

A Czech CASP applicant must establish a Czech legal entity, pay in MiCAR Annex IV initial capital to an EEA bank account, secure a physical Czech office, and appoint the required management and control functions before filing a complete dossier.

Corporate Vehicle

The default Czech CASP vehicle is the společnost s ručením omezeným (s.r.o.) with statutory minimum share capital of CZK 1, although applicants typically capitalise the s.r.o. at the MiCAR Annex IV floor or above before filing. The akciová společnost (a.s.), with minimum share capital CZK 2,000,000, suits multi-shareholder and institutional governance structures and is required for asset-referenced token (ART) issuer authorisation. Applicants must be Czech legal entities; per Act 32/2025 Coll. and the close of the 31 July 2025 transitional window, natural persons are no longer eligible to provide MiCA-regulated services in the Czech Republic.^[16]

Capital and Own Funds

Initial capital per MiCAR Annex IV is paid into a bank account in the European Economic Area before the CNB issues authorisation. Ongoing own funds must be the higher of (a) the Annex IV class floor or (b) one-quarter of the previous year's fixed overheads (Art. 67(1)). The European Banking Authority and ESMA have clarified that fixed overheads include the sum of all indirect expenses, both fixed and variable, with only the deductions in Art. 67(3) permitted.^[17] In practice, the CNB and peer EU regulators expect Class 2 and Class 3 CASPs to hold €350,000–€750,000 in segregated own funds as a working buffer, well above the floor. If own funds fall below the floor at any point, the operator has 30 days to restore them.

Substance Requirements

The CNB inspects substance during the licensing process. Virtual offices are no longer accepted.^[14][18] Effective management must occur in the European Union. At least one director must be EU-resident under both MiCAR Art. 68 and CNB supervisory practice. The CASP must appoint a Money Laundering Reporting Officer (MLRO) with a notified FAÚ contact-person record in the XML format prescribed by Decree 420/2024 Coll. (effective 1 February 2025).^[11] A compliance officer is required and may overlap with the MLRO in small operators. A dedicated ICT risk officer, with sufficient seniority and independence to discharge DORA obligations, is expected as a separate function rather than a side title.

Fit-and-Proper

Members of the management body and qualifying shareholders (10% or more ownership) submit fit-and-proper questionnaires aligned with the Joint EBA/ESMA Guidelines on suitability of management body members.^[17] Criminal records, regulatory history, sanctions exposure, and prior insolvencies all surface here. Acquisitions of qualifying holdings post-authorisation must be pre-notified under MiCAR Art. 84 plus Delegated Reg. 2025/414 with a 60 working-day assessment window.

Practitioner Note

Czech applicants who underestimate substance face the most predictable rejection pattern. Practitioner commentary in a 2026 retrospective on CNB applications observed bluntly that the CNB is not naive and that real management presence and genuine decision-making substance in the Czech Republic are expected.^[21] Operators who rely on a Czech bookkeeper-as-director plus a Prague mailbox should not file.

Documentation Dossier Summary

Application Process

The Czech CASP application process runs in five stages from entity formation through CNB assessment. Total realistic timeline is 9 to 18 months, with dossier quality the primary driver of where a file lands within that range.

Jagelski & Partners coordinates the dossier across the AML, ICT/DORA, custody, governance, and outsourcing workstreams, working with specialist legal and compliance partners. We sequence the dossier so that capital, banking, hiring, and substance arrive on the CNB's desk together rather than as a series of supplementary submissions, which is the most common avoidable cause of timeline extension. Book a Licensing Assessment →

Required Documents

The application package follows Delegated Regulation 2025/305 and Implementing Regulation 2025/306 for CASPs. The package spans corporate documents, personal documents for all assessed persons, the operational policy suite, and proof of capital placement in an EEA bank account.

Corporate Documents

Personal Documents (Management Body and Qualifying Holders)

Operational Policies and Procedures

Translation and Legalisation

Czech is the procedural language; the CNB accepts English supporting documentation in practice but expects the core operational policies and corporate documents in Czech. Sworn Czech translation is required for foreign-language corporate documents, criminal records, audited financials, and UBO/management-body identity documents. Documents originating outside the European Union require either apostille (Hague Convention) or full diplomatic legalisation depending on the source country.

Costs and Pricing

Total first-year cost, excluding initial regulatory capital, sits in the €200,000–€475,000 range for a Class 2 or Class 3 Czech CASP. Initial regulatory capital adds €50,000 to €150,000 depending on class, with practitioners typically advising a €350,000–€750,000 buffer.

