MiCA CASP License in Lithuania

Why Choose Lithuania for Crypto Licensing?

Lithuania is an EU member state offering MiCA CASP authorisation with full EEA passporting, moderate costs, and one of Europe’s most developed fintech ecosystems. The country hosts 70+ licensed EMIs and operates CENTROlink, a central bank-operated payment infrastructure that gives financial institutions direct SEPA and TARGET2 access.

Applicants who succeeded under the old VASP regime with a minimal compliance setup will find that the same regulator now demands governance, capital, and documentation standards comparable to an EMI application.

Full MiCA Passporting

A Lithuanian CASP authorisation grants the right to provide crypto-asset services across all 30 EEA member states through a single notification to the Bank of Lithuania under MiCA Article 65.^[1] No additional authorisation is required from host-country regulators. Both cross-border service provision and branch establishment are covered. Unlike Estonia, which imposes national capital overlays of €100,000–€250,000 above MiCA minimums,^[2] Lithuania applies MiCA’s own-funds requirements directly: €50,000 for Class 1 services, €125,000 for Class 2, and €150,000 for Class 3. This difference saves operators €50,000–€100,000 in locked capital.

Established Fintech Infrastructure

Lithuania is the EU’s most prolific EMI licensing jurisdiction, with more than 70 licensed electronic money institutions.^[3] The Bank of Lithuania operates CENTROlink, a unique central bank-run payment infrastructure that provides direct SEPA credit transfer and TARGET2 access to supervised financial institutions. For CASPs handling fiat-to-crypto conversions, this infrastructure reduces settlement dependency on third-party banking relationships. Vilnius hosts a concentrated fintech talent pool, with approximately 8,000 fintech professionals and nearly 250 fintech companies.^[4]

Competitive Cost Structure

Lithuania’s total Year 1 cost of €124,000–€420,500 is competitive within the EU MiCA landscape. Unlike Malta, where government fees alone reach €25,000 and annual supervision fees add €25,000–€50,000 plus 0.05% of transaction volume,^[5] Lithuania’s state application fee is €2,425. The country’s lower labour costs: minimum wage €1,153 per month as of 2026, reduce the personnel component that constitutes the largest ongoing expense for licensed CASPs. That said, the €124,000 floor assumes a lean Class 1 operation: operators planning exchange or custody services should budget closer to the €280,500–€420,500 range once capital, compliance staffing, and DORA-compliant ICT infrastructure are factored in.

Regulatory Track Record

Lithuania was the EU’s second-largest crypto jurisdiction by registered entity count before MiCA, with over 800 VASP registrations at peak in 2022.^[6] This history means the Bank of Lithuania has direct supervisory experience with crypto businesses: unlike regulators in jurisdictions now encountering crypto applications for the first time under MiCA. The regulator published a detailed Regulatory Expectations Statement in August 2024 and held consultation seminars with 200+ attendees before MiCA’s application date.^[7]

Regulatory Framework

Lithuania regulates crypto-asset service providers under the EU’s Markets in Crypto-Assets Regulation (MiCA), Regulation (EU) 2023/1114,^[1] which applies directly as an EU Regulation without national transposition. The national implementing legislation is the Law on Markets in Crypto-Assets (Law No. XIV-2879), adopted by the Seimas on July 11, 2024.^[8] The Bank of Lithuania (Lietuvos Bankas) is the sole competent authority for CASP authorisation. See the consolidated category page for the MiCA framework: requirements and timeline →

Dual-Regulator Structure

Lithuania operates a dual-supervision model for CASPs. The Bank of Lithuania handles authorisation, prudential supervision, governance, and conduct-of-business oversight. The Financial Crime Investigation Service (FCIS, Lithuanian: FNTT, Finansinių nusikaltimų tyrimo tarnyba) retains supervisory responsibility for AML/CFT compliance, suspicious activity reporting, and sanctions screening. CASPs must maintain compliance relationships with both bodies. STR/SAR reports are filed to FCIS via the goAML reporting system.^[9]

Regulatory History

Lithuania’s crypto regulatory history explains the current landscape. The original VASP registration regime began in January 2020, administered by the FCIS under the Law on Prevention of Money Laundering and Terrorist Financing (No. VIII-275). Registration was a self-declaration process with minimal substantive review, €2,500 minimum capital, zero state fees, and no physical presence requirement. This attracted over 800 registrations by late 2022: making Lithuania the EU’s largest crypto jurisdiction by entity count.

