Crypto license in Czech Republic

Benefits of the Czech crypto license

Czechia’s crypto licensing regime offers several advantages for businesses:

• Fast and cost-efficient. While the process remains comparatively efficient, CNB now requires comprehensive documentation and the average review takes around 4–6 months in practice.
• One license for all services. Unlike some regulatory regimes that issue separate permits for different crypto activities (exchange vs. custody, etc.), Czechia (in line with MiCA) uses a single CASP license covering all authorized crypto-asset services. This all-in-one approach means an operator can start with one business line (say, a crypto exchange) and later expand into others (custodial wallets, staking, etc.) under the same license without needing a new authorization. The Czech license scope is very broad, enabling a company to offer virtually any crypto financial service once licensed. This flexibility is ideal for startups planning to diversify offerings – you don’t have to juggle multiple licenses as your business grows.
• EU market access and credibility. A Czech CASP license is valid across the entire European Economic Area, granting direct access to a ~450 million population market under a unified regulatory framework. Being regulated in an EU member state also signals credibility and compliance with high standards (AML, consumer protection, prudential rules). This can enhance trust among European banks, payment providers, and customers. In fact, Czech-licensed crypto companies often find it easier to establish banking relationships; several Czech banks are relatively accommodating to licensed crypto businesses that have strong AML controls. An EU regulatory stamp of approval reassures partners that the company is well-supervised, which is a significant advantage versus operating from an unregulated or offshore jurisdiction.
• Favorable tax regime. The Czech Republic offers a reasonably friendly tax environment for crypto businesses. The corporate income tax is a flat 21% on profits, which is lower than many Western European countries. There is no special turnover tax or “gaming” tax on crypto revenues. Moreover, cryptocurrency exchange services are generally exempt from VAT under EU law (crypto is treated akin to currency exchange). Financial services including crypto brokerage or exchange are not subject to VAT, meaning your fees or trading spreads aren’t eaten by sales tax. Profit distributions (dividends) to shareholders are possible at standard rates (often 15% withholding). Overall, the tax burden is moderate, and with prudent structuring a crypto startup can retain much of its earnings for growth.
• Robust yet transparent regulation. The Czech approach balances strict EU standards with business clarity. By promptly implementing MiCA, Czech authorities have provided clear rules for crypto firms, reducing uncertainty. The regulatory framework is published and accessible, so requirements are known in advance. The CNB, as the regulator, is aiming for a cooperative stance – overseeing compliance to ensure stability, but also providing guidance. This creates a stable environment with fewer regulatory surprises. Czechia has also demonstrated a pro-fintech attitude: for example, as early as 2018 the government supported initiatives like the Blockchain Connect Czech Alliance to promote blockchain innovation. This supportive ecosystem and the involvement of a respected regulator (CNB) give startups confidence that they operate in a well-governed, forward-looking jurisdiction.

Disadvantages of the Czech crypto license

There are some potential drawbacks to consider with Czech crypto licensing:

• Regulatory burden. While Czechia’s process is relatively business-friendly, the MiCA regime is rigorous. Applicants must meet significant requirements: a substantial capital deposit (€50k–€150k depending on services), a full EU-standard AML compliance program, audited financial statements, and detailed documentation for CNB review. Applicants must also implement an ICT operational resilience framework in line with Regulation (EU) 2022/2554 (DORA), including incident reporting, backup testing and third-party risk management. Ongoing compliance can be onerous, especially for very small operators – you need to maintain strict KYC procedures, transaction monitoring, periodic reports, and be prepared for regulator inspections (CASPs are deemed high-risk for AML, so CNB will closely scrutinize their controls). The CNB conducts on-site and remote inspections under its 2025 Supervision Plan for CASPs. Additionally, the law mandates having qualified management and possibly an EU-resident director and local compliance officer, which adds to personnel costs. In short, the Czech license comes with serious responsibilities and overhead that startups must be ready to bear. 
• Limited global recognition. An authorization in the Czech Republic (or any EU country under MiCA) is excellent for operating across the EU single market, but it is not recognized in other major jurisdictions outside the EU. Countries like the United States, United Kingdom, Canada, China, etc., have their own crypto regulatory regimes. A Czech/EU CASP license does not grant permission to serve customers in those markets. Operators will need to geo-block or restrict service to non-EU users, or pursue additional local licenses abroad if they wish to expand globally. This limitation is not unique to Czechia but is a general constraint of any jurisdiction-specific license – however, it means a Czech-based crypto startup cannot legally target, for example, U.S. customers unless it complies with U.S. laws separately.
• Transitional and evolving framework. The Czech crypto regulatory system is in a period of transition (2024–2025) as it upgrades from the old regime to the new MiCA regime. Existing companies have had to undergo a re-licensing process within a short timeframe, which can be administratively challenging. During 2023–24, some uncertainty existed as the new laws were being drafted and passed – for instance, the CNB could only start accepting CASP applications once the national legislation took effect in early 2025. This rapid change means some firms faced tight deadlines (the VASP registration path closes in mid-2025) and overlapping compliance obligations. While the end result will be a clear framework, in the short term this transition phase demands extra paperwork and attentiveness. Companies need to stay updated as the Czech authorities release new guidelines or clarifications during the MiCA implementation period.