Government Fees

Total Cost Summary

Why Czech Total Cost Sits Where It Does

Three factors drive the Czech total-cost position. First, Czech-grade salaries for the regulated functions (MLRO, compliance, ICT) sit roughly 30–45% below Frankfurt or Dublin benchmarks, although Prague has narrowed against Vilnius and Tallinn over the past 24 months. Second, Czech professional fees for a tier-1 law firm with active CASP practice sit below the equivalent Frankfurt or Dublin engagement but above lower-cost Baltic alternatives. Third, the CNB itself does not charge an annual supervisory levy at the scale of the larger EU regulators; as of June 2026 the operative implementing decree and the exact rate of the supervisory contribution should be confirmed against the current primary text.

Timeline

End-to-end timeline from engagement to authorisation runs 9 to 18 months. The CNB statutory clock is 25 working days for completeness plus 40 working days for substantive assessment, extendable by up to 20 working days.

Factors That Extend Timeline

The most predictable timeline extenders are: incomplete dossiers triggering Article 63 stop-the-clock requests; non-standard ownership structures involving non-EU UBOs with limited supporting documentation; criminal-record or regulatory-history flags on management body members; large outsourcing chains where the DORA Art. 30 documentation lags the dossier; capital still sitting outside an EEA bank at the final stage of CNB assessment; and novel token taxonomies that require the CNB to consult ESMA before issuing.

Editorial Position

The 9–18 month range is the realistic working envelope as of June 2026, and we expect the median to settle near the lower end of that range through 2026 as the CNB clears the August 2025–February 2026 cohort of transitional filings. New entrants filing in mid-2026 with clean dossiers should plan on 9–12 months. Operators with non-EU UBOs, complex group structures, or Class 3 trading-platform scope should plan on 12–18 months and budget for a CNB substantive-assessment extension.

Taxation

Czech corporate income tax is 21% from 1 January 2024. Crypto-fiat exchange is VAT-exempt under Hedqvist (C-264/14). Personal investors benefit from a 3-year holding exemption up to CZK 40 million per year, the most attractive EU personal-investor crypto regime outside Germany.

Corporate Income Tax

Czech corporate income tax is 21% for tax periods starting 1 January 2024 (raised from 19% by the 2023 consolidation package).^[18] Resident companies are taxed on worldwide income; non-residents on Czech-source income and permanent-establishment income. The participation exemption applies to capital gains on disposal of subsidiary shares where a 10% holding is held for 12 months and the subsidiary is EU-resident. Pillar Two has been transposed: the income inclusion rule is effective for fiscal years starting after 31 December 2023; the undertaxed profits rule for fiscal years starting after 31 December 2024; and the qualified domestic minimum top-up tax at the 15% effective rate from 31 December 2023.

VAT

The standard VAT rate is 21%, with a reduced rate of 12% effective from 1 January 2024 (replacing the former 10% and 15% rates). Crypto-fiat exchange is VAT-exempt under the European Court of Justice judgment in Hedqvist (C-264/14), applied directly in the Czech Republic. Non-exchange CASP services (custody, advisory, listing fees, staking-related services, infrastructure SaaS) are typically VAT-able and assessed case-by-case based on the substance of the supply. The Czech VAT registration threshold is CZK 2,000,000 of turnover in any 12 consecutive months.

Withholding Tax

Standard withholding tax is 15% on outbound dividends, interest, and royalties to non-residents. Within the EU, the Parent-Subsidiary Directive and Interest and Royalties Directive reduce most outbound flows to 0%. A penalty rate of 35% applies on payments to recipients in non-double-tax-treaty and non-EEA jurisdictions, a relevant factor when structuring offshore holding entities above a Czech CASP. Czech tax residency for a corporation is triggered by either registered office or place of effective management in the Czech Republic.

Personal Investor Regime (Act 32/2025 Coll.)

This is genuinely the strongest selling point of the Czech crypto offer. Effective 15 February 2025 (with retroactive application from 1 January 2025), the Income Tax Act (No. 586/1992 Coll.) was amended to introduce two exemptions for personal investors:^[12][13][22]

• 3-year holding exemption (časový test): crypto-assets held for more than 3 years are exempt from personal income tax on disposal, capped at CZK 40 million per year of gross exempt income. The cap is shared across securities, business shares, and crypto-assets. From 1 January 2026 the cap was abolished for securities and business shares but retained for crypto-assets.^[13]
• De minimis (hodnotový test): gross annual income from crypto-asset disposals not exceeding CZK 100,000 is exempt and need not be reported. The two exemptions cannot be combined; the more favourable applies.

