4490

MiCA Regulations Coming to EU

MiCA Regulations Coming to EU

The European Union (EU) has long been recognized for its commitment to establishing uniform regulations that promote stability and transparency across its member states.  In line with this tradition, the EU is now poised to introduce the Markets in Crypto-Assets (MiCA) regulations.

These regulations will have a significant impact on the crypto industry within the EU and are expected to shape its future landscape by providing a clear regulatory framework for the crypto industry to thrive. This article will dive into what MiCA means for cryptocurrency-related businesses operating in the European Union.

MiCA Is Now in Force: What Has Actually Changed Since 2023

On December 30, 2024, the CASP authorisation regime came into full effect across the EU. National transitional arrangements ran alongside it, giving existing providers time to upgrade from legacy registrations to full CASP status.

That transitional window closed on July 1, 2026. ESMA confirmed in April 2026 there would be no extension. Any business still operating in the EU without a valid CASP authorisation after that date is in breach of EU law and must immediately stop serving European customers. The deadline is written into the regulation’s text and is binding on all 27 member states simultaneously.

The practical effect on the market has been significant. Around 18% of crypto platforms that operated in the EU have shut down or exited since MiCA enforcement tightened. Those that remain are now operating under the same framework that governs traditional financial institutions, not a lighter-touch AML registration regime.

MiCA classifies crypto assets into three categories: e-money tokens (EMTs), asset-referenced tokens (ARTs), and other crypto-assets including utility tokens. The regulation applies based on where the customer is located, not where the exchange is incorporated. A platform based outside the EU that actively markets to French or German users must comply with MiCA and obtain CASP authorisation to serve those users legally. Physical location outside the EU is not a carve-out.

MiCA classifies crypto assets into three categories:

  1. E-money token (Bitcoin, Litecoin, etc.)
  2. Asset References Token (ART) (stablecoins, synthetic assets, etc.)
  3. Others (utility tokens and others)

A key thing to note is that the MiCA regulations will overrule any existing laws that are already in place in certain parts of the EU, creating a harmonized regime across the EU.

At Paybis, we have already begun taking prompt steps to stay compliant with the changing regulatory landscape and are also incorporating these changes to our white label on/off-ramp solution. That way, our partners will have peace of mind knowing that our solution is MiCA-compliant. 

It’s also important that you are compliant, taking into account your business model. Use this article as a starting point to identify any forthcoming changes and plan for compliance.

Objectives of MiCA Regulations

The primary objective of the MiCA regulations is to ensure a secure, open, and transparent crypto market in the EU. It has four main objectives:

  1. Protect investors: MiCA will require crypto-asset issuers and service providers to comply with a number of requirements, including providing clear and accurate information to investors and taking steps to mitigate risks.
  2. Preserve financial stability: MiCA will introduce measures to prevent the use of crypto-assets for money laundering and terrorist financing. It will also require Crypto-Asset Service Providers (CASPs) to have adequate risk management systems in place.
  3. Foster innovation: MiCA will not prohibit the development of new crypto-asset products or services. However, it will require these products and services to comply with the regulation.
  4. Ensure legal certainty: MiCA will create a level playing field for crypto-asset businesses in the EU to attract investment and innovation to the EU, and to position the EU as a leading global hub for crypto-assets.

Categorization Based on Business Models

1. Asset Issuers

The proposal highlights that to ensure the safety of token holders, especially retail holders, and avoid unnecessary obstacles. Companies that create and distribute their tokens must adhere to specific guidelines and requirements.

Businesses should create clear processes to manage complaints from token holders, develop a conflict of interest policy, and establish strong governance practices, such as a transparent organizational structure with clear lines of responsibility.

To ensure the smooth functioning of their activities, the business must employ appropriate resources for their scale of operations and maintain consistency in performing those activities over time.

Additionally, the business would need to establish a business continuity policy to ensure the performance of its core activities related to the tokens in the case of an interruption to its systems and procedures.

