MiCA CASP License in Latvia

Why Choose Latvia for Crypto Licensing?

Latvia offers MiCA CASP authorisation with Latvijas Banka acting as the single competent authority across all MiCA Titles. Five CASPs have been authorised as of May 2026, supported by pre-licensing consultations, an Innovation Hub, and a Regulatory Sandbox at the central bank.

Latvijas Banka took over crypto supervision in stages: the Financial and Capital Market Commission was integrated into the central bank on 1 January 2023, and the Crypto-Asset Services Law entered into force on 30 June 2024, designating Latvijas Banka as the national MiCA competent authority for all four crypto-asset Titles.^[1][4] Five Latvian SIAs hold CASP authorisations as of May 2026: BlockBen SIA (3 December 2025), Nexdesk SIA (10 December 2025), SIA Paybis Europe (12 May 2026), Neverless SIA (20 May 2026), and Trek Technologies SIA (27 May 2026).^{[8][9][10][18]}

Lowest Application Fee in the EU

The CASP application fee at Latvijas Banka is fixed at €2,500, the lowest of any EU Member State.^[1] The annual supervisory levy is capped at 0.6% of gross crypto-asset revenue with a €3,000 floor.^[5] Latvia’s €2,500 fee plus capped supervision works out roughly €500 lower on initial application than the €3,000 charged in some peer Member States, and €1,000–€5,000 lower in years where revenue is still scaling.^[19]

Single Competent Authority Across All MiCA Titles

The European Securities and Markets Authority’s notification list assigns Latvijas Banka responsibility for all MiCA Titles: II, III, IV, V, and VI.^[3] Operators do not pass an Article 60 simplified notification to one regulator and a CASP authorisation to another. Lithuania applies the same single-authority model; Cyprus also assigns its regulator the full Title V perimeter. The practical effect in Latvia is one set of supervisory contacts across crypto-asset services, asset-referenced token issuance, e-money token issuance, and white paper review.

Regulator-Led Pre-Licensing Dialogue

Latvijas Banka publishes a 48-hour response standard for Innovation Hub queries and offers free pre-licensing consultations before incorporation.^[13] The central bank has stated that its framework is designed to streamline licensing processes and reduce barriers to entry^[6]; and the Regulatory Sandbox lets applicants test live business-model questions, such as whether a particular custody arrangement triggers Class 2 or Class 3 own-funds, before paying the application fee.

Dual MiCA + PSD2 Authorisation Pathway

Latvijas Banka is the first EU regulator to grant a same-day combined MiCA CASP and PSD2 payment-institution authorisation, awarded to SIA Paybis Europe on 12 May 2026.^[10] For operators planning to handle fiat rails alongside crypto-asset services, this anchors the payment perimeter inside the same supervisor’s remit: a structural advantage when banking partners assess regulatory risk. Lithuania and other Baltic peers technically permit dual authorisations, but none has yet processed one in a single decision window.

Regulatory Framework

The Latvian crypto licensing framework rests on two instruments: Regulation (EU) 2023/1114 (MiCA) and the national Crypto-Asset Services Law, adopted by Saeima on 13 June 2024 and in force since 30 June 2024. Latvijas Banka is the sole national competent authority, and substantive Title V CASP requirements have applied since 30 December 2024.^[1][2]

The Latvian implementation law, Kriptoaktīvu pakalpojumu likums, designates Latvijas Banka as the competent authority, fixes the fee schedule, and introduces administrative sanctions up to €5 million or 3% of total annual turnover or twice the gain obtained, whichever is highest.^[1] Saeima adopted the law in final reading on 13 June 2024; substantive requirements applied from 30 December 2024 in line with MiCA Title V’s EU-wide commencement.^[17] Latvijas Banka began accepting CASP applications on 2 January 2025, with the first authorisation issued on 3 December 2025, eleven months after applications opened.^[7][8]

Regulatory History

Before MiCA, Latvia operated a registration-only regime: virtual asset service providers registered with the State Revenue Service for AML purposes under the Law on the Prevention of Money Laundering and Terrorism and Proliferation Financing. The State Revenue Service register held only a handful of registered VVPs (virtuālās valūtas pakalpojumu sniedzēji), while the Financial Intelligence Unit and the Latvian Blockchain Development Association estimated 30–40 firms operated in or from Latvia in total.^[20]

The Crypto-Asset Services Law replaced the registration regime with a full authorisation framework. A transitional period allowed VID-supervised entities to continue operating without Latvijas Banka authorisation until 30 June 2025, provided they had filed a CASP application before that date. Grandfathering has now closed; all crypto-asset service activity in Latvia requires Latvijas Banka authorisation. The Financial and Capital Market Commission (FCMC) was integrated into Latvijas Banka on 1 January 2023, consolidating crypto, banking, capital markets, and insurance supervision into a single institution with 539 employees and nine departments handling former FCMC functions.^[16]

Earlier in the decade, the ABLV Bank case set the supervisory tone. In February 2018, FinCEN designated ABLV, then Latvia’s third-largest lender, a primary money-laundering concern under Section 311 of the USA PATRIOT Act. ABLV self-liquidated; its banking licence was cancelled in July 2018. FinCEN withdrew the designation on 27 September 2024, citing notable progress made by the Government of Latvia to substantially strengthen its AML/CFT regime through a series of meaningful legal and regulatory reforms of its financial sector.^[22] The reforms (shell-company restrictions in 2018, FID independence, the 2023 FCMC merger, the 2024 centralisation of EU sanctions enforcement at FID) set the institutional posture that now applies to CASP supervision.

