+372 527 5237
Ask Emma

Banking

Licensing

Formation

Blog About Ask Emma
Book a Consultation
MiCA CASP Authorisation Last updated:

MiCA License: CASP Authorisation and the 1 July 2026 Deadline

The MiCA transition ends on 1 July 2026. After that date the Article 143(3) regime closes and every EU VASP needs a full crypto-asset service provider authorisation to keep serving clients in the Union. Jagelski & Partners maps your services to the MiCA capital class, recommends a cheap-entry passport state over a slow, expensive German BaFin file, and coordinates the white paper, governance, prudential safeguards and the EU passport notification in parallel with the application. License once, passport across all 27 member states plus the EEA.

Book a MiCA Assessment Compare CASP Jurisdictions

Not ready to book? Ask Emma first. She answers now, and if it needs a human she takes your details so the consultation starts ahead.

What Is MiCA / CASP Authorisation?

MiCA, the Markets in Crypto-Assets Regulation (Regulation (EU) 2023/1114), is the EU-wide framework for crypto-asset markets. A crypto-asset service provider (CASP) authorisation is the individual licence a firm obtains from a national competent authority under MiCA Article 63 to provide one or more of the ten crypto-asset services listed in Article 3.[1] MiCA is the rulebook; the CASP authorisation is the permission to operate under it. The two are distinct legal objects, which is why converting a national VASP registration into a CASP authorisation is a fresh application, not a renewal.

In short: the MiCA Article 143(3) transitional regime ends on 1 July 2026, forcing every EU VASP onto a full CASP authorisation to keep serving clients in the Union. The conversion gap is large: only around 204–210 CASPs were authorised across 23 member states by mid-May 2026, against 1,200-plus pre-MiCA national VASP registrations. For boutique-fit operators the efficient play is to license in a cheap-entry passport state and passport across the EU under Article 65, not to chase a slow, expensive German BaFin licence.

MiCA applied in two stages. The stablecoin titles, Title III for asset-referenced tokens (ART) and Title IV for e-money tokens (EMT), applied from . The CASP regime under Title V applied from , with a transitional regime under Article 143(3) letting pre-existing national VASPs continue under their old registration for a national window of up to 18 months.[2] That window has a hard EU-wide ceiling, and the ceiling is now in sight.

A CASP authorisation from any one EU or EEA member state passports the authorised services across all 27 member states plus Iceland, Liechtenstein and Norway under MiCA Article 65, after a host-state notification.[3] The three EEA EFTA states sit inside the passport via EEA Joint Committee Decision No 41/2025 of .[4] The United Kingdom, Switzerland and Gibraltar sit outside the regime and require local authorisation for local clients.

The decision is rarely about finding the cheapest member state. It is about finding the lowest-cost state whose regulator, banking ecosystem and substance expectation the operator can actually meet, then passporting from there into the markets that matter. That short sentence is the entire framing of this page. Operators comparing states across capital, timeline and service scope can use the interactive crypto-licensing comparison tool alongside it.

Who Needs a CASP Authorisation?

A CASP authorisation is required by any firm providing one or more of the ten crypto-asset services in MiCA Article 3 to clients in the Union. The trigger is the activity, not the firm's label: holding client crypto-assets, running an exchange or trading venue, executing or transmitting client orders, placing crypto-assets, advising, managing portfolios, or transferring crypto-assets on behalf of clients all fall inside the perimeter. The operators that need to act now are EU VASPs whose national registration expires at the Article 143(3) ceiling.

In short: every EU VASP currently operating under a pre-MiCA national registration must either hold a granted CASP authorisation or have a complete, timely application on file before 1 July 2026. Non-EU operators serving EU clients need an EU-incorporated CASP entity; reverse solicitation under Article 61 is a narrow exception, not a market-entry route.

The ten regulated crypto-asset services

MiCA Article 3 enumerates the services that require authorisation: custody and administration of crypto-assets on behalf of clients; operation of a trading platform; exchange of crypto-assets for funds; exchange of crypto-assets for other crypto-assets; execution of orders on behalf of clients; placing of crypto-assets; reception and transmission of orders on behalf of clients; advice on crypto-assets; portfolio management on crypto-assets; and transfer services for crypto-assets on behalf of clients. A firm is authorised for the specific services it applies for and can passport only those, which is why scoping the service set correctly at application stage is the first decision on every mandate.