2. Custodial Wallet Providers

CASPs that provide custody and administration services for crypto-assets are prohibited from using their clients’ crypto-assets for their own accounts.

CASPs must keep their clients’ crypto assets separate from their own and clearly distinguish their clients’ means of accessing these assets. They can also be held accountable for any harm caused by an ICT-related issue, such as a cyber-attack, theft, or malfunction.

CAPSs who are authorized to handle crypto-assets for third parties must create an internal custody policy that includes rules and procedures to ensure the secure storage and control of the assets and their means of access, such as cryptographic keys.

3. Exchanges and Other CASPs

The document outlines various regulations and requirements for CASPs, including cryptocurrency exchanges and those offering custody and administration of crypto-assets.

The regulations pertain to various aspects, such as how fees are charged, ensuring transparency, preventing market abuse, settling transactions, safeguarding consumers, and managing conflicts of interest. Exchanges should also disclose information and report incidences of market abuse.

What Is the Difference Between a VASP Registration and a CASP Licence?

Most exchanges operating in the EU today still hold legacy AML registrations from the pre-MiCA national VASP frameworks. Full CASP authorisation under MiCA is a different category of oversight entirely.

A VASP registration was primarily an anti-money laundering compliance measure. It required basic KYC procedures and AML screening but did not impose capital requirements, ongoing supervision, or conduct standards. A CASP licence is a full financial services authorisation. It requires demonstrated capital adequacy, segregation of client funds from company assets, upfront fee disclosure, formal complaint procedures, IT security standards under DORA, and active ongoing supervision by the national competent authority.

These are not equivalent. Operating on a legacy VASP registration after July 1, 2026 without a valid CASP authorisation is a breach of EU law, regardless of how long the business has been registered.

For businesses integrating an on-ramp provider, this distinction has direct consequences. An unlicensed on-ramp creates counterparty risk for any platform that integrates it. Regulators and financial institution partners are increasingly checking the authorisation status of every third-party service provider in a business’s stack.

Key Changes and Considerations

The MiCA regulations highlight several key changes and considerations that businesses operating in this space must be aware of.

Transaction Limits

The MiCA regulations proposal includes different limits on transactions, depending on the situation. For example, if a company creates a token tied to a real-world asset (an ART), they need to make a plan if they expect more than 1,000,000 transactions per day or if the total value of those transactions exceeds EUR 200 million in a specific currency area.

Another example is that companies offering crypto-assets with a limited time for the public to buy them must have systems in place to monitor and protect the funds or assets collected during the offer.

Compliance with Regulators

Companies that create important tokens linked to real-world assets have particular responsibilities when it comes to adhering to regulations. It’s imperative for these issuers to meet certain standards in order to guarantee the dependability and consistency of tokens tied to assets. This measure is intended to safeguard those who hold the tokens and uphold trust in the market for asset-referenced tokens.

In addition to following these rules, issuers of asset-referenced tokens also have to report certain information to help regulators keep a close eye on token activities and ensure proper oversight.

Competent authorities are also required to inform the European Banking Authority (EBA), European Securities and Markets Authority (ESMA), and European Central Bank (ECB) about any authorizations that were not granted.

Need for Setting up European Entities

To comply with European regulators, businesses may need to consider the establishment of European entities. This involves creating a legal presence within the European Union (EU) to align with local regulations and requirements.

By setting up an EU entity, businesses can demonstrate their commitment to operating in accordance with EU laws and regulations.

Recommendations for Businesses

Seek Professional Advice

Navigating the intricacies of MiCA regulations can be complex, and professional guidance from experts well-versed in the evolving regulatory landscape is invaluable.

Paybis encourages our partners to seek professional guidance tailored to their business requirements. 

Understand Compliance Requirements as per the Business Model

Understanding the specific requirements based on your business model is another crucial step. MiCA regulations encompass a wide range of crypto-related activities, and B2B businesses need to grasp how the regulations apply to their specific operations.

Stay Updated with Upcoming Regulations

Staying updated on MiCA developments and regulations is vital in this rapidly changing landscape. The crypto industry is dynamic, and regulatory frameworks continuously evolve to keep pace with technological advancements and emerging risks.