Recent Regulatory Developments

• 27 May 2026, Trek Technologies SIA CASP licence. Latvijas Banka issued the fifth Latvian CASP authorisation to Trek Technologies SIA (Backpack EU), with a simultaneous payment-institution licence.^[12]
• 20 May 2026, Neverless SIA CASP licence. Fourth Latvian authorisation.^[11]
• 12 May 2026, SIA Paybis Europe MiCA + PSD2 dual licence. The first Latvian operator to receive a CASP authorisation and a payment-institution licence in the same decision.^[10]
• 1 January 2026, DAC8 reporting obligations begin. Crypto-asset service providers must collect and report counterparty and transaction data to the State Revenue Service; first reports due 2027 for the 2026 tax year.^[21]
• 10 December 2025, Nexdesk SIA CASP licence. Second authorisation.^[9]
• 3 December 2025, BlockBen SIA CASP licence. First Latvian CASP authorisation under MiCA.^[8]
• 30 June 2025, VASP grandfathering closes. Final date by which legacy VID-supervised entities had to file an application with Latvijas Banka to continue operating during review.
• 17 January 2025, DORA applies. Digital Operational Resilience Act (Regulation (EU) 2022/2554) becomes applicable to CASPs as financial entities.^[14]
• 2 January 2025, Latvijas Banka opens CASP applications.^[7]
• 30 December 2024, MiCA Title V applies; Travel Rule applies.^[2]
• 30 June 2024, Latvian Crypto-Asset Services Law enters into force.^[1]

Regulatory Overlap

Four regimes intersect with the Latvian CASP authorisation. The Markets in Crypto-Assets Regulation governs licensing scope, prudential requirements, conduct of business, and white-paper disclosure. The Transfer of Funds Regulation (Regulation (EU) 2023/1113) imposes Travel Rule originator-beneficiary data transmission for all crypto-asset transfers and applies from 30 December 2024, mirroring MiCA’s CASP date. The Digital Operational Resilience Act imposes ICT risk management, incident reporting, and third-party risk controls from 17 January 2025. The Latvian Law on the Prevention of Money Laundering and Terrorism and Proliferation Financing applies to all CASPs as financial-sector obligated entities, with FID (Finanšu izlūkošanas dienests) as the financial intelligence unit and centralised authority for EU sanctions enforcement in Latvia since 1 April 2024.^[20]

The common mistake is treating these four regimes as sequential compliance projects. In practice, Latvijas Banka inspects them as one integrated control framework; an AML programme that ignores DORA-relevant outsourcing of KYC vendors will fail the substantive review even if the AML manual is otherwise complete.

Tokenised Securities and RWA

MiCA Article 2(4) excludes crypto-assets that qualify as financial instruments, so a tokenised security (a tokenised share, bond, or fund unit) sits outside MiCA. In Latvia it is regulated under MiFID II, the Prospectus Regulation, and the EU DLT Pilot Regime (Regulation (EU) 2022/858), supervised by Latvijas Banka under the securities regime rather than under MiCA. ESMA’s Guidelines on the qualification of crypto-assets as financial instruments set the boundary between the two regimes. The honest point: a Latvian MiCA CASP authorisation does not cover tokenised securities or real-world-asset tokens that qualify as financial instruments; those follow the MiFID securities route. Where the structure is a tokenised fund rather than a security, see fund licensing.

License Types and Activities Covered

A single Latvia CASP authorisation can cover up to ten crypto-asset services defined under MiCA Article 3. The services are grouped into three prudential classes determining minimum own-funds. Latvian-supervised existing financial institutions (credit institutions, EMIs, investment firms, AIFMs) may also use the simplified Article 60 notification regime instead of full authorisation.

Covered Activities

The ten MiCA Article 3 crypto-asset services available under a Latvia CASP authorisation are listed below with MiCA Annex IV class mappings.

• Reception and transmission of orders. Routing client orders to a trading platform or other CASP for execution. Applies to brokerage models without trade execution. Class 1: €50,000 own-funds floor.
• Execution of orders on behalf of clients. Acting on the client’s instructions to buy or sell crypto-assets. Applies to dealing desks and OTC desks. Class 1.
• Advice on crypto-assets. Personalised investment recommendations on specific crypto-assets. Applies to advisory-only firms and integrated wealth managers. Class 1.
• Portfolio management of crypto-assets. Discretionary management of client crypto-asset portfolios. Class 1.
• Custody and administration of crypto-assets on behalf of clients. Holding and safekeeping client crypto-assets, key management, and recordkeeping. Applies to wallet providers and custody specialists. Class 2: €125,000 own-funds floor.
• Exchange of crypto-assets for funds. Trading crypto-assets against fiat currencies. Applies to most retail-facing exchanges and on-ramps. Class 2.
• Exchange of crypto-assets for other crypto-assets. Crypto-to-crypto trading. Applies to most exchanges. Class 2.
• Placing of crypto-assets. Distributing newly issued crypto-assets to clients on behalf of the issuer. Applies to launchpads and ICO/STO placement agents. Class 2.
• Transfer services for crypto-assets on behalf of clients. Moving crypto-assets between addresses or accounts. Applies to wallet providers offering transfer-as-a-service. Class 2.
• Operation of a trading platform for crypto-assets. Running a multilateral system matching buy and sell orders. Applies to centralised exchanges. Class 3: €150,000 own-funds floor.

