Obtaining crypto licenses, white label consulting,
ICO/STO, supporting NFT marketplaces, drafting policies
for crypto projects, DAOs, and gamify projects
The CASP license — short for Crypto Asset Service Provider license — is rapidly becoming the new regulatory standard for crypto businesses operating within the European Union. Introduced under the Markets in Crypto-Assets Regulation (MiCA), this license formalizes how digital asset companies must operate, replacing the previous patchwork of national VASP rules with a unified EU-wide framework. For startups and established players alike, obtaining a CASP license is no longer optional — it’s the gateway to long-term survival, legitimacy, and cross-border expansion in the evolving digital economy.
Unlike traditional registrations under national law, a CASP license grants crypto firms the ability to offer services across all EU member states once authorized in a single jurisdiction. This passporting power drastically simplifies compliance, lowers operational friction, and expands a firm’s customer reach — especially for those previously limited by fragmented licensing systems. The CASP authorization process requires crypto companies to meet strict requirements in terms of capital adequacy, internal controls, consumer protection, and anti-money laundering (AML) compliance.
Whether you’re running a crypto exchange or digital-wallet provider, the CASP license under MiCA is now the defining regulatory threshold for legal operation across Europe. The transition from VASP to CASP is not just a rebranding — it’s a re-engineering of what it means to be a trusted crypto-asset service provider in the EU. For companies aiming to build sustainable, bankable, and legally recognized operations, achieving full CASP compliance is essential.
Understanding CASP License Under MiCA Regulation
The CASP license — established under the MiCA (Markets in Crypto-Assets) Regulation — represents a paradigm shift in how the European Union governs the crypto industry. Designed to bring clarity and cohesion to a fragmented regulatory environment, the CASP license provides a unified framework for all crypto asset service providers operating within EU borders. MiCA’s intent is clear: to protect consumers, ensure market integrity, and foster innovation by regulating crypto-related activities with the same seriousness as traditional financial services.
A Crypto Asset Service Provider (CASP) is any entity that offers services related to crypto-assets, including exchange platforms, custodial wallets, portfolio management. Before MiCA, these entities were subject to varied national regulations (usually as VASPs, or Virtual Asset Service Providers), leading to inconsistencies in compliance expectations. With the CASP license, the European Commission aims to establish a single set of rules that apply across all 27 member states.
The MiCA CASP license introduces mandatory authorization for all covered crypto services, requiring firms to apply in the country where they are headquartered. Once granted, the license enables passporting rights — allowing the CASP to legally operate throughout the EU without the need to reapply in each country. This dramatically reduces regulatory friction and opens the door to pan-European growth.
Core elements of MiCA compliance include detailed governance structures, capital requirements based on service type, clear asset classification, and strict protocols for client asset protection and AML procedures. From 2025 onward, no crypto company will be able to operate legally in the EU without first securing a CASP licence — unless it is covered by a transitional period granted by an individual Member State. This makes timely CASP authorisation an urgent priority for any digital-asset enterprise aiming for long-term success in the region.
MiCA Transition — From VASP to CASP License
The transition from a VASP (Virtual Asset Service Provider) to a CASP (Crypto Asset Service Provider) license marks one of the most significant regulatory transformations within the European crypto ecosystem. Under the previous regime, VASPs were regulated at the national level — with varying standards across jurisdictions like Lithuania, Estonia, and Poland. MiCA, however, replaces these fragmented systems with a single, harmonized framework that requires all crypto service providers in the EU to obtain a CASP license to continue operations legally.
This VASP to CASP transition is more than a simple name change. It introduces broader compliance obligations and tighter controls around consumer protection, capital reserves, market transparency, and risk management. Where VASPs previously focused on AML/CFT compliance under national rules, CASPs must now align with a comprehensive EU regulation that governs everything from stablecoin issuance to insider trading in digital assets.