EU VASPs facing the 1 July 2026 deadline

The largest population is existing EU VASPs. Any firm holding a national crypto registration, for example a former Estonian, Lithuanian or French VASP, must convert to a CASP authorisation to keep serving EU clients past the transitional ceiling. The conversion is not automatic: the CASP file is materially heavier than the old VASP registration, requiring a programme of operations, a governance and prudential package, and a crypto-asset white paper where the firm offers or seeks admission to trading of crypto-assets other than ARTs or EMTs under MiCA Articles 6 to 8. Firms that wait until spring 2026 to start risk missing the window for a complete application.

The conversion gap

The scale of the gap is the urgency. Only around 204–210 CASPs were authorised across 23 member states by mid-May 2026, against more than 1,200 pre-MiCA national VASP registrations.[5] The distribution is concentrated: Germany held roughly 53 (more than a quarter of the EU total), the Netherlands around 25, France and Norway about 13 each, Malta 12, Spain around 11, Lithuania around 10, and Austria around 9. Most pre-MiCA VASPs have not yet converted, which means the regulators face a queue and the firms that file early are the ones most likely to clear review before the ceiling. Practitioner observation: the slowest part of a conversion is rarely the regulator; it is the operator assembling the governance, white paper and prudential evidence the CASP file demands and the old VASP registration never did.

Non-EU operators and reverse-solicitation limits

Non-EU operators serving EU clients need an EU-incorporated CASP entity. Reverse solicitation under MiCA Article 61 was tightened by ESMA Guidelines published and is the exception, not the rule.[6] The exemption is operationally narrow: targeted advertising, EU-language websites, country-code TLDs, sponsorship of EU events, EU-based influencers, and affiliate or referral programmes that direct EU traffic all defeat it. ESMA also confines further or same-type marketing to a reverse-solicited client to the context of the original transaction, after which CASP authorisation is required for any ongoing relationship. An offshore entity cannot rely on Article 61 as a market-entry strategy; a non-EU operator cannot scale a recurring EU-client relationship through reverse solicitation alone. The reverse-solicitation explainer sets out the operational triggers in full.

Where to Get Licensed

Because a CASP authorisation passports across the whole EU and EEA, the member state of authorisation is a cost-and-speed decision, not a market-access one. The minimum capital is set by MiCA and identical everywhere; what varies is the advisory cost, the regulator's processing speed, the file language, and the local substance expectation. The efficient play for a boutique-fit operator is to license in a cheap-entry passport state and passport into the larger markets, including Germany, rather than license directly where the file is heaviest.

In short: license cheap, passport in. 86% of authorised CASPs hold cross-border rights, and Germany is the top passporting destination, with 151 of 180 cross-border CASPs targeting it. Operators reach German and EU access by licensing in a cheaper-entry state such as Lithuania, the Czech Republic, Estonia or Malta and notifying the German market under MiCA Article 65, not by filing a 200-page BaFin application directly.

The license-cheap, passport-in thesis

The structural fact that drives the strategy is concentration of demand, not concentration of supply. Germany held roughly 53 of the 204–210 CASPs authorised across the EU by mid-May 2026, more than a quarter of the total, and is the single largest destination for inbound passporting: 151 of the 180 cross-border CASPs in the register target the German market.[7] Most of those firms did not license in Germany. They licensed in a cheaper-entry state and passported in, which is the route 86% of authorised CASPs have used. Germany is best understood as a destination you reach by passport, not an origin you license in.

Unlike a cheap-entry CASP file in Lithuania or the Czech Republic, the German BaFin route is slow and expensive: 200-plus-page application files, 12 to 24 month timelines, and advisory budgets of EUR 80,000 to EUR 200,000, with a cohort dominated by large, well-capitalised incumbents.[8] For an operator that needs a grant before the 1 July 2026 ceiling and does not have a Tier-1 compliance team in place, that path carries both timeline and fit risk. The same EU market is reachable for a fraction of the cost and time from a passport state, and the resulting authorisation is identical in legal effect because MiCA harmonises the substantive rules. Germany, France and the Netherlands are explainer territory on this page, not the recommended route.