Applicants select which services they wish to provide; the authorisation perimeter is the union of those services, and the own-funds requirement is the highest class within the selected scope.

Simplified Article 60 Notification Regime

Existing Latvijas-Banka-supervised entities (credit institutions, investment firms under MiFID II, electronic money institutions under EMD2, payment institutions under PSD2, AIFMs, and UCITS management companies) may provide crypto-asset services by notification rather than full authorisation. The notification is governed by Commission Delegated Regulations 2025/303 and 2025/304 and is subject to a 40-working-day review under MiCA Article 60.^[2] The notification path does not waive substance requirements; it streamlines the supervisory completeness check by reusing existing fit-and-proper and governance evidence.

The Paybis Europe authorisation issued 12 May 2026 is a closely related precedent: same-applicant CASP and PSD2 authorisations granted in a single decision window, with Latvijas Banka acting as competent authority for both regimes.^[10]

What Does NOT Require CASP Authorisation

• Pre-MiCA white-listed crypto-assets that qualify as financial instruments under MiFID II. Tokens already characterised as transferable securities, money-market instruments, or other financial instruments fall under MiFID II and the Latvian Investment Services Law, not MiCA.
• Asset-referenced token (ART) and e-money token (EMT) issuance. Governed by MiCA Titles III and IV. Separate authorisation processes, both within Latvijas Banka’s competence but procedurally distinct from CASP authorisation.
• Pure software development without service provision. Wallet software developers, smart-contract authors, and protocol-development firms that do not hold client assets, route client orders, or operate trading platforms fall outside Title V’s CASP perimeter.
• Mining and validation activities. Proof-of-work mining and proof-of-stake validation do not constitute crypto-asset service provision under MiCA Article 3.
• Pre-MiCA non-fungible tokens not constituting financial instruments and not part of a fungible series. MiCA recital 11 and Article 2(3) carve out genuinely unique, non-fungible NFTs.

Requirements

A Latvia CASP authorisation requires (1) a Latvian-registered SIA with the chosen services in its constitutional documents, (2) minimum own-funds of €50,000–€150,000 depending on class, (3) a physical office in Latvia, (4) at least one Latvian-resident management board member, (5) a locally-positioned MLRO, and (6) a complete MiCA Article 62 dossier.

Capital Requirements

The MiCA Annex IV own-funds floor applies directly in Latvia without national gold-plating:

• Class 1 (€50,000): covers reception/transmission, execution, advice, portfolio management.
• Class 2 (€125,000): Class 1 services plus custody, exchange, placing, and transfer services.
• Class 3 (€150,000): all Class 2 services plus operation of a trading platform.

Own-funds must equal at least one-quarter of the prior year’s fixed overheads at any time (MiCA Article 67(1)(b)). Capital must be fully paid in monetary form and segregated from operating cash. As an alternative to capital, MiCA Article 67 permits an insurance policy or comparable guarantee covering the same amount, subject to insurer rating and scope conditions; but in practice, Latvijas Banka treats capital and insurance as functionally equivalent only for the operational scenarios MiCA explicitly contemplates.^[2]

Governance and Management Body

MiCA Article 68 requires the management body to have at least two members, all subject to fit-and-proper assessment under the EBA/ESMA Joint Guidelines on suitability (EBA/GL/2024/09, ESMA75-453128700-10). Suitability covers reputation, skills, experience, time commitment, and conflicts of interest. The registered office and place of effective management must be in the EU (MiCA Article 59(2)), with at least one director resident in the EU. Latvijas Banka’s substance test goes beyond this minimum: industry practice consensus is that at least one management board member must be resident in Latvia, the named CEO must be available for in-person regulator meetings in Riga, and the management body must convene physically in Latvia at least quarterly.^[13]

The common mistake is treating the local-management requirement as a one-director box-tick. In practice, Latvijas Banka examines whether the named director actually convenes the management body in Latvia and signs operational decisions there, and applicants that fail this test in the substantive review usually have to restructure mid-application.

Compliance Officer and MLRO

Three control functions are mandatory: an AML/CFT Compliance Officer (the MLRO under the Latvian AML Law), a separate Risk Officer for prudential and operational risk, and a Compliance function for MiCA conduct-of-business obligations. The MLRO must be able to demonstrate working knowledge of the Latvian AML Law and the EU Travel Rule framework; the position may be English-speaking provided the regulator’s correspondence in Latvian can be processed. The annual AML audit may be conducted by an external firm based outside Latvia, but the rationale and scope must be agreed with Latvijas Banka in advance.^[13]

Local Presence and Substance

Latvijas Banka enforces this through documentary evidence (lease agreements, employment contracts, board minutes) and through on-site visits in the substantive review and the first year of supervision.