The Seimas approved tightening amendments (Law XIV-1374) in June 2022, effective November 2022. These raised the minimum capital to €125,000, required a Lithuanian-resident MLRO, introduced fit-and-proper assessments, mandated physical offices, and imposed enhanced due diligence on beneficial owners’ source of funds. The amendments triggered mass deregistrations, the register fell from 800+ entities to approximately 370 by late 2024.

On July 11, 2024, the Seimas adopted Law XIV-2879 (Law on Markets in Crypto-Assets), designating the Bank of Lithuania as the competent authority for MiCA CASP authorisation from December 30, 2024.

Regulatory Sandbox

The Bank of Lithuania has operated a regulatory sandbox since October 15, 2018.^[10] Eligibility requires genuine innovation, consumer benefit, the need for live testing, and demonstrated readiness. Duration is agreed case-by-case, with approximately 6-month terms subject to renewal. Separately, the Bank of Lithuania developed LBChain: the world’s first regulator-operated blockchain sandbox platform. For standard MiCA CASP applications, the sandbox is unlikely to serve as a practical pathway given MiCA’s well-defined authorisation procedure, but it remains relevant for applicants testing novel business models.

Recent Regulatory Developments

Authorised CASP entity names below are sourced from the Bank of Lithuania’s supervised-entities register.^[27]

• March 2026: Bank of Lithuania granted fourth CASP authorisation (Micar Assets, UAB).^[27] Published draft CASP reporting form amendments.
• December 2025: Two CASPs authorised on December 17 (CoinGate/UAB Decentralized and Nuvei Liquidity, UAB).^[27] Transitional period ended December 31. Law XV-185 had extended the original June 1, 2025 deadline to December 31, 2025.
• May 2025: First Lithuanian MiCA CASP authorisation granted (Robinhood Europe, UAB).^[27] Seimas adopted Law XV-185 extending transitional deadline.
• December 2024: MiCA fully applicable from December 30. Bank of Lithuania began accepting formal CASP applications.
• August 2024: Bank of Lithuania published Regulatory Expectations Statement for prospective CASPs.
• July 2024: Seimas adopted Law XIV-2879 (Law on Markets in Crypto-Assets).

Regulatory Overlap

EMI/PSD2 overlap: CASPs that issue or handle E-Money Tokens (EMTs) trigger EMD2/PSD2 requirements. The EBA confirmed (June 2025) that custody and transfer of EMTs can constitute payment services. Dual authorisation (MiCA + PSD2) is required for EMT-related services after March 2, 2026.^[11]

MiFID II overlap: Crypto-assets that confer equity-like rights or are negotiable on capital markets are classified as transferable securities under MiFID II, not MiCA. ESMA’s technology-neutral guidelines (applicable June 3, 2025) establish a substance-over-form classification test.^[12]

AIFMD overlap: AIFMs providing discretionary portfolio management, investment advice, or reception and transmission of crypto orders to external clients require MiCA Article 60 notification. But core fund management activities remain under AIFMD without additional MiCA authorisation.

Regulatory Transition: VASP Registration to MiCA CASP Authorisation

Lithuania transitioned from its legacy VASP registration regime (administered by the FCIS) to full MiCA CASP authorisation (administered by the Bank of Lithuania) between December 30, 2024 and December 31, 2025. The transition period ended on January 1, 2026: providing unlicensed operations with no further legal basis to continue.

Key Deadlines

Transition Statistics

Of approximately 370 active VASPs at the start of the transition, the Bank of Lithuania had received 102 MiCA applications from 55 companies through 2025, and found the majority ineligible.^[14] Common deficiencies included failure to demonstrate the origin of owners’ assets, non-compliance with fit-and-proper requirements, and poor documentation quality. As of April 2026, only 4 entities have been authorised: a 99% attrition rate from the pre-MiCA register. The remaining 340+ entities either wound down, relocated, or were deregistered. The severity of Lithuania’s transition is an outlier within the EU, no other member state saw comparable attrition. And it signals that the Bank of Lithuania is deliberately positioning itself as a quality-over-quantity regulator under MiCA.

Consequences for Unlicensed Operations

From January 1, 2026, providing crypto-asset services without MiCA authorisation in Lithuania carries:

• Criminal penalties under Lithuanian law: public works, fines, restriction of liberty, or imprisonment for up to 4 years
• Administrative penalties under MiCA Article 111: fines up to €5,000,000 or 12.5% of annual turnover (whichever is higher)
• Website blocking: The Bank of Lithuania is empowered to block websites of suspected illegal operators
• Public naming: The Bank of Lithuania maintains and publishes a list of entities suspected of providing illegal crypto-asset services

Financial Institutions, Article 60 Notification

Already-licensed financial institutions (credit institutions, investment firms, EMIs) are not required to obtain a separate CASP licence. Under MiCA Article 60, these entities notify the Bank of Lithuania of their intention to provide crypto-asset services. The notification must include a programme of operations and evidence of adequate governance. This route is significantly faster than a fresh CASP application.

