MiCA in Europe in 2026: CASP Rules, Country Differences, and Market Entry Strategy
MiCA is now the central EU framework for crypto-assets and crypto-asset services that are not already regulated under other EU financial-services legislation. In practical terms, it moved the market away from fragmented national registration models and toward a more harmonised authorisation regime across the Union.
That shift matters for more than compliance. It affects market entry timing, jurisdiction selection, governance design, token structuring, outsourcing models, and the value of older VASP structures that were built under national rules before MiCA became fully applicable.
This guide is written for founders, operators, investors, and buyers who need a reliable view of the real MiCA position in 2026. We cover the legal framework, the current supervisory position, the main national differences, and the practical choice between three routes: a fresh CASP application, an Article 60 notification where available, or the acquisition of an existing structure.
For convenience, we have listed the main official resources at the end of this page for reviewal of the underlying legal and regulatory materials directly.
- At Legasset, we help clients navigate MiCA from both directions. We support new CASP authorisation projects, including jurisdiction selection, regulatory structuring, and transaction-readiness planning, and we also assist with the review and sourcing of existing VASP or CASP opportunities where an acquisition route may be commercially stronger. In practice, that means helping clients choose not only a compliant path, but the one that is realistically executable for their business model, timing, and risk profile.
Discuss MiCA adaptation, new applications, or licences for sale with our experts.
Publish Date
19 Mar 2026
Reading Time
30 minutes
Category
Legal Guides
Jurisdiction
EU
Key Takeaways On MiCA in Europe in 2026
MiCA is now a live market-entry regime. The EU crypto framework is no longer in a preparation phase. CASP rules apply, national authorities are issuing authorisations, and ESMA’s register and current supervisory work now give businesses a clearer picture of how MiCA functions in practice.
MiCA did not create one perfectly uniform practical market. The regulation is EU-wide, but transition periods, local implementation steps, filing conditions, and supervisory posture still differ by country.
Not every crypto business needs the same regulatory route. Some firms need a full CASP authorisation, some regulated institutions may use an Article 60 notification, and some token models require separate analysis under payments, e-money, or other financial-services rules.
EMT and stablecoin-related models need extra care. Where a project involves ARTs, EMTs, or payment-like flows, MiCA alone may not be enough. In some cases, the structure must also be assessed under the payment-services framework.
A legacy VASP is no longer automatically valuable. Older national registrations can still help in some cases, but only where the target has real transition value, credible governance, clean compliance history, and a usable operational setup.
The best MiCA jurisdiction depends on the business model. There is no single best country for every project. The right choice depends on the service scope, target timeline, shareholder profile, governance readiness, and whether institutional credibility or speed is the main priority.
Governance and substance now sit at the centre of authorisation. Regulators are not only checking legal documents. They are assessing management quality, outsourcing control, source of funds, local presence, internal policies, and operational credibility.
Passporting helps, but it does not remove planning risk. MiCA gives authorised firms an EU-wide route, but businesses still need to plan around national transition deadlines, filing conditions, and local implementation realities.
Authorisation is only the start. MiCA creates ongoing obligations around conduct, governance, complaints, conflicts, operational resilience, and wider compliance interaction with AML/CFT, DORA, sanctions, tax transparency, and sometimes payments law.
The strongest projects begin with route selection. Before spending money on a filing or acquisition, firms should determine whether they need a fresh application, whether a notification is legally available, or whether an existing target offers real value after due diligence.
What MiCA Is And When It Started Applying
MiCA is Regulation (EU) 2023/1114. It lays down uniform EU rules for the public offer and admission to trading of crypto-assets, the authorisation and supervision of crypto-asset service providers, the issuance of asset-referenced tokens, the issuance of electronic money tokens, and market-abuse controls for crypto-assets.
The timeline is often misunderstood. The rules for ARTs and EMTs started applying on 30 June 2024. The broader MiCA regime, including the CASP framework, started applying on 30 December 2024. Any serious project now has to work with both dates, because token classification and service classification can trigger different parts of the regime.
MiCA does not regulate everything that touches crypto. If a token qualifies as a financial instrument, MiCA does not replace the existing MiFID-style perimeter. It also does not give a universal answer for every DeFi, staking, lending, borrowing, or hybrid token model. Those still require careful perimeter analysis under several parallel regimes.
The practical lesson is simple. MiCA is a strong new framework, but it is not a shortcut around classification work. In many projects, the first legal question is still whether the model truly sits inside MiCA, partly inside MiCA, or outside it.