Programme of Operations

The Programme of Operations is the central narrative document of the application: it describes the business model, target customers, geographies, products, transaction flow, risk profile, organisational structure, and three-year financial projections. The document must be jurisdiction-specific to Latvia, not generic. Latvijas Banka’s Financial Technology Supervision Department has stated that a licence issued by Latvijas Banka is a mark of quality^[13]; that supervisory framing translates into substantive review of the Programme of Operations against actual operational capability, not document tidiness.

Application Process

The Latvia CASP application runs in six stages over 6–9 months: pre-licensing consultation, SIA incorporation, dossier preparation, submission with €2,500 fee, 25-working-day completeness check, and 40-working-day substantive review. The realistic end-to-end calendar elapse, including preparation, is 6–9 months for a well-prepared Class 2 application.^[7]

Latvijas Banka’s official correspondence with applicants is conducted in Latvian; application documents may be submitted in English, but key supporting documents typically require Latvian or sworn translation. Pre-licensing consultations may be held in English.^[5]

Pre-application engagement. Latvijas Banka publishes a 48-hour response standard for Innovation Hub queries and offers a structured pre-licensing consultation that examines the business model, shareholders, source of capital, planned services, transaction flow, technical solutions, and target customers. The consultation is free of charge; the response timeline is up to 30 days from request, depending on volume.^[13]

Jagelski & Partners’ specialist compliance partners draft Latvia-specific AML/CFT policy manuals, Travel Rule procedures referencing the FID’s published expectations, sanctions screening frameworks aligned with FID-issued lists, and DORA ICT risk-management documentation as part of the CASP licensing engagement. The compliance documentation is the most time-intensive component of any Latvia CASP application: 8–12 weeks of specialist work that cannot be shortcut with templates carried over from VID-era VASP registrations or other jurisdictions. Book a Licensing Assessment →

Experienced applicants book the pre-licensing consultation before incorporation, because Latvijas Banka uses that meeting to flag structural issues (opaque UBO chains, weak source-of-funds documentation, mismatched director substance) that are expensive to rebuild after the SIA is registered.

Required Documents

Latvijas Banka follows MiCA Article 62 and the supporting ESMA RTS (ESMA18-72330276-1634) on the information to be included in the CASP application. Documents fall into five categories: corporate, personal, compliance, business plan, and technology. Compliance documentation is the most heavily scrutinised category and the most jurisdiction-specific.

Corporate Documents

• SIA registration documents (Commercial Register extract, founding declaration, articles of association).
• Proof of paid-up share capital matching the prudential class.
• Group structure chart down to ultimate beneficial owners (UBOs) and up to controlling shareholders.
• Constitutional amendments authorising the CASP business object and segregation arrangements.

Personal Documents (All Directors, Officers, UBOs ≥10%, Qualifying Shareholders)

• Identity verification documentation.
• Curriculum vitae and professional history (last 10 years).
• Criminal record certificates from every country of residence in the last 10 years.
• Credit reports and personal financial-standing evidence.
• Self-declarations on fit-and-proper criteria per EBA/ESMA Joint Guidelines on suitability.
• Source-of-funds documentation for the paid-up capital.

Compliance Documentation

The compliance documentation is the most heavily scrutinised component of any Latvia CASP application. Jagelski & Partners’ specialist compliance partners draft each of these documents as part of the licensing engagement: bespoke and Latvia-specific, not templates adapted from other jurisdictions. Each document must reflect the applicant’s specific business model, risk profile, and operational structure.

Business Plan and Financial Projections

Three-year projections covering revenue, cost, capital, and liquidity. Stressed scenarios must include the EBA-suggested macroprudential and ICT-event stress paths. The Programme of Operations is the narrative companion.

Technology and Operational Documentation

DORA ICT framework documentation (covered in detail in the DORA section below), cybersecurity policy, business-continuity and disaster-recovery plans, key-management procedures for hot and cold custody (where applicable), penetration-testing arrangements, and a vendor/sub-outsourcing register.

Costs and Pricing

Latvia CASP authorisation costs €185,000–€500,000 in Year 1 for a typical Class 2 applicant. The application fee at Latvijas Banka is €2,500. Ongoing supervision is funded by an annual levy of up to 0.6% of gross crypto-asset revenue (minimum €3,000).^[1][5]

Government / Latvijas Banka Fees

The €2,500 application fee is the lowest of any EU competent authority. Peer Baltic and CEE regulators sit in the same €2,500–€3,500 range, with some charging €3,000.^[19] Latvia’s supervisory levy structure (capped 0.6% of crypto revenue with a €3,000 floor) materially benefits operators in the first 2–3 years of trading, where revenue is below the level at which the percentage levy exceeds the floor.

Total Cost Summary

The authorisation is indefinite. Latvia does not impose periodic licence renewal. The annual supervisory levy is the ongoing regulatory cost; the larger ongoing-cost driver is the locally-positioned compliance, risk, and management team that maintains the substance Latvijas Banka inspected at application.