Where no exemption is available, personal income tax applies under section 10 of the Income Tax Act at 15% up to 36 times the average wage (CZK 1,676,052 for 2025) and 23% above that threshold. Lump-sum deductions are not available for crypto; the taxpayer bears the burden of evidencing acquisition cost.

Business Activity vs Personal Investment

Where crypto activity is conducted on a business-like basis (sustained, organised, with the intention of profit), income is taxed under section 7 with social and health insurance contributions, and the time and value tests do not apply. The line between personal investment and business activity is fact-specific; high-frequency trading, leveraged positions, and full-time crypto activity push toward section 7 classification.

Mining, Staking, Airdrops, Hard Forks

Mining, staking rewards, airdrops, and hard fork distributions are treated as other income at the moment of receipt, valued at fair market value in CZK on the receipt date, with deductions limited to direct costs. Active staking and crypto lending do not automatically benefit from the 3-year time test because they generate continuous income rather than holding gains.^[23]

DAC8 / CARF

Czech CASPs are subject to the automatic exchange-of-information regime for crypto-assets under DAC8 and the OECD Crypto-Asset Reporting Framework (CARF). The Czech implementing legislation followed the EU directive transposition timeline, with reporting obligations commencing 1 January 2026 and first reporting expected in 2027.

Ongoing Compliance & Post-Registration

Authorised Czech CASPs maintain ongoing prudential, AML/CFT, ICT/DORA, market conduct, complaints handling, and reporting obligations under CNB and FAÚ supervision. These are continuous obligations rather than one-off filings.

Prudential and Reporting

Own funds must be maintained at the higher of the Annex IV class floor and one-quarter of fixed overheads at all times. The CNB requires periodic reporting per Implementing Regulation 2024/2902 (ART/EMT reporting where applicable), plus statistical and supervisory returns specific to the Czech supervision plan. Material changes (new services, qualifying-holding changes, management-body changes) require pre-notification under MiCAR Art. 63 and 84.

AML/CFT Supervision

The FAÚ retains AML/CFT supervisory authority for CASPs as obliged entities under section 2(1)(b)(15) of the AML Act.^[11] The Travel Rule (Reg. (EU) 2023/1113) has applied directly since 30 December 2024,^[8] requiring originator and beneficiary information to accompany crypto-asset transfers. Sanctions screening against the EU consolidated list, UN sanctions, and OFAC SDN is expected daily. Suspicious transaction reports must be filed without undue delay to the FAÚ under Art. 18 of the AML Act, with strict confidentiality of the filing. The new EU Anti-Money Laundering Authority (AMLA, Frankfurt) commences direct supervision of selected high-risk EU obliged entities from 1 July 2027; the FAÚ will continue as Czech supervisor for the majority of Czech CASPs under AMLA coordination.

ICT Risk Management and Operational Resilience (DORA-aligned summary)

A standalone ICT section follows immediately below. The ongoing-compliance level summary: a DORA-aligned ICT risk-management framework, classified incident reporting to the CNB within DORA timelines, a third-party ICT risk register and contractual alignment with DORA Art. 30, and threat-led penetration testing for CASPs meeting the DORA significance criteria.

Marketing and Conduct

Marketing communications must comply with MiCAR Art. 66 on honesty, fairness, and the prohibition of misleading statements. ESMA has explicitly warned national supervisors against "MiCA washing," and the CNB is expected to monitor online and influencer marketing actively. Marketing aimed at retail clients must include the prescribed risk warnings.

Complaints Handling and ADR

Per Delegated Regulation 2025/294, CASPs must maintain a written complaints handling policy with acknowledgement, time-bound response, escalation path, and internal complaints register. The Czech statutory out-of-court alternative dispute resolution body for retail financial-services disputes is the Finanční arbitr (Financial Arbitrator), whose competence was extended to MiCA services via the Digital Finance Act package.

Compliance Documentation Partner

Jagelski & Partners coordinates ongoing compliance documentation through specialist legal and compliance partners with active Czech CASP practice. Ongoing-compliance scope typically covers periodic CNB returns, AML manual updates following FAÚ guidance changes, DORA incident-classification reviews, marketing-communication sign-off, complaints register maintenance, and pre-notification of material changes.