Which Businesses Need A MiCA CASP Authorisation
A crypto-asset service provider is a legal person or undertaking whose business is the provision of one or more crypto-asset services to clients on a professional basis. That is the core entry gate for most trading, brokerage, custody, exchange, and transfer models in the EU crypto market.
The main MiCA crypto-asset services include custody and administration of crypto-assets on behalf of clients, operation of a trading platform, exchange of crypto-assets for funds, exchange of crypto-assets for other crypto-assets, execution of orders, reception and transmission of orders, placing of crypto-assets, advice on crypto-assets, portfolio management on crypto-assets, and transfer services for crypto-assets on behalf of clients. National regulator pages present these services in slightly different practical language, but the underlying framework is the same.
| MiCA Service | Plain-English Meaning | Typical Business Example |
|---|---|---|
| Custody and administration | Holding client crypto-assets or keys | Custody wallet provider |
| Trading platform operation | Running a venue where crypto-assets are traded | Exchange or order-book venue |
| Exchange for funds | Crypto-fiat conversion | Broker or exchange desk |
| Exchange for crypto | Crypto-to-crypto conversion | Swap platform |
| Execution of orders | Executing client instructions | Brokerage execution model |
| Reception and transmission | Taking client orders and passing them on | Introducing or routing model |
| Placing | Marketing or placing crypto-assets for issuers | Token placement activity |
| Advice | Personal recommendations on crypto-assets | Advisory business |
| Portfolio management | Managing portfolios with client mandate | Managed crypto portfolio model |
| Transfer services | Transferring crypto-assets for clients | Transfer or payment-linked crypto flow |
Not every firm needs a full CASP authorisation. MiCA allows certain already regulated entities to provide some crypto-asset services through a notification route rather than a full new authorisation. That route is important for banks, investment firms, e-money institutions, UCITS managers, AIFMs, market operators, and central securities depositories in the cases allowed by MiCA.
This point is commercially important. Some groups do not need to build an entirely new CASP platform if an existing regulated entity can use the notification path. But that only works where the legal category truly qualifies and where the intended service scope fits the relevant MiCA provisions. A rushed “notification strategy” can fail for the same reason as a weak new application: the operational model does not match the legal route.
Governance, Substance, And Real Presence Under MiCA
MiCA is not a light-touch registration system. ESMA has already stressed, through its supervisory convergence work, that CASP authorisations should be reviewed with attention to substance, governance quality, staff suitability, outsourcing controls, and the ability of the firm to operate as more than a shell. ESMA’s MiCA materials also show how much of the post-2024 work has focused on convergence in the authorisation process.
That has several practical consequences.
- First, a CASP needs a credible management body. The application is not only about the corporate vehicle. Authorities want to see who makes decisions, whether those people are fit for the proposed business, and whether control functions are real.
- Second, a CASP needs real operational capacity. A firm that outsources too much without retaining real control is exposed. Outsourcing remains possible, but outsourcing is not a substitute for governance.
- Third, ownership and funding sources matter. The Bank of Lithuania’s public MiCA material is one of the clearest official examples of the stricter tone that some regulators now apply. Lithuania openly links MiCA supervision with AML/CFT scrutiny and makes clear that firms will be judged on documentation quality, transparency, and governance discipline.
For founders, this means MiCA is not won by a legal memo alone. It is won by the combination of legal scope, documented governance, clean ownership, credible local or EU presence, and systems that can survive supervisory review.
Ownership assessment should also now be read through the latest convergence signals. ESMA published, on 9 March 2026, a compliance table on the joint EBA-ESMA guidelines covering the suitability assessment of shareholders and members, whether direct or indirect, with qualifying holdings in issuers of ARTs and in CASPs. That is a useful current signal that ownership quality, indirect holdings, and suitability assessments remain active supervisory priorities in the MiCA authorisation environment.
Prudential, Conduct, And Operational Requirements
MiCA is also an operational regime. It does not stop at permission to enter the market. CASPs are expected to maintain appropriate organisational arrangements, prudential safeguards, complaints processes, governance policies, conduct standards, and controls over conflicts of interest. National authority pages, such as those published by CNMV and the AFM, present MiCA as an ongoing compliance framework rather than a filing event.
Authorities also expect business continuity planning and orderly wind-down thinking. A crypto firm that has no credible path for disruption, failure, or controlled exit is no longer treated as “too early stage” for such planning. Under MiCA, that is part of the seriousness test.