The cheap-entry passport states

The cheap-entry cluster spans the Baltics, Central Europe and the Iberian peninsula. Each is an EU member state whose CASP authorisation passports across the Union, and each carries the same MiCA capital floors; they differ on processing speed, file language, ecosystem maturity and how far the national transitional window has already run. The table below compares the eleven states most relevant to a boutique-fit MiCA conversion, with the German destination shown for contrast at the foot.

Lithuania is the most-used Baltic entry point, with a deep fintech ecosystem and a regulator, the Bank of Lithuania, experienced in onboarding crypto and EMI firms; its national VASP transition expired during 2025, so conversions there run as fresh CASP files. The Czech Republic pairs a low cost base with the Czech National Bank as competent authority. Estonia, the original EU crypto-registration hub, and Latvia round out the Baltic options: Estonia runs at the 18-month outer bound to 1 July 2026, while Latvia's national window closed on , so Latvian conversions also run as fresh CASP files. Each links through to a full jurisdiction page below.

Malta and Cyprus are the established Mediterranean CASP centres, both at the 18-month maximum running to 1 July 2026; Cyprus required existing national-regime CASPs to file a complete MiCA application with CySEC by , after which they may continue only until a CySEC decision or the EU-wide ceiling, whichever is sooner.[9] Spain (CNMV) and Portugal (CMVM/Banco de Portugal) are the Iberian options, both at the maximum window. Slovakia is a low-cost Central European entry whose national window expired in 2025.

Romania and Poland sit in a legal-uncertainty cluster: neither had an enacted national MiCA framework as of .[10] Poland is the sharper case. President Karol Nawrocki vetoed the national Crypto-Assets Market Act on and again on , and the Sejm's second override attempt failed on by 243 votes to the 263 required, leaving Poland without an authorising competent authority.[11] Polish-registered VASPs lose the right to provide crypto-asset services on 1 July 2026 unless implementing legislation is adopted first; foreign EU-authorised CASPs can passport into Poland, but Polish VASPs cannot passport out.

A third version of the Act passed the Sejm in and was transmitted to the President. Until it is signed and in force, operators incorporated in Poland or Romania for a CASP product should plan for relocation or migration against the 1 July 2026 ceiling regardless.

Passport-state comparison

The eleven cheap-entry member states share an identical MiCA capital regime and an identical EU/EEA passport; they differ on processing speed, file language, ecosystem maturity and national transitional status. Germany is shown at the foot as the passporting destination, not a recommended origin. The capital column shows the MiCA Class 1 / Class 2 / Class 3 floor common to every member state. The Year-1 cost column shows each state's total first-year range from our licensing matrix, covering advisory, government fees and substance, with capital treatment as marked; the timeline column shows observed end-to-end ranges from engagement to grant, not the statutory assessment period.