Firms holding existing national VASP registrations will not automatically qualify for a CASP license. Instead, they must undergo a formal reauthorization process — submitting updated documentation, proving organizational readiness, and demonstrating compliance with MiCA’s enhanced operational and governance standards. This includes establishing local substance (real office presence and qualified personnel), providing detailed business continuity plans, and adhering to asset segregation and custody protocols.
While the CASP license MiCA transition may initially seem burdensome, it brings long-term advantages. Businesses that adapt early will benefit from smoother passporting rights, greater institutional trust, and early-mover advantages in regulated markets. In essence, transitioning from a VASP to a CASP is not just a compliance step — it’s a strategic move toward legitimacy and scalability within the EU’s unified digital finance future.
Transition Timeline and Grandfathering Period
The transition from national VASP status to a unified CASP license under MiCA will follow a structured timeline across all EU member states. The European Commission has provided transitional guidance to help existing businesses maintain continuity while upgrading their compliance posture. Key stages include:
- MiCA Implementation Date: MiCA officially enters into force in June 2023, with full application scheduled for mid-2024, allowing time for national regulators and market participants to prepare for the shift.
- Grandfathering Period: Existing VASPs operating under national registrations will typically be granted a 12–18 month transitional period. During this time, they can continue operations while applying for a CASP license.
- Application Deadline: Companies must submit their CASP license applications before the end of the grandfathering period. Failure to apply within the timeframe will result in loss of operational rights.
- Review & Approval: National competent authorities (NCAs) will evaluate submitted applications under MiCA standards. Firms that meet all criteria will receive EU-wide CASP authorization, enabling cross-border service provision.
- Post-Transition Enforcement: After the grandfathering period ends, only fully authorized CASPs will be allowed to offer crypto services within the EU. Unlicensed entities will face regulatory action, including fines or shutdowns.
Adhering to this timeline is crucial for firms looking to retain market access, investor confidence, and legal standing during and after MiCA’s full rollout.
Key Changes from VASP Requirements
Transitioning from a national VASP registration to a fully compliant CASP license under the MiCA regulation introduces several significant legal, operational, and procedural upgrades. These changes aim to create a harmonized crypto asset framework across the European Union, eliminating the fragmented standards that previously existed. The most important shifts include:
- Expanded Scope of Services: While VASP registrations were limited to basic crypto exchange and wallet operations, the CASP license covers a broader range of activities — including custody services, crypto portfolio management, order execution, placement of crypto-assets, and operating crypto trading platforms.
- Capital Requirements: CASP license holders must meet stricter minimum capital thresholds, ranging from €50,000 to €150,000 depending on the nature and scale of their services. This ensures financial stability and reinforces investor protection.
- Cross-Border Recognition: Unlike national VASP registrations that only permit operations in one member state, the CASP license provides EU-wide passporting rights, allowing businesses to legally operate in all 27 EU countries under a single license.
- Governance and Internal Controls: CASPs are now required to implement enhanced governance structures, including qualified management, internal audit functions, and compliance departments that meet MiCA standards.
- Transparency and Disclosure: MiCA introduces mandatory whitepaper requirements for crypto asset offerings, even for non-tokenized platforms, ensuring greater transparency for users and regulators alike.
- Enhanced AML/KYC Standards: CASPs will face more rigorous anti-money laundering and customer due diligence obligations, building on existing frameworks but applying them more uniformly and with stricter enforcement.
- Consumer Protections: MiCA demands clear complaints handling procedures, risk warnings, and fund segregation policies, increasing overall consumer trust in licensed providers.
These changes mark a fundamental shift from lightweight VASP frameworks to a comprehensive and enforceable EU crypto licensing regime, raising both the bar and the benefits for compliant operators.
CASP License Classes and Capital Requirements
Under the MiCA regulatory framework, CASP (Crypto Asset Service Provider) licenses are divided into different classes based on the scope and complexity of the services offered. Each class carries specific capital requirements and regulatory expectations designed to reflect the operational risks involved. This tiered structure ensures that businesses are adequately capitalized for the type of services they provide, enhancing the overall resilience of the European crypto market.