Types of Czech crypto licenses

Under the current framework, the Czech Republic does not issue multiple different “crypto license” categories – it now offers a single comprehensive license for crypto-asset services (CASP). Historically, however, Czech law distinguished only a basic registration:

• Virtual Asset Service Provider (VASP) registration: This was the legacy setup (pre-2025) in Czechia. There was no special financial license for crypto; instead, a company would obtain a standard trade authorization for “providing services related to virtual assets” (added as Free Trade Category 81 in 2021). In practice, this meant registering a company with the Trade Licensing Office and notifying the authorities of crypto activities. No prudential supervision by the CNB was involved – the business was simply an “obliged entity” under the AML Act. This VASP registration allowed firms to run crypto exchanges, brokerages or wallet services legally, subject to AML rules, but it did not equate to a full financial license. It was relatively easy to obtain (essentially a formality once you had a Czech company and an AML compliance officer).
• MiCA Crypto-Asset Service Provider (CASP) license: Starting in 2025, Czechia transitioned to a unified CASP licensing regime in line with EU MiCA. Now any crypto exchange, custodian, or other service provider must apply to the CNB for authorization as a CASP. This single license covers all types of crypto-asset service activity. In Czech law, CASP licensees are further categorized by the scope of their services – essentially three classes within the CASP definition. Class 1 CASPs can execute orders, list crypto-assets, provide advice, portfolio management, and transfer crypto on behalf of clients; Class 2 CASPs (in addition to Class 1 services) can custody client crypto-assets and exchange crypto for fiat or other crypto; Class 3 CASPs (in addition to Class 2) can operate a crypto trading platform/marketplace. These classes determine the exact capital requirement and obligations, but they are not separate licenses – all are obtained via the same CNB application process. In effect, every Czech crypto-asset operator now goes through a single licensing pathway to become an authorized CASP, regardless of whether their business is an exchange, a wallet provider, a broker, or another service.

Czech law does not use any “white-label” or sublicense arrangements – each operator must be individually authorized by the regulator. During the transition, both the old and new regimes briefly coexisted (with new entrants encouraged to go straight for CASP). By mid-2025, the VASP registration route is phased out in favor of the MiCA-compliant CASP license.

Requirements for obtaining a Czech crypto license

Prospective licensees in the Czech Republic must meet a range of stringent criteria before the CNB will grant a CASP license. Key requirements include:

• Corporate structure & capital. The applicant must establish a Czech legal entity (usually a společnost s ručením omezeným – s.r.o., i.e. a limited liability company, or alternatively a joint-stock company). The company must have a minimum share capital according to MiCA’s thresholds: €50,000 for the most basic services, €125,000 for most trading/exchange services, and €150,000 if it will custody assets or run a trading platform. The exact capital required depends on the class of services (see above). This capital needs to be in place (paid into a bank account or otherwise verifiably available) as part of the application. The CNB will review the company’s capitalization and financial plan to ensure it can cover operational risks. (Notably, under the old regime the minimum capital was only 1 CZK, but under MiCA significant capital is now mandatory.) Beyond capital, the company must have a clear ownership structure and be incorporated in the Czech Commercial Register.
• Local presence and personnel. MiCA and Czech law require that a CASP have a real presence in an EU state. In practice, this means the company must have a registered office in Czechia and engage local services (e.g. local accounting). At least one director or board member should be resident in the EU (often this will be a Czech-resident manager to liaise with regulators). The firm must appoint certain key personnel: most importantly a dedicated AML/CFT Compliance Officer (sometimes called the “contact person” for FAÚ) responsible for anti-money laundering and know-your-customer procedures. This person needs adequate experience and will be the point of contact for the authorities. The organizational structure should include qualified individuals for management roles (CEO, risk manager, etc.), who collectively must oversee daily operations. While there is no requirement that all staff be in Czechia, the regulator will expect that the management is effective and at least one responsible officer is on the ground or easily reachable. Outsourcing of some functions is possible, but core compliance and governance must remain under the company’s direct control.
• Fit-and-proper vetting. All owners, directors, and senior managers of the applicant undergo thorough background checks by the CNB. Applicants must submit documentation for each relevant person, including CVs detailing experience, police clearance certificates (criminal record extracts), affidavits of financial integrity, and references. The regulator will assess whether each person is of impeccable reputation (no criminal convictions especially for financial or property crimes, no history of fraud or bankruptcy) and whether they have the competence to fulfill their role. Significant shareholders (generally anyone owning 10% or more, and certainly those with >25% ownership) are scrutinized for source of funds and suitability. If any proposed director or owner fails to meet the “fit and proper” criteria – for example, a past criminal issue or lack of relevant experience – the license can be refused. Essentially, the CNB must be convinced that the people in charge are honest, qualified, and reliable. An organizational chart and clear identification of Ultimate Beneficial Owners (UBOs) must be provided.
• Business plan and documentation. A detailed business plan and description of intended crypto services must accompany the application. The Czech National Bank will expect a comprehensive set of documents, including: the company’s constitutional documents (articles of association, etc.), a three-year financial projection and program of operations (detailing how and where services will be offered), and an analysis of the target market and competitive strategy. Applicants need to submit internal policies covering key areas: AML/CFT policies (procedures for customer onboarding, verification, transaction monitoring, reporting suspicious activity, etc.), information security policy, risk management policy, complaint handling procedures, and policies for safeguarding client assets (especially if you will hold client funds or crypto). The AML/KYC policy is particularly crucial and must align with Czech and EU standards. All documents must usually be in Czech language or officially translated. Any inaccuracies or gaps in the documentation can lead to delays or even rejection, so companies often hire legal advisors to ensure the application dossier is complete. The CNB will review this package in depth to verify that the company has robust plans and systems in place before granting a license.
• Technical infrastructure (DORA compliance). The crypto platform’s technical and IT setup must meet standards of security and operational resilience. Under the EU’s Digital Operational Resilience Act (DORA) and related guidelines, CASPs are expected to have secure IT systems to prevent hacks and protect client data. This means implementing strong cybersecurity measures (encryption, firewalls, multi-factor authentication), safeguards for private key storage if you custody crypto, and reliable systems for record-keeping of transactions. The CNB will typically require a description of the IT architecture and may ask how you plan to handle incident response, backups, and disaster recovery. If critical systems are outsourced (e.g. cloud hosting), that needs to be disclosed and managed under DORA principles. Essentially, you must show that your technology will keep customer assets and information safe and that you can remain operational (with minimal downtime) even under stress. Regulatory scrutiny of tech is increasing, so early investment in a solid infrastructure is important.
• AML/KYC and risk controls. Given the high risk of money laundering in the crypto sector, strong AML/CFT controls are absolutely required. Before licensing, the company must have in place procedures to verify customer identity (KYC – Know Your Customer) during onboarding, including identity documents, liveness checks, and screening against sanctions and politically exposed persons lists. It must implement ongoing transaction monitoring – tracking transactions for suspicious patterns or large volumes – and an internal system to flag and report suspicious transactions to the authorities. The EU Travel Rule (Regulation (EU) 2023/1113) also applies: CASPs must be able to collect and transfer originator/beneficiary information for crypto transfers above certain thresholds. The company’s staff should be trained in AML duties and the firm must designate the aforementioned AML officer. Additionally, risk management policies should cover areas like conflict of interest, fraud prevention, and ensuring that client assets are segregated from company assets if applicable. Czech authorities will expect a culture of compliance – demonstrating that from day one, the startup will follow the law diligently. All these plans (often compiled in an “internal control system” document) need to be ready at application time.
• Application submission to the CNB. Once all preparations are done, the company submits its license application file to the Czech National Bank (which became the competent authority for CASPs in 2025). The application is a formal request for authorization, including all the documentation described above, and a cover form as per MiCA/ČNB requirements. Upon receiving the application, the CNB first checks that it is complete (MiCA specifies about 5 working days for an initial completeness check). Then the substantive review begins – by law, the CNB has up to 3 months (90 days) to decide on a CASP license application, which can be extended if additional information is needed. In practice, back-and-forth questions from the regulator may occur. If all goes well, the CNB will issue a decision granting the CASP authorization. Only after this approval can the company commence full operations under the new license. (Existing companies that applied by the deadline could continue operating during the review period based on their old registration, as noted.) It’s important to note that prior to applying to CNB, the company must already exist and typically have its trade license registered – so incorporation and basic registration are prerequisites to the CNB phase.