Member stateCompetent authorityMiCA capital (Class 1 / 2 / 3)Year-1 costTypical end-to-end timelineTransitional status (Art. 143(3))EU/EEA passportJurisdiction page
LithuaniaBank of Lithuania€50k / €125k / €150k€124k–420.5k4–8 monthsNational window expired 2025Full passportLithuania CASP
Czech RepublicCzech National Bank€50k / €125k / €150k€200k–475k excl. capital9–18 monthsNational window expired 2025Full passportCzech Republic CASP
EstoniaFinantsinspektsioon€50k / €125k / €150k€80k–220k6–12 months18-month max → 1 Jul 2026Full passportEstonia CASP
LatviaLatvijas Banka€50k / €125k / €150k€185k–500k incl. capital6–9 monthsNational window closed 30 Jun 2025Full passportLatvia CASP
SlovakiaNárodná banka Slovenska€50k / €125k / €150k€40k–85k3–9 monthsNational window expired 2025Full passportSlovakia CASP
MaltaMFSA€50k / €125k / €150k€350k–900k9–18 months18-month max → 1 Jul 2026Full passportMalta CASP
CyprusCySEC€50k / €125k / €150k€350k–700k8–14 monthsApplication due 27 Feb 2026; ceiling 1 Jul 2026Full passportCyprus CASP
SpainCNMV€50k / €125k / €150k~€158k–510k incl. capital5–9 months18-month max → 1 Jul 2026Full passportSpain CASP
PortugalCMVM / Banco de Portugal€50k / €125k / €150k€135k–443k incl. capital6–12 months18-month max → 1 Jul 2026Full passportPortugal CASP
RomaniaASF (framework pending)€50k / €125k / €150k€100k–220k (framework pending)6–9 monthsLegal-uncertainty clusterNo NCA to passport from yetRomania CASP
PolandKNF (no authorising law)€50k / €125k / €150kUncertain (Act vetoed)No national route yetVASPs lose rights 1 Jul 2026Cannot passport outPoland CASP
Germany (destination, not origin)BaFin€50k / €125k / €150kHigh (€80k–200k advisory)12–24 monthsNational window expired 2025Full passportPassport in from a cheaper state

The column to read first is the transitional status. Where a national window has expired or sits in the legal-uncertainty cluster, a fresh CASP file is the only path, and the firms with a complete application on record before 1 July 2026 are the ones that keep operating without a gap. The capital column is constant by design: it is set by MiCA, not by the member state, so it cannot be used to rank jurisdictions.

The statutory clock is not the constraint. MiCA Article 63 gives every competent authority the same timetable: 25 working days for the completeness check plus 40 working days for the substantive assessment; the clock may be suspended once, for up to 20 working days, while the applicant answers the authority’s first request for further information (Article 63(10)) – later requests do not stop it.[1] That is roughly three months of regulator time, yet the observed end-to-end timelines in the table run 3–18 months across the MiCA states (longer still in Germany).

The gap is the file, not the authority: preparation of the governance, prudential and banking evidence before submission, and stop-the-clock information-request rounds after it, dominate the calendar. An operator budgeting to the statutory clock alone is planning to a calendar that does not exist in practice; the firms that reach grant fastest submit a complete file and answer information requests from a prepared desk.

Editorial position: for a boutique-fit operator the practical shortlist is Lithuania, the Czech Republic, Estonia or Malta, chosen on regulator familiarity with the specific service set and on how quickly the firm can stand up local substance. Germany, France and the Netherlands are where the clients are, reachable by passport. The legal-uncertainty pair, Romania and Poland, should be avoided as an origin until their national frameworks are enacted.

Key Requirements

The MiCA CASP file turns on a small number of pillars that are harmonised across every member state: prudential capital by service class, governance and fit-and-proper management, the crypto-asset white paper where the firm offers crypto-assets to the public, and the prudential safeguards over client assets and funds. The substantive rules are identical EU-wide because they are set by the regulation; what differs between states is the regulator's processing speed and evidence expectation, not the bar itself.

In short: a CASP file rests on four pillars: prudential capital (Class 1 EUR 50,000, Class 2 EUR 125,000, Class 3 EUR 150,000, or one quarter of fixed overheads if higher), governance and management body fit-and-proper, the crypto-asset white paper under Articles 6 to 8 where applicable, and prudential safeguards including the segregation of client crypto-assets and funds. The capital floors are MiCA-set and identical in every member state.

Capital classes 1, 2 and 3

MiCA Article 67 and Annex IV set three prudential classes keyed to the services provided. Class 1 requires EUR 50,000 of minimum capital and covers reception and transmission of orders, execution, placement, advice, and portfolio management. Class 2 requires EUR 125,000 and adds custody and administration of crypto-assets and the exchange of crypto-assets for funds or other crypto-assets. Class 3 requires EUR 150,000 and covers operating a trading platform.[12] The binding figure is the higher of the class floor and one quarter of the prior year's fixed overheads under Article 67(1), so a firm with a large cost base holds more than the headline number. Because the figures are fixed by the regulation, capital cannot be used to rank one member state cheaper than another.