License Types and Activities Covered

MiCA defines 10 crypto-asset services grouped into 3 classes that determine capital requirements. Lithuania implements MiCA directly without additional national service categories. The classification determines the minimum own-funds requirement: €50,000 for Class 1, €125,000 for Class 2, and €150,000 for Class 3.

Covered Activities

What Does NOT Require CASP Authorisation

Services provided in a fully decentralised manner without any intermediary fall outside MiCA’s scope (Recital 22). Unique, non-fungible tokens (NFTs) are excluded unless issued in large series, collections, or fractionalised forms. Crypto-assets that qualify as financial instruments under MiFID II are regulated under existing securities law, not MiCA. Central bank digital currencies (CBDCs), deposits, insurance products, pension products, and securitisation positions are excluded.

DAO, DeFi, and Regulatory Perimeter

MiCA does not explicitly cover decentralised autonomous organisations (DAOs) or DeFi protocols. ESMA has stated that decentralisation exists on a spectrum rather than as a binary classification. Partially decentralised services: such as DEXs with upgrade keys, admin-controlled smart contracts, or governance tokens concentrated among a small group, remain within MiCA’s scope if an identifiable intermediary exists. The Bank of Lithuania has not published jurisdiction-specific guidance on DAOs, DeFi, or decentralised exchanges.^[15] Applicants operating hybrid models should seek pre-application engagement through the Bank of Lithuania’s Newcomer Programme.

NFT Classification

NFTs that are unique and non-fungible are excluded from MiCA under Article 2(3). The exclusion ceases to apply when: NFTs are issued as part of a large series or collection (suggesting fungibility), NFTs are fractionalised into interchangeable units, or the NFT functions as a payment or investment instrument regardless of its label. The classification is substance-based: labelling a token as “NFT” does not determine its regulatory treatment.

Tokenised securities and RWA

MiCA Article 2(4) excludes crypto-assets that qualify as financial instruments. A tokenised security, a tokenised share, bond or fund unit, is regulated under MiFID II, the Prospectus Regulation and the EU DLT Pilot Regime (Regulation (EU) 2022/858), supervised in Lithuania by the Bank of Lithuania rather than under MiCA. ESMA’s Guidelines on the qualification of crypto-assets as financial instruments set the boundary. The honest point: a Lithuanian MiCA CASP authorisation does not cover tokenised securities or real-world-asset tokens that meet the financial-instrument test; those follow the MiFID securities regime. We scope the security-token route through the relevant securities regulator and pair it with crypto permissions, or with EU fund licensing for tokenised fund units, only where the operating model needs them.

Requirements

MiCA CASP authorisation in Lithuania requires a Lithuanian corporate entity (UAB), minimum own-funds capital of €50,000–€150,000 depending on service class, a physical office in Lithuania, a Lithuanian-resident MLRO, a natural-person management body (the statutory company-law floor is a single director, though supervisors expect at least two effective directors under the four-eyes principle), and a comprehensive compliance documentation suite. All qualifying shareholders (10%+ of capital or voting rights) undergo fit-and-proper assessment.

The most common early mistake is underestimating the language barrier. While the Bank of Lithuania accepts application materials in English, all ongoing regulatory correspondence, inspection reports, and STR filings to the FCIS operate in Lithuanian. Applicants without Lithuanian-speaking compliance staff will need a permanent translation arrangement: not a one-off service.

Fit-and-Proper Assessment

The Bank of Lithuania evaluates directors, senior managers, qualifying shareholders, and key function holders (MLRO, CCO) against MiCA’s fit-and-proper criteria. Assessment dimensions include: professional qualifications and experience, reputation and integrity (criminal background check, regulatory history), financial soundness (no insolvency or ongoing enforcement), and collective knowledge of the management body. The fit-and-proper assessment was the primary failure point in early Lithuanian CASP applications: applicants were unable to demonstrate legitimate origin of owners’ capital or had regulatory histories in other jurisdictions that raised concerns.