Costs & taxes

Key costs to budget for when obtaining and operating a crypto license in Czechia include:

• State and CNB fees. The Czech authorities do not charge high government fees for crypto licensing. The trade license registration itself had only a nominal administrative fee (around CZK 1,000, a negligible amount, often waived) and the state application fee for the crypto authorization was €0. Under the new regime, the CNB may introduce an application processing fee, but it is expected to be relatively modest (on the order of a few thousand euro at most, similar to fees in Lithuania or other EU states). There is no annual license fee in Czechia; however, a supervisory levy applies annually under § 18 of Decree 108/2025 Coll.  This makes Czech one of the more cost-effective jurisdictions in terms of government charges (by contrast, some countries impose tens of thousands in license fees or monthly supervision levies). In summary: application fee ~ €800.
• Share capital. The most significant capital cost is meeting the minimum capital requirement. As noted, this ranges from €50k to €150k depending on the services offered. Many exchanges or custodians will fall in the €125k–€150k bracket. This money typically must be paid into the company’s bank account as share capital or otherwise blocked for proof during the licensing process. While those funds remain the company’s equity (and can be used for operations after licensing to an extent), effectively the founders must have this amount available and cannot deploy it elsewhere until the license is granted (and even then, minimum capital must usually be maintained on the books). In addition, there may be minor costs for company formation (Czech LLC incorporation fees are low, a few hundred euro). Under the legacy regime the capital requirement was purely symbolic (1 CZK), which was a big draw for startups – the new MiCA standard is a higher bar, though still lower than traditional financial institutions (for comparison, a Czech bank requires €20 million capital). Founders should treat the required capital as essentially ring-fenced for the business and regulatory compliance.
• Corporate and other taxes. Crypto companies in Czechia are subject to normal business taxes. The corporate income tax (CIT) rate is 21% as of 2024, applied on net profits. This is a flat rate and considered relatively competitive in the EU. There is no special crypto tax on trading volumes or revenues. Importantly, cryptocurrency exchange and trading services are generally treated as financial services and thus exempt from VAT (value-added tax) by EU law (following the ECJ ruling in case C-264/14). This means if your business is exchanging crypto for customers (and earning a spread or commission), you typically do not add VAT to those fees. However, certain ancillary services (like consulting services for crypto investments) might be VAT-applicable at 21% if they don’t qualify as financial transactions. Payroll taxes and social contributions will apply for any employees, and if the company owns property or other taxable assets, standard Czech tax rules apply. When distributing profits, dividends to foreign shareholders usually incur a 15% withholding tax (though EU parent companies may be exempt and tax treaties can reduce this). Overall, the tax regime is straightforward and does not single out crypto activities for any extra burdens – in fact, the VAT exemption on crypto trading is a significant benefit, effectively making crypto financial services tax-free for end users.
• Compliance and professional services. Beyond governmental fees and capital, a sizable portion of expenses will be for professional services and compliance. Obtaining the license often involves legal and consultancy costs – many firms hire specialized lawyers or consultants to prepare the application dossier, draft policies, and correspond with the CNB. Such services can range from €5,000 to €20,000+ depending on complexity. Additionally, the company must set up proper accounting and possibly an annual audit (if required due to size or by CNB mandate), which means hiring auditors and accountants; an annual financial audit might cost a few thousand euros. The AML compliance program might need external support – for instance, subscribing to electronic identity verification services, transaction monitoring software (cost varies by volume, but plan for thousands per year), and periodic independent AML audits or training sessions for staff. IT security is another area: one might invest in cybersecurity assessments or DDoS protection services. Furthermore, the law may require certain insurance (while not explicitly in MiCA, some firms voluntarily get professional indemnity insurance). In summary, a new CASP should budget for ongoing compliance costs in the five figures annually. These ensure that the company stays in good standing with regulators and avoids costly penalties.
• Total first-year budget. Combining the above, a rough first-year budget for a Czech crypto startup aiming to get licensed could look like: €50k–€150k tied up as share capital, ~€1k for company setup, ~€0–€5k in government/CNB fees, perhaps €20k–€40k in legal and consulting fees for the license process, and additional working capital for salaries and IT. Many estimate that aside from the capital, pure operational and advisory costs in the first year of licensing run on the order of tens of thousands of euros. For example, including the cost of one compliance officer, office rent, and professional services, you might see €50k+ spent in year one (not counting the capital). The exact figure will depend on how much is done in-house vs outsourced. The good news is that Czechia’s requirements are still cheaper than some jurisdictions (where just the license fee might be huge). Careful planning and use of local Czech service providers (who often have lower rates than Western Europe) can keep costs manageable. After initial setup, ongoing costs in subsequent years might decrease as one moves from setup mode to routine compliance.