The real constraint is not the €2,500 application fee, it is the €100,000–€300,000 of pre-authorisation legal, MLRO, and substance build that the published cost schedule does not capture. Applicants that approach the budget on Latvijas Banka’s fee alone consistently underestimate Year 1 cash burn by a factor of 50 or more.

Latvia is positioning on regulator quality and accessibility rather than ecosystem depth, a credible bet for growth-stage CASPs that value pre-licensing dialogue and accept that the surrounding talent pool is smaller than in the larger Baltic hubs.

Timeline

Realistic end-to-end timeline is 6–9 months from kick-off to authorisation. Statutory review is bounded at 65 working days (25 completeness + 40 substantive). The variable is the preparation phase, where genuinely complete dossiers reach Latvijas Banka within 3–6 months and incomplete dossiers extend the calendar elapse materially.

Latvijas Banka has targeted a roughly 3-month review window for well-prepared applications utilising pre-licensing consultations.^[7] The five authorisations issued between December 2025 and May 2026 cluster around the upper end of that target: applications filed during the first half of 2025 received decisions roughly 9–14 months later, reflecting the front-loaded review work in the first wave of applicants. By May 2026, Latvijas Banka had 15 fintech applicants in licensing stage and 29 in pre-licensing consultation across all sectors, with 8 fintech licences issued in 2025 and 7 in 2026 year-to-date.^[13]

Taxation

Latvia is a deferred-distribution corporate tax jurisdiction: 0% CIT on retained or reinvested profits, 20% CIT (25% effective after the 0.8 gross-up) on distributed profits. Crypto-to-fiat exchange services are exempt from VAT under the CJEU Hedqvist decision. DAC8 reporting obligations begin 1 January 2026.^[21]

Crypto-Asset Accounting and Latvian PIT

For Latvian-resident individuals, crypto-assets are treated as a capital asset and taxed under the general capital-gains rules, with crypto gains and losses matched against each other to determine the annual result. As of June 2026, the standard rate on income from capital and capital gains is 25.5%; individuals should confirm the rate applicable to their specific transactions with the State Revenue Service, as transitional rates apply to certain pre-2025 disposals.^[21] Companies trading crypto-assets are taxed under the standard CIT regime: 0% on retained, 20% on distributed. From 1 January 2026, an alternative 15% CIT plus 6% PIT regime is available for companies whose shareholders are exclusively natural persons.^[21]

DAC8 and CARF Reporting

Council Directive (EU) 2023/2226 (DAC8) was transposed into Latvian law and applies from 1 January 2026.^[21] Both EU-based and non-EU crypto-asset service providers must report transactions involving EU tax residents to the State Revenue Service. First reports are due in 2027 for the 2026 tax year. The OECD Crypto-Asset Reporting Framework (CARF) timelines align with DAC8 for the EU implementation. Reporting CASPs must complete onboarding-time tax-residency self-certifications for all clients.

Pillar Two (Global Minimum Tax)

Latvia transposed the EU Pillar Two Directive (Council Directive (EU) 2022/2523) but exercised the Article 50 derogation available to Member States with no more than twelve in-scope multinational groups, deferring the Income Inclusion Rule, the Undertaxed Profits Rule, and a qualified domestic minimum top-up tax until 2030. The 15% global minimum tax applies to multinational groups with consolidated revenue exceeding €750 million, a threshold unlikely to affect standalone Latvia-domiciled CASPs. During the deferral, an ultimate parent entity in Latvia that is part of an in-scope group designates a foreign reporting entity to meet the group’s top-up-tax obligations elsewhere; the standard Latvian CIT regime continues to apply domestically.^[21]

Ongoing Compliance & Post-Registration

Latvia CASP authorisation is indefinite. Ongoing obligations include the 0.6% supervisory levy, quarterly prudential and operational reporting, white-paper notifications for any token issuance, annual audited financials, annual AML audit, complaints reporting, and conflicts-of-interest management. Major ICT incidents must be reported to Latvijas Banka via the dedicated DORA mailbox.

Annual Reporting Obligations

• Audited financial statements filed annually within four months of financial-year-end.
• Prudential and operational reports to Latvijas Banka quarterly: own-funds adequacy, customer counts, transaction volumes, complaints, material incidents.
• AML/CFT reports under the Latvian AML Law and STRs to FID via goAML on a per-event basis.
• MiCA Article 65 passporting reports for cross-border activity, where applicable.
• DAC8 reports to the State Revenue Service annually from 2027 onwards.

Supervision Fees

The CASP authorisation is indefinite. Latvia does not run a periodic renewal regime. The annual supervisory levy is 0.6% of gross crypto-asset revenue, floored at €3,000.^[1] Recurring operational costs (locally-positioned compliance and risk team, MLRO, office lease, statutory audit, IT, insurance) are the structural cost driver, typically €140,000–€350,000 in steady-state.

Regulatory Inspections

Latvijas Banka conducts scheduled and unannounced on-site visits, thematic reviews (e.g. Travel Rule conformance, complaints handling, conflicts management), and remote desk-based reviews. The supervisor may request transaction-level data, interview compliance and risk personnel, and inspect technology controls. Inspection frequency reflects risk classification: standard Class 2 CASPs are typically inspected on a 2–3-year cycle in steady state, with off-cycle inspections triggered by incidents or thematic priorities.