Local Presence and Substance

Lithuania requires genuine local substance for licensed CASPs. A physical registered office in Lithuania is mandatory, virtual office arrangements do not satisfy the Bank of Lithuania’s requirements. The MLRO must be a Lithuanian resident under an employment contract (requirement since November 2022, retained under MiCA). At least one member of senior management must be an EU resident. The Bank of Lithuania assesses whether the applicant’s organisational structure allows effective supervision from Lithuania. A letterbox entity with outsourced management in another jurisdiction is not acceptable.

AML/CFT and Travel Rule

Lithuania’s AML framework is governed by the Law on the Prevention of Money Laundering and Terrorist Financing (No. VIII-275, as amended).^[16] The EU’s Transfer of Funds Regulation Recast (Regulation (EU) 2023/1113) applies directly. Critical detail: there is no de minimis threshold for CASP-to-CASP transfers: full originator and beneficiary information must accompany all crypto transfers regardless of amount. The €1,000 threshold applies only to transfers involving self-hosted wallets: when a transfer exceeds €1,000 to or from an unhosted address, the CASP must verify that the individual owns or controls that address.^[17]

Sanctions screening must cover EU sanctions lists (mandatory), UN sanctions lists (implemented via EU legislation), and FCIS-maintained lists under UNSCR 1373. OFAC screening is not legally mandatory in Lithuania but is strongly recommended given extraterritorial reach and correspondent banking expectations. Suspicious transaction reports are filed to the FCIS via the goAML system, within 3 working hours for suspended transactions.

Application Process

The Bank of Lithuania assesses MiCA CASP applications within a statutory framework of 25 working days for completeness and 40 working days for substantive assessment (extendable by 20 working days if additional information is requested). The realistic end-to-end timeline: from initial preparation through authorisation: is 4–8 months.

Experienced applicants invest heavily in pre-application engagement through the Bank of Lithuania’s Newcomer Programme. The informal feedback received at this stage, particularly on business model viability and governance expectations: can save months of back-and-forth during formal assessment.

Application language: Lithuanian is the primary regulatory language. Filing is through the Bank of Lithuania’s LBIS electronic portal. The Bank of Lithuania’s CASP licensing rules and key annexes are published in English. Supporting documents can be submitted with certified translations. The Bank of Lithuania retains the right to require Lithuanian translations of all materials.

Pre-application engagement: The Bank of Lithuania operates a Newcomer Programme where prospective market participants present their business plan and receive initial regulatory feedback before filing a formal application.^[18] This is not mandatory but strongly recommended, it identifies deficiencies before the statutory clock begins.

Compliance documentation is the most time-intensive component of any Lithuanian CASP application: 8–12 weeks of specialist drafting work covering Lithuania-specific AML/CFT policy manuals, enterprise-wide risk assessments, sanctions screening frameworks, and Travel Rule implementation.

Required Documents

The Bank of Lithuania’s CASP authorisation documentation requirements follow MiCA Article 62 and Commission Delegated Regulation (EU) 2025/305.^[19] The Bank of Lithuania publishes the application form (Annex 1) and six supporting annexes covering governance, programme of operations, and prudential safeguards.

Corporate Documents

Certificate of UAB incorporation from the Lithuanian Register of Legal Entities. Articles of Association (Įstatai). Shareholder register. Proof of minimum own-funds capital deposit (bank statement). LEI (Legal Entity Identifier). Proof of registered office address.

Personal Documents (All Directors, Officers, and Qualifying Shareholders)

Valid government-issued photo identification (passport or national ID). Curriculum vitae (CV) with detailed professional history. Criminal record certificates from each country of residence in the past 10 years. Declaration of good repute and absence of pending proceedings. Evidence of professional qualifications, skills, and experience relevant to the role. For qualifying shareholders (10%+): detailed source-of-funds and source-of-wealth documentation, the most scrutinised element in Lithuanian CASP applications.

Compliance Documentation

Jagelski & Partners’ specialist compliance partners draft each of these documents to Lithuania-specific requirements. The compliance documentation is the most heavily scrutinised component of any Lithuanian CASP application. Each document must be bespoke and Lithuania-specific, reflecting the applicant’s specific business model, risk profile, and operational structure: generic MiCA templates adapted from other jurisdictions are the single most common cause of application delays and rejection.

Business Plan and Financial Projections

Programme of operations per MiCA Article 62(2)(d): description of all crypto-asset services to be provided, target markets, client profile, marketing strategy. Three-year financial projections including revenue model, cost base, capital adequacy forecasts, and break-even analysis. Description of the governance structure and internal control mechanisms.

