CASP License

Get started

What Is a CASP License?

A CASP license (Crypto Asset Service Provider license) is a legal authorization that allows a business to provide crypto asset-related services within the European Union. Introduced under the Markets in Crypto-Assets (MiCA) Regulation, CASP licensing establishes a harmonized framework for crypto activities across all 27 EU member states.

CASP covers various business models such as cryptocurrency exchanges, custodial wallet providers, and advisory firms dealing with crypto assets. The main purpose of the license is to ensure that crypto service providers meet minimum standards for consumer protection, market integrity, and anti-money laundering (AML).

MiCA aims to close the regulatory gap that existed before, where crypto businesses operated under fragmented national laws. With a CASP license, companies can now passport their services across the EU, meaning they only need one license to operate in multiple countries — a significant step toward market scalability and compliance.

Why You Need a CASP License in the European Union

Operating a crypto business in the EU without proper authorization will no longer be viable from 2025. Under the MiCA framework, all relevant crypto activities must be licensed as a CASP. Here’s why obtaining this license is essential:

  • Legal Compliance: Without a CASP license, offering crypto services in the EU becomes illegal. This includes exchange operations, token issuance, and wallet services.

  • Access to Banking & Payment Systems: Many EU banks require regulatory status before allowing crypto businesses to open accounts. CASP status helps build trust with traditional financial institutions.

  • Pan-European Market Access: A single CASP license allows you to offer services across all EU states — no need for multiple applications or registrations.

  • Investor Confidence: A licensed status increases your reputation among investors, customers, and partners, especially in a regulated environment like the EU.

  • Avoiding Penalties: Non-compliance with MiCA could lead to heavy fines, business suspension, and loss of customer funds due to lack of legal protection.

MiCA Regulation Overview (2025 Edition)

The Markets in Crypto-Assets (MiCA) Regulation is the first comprehensive legal framework in the European Union specifically designed for the crypto industry. It was officially adopted in 2023 and enters into full force in 2024–2025, setting clear rules for crypto asset issuance, trading, and custody across the EU.

Structure of MiCA

MiCA regulation is part of the EU’s broader Digital Finance Package and is divided into four main areas:

  1. Rules for crypto-asset issuers — such as utility tokens and asset-referenced tokens.

  2. Obligations for e-money token providers.

  3. Requirements for CASPs (Crypto Asset Service Providers) — like exchanges, custodians, and brokers.

  4. Market integrity and consumer protection provisions.

Crypto assets covered by MiCA:

  • Utility Tokens: Access to services or products (e.g., platform credits).

  • Asset-Referenced Tokens (ARTs): Pegged to a basket of currencies, commodities, or other assets.

  • E-Money Tokens (EMTs): Pegged to a single fiat currency (e.g., stablecoins like EUR-backed USDT).

  • Crypto-assets not covered by other EU financial regulations.

Key Objectives of MiCA

 

  • Harmonize crypto regulations across EU states.

  • Promote innovation while ensuring financial stability.

  • Combat money laundering, terrorism financing, and fraud.

  • Provide legal clarity for businesses and protection for users.

By 2025, compliance with MiCA becomes mandatory for any business offering crypto-related services in the EU — including non-EU companies targeting EU customers.

Who Needs a CASP License?

Under MiCA, a wide range of crypto-related businesses are classified as Crypto Asset Service Providers (CASPs) and must obtain a license to legally operate in the EU. This applies to both established firms and startups.

Types of entities requiring a CASP license:

  1. Centralized Cryptocurrency Exchanges (CEX)
    Platforms offering crypto-to-crypto or crypto-to-fiat exchange services (e.g., Binance, Kraken).

  2. Custodial Wallet Providers
    Companies that hold users’ private keys and offer wallet storage with withdrawal/deposit functionality.

  3. Crypto Brokers and OTC Desks
    Intermediaries facilitating the purchase or sale of digital assets, either on behalf of clients or for proprietary trading.

  4. Token Issuers & Launchpads
    Projects issuing tokens to the public or running initial coin offerings (ICOs), IEOs, or token sales within the EU.

  5. Crypto Investment Advisors & Portfolio Managers
    Firms managing portfolios or giving financial advice involving crypto-assets.

  6. Crypto Payment Service Providers
    Companies enabling users to send and receive payments in crypto assets.

  7. Crypto Order Book Operators & Trading Platforms
    Any platform allowing matching of crypto trades, order routing, or P2P settlement.

Non-EU Companies

Even if your crypto company is based outside the EU, you still need a CASP license if you offer services to EU residents or solicit users in the region. Geo-blocking or disclaimers will not exempt you from MiCA requirements.

Key Requirements for CASP License

Obtaining a CASP license is a rigorous process, as the EU aims to ensure only compliant and secure crypto businesses operate in the market. Here’s what regulators will expect:

1. Minimum Share Capital

The MiCA regulation sets tiered capital requirements based on the type of service:

  • €50,000 – for basic services (advisory, order reception)

  • €125,000 – for exchanges or brokerage

  • €150,000 – for custody, portfolio management, or complex operations

Funds must be deposited in an EU bank account before the license application.