The CASP license system typically includes the following classes:
Class 1 CASPs — €50 000 minimum capital
Authorised services include:
- execution of orders on behalf of clients;
- placing of crypto-assets;
- transfer services for crypto-assets on behalf of clients;
- reception and transmission of orders;
- advice on crypto-assets;
- portfolio management on crypto-assets.
Class 2 CASPs — €125 000 minimum capital
May perform any Class 1 service, plus:
- custody and administration of crypto-assets on behalf of clients;
- exchange of crypto-assets for funds;
- exchange of crypto-assets for other crypto-assets.
Class 3 CASPs — €150 000 minimum capital
May perform any Class 2 service, plus:
- operation of a trading platform for crypto-assets.
Each CASP class also comes with specific obligations related to client fund segregation, liquidity ratios, and insurance coverage. These requirements ensure that crypto asset service providers operate transparently and responsibly, reducing the chance of insolvency or consumer loss.
Understanding which CASP class applies to your business is essential not only for planning regulatory compliance but also for developing an accurate capital strategy and legal roadmap. Choosing the right CASP license class helps businesses scale efficiently — without overextending resources or falling short of legal thresholds.
Legal Requirements and Documentation
Securing a CASP license under the MiCA framework demands careful preparation and strict adherence to a comprehensive set of legal and procedural standards. These requirements are designed to ensure that every crypto asset service provider (CASP) entering the EU market is compliant, transparent, and financially sound.
The first legal step in applying for a CASP license is incorporating a legal entity within the European Union, usually in the jurisdiction where the company intends to maintain its operational headquarters. This entity must have a physical presence, including a local office, and be represented by directors or board members with relevant industry or financial experience. Residency requirements may apply depending on the country, meaning at least one executive must be locally based.
Once the legal entity is formed, the applicant must compile a detailed package of internal documentation. This includes a business plan outlining the scope of services (e.g., custody, trading, exchange), projected financials, and a comprehensive description of technological infrastructure. In addition, firms are required to submit robust Anti-Money Laundering (AML) and Counter-Terrorism Financing (CFT) policies, along with a risk management strategy that addresses cybersecurity, fraud prevention, and market abuse controls.
Applicants must also appoint a qualified Compliance Officer and Money Laundering Reporting Officer (MLRO), whose resumes and qualifications will be reviewed by the relevant financial authority. Proof of adequate capital, as required by the specific CASP license class, must be presented in the form of bank statements or legal capital contributions.
Finally, technical systems must demonstrate data protection readiness and transaction traceability, with clear protocols for safeguarding user assets and sensitive information. These systems must be capable of withstanding audits and real-time reporting obligations required under MiCA.
Overall, the documentation and legal standards for a CASP license are rigorous — reflecting the EU’s intention to regulate crypto on par with traditional financial institutions. Thorough preparation of all legal materials and proactive alignment with MiCA compliance is not just advisable — it is essential for gaining approval and building long-term credibility in the European digital asset ecosystem.
CASP License Application Process
Applying for a CASP license under the MiCA regulation involves a structured, multi-phase process overseen by the national competent authorities (NCAs) of the EU member states. Each step is designed to assess the applicant’s legal, financial, operational, and technological readiness to operate as a compliant crypto asset service provider within the European Union.
The process begins with pre-application consultations, where legal advisors or consultants may liaise with the NCA to clarify the applicant’s eligibility and review jurisdiction-specific expectations. This stage often includes informal feedback on preliminary documents such as business plans or AML policies, helping to streamline the formal submission later.
Next, the formal application submission requires a complete dossier of documentation. This includes corporate formation records, shareholder and director identification, AML/CFT procedures, financial projections, internal control frameworks, and cybersecurity policies. A detailed description of the intended crypto services — custody, exchange, issuance, or portfolio management — must be provided along with compliance mechanisms for MiCA-specific obligations like whitepaper submission and asset classification.