Technology and Operational Documentation

IT architecture documentation. Cybersecurity policy and penetration test reports. Hot/cold wallet management and key management procedures (for custody service providers). Business continuity plan and disaster recovery procedures. Third-party ICT provider register (DORA requirement). Incident response plan for major ICT incidents.

Costs and Pricing

Lithuania’s MiCA CASP authorisation costs are structured across three tiers matching MiCA’s service classification. The state application fee is €2,425: substantially lower than Malta’s €25,000 or the annual supervision fees charged by other EU regulators. The largest cost components are personnel (3+ staff at Lithuanian salary levels), compliance documentation preparation, and the locked capital requirement.

Total Cost Summary

Note: The minimum own-funds capital (€50,000–€150,000) must be maintained as permanent equity and is not consumed during operations. The ongoing own-funds obligation is the higher of the permanent minimum or 25% of the preceding year’s fixed overheads.

Timeline

The Bank of Lithuania processed the first authorised Lithuanian CASP in approximately 5 months from the December 30, 2024 commencement date to the May 2025 authorisation: suggesting the lower end of the range is achievable for well-prepared applicants. Complex applications or those requiring additional information can extend to 9–12 months.

Taxation

Lithuania is a moderate-tax EU jurisdiction with a standard corporate income tax rate of 17%, increased from 16% effective January 1, 2026 as part of a defence spending package (previously 15% until January 2025).^[20] A reduced 7% rate applies to qualifying small companies. Crypto-asset services (exchange of crypto for fiat) are VAT-exempt under the CJEU Hedqvist ruling.

Tax Incentives

Lithuania offers targeted incentives that can reduce the effective tax burden. Free Economic Zones (7 zones across the country) provide 0% CIT for the first 10 years and a 50% reduction for the following 6 years for qualifying investments (minimum €1 million or €100,000 for service companies with 20+ employees).^[22] R&D expenditure qualifies for a triple deduction (300%), and qualifying intellectual property income benefits from a 7% CIT rate under the patent box regime.

DAC8 / CARF Reporting

Lithuania transposed the DAC8 Directive (Council Directive (EU) 2023/2226) into national law, gazetted December 15, 2025.^[23] CASPs operating in Lithuania must begin collecting reportable data from January 1, 2026. The first reporting deadline is September 30, 2027 (covering calendar year 2026). Lithuania is also committed to CARF (OECD Crypto-Asset Reporting Framework) implementation, with first exchanges targeted for 2027.^[24]

Pillar Two (Global Minimum Tax)

Lithuania elected the Article 50 deferral: one of 5 EU Member States permitted to defer IIR (Income Inclusion Rule) and UTPR (Undertaxed Profits Rule) implementation until 2029. The OECD Global Minimum Tax applies to multinational groups with consolidated revenue exceeding €750 million: a threshold unlikely to affect standalone Lithuania-domiciled CASPs.

Ongoing Compliance & Post-Registration

MiCA CASP authorisation creates a permanent compliance infrastructure obligation. The authorisation is indefinite (no renewal), but the Bank of Lithuania conducts ongoing supervision through annual reporting, periodic inspections, and real-time incident reporting. Annual ongoing compliance costs range from €55,000 for a minimal Class 1 operation to €170,000+ for a full-service Class 3 exchange.

Annual Reporting Obligations

CASPs must submit financial statements, capital adequacy reports, and activity reports to the Bank of Lithuania per Resolution No. 03-121 (August 26, 2025).^[7] Annual audited financial statements are mandatory. CASPs must also report to the FCIS on AML/CFT compliance matters. DAC8 reporting to the VMI begins with the September 30, 2027 deadline for 2026 data.

Supervision Fees

MiCA authorisation is indefinite: there is no annual renewal fee. Instead, CASPs pay an annual supervision contribution set by Bank of Lithuania Board resolution. The contribution funds the Bank of Lithuania’s supervisory activities and is calculated annually.

Regulatory Inspections

The Bank of Lithuania conducts both scheduled and unscheduled supervisory inspections. Thematic reviews focus on AML/CFT compliance, client asset segregation, cybersecurity, and governance. The FCIS conducts separate AML/CFT inspections. The dual-regulator model means inspections from either body can occur independently.