For founders, this is often where reality becomes clearer. The real cost of MiCA is not only in preparing documents. It is in building the management, controls, outsourcing oversight, internal policy architecture, and operational routines needed after authorisation.
EMTs, Payment Services, And The Position After 2 March 2026
EMTs remain one of the most sensitive parts of MiCA because they sit close to the payments perimeter. That issue is no longer theoretical. It became a live operational threshold on 2 March 2026, when the transition under the EBA’s no-action approach reached its end point.
The Central Bank of Ireland now states this very directly. It says that, for now, the EBA’s no-action letter sets 2 March 2026 as the date by which relevant CASPs must either hold a PI licence under PSD2 or have a partnership with a PSP in place in order to transact EMTs. The Central Bank also states that it has no discretion to extend that deadline.
Lithuania has taken the same issue into current supervisory messaging. The Bank of Lithuania explains that from 2 March 2026, where crypto-asset service providers provide services involving EMTs that qualify as payment services, they need an additional authorisation under the payment-services framework or must structure the activity accordingly.
For applicants, this means EMT models now require a dual-perimeter analysis in many cases. A MiCA workstream alone may be incomplete if the project includes client-facing transfers, payment flows, or transaction services linked to EMTs. For buyers of existing structures, the same point applies: an attractive CASP profile may still be commercially incomplete if the target’s intended EMT activity triggers a payments licensing issue that has not been addressed.
The ESMA Interim MiCA Register
MiCA is no longer only a new legal framework on paper. ESMA’s MiCA page continues to host the Interim MiCA Register, which ESMA says is published as a set of CSV files and updated at regular intervals until its fuller IT integration in mid-2026. The latest public ESMA MiCA page update visible for this guide is dated 12 March 2026, which makes the register an active supervisory tool rather than a launch-phase placeholder.
ESMA’s current posture is also more operational than it was in 2024 or early 2025. In its 2026 annual planning, ESMA said the effective implementation of MiCA remains a key priority and that supervisory convergence efforts in 2026 will focus on the supervision of CASPs, including information-sharing among national authorities and concrete supervisory cases.
That direction is reinforced by current interpretive work. On 27 February 2026, ESMA published or updated new Q&As, including MiCA-related material, which confirms that the regime is now in an active clarification phase rather than a mere implementation countdown.
For readers, the practical conclusion is straightforward. The MiCA framework in 2026 should be read as a live supervisory environment. The legal text still matters, but the current state of the market is now shaped just as much by ESMA’s register, Q&As, convergence work, and the way national authorities are applying the regime in real authorisation cases.
Passporting Under MiCA And The Limits Of A Simple Cross-Border Story
MiCA gives authorised firms a route to provide crypto-asset services across the EU. That is one of its main commercial attractions. The home-state authorisation can be used as the basis for wider EU activity through the MiCA passporting framework. National regulator guidance, including from the AFM and the KNF, makes clear that this cross-border mechanism is part of the new architecture.
But the existence of passporting does not erase the effect of transitional periods. ESMA warned in its December 2024 statement on MiCA transitional measures that differences in national grandfathering periods can create uncertainty and potential service disruption for entities relying on those transition windows.
That point is often overlooked. A business may assume that if it can continue temporarily in one Member State under a grandfathering period, it can smoothly scale elsewhere. In practice, different transition calendars and filing conditions can complicate that assumption.
MiCA Transitional Periods By Country
ESMA’s published list also contains important national conditions. Czechia required applicant CASPs to apply before 31 July 2025 to benefit from the grandfathering period. Denmark required filing before 30 December 2024. Bulgaria tied grandfathering access to a local deadline after the entry into force of its national act. Italy linked grandfathering protection to application timing for registered VASPs or group entities.
These conditions are commercially important. A legacy structure is not valuable simply because it once held a local VASP position. Its value depends on whether it still fits the transition logic, whether the filing window was preserved, and whether the firm can actually move into MiCA authorisation without major remediation.