ICT Risk Management & Operational Resilience

Czech CASPs are subject to the Digital Operational Resilience Act (DORA, Regulation (EU) 2022/2554) from 17 January 2025. The framework requires a documented ICT risk-management framework, classified incident reporting, third-party ICT risk management, regular testing, and threat-led penetration testing for significant CASPs.

The DORA Stack for Czech CASPs

DORA applies to CASPs as in-scope financial entities under Art. 2(1)(p) of the Regulation.^[9] The framework runs across five pillars: (1) ICT risk management, (2) ICT-related incident management and reporting, (3) digital operational resilience testing, (4) management of ICT third-party risk, and (5) information and intelligence sharing. The CNB is the competent authority for DORA supervision in the Czech Republic, coordinating with the European Supervisory Authorities for cross-border and significance assessments.

ICT Risk-Management Framework

A documented framework approved by the management body must cover risk identification, protection and prevention, detection, response and recovery, learning and evolution. Czech CASPs must designate a control function for ICT risk that is independent from operational ICT and reports directly to the management body. The framework is reviewed at least annually and after each material ICT incident.

Incident Classification and Reporting

ICT-related incidents must be classified per the criteria in Commission Delegated Regulation 2024/1772 (impact on clients, transactions, data, duration, geographical spread, economic impact, reputational impact). Major ICT incidents trigger reporting to the CNB within prescribed timelines: an initial notification within 4 hours of classification, an intermediate report within 72 hours, and a final report within one month. Reporting templates follow the EBA/ESMA/EIOPA Implementing Technical Standards.

Third-Party ICT Risk

Czech CASPs maintain an outsourcing register and align all contractual arrangements with critical or important ICT third-party providers to DORA Art. 30. The required terms include service-level agreements, security incident reporting, audit and inspection rights, exit strategies, sub-outsourcing controls, and termination triggers. The European Supervisory Authorities maintain an EU-wide register of Critical Third-Party Providers; Czech CASPs flagged as customers of CTPPs are subject to additional oversight.

Testing

A regular programme of ICT-resilience testing is required for all in-scope entities. CASPs meeting the DORA significance criteria (size, criticality, complexity) are additionally subject to threat-led penetration testing (TLPT) at least every three years, coordinated by the CNB and aligned with the TIBER-EU framework where applicable.

Banking

Czech CASPs source banking and payment services from universal Czech banks, EU-licensed EMIs, and specialist crypto-friendly payment institutions. Onboarding timelines run 8 to 16 weeks for traditional banks and 4 to 10 weeks for EMIs.

The Banking Landscape

Three archetypes of banking providers serve Czech CASPs. Universal Czech banks with regional parent groups apply conservative onboarding policies and typically require a granted CASP authorisation, full segregation architecture, AML sample-testing, and a relationship case for the engagement. Onboarding timelines are 8 to 16 weeks. Domestic-focused universal banks are more open and relationship-led; some accept pre-authorisation onboarding for applicants with strong governance and clean AML profiles. EU-licensed electronic money institutions and specialist payment institutions provide IBAN, SEPA, and multi-currency rails more readily, often acting as an interim provider while the CASP secures bank-grade onboarding. Stablecoin and crypto-fiat settlement rails are typically sourced from a separate set of specialist providers with MiCAR-aligned compliance.

Why Banking Is Often the Binding Constraint

For mid-2026 applicants, banking onboarding is the single most common cause of timeline slippage between filing and authorisation. The CNB requires confirmation of initial capital placement in an EEA-bank account before issuing authorisation; an EMI account or a non-EEA bank account does not satisfy this. Operators who file the CASP application before banking is locked in often discover that the bank's onboarding diligence (which itself can take 12 weeks) gates the CNB's final decision. The practical sequencing is: bank engagement begins in parallel with dossier preparation, not after filing.

Crypto-Fiat Settlement

Authorised Czech CASPs benefit from MiCAR Art. 65 EU passporting for crypto-asset services, but passporting does not extend to fiat rails. A CASP processing fiat on-ramp and off-ramp at scale typically pairs the Czech CASP with either an EMI passport from another EU member state or a third-party banking partnership. The EU-wide shift toward MiCA-compliant euro stablecoins has eased some of the fiat-substitute access friction relative to 2024, but euro-stablecoin custody and transfer trigger the EMT-PSD2 capital cumulation discussed in the License Types section above.^[17]

Banking Coordination

Jagelski & Partners coordinates banking placement for Czech CASP applicants through a network of more than ninety banking and EMI institutions across the EU, United Kingdom, and adjacent jurisdictions. We pre-qualify each applicant against the network before opening conversations with providers, so that the operator engages institutions with a high probability of acceptance rather than running a wide and unmanaged search. Pre-qualification typically removes 8 to 12 weeks from the realistic banking-onboarding timeline. Open a Czech crypto business account through our banking network.