Enforcement

The Bank of Lithuania’s enforcement powers under MiCA include:

• Administrative fines up to €5,000,000 or 12.5% of annual turnover for CASPs (MiCA Article 111)
• Fines up to €700,000 for natural persons (directors, officers)
• Public statements naming the entity and the nature of the breach
• Withdrawal of authorisation
• Temporary prohibition on management functions
• Suspension or limitation of services

Advertising and Promotion Rules

MiCA’s marketing communications regime (Articles 7, 29, 53, and 66) applies directly to Lithuanian CASPs.^[1] All marketing must be fair, clear, and not misleading. Marketing materials must include a mandatory disclaimer that the competent authority has not approved the marketing. Penalties for advertising violations: up to €5,000,000 or 5% of annual turnover. CASPs are accountable for third-party promotional content, including influencer and social media marketing. Google requires valid CASP authorisation for crypto advertising within the EU from April 2025.

ICT Risk Management & Operational Resilience

The Digital Operational Resilience Act (DORA, Regulation (EU) 2022/2554) applies to all CASPs authorised under MiCA.^[25] DORA has been applicable since January 17, 2025. The Bank of Lithuania is the enforcement authority for DORA compliance among Lithuanian CASPs. Non-compliance carries penalties of up to 2% of total annual worldwide turnover or €1,000,000 for individuals.

Incident Reporting

Major ICT-related incidents must be reported to the Bank of Lithuania within strict deadlines:

Digital Resilience Testing

All CASPs must conduct general resilience testing under DORA Articles 24–25, including vulnerability assessments and penetration testing. Threat-led penetration testing (TLPT) under Articles 26–27 applies only to entities identified by the Bank of Lithuania as significant. TLPT frequency: at least every 3 years. Microenterprises are explicitly excluded from TLPT. Most smaller and mid-size CASPs will not be designated for TLPT but must still conduct general testing.

Third-Party ICT Risk

CASPs must maintain a register of all ICT third-party service providers, including cloud providers, blockchain infrastructure providers, and custody technology vendors. Contractual arrangements must include audit rights, termination provisions, and data localisation specifications.

Wallet and Key Management

CASPs providing custody services must implement segregated hot/cold wallet architectures, multi-signature authorisation for material transactions, key generation in secure environments, and documented key backup and recovery procedures.

Banking

Banking access for MiCA-licensed CASPs in Lithuania is moderate to difficult. Traditional Lithuanian banks: including the three Nordic-owned major banks that dominate the retail market, remain cautious about onboarding crypto-asset service providers. MiCA authorisation improves credibility compared to the former VASP regime, but does not guarantee acceptance.

Lithuania’s position as the EU’s most prolific EMI jurisdiction (70+ licensed institutions) provides operational alternatives. European EMIs licensed in Lithuania and connected to CENTROlink: the Bank of Lithuania’s central bank-operated payment infrastructure, offer SEPA credit transfer and TARGET2 access. This infrastructure reduces dependency on traditional bank correspondent relationships for payment processing.

For client fund safeguarding under MiCA Article 70, CASPs must establish a relationship with a credit institution. This is the harder account to obtain. European credit institutions with Lithuanian branches or direct presence are more receptive to MiCA-licensed entities than they were to VASP-registered entities, but enhanced due diligence processes remain lengthy. Applicants should budget 2–4 months for safeguarding account setup and begin the process in parallel with the CASP application. Operators who already hold an EMI licence or have an existing relationship with a Lithuanian bank are at a significant advantage: cold-start CASP applicants should begin banking conversations during the application preparation phase, not after authorisation is granted.

Through Jagelski & Partners’ partner network, businesses placed more than fourteen billion euros in client turnover across banking and EMI relationships in 2025. The network covers 90+ institutions across EU banks, EMIs, offshore correspondent banks, and crypto-native rails in Switzerland, Liechtenstein, UAE, and Asia. Pre-qualified placement, no markup on institutional pricing, no onboarding fee. Jagelski & Partners is paid by the institution, not by the client. We do not charge an onboarding fee. Banking access is a binding constraint for Lithuanian CASP operations. A licence without banking access is a certificate on the wall. Banking placement across our partner network →

FATF Status & International Standing

Lithuania does not appear on any FATF list. It is absent from both the FATF list of Jurisdictions under Increased Monitoring (the “grey list”) and the list of High-Risk Jurisdictions subject to a Call for Action (the “black list”), and has never been listed under either. As an EU member state, Lithuania is likewise outside the scope of the EU list of high-risk third countries, which by definition covers non-EU jurisdictions only.