Governance and fit-and-proper management

Every CASP must have a management body of sufficiently good repute and with adequate knowledge, skills and experience under MiCA Article 68, and shareholders or members holding qualifying participations must themselves be fit and proper. The firm needs sound administrative and accounting procedures, business-continuity arrangements, and effective internal control and risk-assessment mechanisms. Practitioner observation: the governance package is where converting VASPs lose the most time, because a national VASP registration rarely required a documented management body, conflicts policy and outsourcing register at CASP depth, and assembling that evidence cold takes longer than the regulator's own review. A locally substantive board and a senior compliance function are the practical floor.

The crypto-asset white paper

A firm that offers crypto-assets other than ARTs or EMTs to the public, or seeks their admission to trading, must draw up a crypto-asset white paper compliant with MiCA Articles 6 to 8 and notify it to the competent authority.[13] The white paper sets out the project, the rights and obligations attached to the crypto-asset, the underlying technology, and the risks, and it must include the prescribed mandatory statements and a summary. It is a different document from the offering memorandum many operators already hold: the MiCA content schedule is specific, and a marketing-led document will not satisfy it. Where a CASP only provides services in respect of existing crypto-assets it does not issue, the white-paper obligation may not bite, which is part of scoping the file correctly.

Prudential safeguards over client assets

MiCA imposes strict safeguarding of client holdings. Under Article 70, a CASP holding client funds that are not e-money tokens must place them with a central bank or a credit institution by the end of the following business day, segregate them from its own assets, and protect client ownership rights, in particular in the event of insolvency. CASPs providing custody under Article 75 must keep a position register, segregate clients' crypto-assets from their own, and are liable for loss of clients' crypto-assets up to the market value of the assets lost.[14] Editorial position: the firms that clear review cleanly are the ones whose client-asset segregation and the supporting banking are confirmed before the substantive review opens, not the ones that treat banking as a post-grant task.

AML and operational resilience

Two horizontal regimes sit over the CASP file. On AML, the EU AML Reform Package (Regulation (EU) 2024/1624, the AMLR; Regulation (EU) 2024/1620 establishing AMLA; Directive (EU) 2024/1640) applies from , with AMLA operational since ; the AMLR prohibition on anonymous accounts and accounts using anonymity-enhancing coins under Article 79 and the EU-wide EUR 10,000 cash-payment limit under Article 80 both take effect from 10 July 2027.[15] On operational resilience, the Digital Operational Resilience Act (Regulation (EU) 2022/2554) has applied since to in-scope financial entities, mandating an ICT risk-management framework, a register of ICT third-party providers, and incident reporting; CASPs should size DORA readiness into the application timeline rather than treat it as a post-grant build.[16]

How Jagelski & Partners Helps

Jagelski & Partners coordinates MiCA CASP authorisation as a single mandate that runs the jurisdiction call, the CASP application, the white paper, governance and prudential build, banking placement, and the EU passport notification in parallel rather than in sequence. We assess the operator's service set first, then recommend the cheap-entry passport state that fits the firm's substance, timeline and banking tolerance, then sequence the workstreams so the capital, governance and banking arrive ahead of the regulator asking, with the 1 July 2026 ceiling as the fixed point.

The first work item on every mandate is a service-scope and jurisdiction call. A converting VASP running an exchange and custody, needing Class 2 capital and a fast grant before the ceiling, gets a different recommendation than an advisory-only firm that needs only Class 1 and can afford a slower file. We do not recommend a member state before mapping the operator's crypto-asset services against MiCA Article 3, the markets it actually targets, and whether it issues any crypto-asset that triggers the white-paper obligation. The recommendation is driven by regulator familiarity with the specific service set and how quickly the firm can stand up local substance, not by headline fee, because the MiCA capital floors are identical everywhere.

Once the state is selected, we run formation in parallel with the CASP application. That means a locally substantive entity with a fit-and-proper management body and registered office in place before the file is submitted, with senior-management interviews scheduled where the competent authority requires them. We coordinate formation through our company formation service at the depth the authorisation requires, not the cheapest depth available, and we scope the file so the firm passports only the services it actually needs.