| Country | ESMA period | End date | Filing condition | Current note |
|---|---|---|---|---|
| Belgium | TBA in ESMA list | Up to 30 June 2026 | No ESMA filing condition listed | FSMA states that certain non-CASP entities may, under conditions, continue until 30 June 2026. |
| Bulgaria | 18 months | Up to 1 July 2026 | Apply before 8 October 2025 | ESMA list includes a specific Bulgarian filing condition tied to the national act. |
| Czechia | 18 months | Up to 1 July 2026 | Apply before 31 July 2025 | CNB is designated and has already confirmed MiCA authorisations in 2026. |
| Denmark | 18 months | Up to 1 July 2026 | Apply before 30 December 2024 | The filing cut-off is more important here than the headline period. |
| France | 18 months | Up to 1 July 2026 | No ESMA filing condition listed | AMF’s 2026 notice makes the end of the transition and wind-down expectations very explicit. |
| Germany | 12 months | Up to 30 December 2025 | No ESMA filing condition listed | BaFin is designated in ESMA’s competent-authorities list. |
| Ireland | 12 months | Up to 30 December 2025 | No ESMA filing condition listed | EMT and payment-services overlap is a live issue after 2 March 2026. |
| Italy | 18 months | Up to 1 July 2026 | File by 30 December 2025 | The longer period still depends on preserving the local filing condition. |
| Lithuania | 12 months | Up to 30 December 2025 | No ESMA filing condition listed | Bank of Lithuania has confirmed current MiCA authorisations in 2026. |
| Luxembourg | 18 months | Up to 1 July 2026 | No ESMA filing condition listed | CSSF confirms continuation until 1 July 2026 or authorisation/refusal, whichever comes first. |
| Malta | 18 months | Up to 1 July 2026 | No ESMA filing condition listed | MFSA’s March 2026 Rulebook shows a more mature MiCA framework. |
| Netherlands | 6 months | Up to 30 June 2025 | No ESMA filing condition listed | Historic registration is less important than present MiCA readiness. |
| Poland | 6 months | Needs case-by-case reading | No ESMA filing condition listed | KNF’s 2026 statement is more important than the old ESMA grouping alone. |
| Portugal | TBA in ESMA list | Up to 1 July 2026 | No ESMA filing condition listed | Banco de Portugal now confirms a transitional regime until 1 July 2026 or authorisation/refusal. |
| Spain | 18 months | Up to 1 July 2026 | No ESMA filing condition listed | Spain remains one of the longer-transition MiCA jurisdictions. |
| Sweden | 9 months | Up to 30 September 2025 | No ESMA filing condition listed | Shorter transition than many larger MiCA markets. |
This matrix should be read as a market-entry tool, not just a legal summary. A legacy structure does not gain value merely because a country once had a longer grandfathering period. Its real value depends on whether the entity actually qualified for the transition, whether any filing deadline was preserved, whether the competent authority is functioning in practice, and whether the business can still move into MiCA authorisation without major remediation.
Poland is a good example of why this distinction matters. ESMA’s older list shows Poland in the 6-month group, but the KNF’s current 2026 statement discusses the position of entities operating under applicable national law until 1 July 2026, while also warning that domestic firms may lose the ability to continue after that date if no competent authority is designated by law. That means a Polish VASP can still exist as a corporate or transactional asset, but its practical regulatory value must be analysed very carefully.
France, The Netherlands, Lithuania, Czechia, Malta, Ireland, Spain, And Luxembourg
A serious MiCA guide should not treat all countries as equally important. Some jurisdictions have published much more useful practical material and some are far more relevant for actual licensing projects.
France
France is now one of the clearest examples of a MiCA market moving from preparation into enforcement and visible licensing. On 5 February 2026, the AMF reminded existing DASPs that the French transitional period allowing continued operation without MiCA authorisation ends on 1 July 2026. The AMF also said that firms not expecting to continue in compliance should implement an orderly cessation plan and, by 30 March 2026 at the latest, carry out only operations strictly necessary for winding down their activities.
The same AMF notice is also useful because it makes timing pressure more concrete. It says a complete CASP application may still require up to four months of review, while incomplete files can create additional delay. For founders and acquirers, that makes file quality and transition planning much more important than headline interest in France alone.
France is also producing fresh 2026 licensing evidence. The AMF white list shows HEXARQ SAS as licensed under MiCA with licensing date 5 February 2026, and BLOCKNODES SAS as licensed under MiCA with licensing date 5 March 2026.
In practical terms, France should now be treated as a market with a narrowing transition runway and a visible MiCA authorisation path already in motion. That can be attractive, but it is not a market for weak timing assumptions or lightly prepared files.
Lithuania
Lithuania remains one of the more supervisory-minded MiCA jurisdictions, and by March 2026 it also has fresh licensing evidence on the record. On 3 March 2026, the Bank of Lithuania announced that Micar assets UAB had received a crypto-asset service provider authorisation and stated that this was Lithuania’s fourth MiCA CASP authorisation.