Marketing and Promotion Rules

MiCA Article 7 (and the corresponding Latvian provisions) require marketing communications to be identifiable as marketing, consistent with the white paper (where applicable), balanced, with risk warnings, and not misleading. The Latvian Consumer Rights Protection Centre supports Latvijas Banka on advertising and mis-selling enforcement. Penalties for breaches under the Crypto-Asset Services Law reach €5 million or 3% of total annual turnover or twice the gain obtained, whichever is highest.^[1]

Enforcement

Penalties under the Crypto-Asset Services Law include administrative fines (up to €5 million / 3% of turnover / twice the gain), suspension or withdrawal of authorisation, public statements, and director-disqualification orders. Operating crypto-asset services in Latvia without Latvijas Banka authorisation triggers the same penalty range plus criminal-law exposure under the Latvian Criminal Code. Sanctions enforcement is coordinated with FID, the centralised competent authority for EU sanctions in Latvia since 1 April 2024.^[20]

ICT Risk Management & Operational Resilience

The Digital Operational Resilience Act (Regulation (EU) 2022/2554) applies to Latvian CASPs from 17 January 2025. Latvijas Banka supervises ICT risk management, third-party risk, incident reporting, and operational-resilience testing. Major ICT incidents are reported directly to Latvijas Banka via dora@bank.lv.^[14][15]

Applicable Regulation and Effective Date

DORA (Regulation (EU) 2022/2554) entered into force 16 January 2023 and applies to financial entities (including CASPs) from 17 January 2025. The supporting RTS/ITS framework includes RTS 2024/1773 (third-party risk), RTS 2024/1774 (ICT risk management), ITS 2024/2956 (Register of Information), RTS 2025/301 and ITS 2025/302 (incident reporting), and RTS 2024/1505 (critical ICT third-party providers).^[14]

ICT Risk Management Framework

Latvian CASPs must operate a documented ICT risk management framework per RTS 2024/1774 covering: management oversight, ICT asset inventory and classification, incident-management lifecycle, threat-intelligence analysis, critical-system identification, resilience planning, and recovery objectives. The Register of Information uses the harmonised template under ITS 2024/2956.

Incident Reporting

Major ICT incidents are classified per RTS 2024/1773 thresholds and reported to Latvijas Banka via dora@bank.lv. The supervisor has confirmed that financial entities that previously reported major incidents to the European Central Bank now report to Latvijas Banka.^[15] Initial, interim, and final reports follow the RTS 2025/301 / ITS 2025/302 structure.

Digital Operational Resilience Testing

All CASPs undertake annual vulnerability assessments and penetration testing. Significant entities (and other CASPs flagged by Latvijas Banka on a risk basis) undertake Threat-Led Penetration Testing (TLPT) every three years using the TIBER-EU framework.

Wallet and Key Management

For CASPs offering custody, the ICT framework must address hot/cold wallet segregation, multi-party computation or multi-signature controls (where used), key-ceremony procedures, custodian-side disaster recovery, and recoverability after key-holder unavailability. Latvijas Banka’s expectations align with EBA/ESMA Guidelines on custody for crypto-asset service providers.

Third-Party ICT Risk

Per RTS 2024/1773: written contracts with audit rights, sub-outsourcing controls, documented exit plans, and concentration-risk monitoring. Critical ICT third-party providers (typically large cloud providers) fall under the Lead Overseer framework at EU level via RTS 2024/1505. Latvijas Banka maintains a register of significant outsourcing arrangements per financial entity.

Recent Latvijas Banka DORA Guidance

Latvijas Banka’s Financial Technology Supervision Department has stated that DORA will enhance the ability of market participants to manage ICT risks, mitigate cyber threats, and improve their cybersecurity capabilities.^[15] The DORA Regulation (EU) 2022/2554 has applied directly across the EU since 17 January 2025 and binds Latvian CASPs regardless of national measures. The accompanying DORA Directive required separate national transposition; the European Commission opened infringement proceedings against Latvia and twelve other Member States on 27 March 2025 at the formal-notice stage for incomplete transposition, and applicants should treat the national transposition position as subject to change pending confirmation as of June 2026.

What MiCA Article 62 does not fully spell out is how Latvijas Banka cross-references the DORA Register of Information against the AML programme: the same vendor list that appears in the outsourcing register also appears in the KYC-vendor section of the AML manual, and inconsistency between the two is the most common reason for a request for information at the substantive review stage.

Banking

Banking access for Latvian-authorised CASPs is functional but selective. Latvian credit institutions remain conservative after the 2018 ABLV cleanup, and a CASP authorisation, transparent UBO chain, and robust AML programme are prerequisites; not guarantees. Latvijas Banka now offers Eurosystem-level Instant Verification Service access to licensed PIs and EMIs.