FATF Status & International Standing

The Czech Republic is a FATF-clear jurisdiction, evaluated by the Council of Europe's MONEYVAL. It is an EU member state subject to the AML Directives and AMLA coordination, fully aligned with FATF Recommendations, with no current grey-list or blacklist exposure.

FATF and MONEYVAL Standing

The Czech Republic is assessed by MONEYVAL, the Council of Europe permanent monitoring body whose mutual evaluations are mutually recognised by FATF. The Czech Republic is not on the FATF grey list (Jurisdictions under Increased Monitoring) or blacklist (High-Risk Jurisdictions subject to a Call for Action), and the MONEYVAL fifth-round evaluation concluded with a positive overall assessment of the Czech AML/CFT framework. The CNB and FAÚ jointly handle implementation of the EU AML Directives, with the Czech AML Act (No. 253/2008 Coll.) most recently amended through Act 32/2025 Coll. to align with MiCAR and the Travel Rule.^[11]

EU AML Stack

As an EU member state, the Czech Republic transposes the AML Directives directly and will fall under the European AML Authority (AMLA, Frankfurt) for selected high-risk cross-border supervision from 1 July 2027. The Czech Republic participates in the EU AML/CFT framework on the same terms as other member states, with no carve-outs and no enhanced-due-diligence flag.

Practical Implication for Banking and Counterparty Diligence

A Czech CASP authorisation is a fully recognised EU credential for the purposes of correspondent banking, counterparty onboarding, and institutional client diligence. There are no FATF-driven enhanced-due-diligence triggers attaching to a Czech-incorporated CASP for international counterparties, and the Czech CASP authorisation carries equivalent standing to a German, Dutch, or French authorisation in MiCAR's mutual recognition scheme.

Advantages and Limitations

The Czech offer combines a credible regulator with active throughput, the EU's most attractive personal-investor crypto tax regime, a working cost base, and full EU passporting. The counterweights are smaller English-language consultancy depth than Lithuania, no pre-licensing consultation channel, Czech-language procedural defaults, and less institutional prestige than Frankfurt or Dublin.

• ✓ Active CNB throughput and credibility. CNB Lab AI-assisted file review delivers volume without compromising the human authorisation decision.^[1]
• ✓ The strongest personal-investor crypto tax regime in the EU outside Germany. 3-year holding exemption up to CZK 40 million per year (cap retained for crypto from 1 January 2026 after abolition for securities), CZK 100,000 annual de minimis, effective 15 February 2025.^[12][13][22]
• ✓ Working cost base. First-year all-in budget €200,000–€475,000 (excluding capital), ongoing €250,000–€600,000, materially below Frankfurt, Dublin, or Luxembourg comparators.
• ✓ Full EU passporting. MiCAR Art. 65 passport into all 27 member states from a Czech CASP authorisation.
• ✓ CET timezone and English-friendly correspondence in practice. Czech-language procedural defaults exist, but the CNB engages constructively in English with foreign applicants and the dossier can be substantially in English with sworn Czech translations only on the binding documents.
• × No pre-licensing consultation channel. The CNB formally confirmed on 10 July 2025 that pre-licensing consultations are no longer offered.^[2] Mitigation: applicants compensate by over-preparing the dossier and engaging Czech counsel with prior CNB CASP experience; several tier-1 Czech firms have active CASP practice.
• × Smaller English-language consultancy ecosystem than Lithuania or Estonia. Mitigation: tier-1 Czech firms cover the gap, but engagement fees sit above the Baltic alternatives; budget €80,000+ for a tier-1 Czech firm with an active CASP track record.
• × Czech-language procedural defaults. Some communications and binding decisions issue in Czech. Mitigation: sworn translation budgets and bilingual counsel mitigate this; the dossier itself can be largely in English.
• × Less institutional address prestige than Frankfurt, Paris, or Dublin. Mitigation: for institutional clients who weight regulator prestige heavily (large funds, listed counterparties), Germany or Ireland may be the right fit despite higher cost. For most operators, the Czech credential is fully sufficient under MiCAR mutual recognition.

