Back to blog
March 13, 2025 Updated May 20, 2026

Navigating MiCAR: A comprehensive guide to EU crypto regulation timelines

Fiat_Republic_Blog_Thumbnail_V3_1920x1080

Implementing MiCAR presents significant operational challenges for crypto-asset service providers (CASPs) due to varying transition timelines across jurisdictions.  The grandfathering periods—ranging from as short as 5 months to the maximum allowable 18 months—allow existing CASPs to continue operations while preparing for full MiCAR license compliance. The transition began on December 30, 2024, and the latest possible compliance deadline for some jurisdictions with the full 18-month extension is July 1, 2026.

A MiCAR license in one jurisdiction can be passed across all EEA jurisdictions. Therefore, it is recommended that each business choose a jurisdiction in the EEA that makes the most business sense for them, intending to passporting it across the rest of the EEA. To help with that decision, we have included below an extensive list of all the transition timelines and essential requirements to apply for a CASP license since MiCAR took full effect.

Transition timeline from December 30, 2025

Immediate action required (5-6 months)

  • Lithuania (5 months): May 30, 2025

  • Latvia (6 months): June 30, 2025

  • Hungary (6 months): June 30, 2025

  • Netherlands (6 months): June 30, 2025

  • Poland (6 months): June 30, 2025

  • Slovenia (6 months): June 30, 2025

  • Finland (6 months): June 30, 2025

Medium-term implementation (9-12 months)

  • Sweden (9 months): September 30, 2025

  • Bulgaria (12 months): December 30, 2025

  • Ireland (12 months): December 30, 2025

  • Greece (12 months): December 30, 2025

  • Spain (12 months): December 30, 2025

  • Italy (12 months): December 30, 2025. Entities registered as VASPs in the Italian AML/TF register must file their application within six months to benefit from the grandfathering period (by June 30, 2025)

  • Austria (12 months): December 30, 2025

  • Slovakia (12 months): December 30, 2025

  • Liechtenstein (12 months): December 30, 2025

Extended implementation (18 months)

  • Czechia (18 months): July 1, 2026. Applicant CASPs must apply before July 31, 2025, to benefit

  • Denmark (18 months): July 1, 2026. Applicant CASPs must apply before December 30, 2024, to benefit

  • Estonia (18 months): July 1, 2026

  • France (18 months): July 1, 2026

  • Croatia (18 months): July 1, 2026

  • Cyprus (18 months): July 1, 2026

  • Luxembourg (18 months): July 1, 2026

  • Malta (18 months): July 1, 2026

  • Romania (18 months): July 1, 2026

  • Iceland (18 months): July 1, 2026

 

Pending Determination

  • Belgium (TBA)

  • Norway (TBA)

  • Germany (TBA)

  • Portugal (TBA)

* This information is sourced directly from the European Security and Markets Authority and is retrievable here.

The most essential requirements to apply for a CASP license

This section outlines the key requirements for entities seeking to obtain a CASP license under the MiCAR framework in the European Union. While these requirements provide a general foundation, specific implementation details and regulatory approaches may vary significantly across different EU jurisdictions. Prospective CASPs should thoroughly research their target jurisdictions’ specific interpretations and additional requirements.