Ongoing maintenance of your crypto license

After obtaining the license, a company must continually meet compliance obligations and maintain a good regulatory standing. Key aspects of ongoing maintenance include:

• Regulatory reporting. Licensed CASPs in Czechia are required to file regular reports to the Czech National Bank. This includes financial reports (at least annual financial statements, which may need to be audited), and could include quarterly or semiannual reports on operations or volume of activities. The CNB may also require specific reports such as the number of clients, total transaction values, etc., as part of EU-wide monitoring. Additionally, any extraordinary events (like security breaches or significant system outages) might need to be reported promptly. Maintaining comprehensive records of all transactions and customer activity is mandatory – records must generally be kept for at least 10 years. It’s wise for a CASP to set up a compliance calendar to track all reporting deadlines (e.g. monthly AML reports, annual audits, tax filings) to ensure nothing is missed. Being late or inaccurate with regulatory reports can draw penalties, so this is a critical part of post-licensing duties.
• AML/KYC obligations. Compliance with anti-money laundering requirements is not a one-time thing at licensing – it is an ongoing obligation. The company must continuously enforce its KYC procedures: verifying new customers, refreshing KYC for existing clients periodically, screening against updated sanctions lists, etc. Every transaction or activity that looks suspicious (e.g. unusual trading patterns, large transfers from a high-risk country) must be investigated and, if deemed suspect, reported to the FAÚ (Financial Analytical Office) without undue delay. Czech law (AML Act) requires that suspicious transaction reports be filed promptly and that a designated AML officer maintain ongoing contact with the FIU. In practice, reports of suspicious activity should be sent as soon as possible (often within 24 hours of detection). The business must also implement any new AML rules that come into force, such as updated EU directives or local regulations – for example, the EU’s 6th AML Directive and the Crypto Travel Rule requirements are now in effect, demanding robust data-sharing for transfers. Regular training of staff on AML/CFT is expected. The CNB or FAÚ can conduct inspections or request information to ensure the firm’s AML systems are working. Failure to have proper AML processes post-license is one of the most common causes of enforcement action, so this area requires constant vigilance.
• Audits and testing. Licensed crypto companies are expected to subject themselves to periodic audits and tests of their controls. Financial statements will typically need an independent audit each year (especially if the company exceeds certain size thresholds or holds client assets). The CNB may require an audit report as part of ongoing supervision. In addition, it’s prudent to conduct regular compliance audits – for example, hiring an external expert to review your AML procedures annually and ensure they meet current standards. The Czech regulator might not mandate a formal crypto-specific audit, but demonstrating proactive compliance (via third-party audit certificates or ISO security certifications) can be beneficial. The IT infrastructure should also undergo routine security testing (penetration tests, etc.) to identify vulnerabilities. Moreover, CASPs must test their business continuity plans and be prepared for disaster recovery, as required under operational resilience rules. All these efforts serve two purposes: they help prevent problems (like security breaches or compliance lapses) and they create an evidence trail that you are fulfilling obligations. When the CNB engages in supervisory oversight, having audit reports and test results ready will facilitate a smoother review.
• Change management. After licensing, any significant change in the company’s setup must be communicated to the regulator – and often pre-approved. This includes changes in ownership (if a new investor is going to acquire, say, 20% of the company, the CNB will likely need to vet and approve that shareholder beforehand), changes in directors or key managers (a new CEO or AML officer must typically be reported to the CNB and they may require the same fit-and-proper documentation for the new person), and changes in the services or business model (if a CASP licensed as an exchange decides to add custody services, it needs to ensure its license scope and capital cover that, and inform CNB). Also, any relocation of the office or significant outsourcing of functions should be discussed with regulators. Essentially, the license is granted based on certain conditions (specific people, capital, business plan) – material deviations from those conditions without approval could invalidate the license. The Czech National Bank emphasizes that it must be kept in the loop to maintain effective supervision. Keeping an open line of communication and seeking regulatory approval for changes will prevent headaches down the road.
• Consumer protection and conduct. Although crypto-assets are not legal tender in Czechia and specific investor protection laws for crypto are still developing, MiCA introduces various conduct requirements that CASPs must follow. This includes having transparent terms and fees for customers, honest marketing (no false promises of guaranteed returns, etc.), and handling client assets with care (if you hold customer crypto or fiat, you should segregate those funds and have safeguarding measures). Any advertised white papers for new token offerings must comply with disclosure rules. Czech regulators expect CASPs to act fairly and in the best interest of clients, similar to how other financial institutions are expected to behave. A mechanism for addressing customer complaints is also necessary – customers should have an avenue to file complaints, and the company must record and respond to these within set timeframes. While historically there wasn’t a formal “client protection” regime beyond AML for crypto, under MiCA the standards are rising. Demonstrating a customer-centric approach (like implementing strong security to protect users, and promptly informing users of any incidents) is not only good practice but will also keep you aligned with evolving regulations.