That matters because Lithuania is no longer only a market discussed through its earlier VASP base. It is now a jurisdiction where the Bank of Lithuania is showing both a strict licensing tone and actual MiCA issuance. Its MiCA materials also emphasise governance quality, AML/CFT discipline, and the treatment of EMT-related services after 2 March 2026, where additional payment-services analysis may be required.
For buyers, this changes the value analysis of older Lithuanian crypto structures. A pre-MiCA registration may still be relevant in a specific transaction, but its value now depends on transition position, governance quality, source-of-funds documentation, and whether the target can actually function within the current supervisory standard rather than only the legacy regime.
Malta
Malta remains one of the more structured MiCA jurisdictions because the MFSA has published a detailed MiCA Rulebook rather than relying only on short guidance pages. The version currently available for this guide is the March 2026 Rulebook, which records updates and additions reflecting the ongoing development of the MiCA framework and Level 3 requirements.
That is useful for two reasons. First, Malta gives applicants a more document-rich picture of what the regulator expects in practice. Second, it shows that a serious MiCA jurisdiction is not standing still after the entry into force of the Regulation. It is updating the operating framework as supervisory expectations evolve.
For founders and acquirers, Malta therefore remains relevant not because it is automatically easier, but because it offers a relatively developed rulebook environment for businesses that can support a more robust compliance build.
Spain
CNMV’s MiCA pages are unusually useful for operators because they explain the scope, the process, and the crypto-asset services in accessible form. Spain also remains relevant because it retained one of the longer transition periods in ESMA’s published map. For groups already considering Iberia, Spain deserves proper comparison against France rather than being treated as a secondary market.
Netherlands
The Dutch AFM presents a very practical MiCA framework. Its register page explains that the crypto register lists CASPs that have obtained an authorisation or notification from the AFM or another EU authority. Its licensing pages also distinguish between the CASP licence and the CASP notification route for eligible already regulated firms. The Dutch transition period was shorter than the full 18-month maximum. That makes the Netherlands less attractive for “wait and see” legacy structures, but stronger as a jurisdiction already operating under an active MiCA environment.
Czech Republic
The Czech Republic is now one of the clearest examples of a market that has moved from early MiCA positioning into visible authorisation output. The CNB explains that it became the competent authority under MiCA after the national legislative framework was completed, and this shift is now reflected in actual licensing activity rather than only procedural guidance.
On 11 February 2026, the CNB announced that it had issued its first six MiCA authorisations and that it had received 248 applications in total. That makes Czechia one of the most important jurisdictions to watch for applicants comparing where MiCA is now producing real supervisory decisions rather than only receiving files.
For founders and acquirers, the Czech market should therefore be viewed through two lenses at once. First, it still reflects the practical effect of transition rules and filing conditions. Second, it now offers current evidence that authorisations are being granted in practice, which gives the jurisdiction more weight in real market-entry comparisons than it had during the earlier implementation phase.
Ireland
Ireland remains relevant for better-funded and more institutional projects, but the current position should now be described with more precision. The Central Bank of Ireland’s MiCA page expressly states that, for now, 2 March 2026 is the date by which relevant CASPs must either hold a PI licence under PSD2 or have a PSP partnership in place to transact EMTs, failing which they must cease the relevant activity. The Central Bank also says it has no discretion to extend that deadline.
Ireland also has a broader conduct angle that becomes current in 2026. The Central Bank says its revised Consumer Protection Code 2025 takes effect on 24 March 2026 following the 12-month implementation period.
For MiCA applicants, that means Ireland should not be viewed only through the narrow lens of CASP filing mechanics. Firms also need to plan for a regulated environment where EMT activity, consumer-facing conduct, and broader organisational expectations are now part of the live compliance picture.
Luxembourg
Luxembourg now has a cleaner current-state reference than the earlier “authority designation” announcement alone. The CSSF’s MiCA page states that VASPs registered with the CSSF before 30 December 2024 may continue to provide the services for which they were registered until 1 July 2026 or until they are granted or refused authorisation under Article 63 MiCAR, whichever is sooner.
That makes Luxembourg one of the jurisdictions where the transition logic is now relatively clear from an official source. It also reinforces Luxembourg’s continued relevance for groups that care about governance quality, financial-services infrastructure, and institutional positioning rather than only licensing speed.
For transaction work, the key point is that a Luxembourg legacy VASP can still have value, but only where the transition position, operational reality, and authorisation pathway are genuinely usable.