Once submitted, the NCA will review the application during a regulated timeframe, typically ranging from 2 to 6 months depending on jurisdictional workload and completeness of documentation. During this phase, authorities may request additional information, conduct interviews with directors or compliance officers, and assess technical readiness. Incomplete or vague documentation is a common cause of delays or rejections.
If the application meets all regulatory expectations, the applicant receives formal CASP license authorization. This grants the company the right to offer crypto asset services throughout the EU, including passporting rights across all member states. However, licensees are subject to continuous regulatory monitoring, and any material change to services, ownership, or risk exposure must be reported and re-approved.
Throughout the entire application journey, having experienced legal counsel is critical. Missteps in regulatory interpretation or poor documentation can not only delay approval but also damage the applicant’s credibility with financial authorities. A successful CASP license application rests on meticulous preparation, transparent corporate structure, and a long-term commitment to MiCA compliance.
Pre-Application Preparation
Before formally applying for a CASP license, applicants must undergo a detailed preparation phase to ensure they meet both the legal and operational thresholds set by MiCA. This stage is critical — it lays the groundwork for a smooth application process and significantly reduces the risk of delays or rejections.
The first step involves determining the appropriate CASP license class. MiCA outlines several categories depending on the type and scale of services — such as custody, exchange, or advisory functions — and each comes with different capital and organizational requirements. Identifying the right class early helps tailor the entire preparation process to the correct regulatory standard.
Next, the company must establish its corporate structure. This includes forming a legal entity in an EU member state, appointing directors and key personnel with proven expertise, and drafting corporate governance policies. It’s essential to ensure that ownership and control structures are transparent, with no hidden beneficiaries or conflicts of interest, as these are common red flags during regulatory reviews.
Simultaneously, applicants should begin developing robust internal compliance documentation. This includes AML/KYC procedures, IT security protocols, operational manuals, and risk mitigation strategies — all tailored to the chosen CASP services. A draft business plan, including financial projections, must also be prepared to demonstrate viability and sustainability.
Finally, the pre-application phase is the time to engage with experienced legal advisors or compliance consultants. These experts can conduct a readiness assessment, assist in drafting documents, and even communicate informally with regulators to clarify expectations before submission. This proactive step is particularly useful in jurisdictions where regulatory feedback during the pre-licensing phase is available.
By investing time in thorough pre-application preparation, applicants dramatically increase their chances of a successful CASP license outcome. This stage ensures that the company not only meets the baseline requirements but also builds a scalable, regulator-ready foundation for long-term operations across the EU.
Application Submission and Review
Once all preparatory steps are completed, the next critical phase in obtaining a CASP license under MiCA regulation is the formal application submission and review process. This stage transforms your strategic and operational groundwork into an official request for regulatory approval and brings your business one step closer to becoming a fully authorized crypto asset service provider.
The application must be submitted to the competent authority in the EU member state where the company is incorporated. It includes a comprehensive package of documentation — the company’s incorporation papers, identification documents for directors and shareholders, AML/KYC manuals, internal control policies, and a clearly outlined business model. The regulator will scrutinize not just the accuracy of the data but also the firm’s ability to maintain ongoing compliance with MiCA obligations.
One of the most critical aspects of this review is the fit and propriety assessment. Regulatory bodies assess whether key personnel — including directors, compliance officers, and UBOs — have clean reputations, sufficient financial literacy, and no criminal or bankruptcy history. Any red flags can result in delays or outright rejection of the license.
Additionally, the regulator evaluates the technical and operational capacity of the company. This involves reviewing the IT infrastructure, cybersecurity protocols, client fund segregation methods, and business continuity plans. Authorities are particularly focused on ensuring that licensed CASPs can deliver secure, stable, and transparent crypto-related services.