The banking placement runs alongside, not after. A CASP is a high-risk category at every acquirer and EMI, and the Article 70 requirement to place client funds with a central bank or credit institution by the next business day makes pre-qualification a gating item, not a post-grant task. Pre-qualification with institutions that have an active programme for licensed crypto firms is the difference between a four-week banking timeline and a four-month one. Editorial position: the operators who land their CASP grant cleanly are not the ones with the strongest paperwork. They are the ones whose client-asset banking was confirmed before the competent authority opened the substantive review. Banking pre-qualification is handled through our high-risk business accounts workflow.

The white paper, AML manual, governance and conflicts policies, risk-management framework, and DORA readiness are sequenced into the application timeline so that on the day the authorisation is granted the operator can go live and notify the passport, not start a three-month build. Post-grant we handle the Article 65 passport notifications into the destination markets, ongoing reporting, qualifying-holding changes, and the supervisory milestones that fall due. The broader crypto-licensing context, including the full jurisdiction set, sits on the crypto licensing pillar page.

A CASP authorisation without banking access is a certificate on the wall. A CASP must place client funds with a central bank or a credit institution by the end of the next business day under MiCA Article 70, so client-asset banking is a gating requirement, not an afterthought. Jagelski & Partners coordinates banking placement alongside the authorisation, with pre-qualification across a network of 90+ banking and payment institutions before any formal application. The institutional rates the client sees are the rates the institution applies, with no markup added. See banking for regulated businesses for the full placement model.

For licensing work, Jagelski & Partners is engaged by the client on a fixed-fee or fixed-fee-plus-success basis depending on the mandate. For banking placement coordinated alongside, Jagelski & Partners is paid by the institution, not by the client. We do not mark up institutional banking or EMI pricing, and we do not charge a banking onboarding fee. The institutional rates the client sees on banking onboarding documentation are the rates the institution applies.

Frequently Asked Questions

The deadline and the regime

1 July 2026 is the hard ceiling of the MiCA Article 143(3) transitional regime, the EU-wide outer bound after which no pre-MiCA national VASP registration can carry crypto-asset services in the Union. Member States set their own shorter transitional windows under Article 143(3): the states at the 18-month maximum running to 1 July 2026 are France, Luxembourg, Malta, Cyprus, Estonia, Spain, Italy and Bulgaria; Germany, Ireland, Slovakia, Austria and Lithuania saw their national windows expire during 2025, and Latvia and the Netherlands closed theirs on (the Dutch statutory transition ended early even though the Article 143(3) ceiling remains the EU-wide outer bound). After the ceiling, a VASP without a granted CASP authorisation or a complete, timely application under national grandfathering must stop providing services. The conversion is not automatic: a VASP registration and a CASP authorisation are different legal objects with different files.

MiCA, Regulation (EU) 2023/1114, is the EU-wide regulation. A CASP authorisation is the individual licence a firm obtains from a national competent authority under MiCA Article 63 to provide one or more of the ten crypto-asset services listed in Article 3(1)(16). MiCA is the rulebook; the CASP authorisation is the permission to operate under it. A single CASP authorisation from any one EU or EEA member state carries a passport to provide the authorised services across all 27 member states plus Iceland, Liechtenstein and Norway under MiCA Article 65, after a host-state notification process. Stablecoins sit in a separate Title III/IV regime for asset-referenced tokens and e-money tokens, which has applied since 30 June 2024.

Choosing a jurisdiction

There is no single cheapest state; the answer turns on the service set, the substance the firm can put on the ground, and how fast the operator needs the grant. Lithuania, the Czech Republic, Estonia, Latvia, Slovakia, Romania, Spain and Portugal are the cheap-entry cluster, with regulatory and advisory costs well below the German BaFin route. The MiCA minimum capital is identical in every member state because it is set by the regulation, not by national law: EUR 50,000 for Class 1 services, EUR 125,000 for Class 2, and EUR 150,000 for Class 3. What varies is the advisory cost, the regulator's processing speed, the language of the file, and the local substance expectation. The right state is the one whose cost, speed and substance fit the operator, not the one with the lowest headline fee.