Belgium And Poland Show Why Local Implementation is Important
Belgium and Poland are useful reminders that MiCA is an EU regulation, but not every practical issue is solved in exactly the same way at national level.
In Belgium, the FSMA states that the Law of 11 December 2025 establishes a division of powers between the FSMA and the National Bank of Belgium for MiCA-related supervision. That is a clear example of how local implementation architecture still matters in practice.
In Poland, the KNF issued a statement in 2026 explaining the status quo before 1 July 2026 and warning about the domestic position where no national competent authority had yet been fully designated under Polish law. The KNF also made clear that after the transition period expires, local firms can face operational issues even though MiCA cross-border services from other Member States remain possible in principle.
This is exactly why “MiCA is harmonised” should never be the end of the analysis. The legal text may be harmonised, but launch timing, local implementation, and supervisory readiness can still diverge.
Choosing Between A Fresh Application And An Acquisition Route
A full MiCA strategy should compare application and acquisition on the same commercial criteria.
- A fresh application is usually stronger where the project has a clean structure, credible management, documented ownership, and enough time to build the governance and compliance framework correctly. It is also stronger where buying an old VASP would only import weak history, poor documentation, or a transition problem.
- An acquisition route can still work where the target has genuine value: a real team, documented operations, preserved transition position, solid compliance history, useful banking or PSP relationships, and a credible path into full MiCA status. But that value has to be proven. It cannot be assumed from a VASP label alone.
Practical Comparison
| Route | Works Best When | Main Risk |
|---|---|---|
| Fresh MiCA application | Clean ownership, time to build, strong governance plan | Underestimating cost, staffing, and controls |
| Acquire legacy VASP | Real transition value, documented history, usable ops stack | Buying remediation risk instead of speed |
| Acquire authorised CASP | Immediate regulated platform with clean scope and governance | Price, hidden operational weaknesses, integration risk |
| Article 60 notification | Group already has an eligible regulated entity | Wrong legal fit or overly broad service assumptions |
We assist clients with fresh CASP applications, jurisdiction comparison, and the review of existing VASP or CASP opportunities for acquisition. If you are weighing timing, country choice, governance readiness, or target quality, we can help you assess the most realistic path.
Need help choosing the right MiCA route? Discuss MiCA strategy, new applications, or licences for sale with our experts.
Due Diligence Checklist For MiCA Acquisition Targets
A MiCA acquisition target should be reviewed against a structured checklist rather than headline claims.
- Check the exact legal status of the entity. Is it a legacy VASP, a MiCA-authorised CASP, or a regulated firm using a notification route?
- Check the competent authority history. What filings, warnings, requests, and communications exist?
- Check the service scope. What exactly is permitted, what is proposed, and what still needs approval?
- Check transition eligibility. Did the target preserve the right filing path and within the relevant local deadline?
- Check ownership and source-of-funds documentation. If this pack is weak, the transaction risk usually rises sharply.
- Check AML/CFT controls, complaints handling, outsourcing, safeguarding logic where relevant, and any payment-services overlap for EMT activity.
- Check the operational reality. Does the target have usable people, systems, providers, policies, and counterparties, or only a file folder and a sales pitch?
This is the part of the market where weak legal sales language causes the most damage. Many “ready-made crypto licences” are in fact unfinished regulatory projects.
Ongoing Compliance After Authorisation
Authorisation is only the starting point. CASPs remain subject to ongoing governance, control, conduct, and reporting obligations. National authority pages and rulebooks make clear that MiCA supervision is designed as a live regime, not as a one-time approval.
MiCA also does not replace other compliance layers. Firms still need to account for AML/CFT, sanctions, DORA, tax transparency developments, and in some cases payments regulation where EMT logic is involved. The wider EU digital-finance package was never intended to let crypto businesses operate in a single-law silo.
That is one reason why badly scoped projects fail. They treat MiCA as a badge rather than as an operating framework.
Common Mistakes MiCA Applicants Still Make
- The first mistake is treating MiCA as a paper licence. A weakly documented structure with no real governance is unlikely to stand up well under the current supervisory approach.
- The second mistake is choosing a jurisdiction by reputation alone. A famous crypto jurisdiction may still be the wrong fit for the actual service model, staff profile, timeline, or funding base.
- The third mistake is assuming a legacy VASP automatically saves time. In some cases, it saves time. In others, it simply adds cost, hidden defects, and transition pressure.