The review period may vary by jurisdiction, but it typically spans 2 to 6 months, depending on the complexity of the services and the completeness of the initial submission. Regulators may request clarifications, amendments, or additional documents during this period, so having a responsive legal team or regulatory liaison is essential to keep the process moving.
In essence, the application submission and review phase is where preparation meets regulatory scrutiny. It requires absolute precision, proactive communication, and a clear demonstration that the firm is both capable and committed to meeting EU-wide compliance standards under the MiCA framework.
Ongoing Compliance and Obligations
Securing a CASP license is only the beginning — maintaining it requires a continuous commitment to compliance. Under the MiCA regulation, all licensed crypto asset service providers must adhere to a robust set of ongoing obligations designed to ensure transparency, financial integrity, and consumer protection throughout the European Union.
One of the most critical aspects of ongoing compliance is the implementation of effective AML/CFT (Anti-Money Laundering and Counter-Terrorist Financing) programs. CASPs must regularly update their internal procedures, conduct risk assessments, and report any suspicious activities to the relevant Financial Intelligence Unit (FIU). These obligations are not static — they evolve based on changes in risk exposure and client behavior, requiring firms to remain vigilant and adaptive.
Periodic reporting is another key requirement. CASPs must submit regular financial statements, client fund reconciliation reports, and transaction audits to the supervisory authority. Additionally, they must maintain detailed records of all operations, which may be reviewed at any time during inspections or supervisory visits. These reporting duties serve as a cornerstone of trust between the operator and the regulator, reinforcing the legitimacy of the service provider in the eyes of clients and financial institutions.
Firms are also responsible for protecting client assets and ensuring the segregation of client and company funds. Failure to uphold these protections could lead to enforcement actions or even license suspension. As part of this duty, CASPs must employ robust IT systems that prevent data breaches, operational failures, and unauthorized access to digital wallets.
Finally, corporate governance standards must be maintained. Any significant changes — such as the appointment of new directors, modifications to the business model, or structural reorganization — must be promptly reported to the competent authority. Firms must also ensure that key personnel continue to meet “fit and proper” criteria and that ongoing training is provided to stay compliant with both MiCA and national-level expectations.
In short, the CASP license is not a one-time achievement but a regulated status that comes with serious responsibilities. Staying compliant not only avoids penalties — it also enhances long-term business sustainability and ensures a trusted presence within the growing ecosystem of regulated crypto financial services in the EU.
EU Passporting Rights and Benefits
One of the most significant advantages of obtaining a CASP license under the MiCA regulation is the ability to operate seamlessly across all European Union member states through the mechanism known as passporting rights. These rights enable licensed crypto-asset service providers to offer their services throughout the EU without having to secure separate authorisations in each country. The only extra step is a simple notification: once licensed, the firm merely informs its regulator which EU jurisdictions it intends to serve — no additional approvals are required. This notification-only passporting process marks a transformative shift for the digital-asset industry.
With EU crypto license passporting, a CASP registered in one member state can legally market, promote, and provide crypto-related services — including custody, exchange, transfer, and issuance — in any other EU jurisdiction. This eliminates regulatory fragmentation and lowers the administrative and legal burdens previously imposed by the need to comply with multiple national licensing regimes. In practical terms, it offers businesses immediate access to over 400 million consumers and investors within a unified regulatory zone.
The benefits of passporting extend beyond just market access. Operational efficiency improves dramatically, as companies can consolidate their compliance structures, standardize legal documentation, and reduce redundancies across offices. Moreover, it boosts investor confidence, as clients across the EU know the service provider meets stringent, uniform standards set by MiCA. This enhances the credibility of the provider, whether it’s a crypto wallet service, or crypto exchange.
For startups and established operators alike, passporting rights open the door to scalable growth. It allows CASPs to enter new markets faster, build strategic partnerships across borders, and leverage economies of scale without the delays or costs of fragmented regulation. As the digital asset ecosystem matures, this ability to operate pan-Europe under a single regulatory umbrella will become not just a benefit — but a competitive necessity. The CASP license is the gateway to this future.