Businesses must proactively monitor MiCA developments, including updates, amendments, and guidelines issued by regulatory authorities. This ensures they remain well-informed about any changes that may impact their operations and enables them to adapt swiftly and effectively.

Paybis Is Now MiCA CASP Authorised

Paybis received authorisation as a Crypto Asset Service Provider (CASP) under MiCA alongside a Payment Institution licence under PSD2. Both were granted by the Bank of Latvia in May 2026, covering all 27 EU member states and the broader EEA through MiCA’s passporting mechanism.

The CASP authorisation covers custody and administration of client crypto assets, crypto-to-fiat and crypto-to-crypto exchanges, order execution, transfer services, and crypto asset advisory. The PSD2 Payment Institution licence sits alongside it, enabling regulated payment services including stablecoin payouts and electronic money token operations.

Very few platforms hold both. The majority of exchanges currently active in the EU market hold legacy AML registrations rather than full CASP authorisation. Among those with CASP status, even fewer also hold a PSD2 PI licence. That combination changes what Paybis can offer B2B partners: regulated crypto and payment infrastructure under a single integration, without each partner needing to build or maintain their own regulated framework.

The white-label on/off-ramp gives businesses access to that licensed infrastructure directly. For companies considering their own CASP application, first-year compliance costs run from €250,000 to €500,000 for startups and up to €2 million for exchange-scale operators. Integration is the faster and lower-cost path for most businesses that don’t need to hold the licence themselves.

For more on what the CASP licence involves and how it differs from older registration regimes, the full breakdown is in the how MiCA affects exchanges and on-ramps guide.

Conclusion

The significance of MiCA regulations cannot be overstated. For some businesses, this is a much-needed relief, while for others, this is a minor bump in the road.

By taking the necessary steps to align their operations with MiCA requirements, businesses can position themselves for success in the long run. As the MiCA regulations take effect, businesses prioritizing preparation, compliance, and collaboration will undoubtedly emerge as leaders in the crypto industry.

At Paybis, we are ready to work with you at every step of the day to ensure the collective success of the partnership and bring crypto closer to mainstream adoption. Your success is our success.

FAQ

Is MiCA now fully in force across the EU?

Yes. The CASP authorisation regime came into effect on December 30, 2024. The transitional period for providers running on legacy national registrations closed on July 1, 2026. After that date, full CASP authorisation is required to serve EU clients legally. There are no extensions.

Does Paybis hold a MiCA CASP licence?

Yes. Paybis received its CASP authorisation and PSD2 Payment Institution licence from the Bank of Latvia in May 2026. Both licences cover all 27 EU member states and the broader EEA through MiCA’s passporting mechanism.

What is the difference between a VASP registration and a CASP licence?

A VASP registration under old national frameworks was primarily an AML compliance measure. A CASP licence under MiCA is a full financial services authorisation with capital requirements, fund segregation obligations, conduct standards, and ongoing supervision by a national regulator. They are not equivalent, and operating on a legacy VASP registration after July 1, 2026 is a breach of EU law.

Do I need my own CASP licence to integrate Paybis as an on-ramp provider?

Not necessarily. If Paybis is the entity providing the regulated crypto services, the compliance layer sits with Paybis. Your own obligations depend on which MiCA-defined services your business is providing directly versus routing through a licensed provider. The specific structure matters and professional legal advice is the right starting point.

What does the PSD2 Payment Institution licence add on top of the CASP authorisation?

The PI licence enables regulated payment services including stablecoin payouts and electronic money token operations. Businesses using Paybis for cross-border payments or contractor payouts in stablecoins are running those transactions through a regulated payment institution. Very few CASP-authorised platforms also hold a PSD2 PI licence.

Disclaimer: Don’t invest unless you’re prepared to lose all the money you invest. This is a high‑risk investment and you should not expect to be protected if something goes wrong. Take 2 mins to learn more at: https://go.payb.is/FCA-Info