- The fourth mistake is ignoring the EMT and payments overlap. That issue is now too visible at EBA level to dismiss.
- The fifth mistake is relying on reverse solicitation as a business model. Authorities treat that concept narrowly for good reason. A sales strategy built on reverse solicitation is usually a risk strategy in disguise.
What The Current Data Suggests About The MiCA Market In 2026
The official picture now supports a more mature reading of the market. MiCA is no longer just a framework on paper. ESMA has an interim public register, national authorities are issuing authorisations, and the supervisory focus has shifted from “how MiCA will work” to “how MiCA should be applied well.”
Recent issuance data already shows that MiCA is moving from framework to execution. For a jurisdiction-by-jurisdiction snapshot of the latest visible authorisations, see our February 2026 note on MiCA CASP licences in Europe.
At the same time, the market context still supports caution. The ECB said in May 2025 that selected euro-area household survey data showed 9.7% of respondents, or someone in their household, held crypto-assets, slightly down from 2022. In its June 2025 hearing remarks, the ECB also said risks to euro-area financial stability from crypto-assets still appeared limited for the time being.
That combination is important. Crypto remains commercially relevant, but supervisory design is being built in an environment where investor protection, operational resilience, and financial-stability caution remain central.
Conclusion On MiCA In Europe In 2026
MiCA has now moved the European crypto market into a new phase. The key legal framework is live, the authorisation path is active, the ESMA register exists, and national regulators have started to show their real posture through filings, warnings, rulebooks, and authorisations.
But MiCA is not a uniform shortcut. The right path still depends on the business model, token classification, governance quality, country selection, transition timing, and whether a legacy structure offers real operational value. A good strategy therefore starts with a perimeter analysis, then a jurisdiction analysis, then a route analysis: new application, notification, or acquisition.
For firms entering the EU crypto market in 2026, that sequence is more reliable than chasing the latest sales narrative around “fastest licence” or “ready-made solution.”
FAQ About MiCA CASP Authorisation In Europe
What is MiCA in Europe?
MiCA is the EU’s harmonised framework for crypto-assets and crypto-asset services that are not already covered by existing EU financial-services law. It regulates, among other things, CASPs, ARTs, EMTs, and certain market-abuse risks.
When did MiCA start applying to CASPs?
The CASP regime became applicable on 30 December 2024. The rules for ARTs and EMTs started earlier, on 30 June 2024.
Which businesses need a MiCA CASP licence?
Businesses providing one or more crypto-asset services on a professional basis to clients in scope of MiCA typically need a CASP authorisation, unless they fall within a specific alternative route such as an Article 60 notification for eligible already regulated entities.
Can a bank or investment firm provide crypto services without a full CASP licence?
Sometimes yes. Certain already regulated entities may provide eligible MiCA services through a notification route instead of a full new CASP authorisation, but only where the legal category and service scope fit the regulation.
Can a legacy VASP continue operating under MiCA?
Only within the limits of the transitional regime adopted by the relevant Member State and subject to any national conditions. Those periods differ significantly across Europe.
Which countries have the shortest MiCA transition periods?
According to ESMA’s published list, a 6-month grandfathering period applies in Latvia, Hungary, the Netherlands, Poland, Slovenia, and Finland, while Sweden chose 9 months.
Can a MiCA-authorised CASP passport services across the EU?
Yes, MiCA includes a cross-border framework for authorised firms, but transitional periods and practical national timing issues can still affect market-entry sequencing.
Does MiCA cover crypto lending and staking?
Not automatically in a simple way. These models still need case-by-case legal analysis because MiCA does not provide a universal answer for every lending, staking, DeFi, or hybrid structure.
Do EMT-based services also trigger payments regulation?Do EMT-based services also trigger payments regulation?
They can. The EBA has said that transacting EMTs on behalf of clients can fall within PSD2 payment-services logic, and it advised on how authorities should handle the overlap with MiCA.
Can I buy a VASP or CASP instead of applying from scratch?
Yes, sometimes. But the target must be reviewed carefully for legal status, transition position, governance, ownership quality, operational reality, and any hidden remediation burden.
Official Sources On MiCA In Europe
I. Regulation (EU) 2023/1114 On Markets In Crypto-Assets — EUR-Lex
Primary legal text for MiCA, including the CASP regime, token categories, authorisation rules, conduct requirements, and transitional provisions.
II. Crypto-Assets Framework — European Commission
European Commission overview of MiCA and the broader EU crypto-assets framework, useful for application dates and policy scope.