Why Choose SBSB for CASP Licensing
Navigating the evolving landscape of CASP licensing under MiCA requires more than legal paperwork — it demands a strategic partner who understands both the regulatory nuances and the business realities of operating in the EU crypto space. This is where SBSB Fintech Lawyers excel. With years of experience in crypto asset service provider licensing, SBSB has become a trusted name for digital finance businesses seeking smooth, compliant entry into European markets.
SBSB offers full-spectrum support for obtaining a CASP license, from the initial assessment and pre-application preparation to successful authorization and post-licensing compliance. Their legal team understands the precise requirements of MiCA CASP license frameworks, including capital thresholds, internal controls, AML/CTF protocols, and cross-border passporting strategies. They don’t just check legal boxes — they architect solutions tailored to your operational model and growth plans.
What truly sets SBSB apart is their hands-on approach and deep specialization. The firm assists with drafting internal policies, structuring corporate governance, and ensuring personnel meet MiCA’s professional requirements. They also guide clients through complex areas like VASP to CASP transitions, MiCA compliance timelines, and cross-jurisdictional structuring — all while maintaining transparency, efficiency, and speed.
SBSB’s multilingual team supports clients across time zones and legal systems, making them an ideal choice for both EU-based and international clients targeting the European crypto economy. Their success rate, industry knowledge, and regulatory relationships ensure that businesses aren’t just compliant — they’re future-proof. For any company seeking a crypto licensing EU strategy, SBSB Fintech Lawyers offer the clarity, confidence, and execution power needed to thrive under MiCA.
Pages
- Company
- Contact information
- Cookie Policy
- FAQ
- GDPR
- Home
- Newsroom
- Our services
- Company formation
- Crypto
- Crypto licenses
- Crypto license in Africa
- Crypto license in Asia
- Crypto License in Australia
- Crypto License in Canada
- Crypto license in Europe
- Crypto license in Bosnia
and Herzegovina - Crypto license in Bulgaria
- Crypto license in Czech Republic
- Crypto license in Estonia
- Crypto license in Georgia
- Crypto license in Italia
- Crypto license in Lithuania
- Crypto license in Poland
- Crypto license in Portugal
- Crypto license in Slovakia
- Crypto license in Switzerland
- Crypto license in the UK
- Crypto license in Bosnia
- Crypto License in New Zealand
- Latam crypto license
- Offshore crypto license
- Registration of a physical exchange office
- CASP License
- DAO in the UAE
- Drafting policies
for crypto projects - MiCA Regulation
- Registration DAO in Marshals
- VASP License
- White label consulting
- AML/KYC for Crypto
- Cryptoconsulting
- Tokenization
- Crypto licenses
- FinTech
- Investments
- Online Gaming
- Gambling licenses
- Betting License
- Gambling license in Australia
- Gambling license in Gibraltar
- Gambling license in India
- Gambling license in Malta
- Gambling License in Romania
- Gambling license in Tobique
- Vanuatu gambling license
- Gambling license in Great Britain
- Gambling license in Estonia
- Gambling license in Isle Of Man
- Gambling license in Curacao
- Gambling license in Costa Rica
- Gambling license in Comoros
- Alderney Gambling License
- Gambling license in Brazil
- Gambling license in Kahnawake
- Crypto Casino License
- Gambling license in South Africa
- Gambling license in Sweden
- Gambling license in the Philippines
- Online Casino Turnkey Solution
- White Label Gambling License
- AML/KYC for gambling
- Gambling consulting
- Drafting policies for gambling projects
- Gambling licenses
- Opening Accounts
- Privacy Policy
- Sitemap
Get in touch with us
Daria Lysenko
Senior lawyer
Valeriia Kozel
Customer manager