  1. Business setup and registration
    1. Company registration: Register as a Limited Liability Company (LTD) or similar structure in an EU member state
    2. Office location: Maintain a physical office in the EU to meet economic substance requirements
    3. Directorship: Ensure there is a director with EU residency who meets security requirements
  2. Capital requirements: the minimum capital required depends on the services offered
    1. €50,000 for essential services like order reception and transmission
    2. €125,000 for services, including exchange and trading
    3. €150,000 for services, including custody and management of crypto assets
  3. Governance and compliance
    1. Board composition: a minimum of four board members, including two executive directors and two independent members
    2. Key officers: appoint a Compliance Officer, Risk Manager, and Financial OFFICER
    3. AML/CFT policies: Implement robust Anti-Money Laundering (AML) and Counter-Terrorist Financing (CTF) policies
    4. Risk management: Establish internal control mechanisms for risk management
  4. Documentation and systems
    1. Business plan: outline financial projections, governance structure, and compliance measures
    2. IT systems: provide detailed documentation of IT infrastructure and cybersecurity measures
    3. Client protection: Ensure secure custody of client assets and implement mechanisms for handling complaints.
  5. Application process:
    1. Jurisdiction selection: Choose an EU or EEA state for licensing, considering local regulations
    2. Application submission: apply to the competent authority in the chosen jurisdiction
    3. Undergo an audit to verify compliance with MiCAR requirements
  6. Ongoing compliance
    1. Regular reporting: Provide regular financial reports to the regulator
    2. Ongoing supervision: Be prepared for ongoing supervision by the regulator to ensure compliance with MiCAR obligations

Conclusion

The varying implementation timelines for MiCAR across EU and EEA jurisdictions create a complex regulatory landscape requiring crypto-asset service providers’ careful navigation. With some countries requiring compliance as early as May 2025 and others extending the transition period to July 2026, CASPs must develop strategic, jurisdiction-specific compliance plans.

Early engagement with regulators, proactive authorization applications, and careful monitoring of regulatory developments will be essential for maintaining operational continuity throughout this transition period. The sooner CASPs begin their preparatory work, the better positioned they will be able to secure their licenses and operate freely across the different jurisdictions within the EU. While building a solid and robust compliance framework demands significant resources, this investment will ultimately make the industry more reliable, enhance market confidence, and open doors to new possibilities previously unattainable in a fragmented regulatory landscape. Forward-thinking providers who embrace these changes will survive the transition and thrive in the newly harmonized European crypto-asset marketplace.

Make compliance effortless with Fiat Republic

Stop letting regulatory complexities slow your crypto business’s growth. With our Oxygen transaction monitoring platform, you can use fiat rails for crypto to monitor compliance and fraud. This allows you to focus on expanding your user base and building your platform in the crypto world.

Why choose Fiat Republic

  • Complete regulatory coverage: We track regulations, help you monitor transactions with our Oxygen platform, and advocate with regulators.

  • Enhanced security and efficiency: Comprehensive data capture with automated reconciliation saves time

  • Uninterrupted banking access: Our trusted banking network ensures continuous fiat access regardless of policy changes

Get in touch below

 

Related Blog Posts

June 24, 2026

The Crypto Travel Rule: What It Means for Your Business Compliance

The crypto Travel Rule requires VASPs to share originator and beneficiary data on transfers. Here’s what it means in 2026 and how to comply.
May 21, 2026

Poland VASP Redomiciliation: A Compliance Officer's Guide to Post-MiCA Migration

Polish VASPs lose authorisation on 1 July 2026 with no domestic CASP route. A compliance-led guide to redomiciliation options, timelines, and what to prepare now.
April 15, 2026

What Are Electronic Money Tokens (EMTs)? MiCA Rules Explained

Learn what Electronic Money Tokens (EMTs) are, how they work under MiCA, and the key benefits and risks for exchanges, users and fintech issuers.
Decorative background of scattered coins
Bridge the gap between Banks & Crypto

Let’s connect and explore how our network can power your fiat access, partnerships, and growth in Web3.

FIAT REPUBLIC

Website operated by Fiat Republic Ltd, a company registered in England and Wales with company no. 13466461. Services provided in the United Kingdom by Fiat Republic
Financial Services Ltd, with company no. 08649018 authorised and regulated by the Financial Conduct Authority (FRN 900524) as an electronic money institution.

Fiat Republic Netherlands BV, with company no. 84625791, is authorised and regulated by the Dutch Central Bank (Relation number: R190553) as an electronic money institution.

Fiat Republic Canada Inc, with company number 1000040920, is registered as a Money Service Business (MSB) in Canada with registration number M22599700.

Fiat Republic US Inc, with company number 7153916, is registered as a Money Service Business (MSB) in the U.S with registration number 31000235244531.