A Crypto-Asset Service Provider (CASP) authorization is the formal approval to offer regulated crypto-asset services within the European Union. Under MiCA, CASPs include firms providing custody, trading platform operation, crypto-fiat and crypto-crypto exchange, order execution, advice, transfer, and portfolio management of crypto-assets. In essence, a CASP operates under a unified EU framework for crypto-asset markets.
MiCA is technology-neutral but rooted in distributed ledger technology (DLT) and aligns with the EU’s broader digital finance agenda, including the DLT Pilot Regime and the DORA regulation for ICT resilience. Once licensed, CASPs can passport their services across all EU/EEA countries.
Why a CASP License Is Required
MiCA makes authorization mandatory for nearly all commercial crypto-asset services. The regulation aims to protect investors, ensure market integrity, and reduce financial crime. Firms must demonstrate robust AML/CTF compliance, sound governance, and effective internal controls. MiCA also defines specific rules for asset-referenced tokens (ARTs) and e-money tokens (EMTs), each with distinct issuer and platform obligations.
Indicative Initial Capital Under MiCA:
| Service | Capital Requirement |
|---|---|
| Advice; order transmission | €50,000 |
| Portfolio management; execution; placing | €50,000–€125,000 |
| Custody and administration | €125,000 |
| Trading platform; exchange | €150,000 |
Licensing Procedure
- Scoping and Analysis: Map your activities to MiCA service definitions.
- Program of Operations: Define governance, staffing, technology, and internal controls.
- Prudential Readiness: Calculate capital and liquidity needs.
- AML/CTF Framework: Implement KYC, transaction monitoring, and Travel Rule compliance.
- ICT and DORA: Prepare policies on security, incident response, and third-party risk.
- Pre-Application Meeting: Optional consultation with the regulator.
- Submission: File the authorization application with supporting documentation.
- Review and Decision: Authorities review and may request clarifications. Approval enables EU-wide passporting.
CASP Licensing in Key Jurisdictions
| Jurisdiction | Authority | Highlights |
|---|---|---|
| Poland | KNF | Strong governance and AML focus; well-documented procedures; good regional reach. |
| Lithuania | Bank of Lithuania | Fintech-friendly, efficient supervision, and robust DORA alignment. |
| Luxembourg | CSSF | High institutional standards, precise documentation, ideal for cross-border strategies. |
Reverse Solicitation and Non-EU Firms
Non-EU entities cannot provide regulated crypto services in the EU without CASP authorization. Typically, they establish an EU subsidiary and apply for CASP license, then use passporting for pan-European operations.
Common Challenges and RUE’s Solutions
- Capital planning: Align forecasts with regulatory expectations.
- DORA compliance: Build robust ICT governance early.
- Service definition: Clarify scope to avoid misclassification.
- AML/KYC systems: Implement scalable monitoring and screening tools.
- Group structure: Maintain clear oversight of outsourcing and intragroup functions.
RUE’s CASP Licensing Support
Trust: Direct representation before KNF, CSSF, and others by ex-regulatory counsel.
Convenience: Full readiness assessment within 10 business days; one project manager for all workstreams.
Speed: Regulator-ready templates and documentation.
Quality: Detailed service mapping and governance training.
Economy: Transparent pricing and reusable documentation across EU jurisdictions.