The Latvian banking sector has been substantially restructured since 2018. Three banking groups are designated as significant institutions under the Single Supervisory Mechanism (Nordic-parented subsidiaries operating in Latvia); a further eight credit institutions are ECB-supervised LSIs, three of them classified high-impact as of September 2025. The non-resident-deposit share, the channel that drove the ABLV crisis, has fallen by orders of magnitude since 2018. The sector is now smaller, better-capitalised, and more conservative on crypto-facing onboarding.^[13]

General receptivity to MiCA-authorised CASPs is improving. Authorised entities with full local substance, transparent UBO chains, audited source-of-funds documentation, and a robust AML programme are increasingly able to obtain Latvian-IBAN settlement accounts. EU-passported EMIs and payment institutions provide the operational fallback for treasury, FX, and cross-border settlement, and Latvijas Banka is developing direct SEPA/EKS access for licensed PIs and EMIs: reducing dependence on traditional correspondent banking. As of October 2025, Latvijas Banka is the only central bank in Northern Europe offering the Eurosystem-level Instant Verification Service to PSPs.^[13]

The dual MiCA + PSD2 authorisation route changes the structural picture. An applicant that holds both a CASP authorisation and a PSD2 payment-institution licence (both granted by Latvijas Banka under the same supervisor’s remit) anchors fiat rails inside the supervisory perimeter. Latvijas Banka issued the first such combined authorisation on 12 May 2026.^[10]

The real constraint is the onboarding timeline, not the eligibility. A CASP-holding shell with no transaction history will still face six- to twelve-week onboarding cycles at conservative Latvian credit institutions; the same applicant with twelve months of segregated-account history at an EU EMI cuts that timeline materially. Operators that plan banking in parallel with the Latvijas Banka submission, not after, consistently land smoother fiat rails.

Jagelski & Partners’ banking partner network includes 90+ institutions across regulated banks, EMIs, and payment institutions in the EU and offshore corridors. A licence without banking access is a certificate on the wall: learn about our Banking service →.

FATF Status & International Standing

Latvia is a member of the FATF-style regional body Moneyval and is the first country to be evaluated under the MONEYVAL 6th round. Latvia is not currently FATF grey-listed or on the EU AML high-risk third-country list. The FinCEN ABLV designation was withdrawn on 27 September 2024.^[22]

Latvia is a member of Moneyval, the FATF-style regional body covering Council of Europe member states. As the first country to be evaluated under the MONEYVAL 6th round, Latvia’s evaluation outcome influences the broader Council of Europe AML/CFT credibility profile and Latvia’s positioning as a quality-supervised MiCA jurisdiction. FID’s strategy for 2023–2027 explicitly prioritises a positive 6th-round outcome.^[20]

The Latvian financial-sector reform programme since 2018 (shell-company restrictions, FID independence, the 2023 FCMC merger into Latvijas Banka, the 2024 centralisation of EU sanctions enforcement at FID) was acknowledged by FinCEN’s 27 September 2024 withdrawal of the ABLV designation, which cited notable progress made by the Government of Latvia to substantially strengthen its AML/CFT regime through a series of meaningful legal and regulatory reforms of its financial sector.^[22]

MiCA Passporting and EU Market Access

A Latvia CASP authorisation grants single-licence passporting rights across all 27 EU Member States plus Iceland, Liechtenstein, and Norway under the EEA Agreement. The mechanism is a notification of cross-border activities under MiCA Article 65: Latvijas Banka forwards the notification to the host competent authority and ESMA within 10 working days, and services may commence in the host Member State from the 15th calendar day after notification.^[2] No separate national licence is required in the host state. The ESMA public register lists all EU CASPs and the Member States in which each is operating, providing a single transparency layer for clients and counterparties.

Latvijas Banka’s positioning under MiCA, single competent authority for all Titles, pre-licensing dialogue, Eurosystem Instant Verification access for PIs/EMIs, is part of an explicit national strategy to position Latvia as a credible EU CASP gateway. As of May 2026, Latvijas Banka reports more than 100 international companies expressing interest in Latvia CASP authorisation across its pre-licensing pipeline.^[13]

Advantages and Limitations

Latvia’s main advantages (lowest EU application fee, regulator-led pre-licensing dialogue, MiCA passporting, 0% CIT on retained profits) are real and well-evidenced. The limitations are also real: domestic crypto market is small, Latvian banks remain conservative, and the substance requirements rule out brass-plate structures.

• ✓ Lowest EU application fee. €2,500 application fee plus capped 0.6% supervisory levy (min €3,000) puts Latvia at the bottom of EU entry costs.^[1]
• ✓ Regulator-led pre-licensing. Free pre-licensing consultations, Innovation Hub with 48-hour response standard, and Regulatory Sandbox materially de-risk early structural decisions.^[13]
• ✓ Single competent authority across all MiCA Titles. Latvijas Banka handles CASP, ART, EMT, white-paper, and Article 60 notification within one supervisor.^[3]
• ✓ Tax efficiency. 0% CIT on retained / reinvested profits; 20% (25% effective) only on distributed profits. From 1 January 2026, alternative 15% CIT + 6% PIT regime for individual-shareholder companies.^[21]
• ✓ Full MiCA passporting and Eurosystem infrastructure access. Single-licence access to all 27 EU Member States plus EEA; Latvijas Banka offers Instant Verification Service to licensed PIs/EMIs.^[13]
• × Small domestic market. Mitigation: Latvia is a passport jurisdiction; the value is the EU single market, not Latvian retail. Build the customer base in passport target Member States, not in Latvia.
• × Conservative banking sector. Mitigation: Plan two parallel banking tracks (Latvian credit institution + EU EMI fallback) and begin banking applications in parallel with the Latvijas Banka submission, not after.
• × Latvian-language formal correspondence. Mitigation: Pre-licensing consultations are available in English; budget Latvian translation for the Programme of Operations supporting documents and key annexes. A bilingual MLRO with working Latvian is a structural advantage.
• × Substance enforcement is uncompromising. Mitigation: Build genuine local substance (Latvia-resident management board member, locally-positioned MLRO, physical office, real operational footprint) from incorporation. Latvijas Banka rejects brass-plate structures.
• × Limited specialised crypto-trading talent depth. Mitigation: For Class 3 trading-platform operators with specialised quantitative or trading-systems requirements, plan to source talent from Vilnius, Tallinn, or Warsaw and supplement with remote-EU-based hires; Latvia’s compliance, risk, and AML talent pool is strong but the trading-engineering pool is shallower than in larger hubs.