Suspension or revocation of a Czech crypto license

The Czech National Bank has the authority to suspend or revoke a CASP license if a licensed company seriously breaches regulations or no longer meets the conditions of licensing. Grounds for suspension or revocation are similar to other financial sectors and include:

• Serious AML/CFT violations: If a CASP is found to be systematically failing in its AML duties – for example, not verifying customers, ignoring suspicious transactions, or being used for money laundering – the regulator can intervene. Repeated or egregious non-compliance with the AML Act or CNB measures can lead to a license being withdrawn to protect the financial system.
• Failure to meet technical standards under ESMA RTS 2025/305 or breaches of operational resilience obligations under DORA may lead to license revocation.
• Capital or solvency issues: A CASP must maintain the required capital and overall financial soundness. If the company’s capital falls below the required minimum (e.g. heavy losses erode its equity and it doesn’t top-up), or if it becomes insolvent, the license is at risk. The CNB can suspend operations until the shortfall is corrected, or revoke the license if the firm is no longer financially viable.
• Fraud or mismanagement: Any evidence that the company engaged in fraud, misled regulators, or seriously mismanaged client assets can trigger immediate action. For instance, if a licensed exchange was found to be misappropriating customer funds or lying in its reports, the CNB could revoke the license to prevent further harm.
• Operating outside scope: Providing services that are not covered by the license or MiCA (for example, dealing in e-money tokens without the proper authorization, or venturing into securities without a license) can result in penalties. If a CASP strays beyond crypto into regulated financial instruments without permission, that’s a breach that could cost the license.
• Governance failures: The CNB expects the licensed entity to have suitable management at all times. If key persons resign and are not replaced, leaving the company without qualified leadership or compliance staff, the regulator may issue a warning or suspension until the situation is remedied. Persistent governance failures (e.g. the inability to retain an AML officer, or having management interference from unapproved shadow owners) could lead to revocation.

In cases of suspected criminal activity or urgent threats, the CNB can issue immediate suspension orders to halt a CASP’s operations pending investigation. For example, if there’s suspicion the platform is being used for sanctioned payments or terrorist financing, authorities won’t wait long – they can freeze activity while investigating. Generally, the CNB will first give the company a chance to correct issues (through orders or fines), but if problems are not fixed in a timely manner, revocation is the last resort. The overarching goal is to protect consumers and the integrity of the market; thus, any licensee must be diligent about ongoing compliance to avoid endangering its authorization.

Updates to Czech crypto licensing (2024–2025)

The regulatory landscape for crypto in the Czech Republic has evolved rapidly in 2023–2025:

• MiCA adoption. On the European level, the Markets in Crypto-Assets Regulation (MiCA) – Regulation (EU) 2023/1114 – was adopted in 2023, setting a harmonized crypto framework for all EU states. MiCA’s provisions started to take effect in stages (certain token issuer rules in mid-2024, and the CASP licensing rules on 30 December 2024). Czechia moved quickly to implement MiCA nationally. The Czech Parliament passed the Act on the Digitalisation of the Financial Market (often just called the Digital Finance Act) in late 2024 to empower the CNB as the crypto licensing authority. The act was approved by the lower house on 6 December 2024 and sent to the Senate by 30 December 2024. It took effect in early 2025, enabling the CNB to officially begin accepting CASP applications. As a result, from January 2025 onward, MiCA is in force and Czech law is aligned with it. This was a swift transposition, demonstrating Czechia’s commitment to the EU’s digital finance strategy. Digital Finance Act empowering the CNB as the competent authority for CASP licensing.
• Transitional regime. To avoid disrupting existing businesses, a transition period was provided. Any crypto service provider already operating under a Czech trade license before MiCA’s start (i.e. before 30 Dec 2024) is allowed to continue operating until 31 July 2025 provided that they submit a CASP license application by that date. In other words, legacy VASPs had to apply for the new license by mid-2025 to keep running. If they apply in time, they can keep operating under the old rules until the CNB makes a final decision on their CASP application (with an absolute cutoff of 1 July 2026 even if a decision is still pending by then). During this transition, no new purely “old regime” entrants are allowed (after Jan 2025, new businesses are expected to go the CASP route). By August 2025, any firms that did not apply are supposed to cease crypto-asset services in Czechia. This transitional measure has helped existing exchanges and wallet providers smoothly migrate into the MiCA system, although it meant a flurry of applications in early 2025.
• Stricter substance and AML expectations. Alongside MiCA, Czech authorities have heightened their requirements on local substance and AML/CFT compliance. Whereas the pre-2025 regime had minimal local presence rules, the new regime classifies CASPs akin to financial institutions, which implies expectations of real business operations in Czechia (or at least the EU). Regulators are looking for companies to have meaningful management control within the country and not just be brass-plate entities. Additionally, AML rules have been strengthened: Czechia follows the latest EU AML Directives (up to the 6th AMLD) and has updated national laws accordingly. The CNB in 2024 issued an updated decree on internal AML controls (updating Decree 67/2018 Coll. with 108/2024 Coll.) to refine what is expected of obligated entities. The EU’s Travel Rule for crypto transactions came into effect via Regulation (EU) 2023/1113, and Czech CASPs must implement it (collecting and transferring sender/receiver info for crypto transfers). Overall, the regulatory tone has shifted to “same business, same risks, same rules” – meaning crypto firms are now held to standards closer to other financial firms, particularly in customer due diligence and risk management.
• Transparency and registers. Czech regulators have moved to increase transparency in the crypto sector. The CNB maintains (or will maintain) a public register of licensed CASPs, similar to how it lists banks and payment institutions. This allows anyone (customers, other businesses) to verify if a company is duly licensed in Czechia. In addition, under MiCA, national regulators share information with ESMA (the European Securities and Markets Authority) which will publish central registers – for example, a list of all CASP license approvals in the EU and a database of white papers for crypto-assets offered to the public. Consumers will be able to check these EU-wide registers to confirm the status of a provider. The move towards transparency is also seen in new requirements for firms to disclose certain information: CASPs will likely have to report statistics to the CNB that may be aggregated and published (as happens with other financial sectors). Also, enforcement actions (e.g. if a license is revoked) might be publicly announced to inform the market. All these steps are meant to build trust and provide clear information now that the industry is under a formal regulatory umbrella.

Who issues Czech crypto licenses?

Previously, the Czech Republic’s approach to crypto was regulatory light. There was no single “master license” or regulatory authority that granted a special crypto license. Instead, crypto businesses operated by registering their trade with the Trade Licensing Office (under the Ministry of Industry and Trade) and by complying with the AML Act as obligated entities overseen by the FAÚ (Financial Analytical Office). The FAÚ (which is the Czech financial intelligence unit) did not issue licenses; it simply maintained a list of entities that declared crypto activity and it monitored their AML compliance. So essentially, prior to 2025, a Czech crypto exchange or wallet provider was self-regulated in the sense of having only a trade license and being subject to audits by FAÚ. There was no involvement by the Czech National Bank in licensing or prudential supervision of crypto (the CNB’s domain was banks, payment service providers, etc.).

Today, under the MiCA framework, the Czech National Bank is the sole licensing authority for crypto-asset service providers. The CNB has become the designated “competent authority” responsible for authorizing and supervising CASPs in the Czech Republic. Every crypto firm that wants to operate legally as a service provider (exchange, broker, custodian, etc.) must apply directly to the CNB for a CASP license. There is no third-party or delegated licensing; it’s a formal regulatory approval similar to how the CNB licenses banks or payment institutions. This is a significant change: crypto businesses are now brought into the supervised financial sector. The CNB coordinates with European regulators through ESMA for cross-border aspects. The FAÚ remains relevant as the AML supervisory body (and CASPs must still report suspicious activities to FAÚ), but when it comes to granting the right to operate and overall oversight, it’s the CNB in charge. In summary, Czech crypto licenses are issued by the state, specifically by the Czech National Bank – not by any private entity – and companies must go through the official authorization process to receive one.