Germany is the single largest CASP market, with roughly 53 of the 204 to 210 CASPs authorised across the EU by mid-May 2026, more than a quarter of the total, and it is the top destination for cross-border passporting: 151 of 180 cross-border CASPs target it. But the BaFin route is slow and expensive, with 200-plus-page application files, 12 to 24 month timelines, and advisory budgets of EUR 80,000 to EUR 200,000, and the cohort that completes it is dominated by large, well-capitalised firms. For a boutique-fit operator the efficient play is to license in a cheaper-entry passport state and passport into Germany under MiCA Article 65, which is exactly what most of the 86% of CASPs that hold cross-border rights have done. Germany is best understood as a destination you reach by passport, not an origin you license in.

Yes. A CASP authorisation from any one EU or EEA national competent authority passports the authorised services across all 27 EU member states plus the three EEA EFTA states, Iceland, Liechtenstein and Norway, which sit inside the MiCA passport via EEA Joint Committee Decision No 41/2025 of 20 February 2025. Under MiCA Article 65 the home authority notifies the host authorities of the firm's intention to operate cross-border, and the firm may begin once the notification process completes. The passport covers only the services for which the firm is actually authorised: a Class 1 advisory CASP cannot passport custody or exchange services it does not hold. 86% of authorised CASPs hold cross-border rights, which is the structural reason the license-cheap-passport-in route works.

Capital, stablecoins and scope

MiCA Article 67 and Annex IV set three prudential classes by service. Class 1 requires EUR 50,000 minimum capital and covers advice, reception and transmission of orders, execution, and placement. Class 2 requires EUR 125,000 and covers custody and administration of crypto-assets on behalf of clients, plus the exchange of crypto-assets for funds or other crypto-assets. Class 3 requires EUR 150,000 and covers operating a trading platform for crypto-assets. The binding figure is the higher of the fixed minimum capital and one quarter of the prior year's fixed overheads under Article 67(1), so a firm with large operating costs holds more than the class floor. The capital figures are set by the regulation and identical in every member state; they are not a lever a cheaper jurisdiction can move.

Not as a market-entry strategy. Reverse solicitation under MiCA Article 61 is the only narrow exception to the Article 59 requirement that crypto-asset services to clients in the Union be provided by an authorised CASP, and ESMA tightened it in Guidelines published 26 February 2025. The exemption is defeated by targeted advertising into the EU, EU-language websites, country-code top-level domains, sponsorship of EU events, EU-based influencers, and affiliate or referral programmes that direct EU traffic. It is also confined to the context of the original transaction, so a third-country firm cannot scale a recurring EU-client relationship on it. Sustained EU-client business requires an EU-incorporated, CASP-authorised entity. An offshore entity cannot rely on Article 61 to build an EU client base.

MiCA covers stablecoins under a separate regime from CASP services. Asset-referenced tokens (ARTs) are governed by Title III and e-money tokens (EMTs) by Title IV, both of which have applied since 30 June 2024, ahead of the CASP rules in Title V that applied from 30 December 2024. Issuing an ART requires authorisation as an ART issuer or a credit institution; issuing an EMT requires authorisation as a credit institution or an electronic money institution under the second Electronic Money Directive. A CASP authorisation under Title V lets a firm provide services in respect of crypto-assets, including stablecoins, but it does not by itself permit the firm to issue an ART or an EMT. Issuance and service provision are distinct permissions; an operator that both issues and services a stablecoin needs both.

Poland is in a legal-uncertainty cluster. President Karol Nawrocki vetoed the national Crypto-Assets Market Act on and again on , and the Sejm's second override attempt failed on by 243 votes to the 263 required, leaving Poland without an authorising national competent authority. Polish-registered VASPs lose the right to provide crypto-asset services on 1 July 2026, the MiCA Article 143(3) hard ceiling, unless implementing legislation is adopted before that date. Foreign EU-authorised CASPs can passport into Poland; Polish VASPs cannot passport out. Operators currently incorporated in Poland for a CASP product should plan for relocation or migration to an authorising state well ahead of the deadline.