Lithuania’s anti-money-laundering framework is assessed by MONEYVAL, the Council of Europe’s FATF-style regional body, not by the FATF directly. Its fifth-round Mutual Evaluation Report was adopted at the 57th Plenary in December 2018, placing Lithuania in enhanced follow-up: a standard, more frequent reporting cadence within the evaluation cycle, not a sanction or watchlist. Lithuania then progressed through successive follow-up reports between 2020 and 2023; its fourth Enhanced Follow-Up Report, adopted at the 66th Plenary in December 2023 and published in May 2024, re-rated Recommendation 2 to Compliant.^[26]

MONEYVAL terminated Lithuania’s fifth-round reporting at its 67th Plenary in May 2024 and terminated the related Compliance Enhancing Procedures at its 68th Plenary in December 2024, completing the fifth-round process; Lithuania now awaits evaluation under MONEYVAL’s sixth round.^[30] It holds ratings of Compliant or Largely Compliant on 36 of 40 FATF Recommendations, with four remaining Partially Compliant: R.6 (targeted financial sanctions, terrorism), R.7 (targeted financial sanctions, proliferation), R.15 (new technologies and virtual assets), and R.28 (DNFBP supervision).

The Partially Compliant rating on R.15 (virtual assets) reflects deficiencies identified during the 2020 1st Follow-Up Report: relating to the original VASP registration regime’s weak supervisory framework. The MiCA transition and transfer of supervision to the Bank of Lithuania represent Lithuania’s primary remediation response.

MiCA Passporting and EU Market Access

MiCA passporting is the headline commercial value of Lithuanian CASP authorisation. Under Article 65, a Lithuanian CASP notifies the Bank of Lithuania of its intention to provide cross-border services or establish a branch in other EEA member states. The Bank of Lithuania communicates the notification to host NCAs and ESMA. No separate authorisation, additional capital, or waiting period is required from host countries.^[1]

Both routes are covered: freedom to provide services (cross-border without establishment) and right of establishment (opening a branch). Host NCAs cannot block either route except in extraordinary circumstances. At least one Lithuanian CASP (Micar Assets, UAB) has passported to 29 EEA states as of early 2026.^[27]

The MiCA passport extends across the full EEA. EEA jurisdictions Iceland, Liechtenstein and Norway sit inside the MiCA passport via EEA Joint Committee Decision No 41/2025 of 20 February 2025 (with supplementary RTS via JCD 138/2025 of 13 June 2025); three non-EU/non-EEA jurisdictions in geographical Europe sit outside the passport regime and require local authorisation for local clients: the United Kingdom, Switzerland, and Gibraltar.^[28]

Article 61 reverse solicitation is third-country-only and does not apply to a Lithuanian-authorised CASP marketing to other EU/EEA Member States: passporting via Article 65 is the operative pathway. The ESMA Guidelines on reverse solicitation (26 February 2025) are framed for non-EU operators serving EU clients on a strictly unsolicited basis, with any further same-type marketing confined to the context of the original transaction. See the dedicated reverse solicitation guide for the third-country compliance pattern.^[29]

The ESMA Interim MiCA Register has been operational since December 30, 2024, published as CSV files updated weekly.^[12] Full IT integration is expected mid-2026. As of early 2026, over 40 CASPs were fully authorised across the EU.

Advantages and Limitations

Lithuania offers a genuine commercial proposition for MiCA CASP authorisation: competitive costs, EU passporting, and established fintech infrastructure. The limitations are real but manageable: language barriers, a rigorous regulator, and moderate banking difficulty.

• ✓ Full EU passporting to 30 EEA states. A single Lithuanian authorisation grants cross-border service provision and branch establishment rights across the entire European Economic Area.
• ✓ MiCA capital requirements applied directly, no national overlays. Lithuania follows MiCA minimums (€50,000–€150,000) without the national buffers imposed by Estonia (€100,000–€250,000) or other jurisdictions.
• ✓ Deepest EU fintech ecosystem by EMI count. Over 70 licensed EMIs and CENTROlink infrastructure provide operational banking alternatives.
• ✓ Lower operational costs than Western European alternatives. Personnel, office, and professional service costs in Vilnius are 40–60% lower than Frankfurt, Paris, or Dublin.
• ✓ Regulator with direct crypto supervisory experience. The Bank of Lithuania supervised 370+ VASPs before MiCA: unlike regulators encountering crypto for the first time.
• ✓ Indefinite authorisation with no renewal fees. MiCA CASP authorisation does not expire. Ongoing costs are annual supervision contributions, not renewal fees.
• × Lithuanian-language regulatory proceedings. The primary regulatory language is Lithuanian. Reporting templates are in Lithuanian only. Mitigation: Engage Lithuanian-speaking compliance counsel. Key CASP guidance is published in English.
• × Rigorous fit-and-proper standards. The Bank of Lithuania rejected the majority of initial CASP applications. Mitigation: Prepare comprehensive source-of-wealth documentation from the outset. Engage with the Newcomer Programme before formal filing.
• × Banking access remains moderate to difficult. Traditional banks are cautious with crypto businesses. Client fund safeguarding requires a credit institution relationship (not EMI). Mitigation: Begin banking setup in parallel with the CASP application.
• × Higher corporate tax than Baltic peers. Lithuania’s 17% CIT rate compares unfavourably to Estonia’s 0% on retained profits and Latvia’s 0% retained / 20% distributed model. Mitigation: Qualifying small companies benefit from 7% CIT. Free Economic Zones offer 0% for 10 years.
• × Dual-supervision model increases compliance burden. CASPs report to both the Bank of Lithuania (prudential) and the FCIS (AML/CFT). Mitigation: Appoint compliance staff familiar with both regulators’ expectations.