Why the Czech crypto license is attractive for startups

For entrepreneurs and startups in the crypto space, the Czech Republic offers a very appealing entry point into the regulated market:

• Single-scope license (flexibility). With Czech’s single CASP license covering all crypto-asset services, a startup can launch one product and pivot or expand without regulatory friction. For example, you might start as a crypto broker facilitating trades, and later add a custodial wallet service or a staking offering – all under the same license. You simply ensure compliance with any additional rules for the new activity (like increasing capital if moving to a higher service class) but you do not apply for a new license from scratch. This flexibility is a big advantage for startups in a fast-evolving industry. It allows for innovation and iteration on the business model. You essentially have a broad permission slip to explore various revenue streams in the crypto domain (trading, custody, payments, ICO advisory, etc.) so long as you stay within the MiCA-defined scope. Startups appreciate not being siloed by narrowly defined licenses.
• Favorable tax and EU market access. From a business growth perspective, Czechia provides a solid platform. The reasonable 21% corporate tax and absence of VAT on crypto trades mean you keep more of your earnings to reinvest, which is valuable when margins are thin in early stages. There are also possibilities to optimize taxes (for instance, by reinvesting profits into R&D which can have incentives, etc.). Crucially, being in Czechia means being in the European Union – so your licensed startup can immediately access customers in all EU countries. You can market to clients in Germany, France, Italy, etc., without needing separate approvals, vastly enlarging your addressable market. This scale is hard to achieve elsewhere. If you compare with, say, a licensed entity in a smaller non-EU jurisdiction, they might struggle to serve large European economies; the Czech license circumvents that. Thus, a Czech-based crypto startup can quickly go international across Europe, which is a huge boost for growth potential.
• Industry credibility and investor appeal. Being a regulated entity in the Czech Republic (and by extension under EU law) gives a stamp of legitimacy that can be very persuasive to partners and investors. Many venture capitalists and institutional partners prefer companies that operate under clear regulations, as it reduces legal uncertainties. The CNB’s oversight signals that the company meets rigorous standards. This can open doors to partnerships with traditional financial institutions – for example, banks or payment processors are far more willing to work with a company that holds an EU license and has proper compliance, as opposed to an unlicensed outfit. Even customers may take comfort in knowing the platform is licensed and monitored. For a startup, this credibility can translate into easier fundraising (some VC funds have mandates to only invest in regulated businesses in certain sectors) and better banking relations (some Czech banks will provide accounts to licensed CASPs whereas they would reject unlicensed crypto businesses). In summary, the Czech license can enhance your reputation domestically and internationally.
• Supportive fintech ecosystem. Prague (and Czech Republic generally) has a vibrant tech and fintech scene. There are established communities of blockchain developers, crypto entrepreneurs, and supportive institutions. The government has shown interest in fintech innovation – as evidenced by initiatives like the Czech Blockchain Alliance and various conferences. The availability of local talent in IT and finance is another plus – you can find skilled developers, compliance specialists, and other professionals often at lower cost than in hubs like London or Berlin. Moreover, local advisory firms and law firms are experienced with crypto cases (thanks to the early emergence of crypto in Prague’s tech circles), so startups can find guidance easily. The Czech regulatory authorities also tend to be open to dialogue – the CNB and Ministry have engaged with the industry to ensure regulations are workable. This relatively open environment means as a startup you’re not alone; you have access to a network of experts, potential partners, and even incubators or innovation hubs (Prague is home to several fintech incubators) that understand crypto. All of these factors create an ecosystem where a young crypto company can flourish with the right idea and execution.

Official Sources & Primary Legislation (CNB / FAÚ / MiCA)

Primary Acts

• Regulation (EU) 2023/1114 (Markets in Crypto-Assets, MiCA) — full text
• Regulation (EU) 2023/1114 (MiCA) — PDF version
• Regulation (EU) 2023/1113 — Transfer of Funds and Certain Crypto-Assets (EU Travel Rule) — full text
• Act No. 253/2008 Coll. — AML Act (English, PDF)
• Act No. 31/2025 Coll. — Digital Finance Act (implements MiCA at national level)

CNB — Czech National Bank (Licensing Authority under MiCA)

• Official CNB website
• Crypto-assets — CNB supervisory information
• Laws & Regulations for Crypto-assets (incl. MiCA & national act)
• CNB’s area of competence under MiCA
• Consumer notices — risks & warnings related to crypto-assets

FAÚ — Financial Analytical Office (AML/FIU Authority)

• Information for VASPs — trade licence & scope of activities
• VASP as obliged entity — AML duties (risk assessment, KYC, reporting)
• New legal framework — Travel Rule applicability & AML classification
• Information for public & warnings

EU Supervisory Registers & Guidelines (ESMA / EBA / EC)

• ESMA — MiCA overview, supervisory framework & technical standards
• ESMA — Databases & Registers (incl. EU-wide CASP register)
• EBA — Travel Rule Guidelines (press release)
• European Commission — Crypto-assets / MiCA portal