III. MiCA Implementing And Delegated Acts — European Commission
Official page tracking MiCA Level 2 and implementing measures that shape how the regulation works in practice.
IV. Markets In Crypto-Assets Regulation And Interim Register — ESMA
ESMA’s central MiCA hub, including the Interim MiCA Register and supervisory materials relevant to CASPs and market participants.
V. ESMA Statement On MiCA Transitional Measures
Key ESMA statement explaining the practical effect of grandfathering periods and the risk of disruption during the transition to MiCA compliance.
VI. List Of MiCA Grandfathering Periods Decided By Member States — ESMA
Official reference list showing the transitional periods chosen by Member States and the main local conditions attached to those periods.
VII. Asset-Referenced Tokens And E-Money Tokens Under MiCA — EBA
EBA’s official entry point for ART and EMT supervision, technical standards, and significance-related material.
VIII. EBA No Action Letter On The Interplay Between PSD2 And MiCA
Official EBA position on the overlap between EMT-related services and payment-services regulation, relevant to payment-linked crypto business models.
IX. French Transitional Period Reminder For DASPs — AMF
AMF notice on the end of the French transition window and the need for complete MiCA authorisation files.
X. Crypto-Asset Service Providers Register — AFM
Dutch register page explaining authorised CASPs and the notification route for certain already regulated undertakings.
XI. Markets In Crypto-Assets — Bank Of Lithuania
Lithuanian MiCA page covering licensing, supervision, and AML/CFT expectations for market participants.
XII. MiCA Competence And Supervision — Czech National Bank
CNB page explaining the Czech legal and supervisory position under MiCA and the transition into the new regime.
XIII. Crypto-Assets And MiCA Materials — MFSA
Malta’s main MiCA resource page, including the MiCA Rulebook and supporting supervisory documents.
XIV. Markets In Crypto-Assets Regulation — Central Bank Of Ireland
Irish MiCA overview and entry point for authorisation and guidance materials relevant to CASPs and token issuers.
XV. MiCA Regulation For Crypto-Assets — CNMV
Spanish MiCA overview with practical explanations on crypto-asset services, authorisation, and regulatory scope.
XVI. Markets In Crypto-Assets — CSSF
Luxembourg MiCA hub covering local implementation and CSSF competence as national authority.
XVII. Statement Of The Polish Financial Supervision Authority On MiCA Transition
Official KNF statement on the Polish transition situation and the implications for firms before and after 1 July 2026.
XVIII. ECB Article On Crypto Exposure And Blind Spots
ECB analytical note giving useful official market context on household exposure to crypto-assets in the euro area.
XIX. New Q&As Available — ESMA
ESMA’s 27 February 2026 update confirming that MiCA-related interpretive work is continuing through new and updated Q&As.
XX. Compliance Table On EBA-ESMA Guidelines For Qualifying Holdings In CASPs — ESMA
Current 9 March 2026 ESMA compliance table showing the supervisory relevance of ownership and qualifying-holdings assessment in MiCA authorisations.
XXI. Authorisation Granted To Micar Assets UAB — Bank Of Lithuania
Official 3 March 2026 notice confirming Lithuania’s fourth MiCA CASP authorisation and useful for current market-state analysis.
XXII. HEXARQ SAS MiCA Licence Entry — AMF
AMF white-list entry confirming HEXARQ SAS as a MiCA-licensed CASP with a 5 February 2026 licensing date.
XXIII. BLOCKNODES SAS MiCA Licence Entry — AMF
AMF white-list entry confirming BLOCKNODES SAS as a MiCA-licensed CASP with a 5 March 2026 licensing date.
XXIV. Crypto-Asset Service Provider (CASP) — FSMA
Belgium’s official CASP page, including the current statement that certain non-CASP entities may continue under the transitional regime until 30 June 2026 under conditions.
XXV. Banco De Portugal Press Release On MiCA Application
Official Portuguese clarification on transitional measures and the status of authorisation powers during the MiCA implementation period.
XXVI. Law 69/2025 Implementing MiCA In Portugal — Diário Da República
Portuguese law published on 22 December 2025 establishing the domestic implementation framework and competent-authority split for MiCA supervision.
XXVII. Consumer Protection Code 2025 — Central Bank Of Ireland
Official Irish source confirming that the revised Consumer Protection Code takes effect on 24 March 2026, relevant to the broader conduct environment for regulated firms.