How Lithuania Compares

Lithuania competes directly with Estonia (the Baltic digital pioneer), Latvia (the cost-conscious alternative), Poland (the CEE market weight), and Malta (the established crypto centre). Each offers MiCA passporting, the key differentiator is cost, timeline, tax, and regulatory maturity.

Compare every crypto jurisdiction side by side →

The key difference is: Lithuania and Latvia both apply MiCA capital requirements directly without national overlays, while Estonia imposes significantly higher minimums (€100,000–€250,000). Lithuania’s advantage over Latvia is its deeper fintech ecosystem (70+ EMIs vs. Latvia’s smaller market) and longer crypto supervisory track record. Lithuania’s disadvantage versus Estonia and Latvia is the 17% CIT rate: companies reinvesting profits pay 0% in Estonia and Latvia.

Poland is currently the only EU member state that has not passed MiCA-implementing legislation following two presidential vetoes. No CASP licensing infrastructure exists. Polish crypto firms are relocating, Lithuania and Estonia are primary destinations.

Jagelski & Partners provides end-to-end crypto licensing support in Estonia, Latvia, and Czech Republic: including company formation, licence application, banking introductions, and post-licensing compliance. See the full Estonia CASP licensing guide →

When Lithuania Is the Right Choice

Choose Lithuania if the priority is EU-wide passporting at the lowest capital cost, with the EMI and CENTROlink ecosystem and Lithuanian-speaking compliance personnel on hand. Consider alternatives if retaining and reinvesting profits is the priority (Estonia or Latvia) or English-language regulatory proceedings are a requirement (Malta). No EU MiCA jurisdiction permits an operation with minimal local substance, though substance requirements differ in scope.

Not sure which column is you? Ask Emma. She compares these jurisdictions in seconds, in your language.

Common Mistakes in Lithuania Applications

The high rejection rate during the VASP-to-CASP transition reveals the most frequent failure patterns. Early CASP applications failed primarily on governance and documentation quality: not on the complexity of the regulatory framework itself.

• Inadequate source-of-funds documentation for beneficial owners. The Bank of Lithuania scrutinises the origin of capital contributed by qualifying shareholders (10%+) with a depth that exceeds many applicants’ expectations. Tax returns, bank statements, and employment records covering 3–5 years are the starting point, not certificates of deposit alone.
• Submitting generic compliance templates. The Bank of Lithuania does not accept compliance documentation adapted from other jurisdictions or downloaded from template libraries. Each document must reference Lithuanian legislation (Law No. VIII-275 for AML), the dual-supervisor model (Bank of Lithuania + FCIS), and the specific goAML reporting interface.
• Underestimating the language barrier. Regulatory filings, reporting templates, and certain correspondence occur in Lithuanian. Applicants without Lithuanian-language capability in their compliance team face operational difficulties post-authorisation.
• Treating the MLRO residency requirement as a formality. The MLRO must be a Lithuanian resident under an employment contract: not a consultant, nominee, or part-time arrangement. The MLRO must have genuine oversight of AML/CFT operations.
• Failing to begin banking setup in parallel. MiCA Article 70 requires client fund safeguarding with a credit institution. Obtaining a credit institution account for a crypto business takes 2–4 months. The banking setup should commence during the compliance documentation preparation phase.
• Conflating old VASP-era requirements with MiCA. The pre-November 2022 requirements (€2,500 capital, no physical office, no fit-and-proper) no longer apply. All pre-MiCA data is obsolete.

Frequently Asked Questions

References