Convert Your VASP Before 1 July 2026

Jagelski & Partners maps the operator's crypto-asset services to the MiCA capital class, recommends a cheap-entry passport state over a slow BaFin file, and sequences the white paper, governance, banking and the Article 65 passport notification in parallel. License once, passport across the EU and EEA.

Book a MiCA Assessment View Crypto Licensing

Related Services

References

Show all references
  1. European Union, Regulation (EU) 2023/1114 on Markets in Crypto-Assets (MiCA), Article 3 (definitions of crypto-asset services) and Article 63 (authorisation as a CASP), OJ L 150/40, eur-lex.europa.eu, accessed .
  2. European Union, Regulation (EU) 2023/1114 (MiCA), Article 143(3) (transitional measures for existing service providers) and Article 149 (application dates: Titles III and IV from 30 June 2024, Title V from 30 December 2024), OJ L 150/40, eur-lex.europa.eu, accessed .
  3. European Union, Regulation (EU) 2023/1114 (MiCA), Article 65 (provision of crypto-asset services on a cross-border basis), OJ L 150/40, eur-lex.europa.eu, accessed .
  4. EEA Joint Committee, Decision No 41/2025 of 20 February 2025 incorporating MiCA into the EEA Agreement (supplementary RTS via JCD 138/2025 of 13 June 2025), efta.int, accessed .
  5. European Securities and Markets Authority, MiCA interim register of authorised crypto-asset service providers (interim register snapshot, approximately 204–210 CASPs across 23 member states as at ), esma.europa.eu, accessed .
  6. European Securities and Markets Authority, Guidelines on reverse solicitation under MiCA (ESMA35-1872330276-2030), (applicable from 27 April 2025), esma.europa.eu, accessed .
  7. European Securities and Markets Authority, MiCA interim register (cross-border passporting share of authorised CASPs and Germany as principal passporting destination; figures as at the May 2026 register view), esma.europa.eu, accessed .
  8. Bundesanstalt für Finanzdienstleistungsaufsicht (BaFin), Authorisation as a crypto-asset service provider under MiCAR (application requirements and process), bafin.de, accessed . [Practitioner timeline and advisory-cost ranges: Tier-2 market sources.]
  9. Cyprus Securities and Exchange Commission, Press release on the MiCA transitional period and the 27 February 2026 application deadline for existing national-regime CASPs, , cysec.gov.cy, accessed .
  10. European Securities and Markets Authority, Updated overview of Member State transitional periods under MiCA Article 143(3) (ESMA75-113276571-1679, 17 April 2026; ESMA75-113276571-1631, 4 December 2025), esma.europa.eu, accessed .
  11. Polish Financial Supervision Authority (KNF) and Sejm of the Republic of Poland, Crypto-Assets Market Act: presidential vetoes (1 December 2025; 12 February 2026) and Sejm override vote (18 April 2026, 243 of 263 required); KNF position published , knf.gov.pl, accessed .
  12. European Union, Regulation (EU) 2023/1114 (MiCA), Article 67 and Annex IV (prudential requirements: minimum capital by class – EUR 50,000 / EUR 125,000 / EUR 150,000), OJ L 150/40, eur-lex.europa.eu, accessed .
  13. European Union, Regulation (EU) 2023/1114 (MiCA), Articles 6 to 8 (content, form and notification of the crypto-asset white paper), OJ L 150/40, eur-lex.europa.eu, accessed .
  14. European Union, Regulation (EU) 2023/1114 (MiCA), Article 70 (safekeeping of clients' funds) and Article 75 (custody and administration of crypto-assets on behalf of clients), OJ L 150/40, eur-lex.europa.eu, accessed .
  15. European Union, Regulation (EU) 2024/1624 (AMLR), Articles 79 and 80; Regulation (EU) 2024/1620 (AMLA); Directive (EU) 2024/1640 (AMLD6), eur-lex.europa.eu, accessed .
  16. European Union, Regulation (EU) 2022/2554 on digital operational resilience for the financial sector (DORA), OJ L 333/1, eur-lex.europa.eu, accessed .