How Czech Republic Compares

The Czech Republic sits in the EU/EEA MiCA Cost-Leaders cluster alongside Estonia, Slovakia, and Poland, with Malta as the established crypto-centre cross-tier comparator. Estonia is the regional cost-leader benchmark; Slovakia offers a faster-filing alternative within CEE; Poland is the largest CEE market but is still working through MiCAR implementation friction; Malta is the established-centre upgrade for operators needing institutional weight.

Compare every crypto jurisdiction side by side →

The Czech Republic outranks Estonia on regulator throughput (248 versus 1 authorisation as of early 2026) and personal-investor tax (3-year exemption versus Estonia's standard 22% on distribution). Estonia retains an edge on retained-profit taxation: 0% Estonian corporate tax on retained profits is structurally more attractive for capital-accumulating CASPs. Slovakia is the closest comparator on timeline and cost and is plausibly faster for clean dossiers, but with a substantially smaller CASP pipeline to date and less practitioner depth. Poland is the largest CEE market by population and crypto adoption (900+ pre-MiCA VASPs) but has experienced KNF MiCAR implementation friction documented in early 2026 commentary.^[24] Malta carries more institutional prestige but at materially higher cost.

When Czech Republic Is the Right Choice

Choose the Czech Republic if you...

• Need a fully credible EU CASP authorisation with active regulator throughput
• Value the personal-investor tax regime for founder and key-employee crypto holdings
• Plan to operate from a Czech or CEE substance base
• Want EU passporting without Frankfurt-tier cost

Consider alternatives if you...

• Need 0% taxation on retained profits: Estonia is the deferred-tax benchmark
• Need the fastest possible filing into a clean MiCAR regime: Slovakia typically runs 6–12 months
• Need maximum institutional prestige for a large fund or listed counterparty audience: Malta is the established-centre upgrade
• Are targeting the Polish domestic market specifically: Poland, once KNF implementation stabilises

Not sure which column is you? Ask Emma. She compares these jurisdictions in seconds, in your language.

Common Mistakes in Czech Republic Applications

The CNB has flagged consistent rejection patterns through Bank Board commentary, practitioner retrospectives, and FOI responses. Five recurring mistakes account for the majority of avoidable timeline slippage and rejection risk on Czech CASP applications.

• Vague programme of operations. Generic descriptions of "custody and exchange of crypto-assets" without service-by-service legal and technical detail are the most common rejection ground. Practitioners who obtained two of the first six Czech CASP authorisations have publicly stated that a simple list will not suffice and that the regulator expects clear explanation of client rights, fund and asset segregation, custody architecture, and the technical structure of each service.^[20] The correct approach is to draft the programme of operations one CASP service category at a time, with explicit cross-references to the AML manual, custody policy, and outsourcing register.
• Reliance on virtual offices and absent UBOs. The CNB no longer accepts virtual offices and inspects physical premises during the licensing process.^[14][18] Applications where UBOs and key management have no physical or operational presence in the Czech Republic face direct challenge from the CNB. Practitioner commentary puts the point bluntly: the CNB is not naive and expects real management presence and genuine decision-making substance.^[21] The mitigation is straightforward: secure a substance-grade Prague office, appoint an EU-resident director with genuine authority, and hire MLRO and ICT functions on Czech employment contracts rather than as offshored fractional roles.
• Template-driven AML and DORA documentation. AML manuals copied from generic templates and DORA frameworks built from EU ESA published templates without operator-specific customisation are flagged by the CNB on completeness review. Both documents must reflect the operator's actual customer mix, jurisdictional exposure, custody architecture, and ICT vendor stack. Template-driven documentation typically triggers Article 63 stop-the-clock requests that add 4 to 12 weeks to the overall timeline.
• Misclassification of CASP service class. Applicants frequently scope themselves into a lower class than their actual services require, either by misreading the MiCAR Annex IV mapping or by underestimating which services fall in which class. The correct approach is to map every product offering to one of the ten MiCAR service categories before filing, then capitalise to the highest class among the services for which authorisation is sought.
• Capital placed in a non-EEA bank at filing. Initial capital must be paid into an EEA-bank account, with evidence of segregation and source-of-funds documentation, before the CNB issues authorisation. Capital sitting in a non-EEA bank, in stablecoins, or in a group treasury structure that does not satisfy segregation will block the final stage of CNB assessment until corrected. The mitigation is to open the EEA-bank account in parallel with the dossier preparation, not after filing.

Frequently Asked Questions

References