Crypto Business in the EU: How to obtain a CASP license and operate legally
Over the past few years, the European Union has been gradually forming a unified regulatory system for the crypto industry. The foundation of this system is the Markets in Crypto-Assets Regulation (abbreviated as MiCA), which for the first time creates uniform rules for companies working with crypto-assets within the EU.
A key element of this regulation is the Crypto-Asset Service Provider status (hereinafter — CASP) — essentially, a licensed provider of crypto services. It is this license that allows companies to legally provide crypto services to clients in all 27 member states of the European Union.
What is a CASP license?
CASP (Crypto-Asset Service Provider) is the status of a company authorized to provide services related to crypto-assets in accordance with the MiCA regulation.
In effect, it is the equivalent of a financial license for the crypto business.
One of the key advantages of this approach is the passporting principle: once a license is obtained in one country, the company can provide services to clients throughout the European Union without obtaining additional licenses.
For example, if a crypto company obtains a CASP license in France or Lithuania, it will be able to legally serve clients in Germany, Spain, or Italy.
Services covered by a CASP license
The MiCA regulation defines a list of crypto services for which a CASP license is required. These include:
custody and administration of crypto-assets on behalf of clients (custody wallets);
operation of a crypto-asset trading platform (crypto exchange);
exchange of crypto-assets for funds (fiat);
exchange of crypto-assets for other crypto-assets;
execution of orders for crypto-assets on behalf of clients;
reception and transmission of orders;
placement of crypto-assets;
providing investment advice on crypto-assets;
portfolio management of crypto-assets.
Transition period and deadlines
MiCA was adopted in 2023, but its provisions began to apply gradually.
Full application of the regulation started on December 30, 2024. At the same time, a transition period is provided for companies already operating in the EU under national crypto regimes (VASP).
After July 2026, all crypto services in the EU must hold a CASP license.
Key Requirements for CASP Companies
MiCA establishes clear requirements for companies wishing to obtain a crypto license. The main ones concern management structure, capital, compliance, and client protection.
Company registration in an EU Member State
Corporate governance
Statutory capital requirements
Compliance and AML systems
Steps to obtaining a CASP license
Obtaining a crypto license in the European Union is a structured process that involves several consecutive stages.
Companies planning to provide crypto services in compliance with the regulation must not only register a legal entity in the EU but also prepare internal policies, describe their business model, and undergo a review by the national financial regulator.
The licensing procedure typically begins with the establishment of the company and the formation of a management structure. Subsequently, a document package is prepared, including a business plan, compliance policies, and risk management procedures. Upon submission of the application, the regulator conducts a comprehensive assessment of the company, its management, and the proposed operating model.
Below are the main stages of obtaining a CASP license that a crypto company goes through before commencing legal operations in the European Union market.
Step 1. Company formation
The first step to obtaining a CASP is registering a legal entity in the chosen EU country.Includes
Defining the ownership structure, appointing directors, choosing a corporate model, and ensuring jurisdiction presence (office, management, key staff).
Step 2. Preparation of the regulatory document package
The next stage is gathering a full package of documents for submission to the regulator.What to prepare:
A business plan with crypto product details, description of services (exchange, custody, platform), AML/KYC policies, risk management procedures, information on management and shareholders.
Step 3. Application submission and validation
After preparing all documents, the company submits an application to the national financial regulator.Where to submit
For example, in France — Autorité des marchés financiers, in Lithuania — Bank of Lithuania, MFSA in Malta. The regulator checks the completeness of the package within 25 working days.
Step 4. Regulatory review and audit
The regulator conducts a detailed audit of the company before making a decision.What they look for
Checking management and beneficiaries for business reputation, analyzing risks to the market and investors, and evaluating internal AML/KYC systems.
Step 5. Obtaining the License
If the review is successful, the company receives a CASP license and can begin operations.What’s next
The company gains the right to legally provide crypto services in the country of issuance and utilize passporting to operate in other EU countries.
Timeline for obtaining a license
Formally, the MiCA regulation provides for application review within approximately 3–6 months; however, in practice, the entire process can take:
from 6 to 12 months, depending on the complexity of the business model and the jurisdiction.
Conclusion: obtaining a CASP license
is not merely a legal formality, but a strategic asset that opens up access to the world’s richest market, governed by a single set of rules. However, the path to obtaining a licence under MiCA regulations requires meticulous preparation: from choosing the ‘right’ jurisdiction to setting up complex AML procedures.