How Latvia Compares

Within the EU MiCA Cost-Leaders peer group, Latvia sits alongside Estonia and Czech Republic as a jurisdiction we serve; Lithuania is the largest Baltic CASP applicant pool. Cyprus, the Cross-Tier Reference, offers an established-centre upgrade for operators that need deeper institutional infrastructure. The four jurisdictions diverge most on regulator accessibility, application timeline, and ecosystem density.

Compare every crypto jurisdiction side by side →

On application fee Latvia leads the cluster, comparable to Lithuania and Czech Republic. Latvia’s distributed-profits CIT regime matches Estonia’s and beats Lithuania’s flat 15% on after-tax cash for operators that retain earnings. The decisive variable for most growth-stage applicants is regulator accessibility: Latvijas Banka publishes a 48-hour Innovation Hub response standard and runs a Regulatory Sandbox^[13]; Estonia and Lithuania both offer Innovation Hubs but neither has Latvia’s combination of low fee, capped supervisory levy, and pre-licensing-consultation depth.

The Cross-Tier Reference, Cyprus, is the established-centre upgrade for operators that need deeper CySEC institutional infrastructure, broader financial-services adjacencies (CIF, AIFM, IFR), and a larger English-language professional-services base. Cyprus carries higher application and supervisory fees and a longer typical timeline, but offers a more mature CASP register and stronger institutional-counterparty depth. Operators sized for retail-only Class 2 services typically find Latvia the better fit; operators serving institutional counterparties at scale typically find Cyprus the better fit. See the full Cyprus crypto licensing guide.

The Baltic cost-leaders are converging: Estonia, Latvia, and Lithuania all sit within €30,000–€50,000 of each other on Total Year 1 Cost, and the differentiator is shifting from price to regulator-accessibility quality. On that dimension, Latvia is currently the most accessible Baltic option for cleanly-structured growth-stage CASPs; Estonia has the strongest established brand; Lithuania has the largest applicant pool. The Czech Republic rounds out the cluster on the CEE side.

Not sure which column is you? Ask Emma. She compares these jurisdictions in seconds, in your language.

Common Mistakes in Latvia Applications

Five mistakes consistently delay or block Latvia CASP applications: brass-plate substance, recycled AML manuals, Travel Rule scoping gaps, mismatched DORA outsourcing registers, and treating the pre-licensing consultation as optional. Each pattern is well-known to Latvijas Banka’s Financial Technology Supervision Department and surfaces at the substantive-review stage.

• Brass-plate substance structures. Applicants that name a non-resident director and a virtual office expect Latvijas Banka to accept the MiCA Article 59(2) minimum. In practice, the supervisor enforces a substance test that examines whether the management body actually convenes in Latvia and whether the named director signs operational decisions there.
• Recycled AML manuals from other jurisdictions. Applicants that adapt an Estonia, Lithuania, or BVI AML manual rather than draft a Latvia-specific one fail the substantive review on first submission. Latvijas Banka cross-checks the manual against the Latvian AML Law by name, the FID-issued risk indicators, and the EBA ML/TF Risk Factors Guidelines (EBA/GL/2024/01).
• Travel Rule scoping that excludes self-hosted wallet transfers. Regulation (EU) 2023/1113 and the EBA Travel Rule Guidelines (EBA/GL/2024/11) require verification of disposal-right over self-hosted wallet counterparties above €1,000. Applicants that scope the Travel Rule to CASP-to-CASP transfers only consistently receive requests for information at completeness check.
• DORA outsourcing register inconsistent with the AML KYC-vendor list. The Register of Information under ITS 2024/2956 must include the KYC, transaction-monitoring, and sanctions-screening vendors that the AML manual relies on. Inconsistency between the two (different vendor lists, different criticality classifications) is the single most common cause of substantive-review requests for information.
• Treating the pre-licensing consultation as optional. Applicants that skip the free Latvijas Banka pre-licensing consultation and submit directly typically receive substantive feedback during the 40-working-day review window that should have been resolved before incorporation, extending the calendar elapse by 2–4 months and forcing post-hoc structural changes to the SIA.

Frequently Asked Questions

References