2. AML/KYC Compliance

MiCA mandates full compliance with EU anti-money laundering (AML) and counter-terrorism financing (CTF) standards:

  • Appoint a certified AML Officer

  • Implement Customer Due Diligence (CDD) and Enhanced Due Diligence (EDD)

  • Ongoing transaction monitoring and reporting of suspicious activity (SARs)

  • Screening against global sanctions lists

Failure to comply with AML rules may result in license denial or revocation.

3. Appointed Local Personnel

You must appoint at least one compliance officer and one AML officer, both qualified and experienced. In most EU jurisdictions, at least one director must be a local resident or available for communication with regulators.

4. Physical Presence in the EU

Your company must have a registered office in the licensing country, and in many cases, a substance test may apply — meaning your business should show real activity (employees, rented office, infrastructure).

Jurisdictions like Lithuania, Estonia, and France provide clearer requirements and fast-track options.

5. IT Security and Data Protection

You must demonstrate secure handling of client funds and data:

  • Data encryption and GDPR-compliant storage

  • Backup systems and incident response plans

  • Internal risk policies and IT audits

How to Get a CASP License — Step-by-Step

Acquiring a CASP license in the European Union involves a structured legal and regulatory process. Although procedures vary slightly between member states, the overall process under MiCA is harmonized across the EU. Here is a typical step-by-step roadmap:

Step 1: Choose a Jurisdiction

While MiCA ensures license harmonization, you still need to apply in one specific EU country. Popular options include:

  • Lithuania — fast processing (2–3 months), moderate capital, English-speaking support

  • Estonia — digital-friendly, strong e-government, higher compliance burden

  • France / Germany — suitable for larger operations, more scrutiny but more credibility

Criteria to consider:

  • Regulatory experience

  • Local infrastructure (lawyers, banks)

  • Language and bureaucracy

Step 2: Set Up a Legal Entity

Before applying for a CASP license, you need to incorporate a local company, typically a private limited liability company (UAB, OÜ, GmbH, etc.).

Key requirements:

  • Company name and registration

  • Local director(s) (depending on country)

  • Registered legal address

  • Initial share capital (must be deposited before licensing)

Step 3: Prepare Internal Documentation

You must prepare a comprehensive compliance package, including:

  • AML/CTF policy and risk assessment

  • Internal control procedures

  • Data protection (GDPR) policy

  • IT security policy and continuity plan

  • Business plan and service description

  • Organizational chart with key personnel

These documents must reflect your real operations, not templates — regulators check them thoroughly.

Step 4: Appoint Key Personnel

You’ll need to nominate:

  • Compliance Officer

  • AML Officer

  • Company Director(s)

  • IT Security Officer (in some cases)

These roles must be backed by CVs, diplomas, and background checks. Most regulators require interviews or questionnaires.

Step 5: File the Application

Submit your full application package to the national financial regulator (e.g., Bank of Lithuania, Estonian FIU, BaFin).

The package includes:

  • Application form

  • Company registration certificate

  • All internal policies

  • Proof of capital

  • Personal documents of directors/officers

Regulators typically review applications within 2 to 4 months, depending on jurisdiction and completeness.

Step 6: Licensing Decision and Notification

If everything is approved:

  • You will receive your CASP license number

  • You may be listed in the EU register of authorized CASPs

  • You can start operations across the EU (passporting)

CASP License Cost and Ongoing Obligations

Getting a CASP license is an investment. Costs vary by country, business model, and service complexity. Below is a breakdown of initial and recurring costs, plus compliance duties:

Initial Costs

Expense CategoryEstimated Range (€)
Legal entity setup500 – 1,500
Capital deposit (share capital)50,000 – 150,000+
Legal & consulting fees10,000 – 30,000
Compliance documentation3,000 – 10,000
Government/regulator fees1,000 – 5,000
Translation & notarization500 – 2,000

Tip: Some providers offer CASP license packages starting from €25,000 (excluding share capital).

Ongoing Costs

  • Accounting & Reporting: €2,000 – €5,000/year

  • AML Compliance Officer: €1,500 – €4,000/month (or in-house)

  • Audit / IT Security: Annual checkups, penetration testing

  • Licensing Renewal or Updates: As required by jurisdiction

Failure to maintain proper compliance may result in fines, license suspension, or even blacklisting within the EU.

Regulatory Reporting Obligations

As a licensed CASP, you must:

  • Submit regular AML reports (suspicious transactions, thresholds)

  • Maintain client KYC records securely and on time

  • Report organizational or ownership changes to the regulator

  • Conduct internal audits and risk reviews annually

  • Provide access to regulators for checks or inspections

Best EU Countries to Get a CASP License

Although MiCA provides unified rules across all EU member states, the choice of jurisdiction for obtaining a CASP license still matters. Bureaucracy levels, application processing times, staffing requirements, and banking services vary from country to country.

Here’s an overview of the most popular options:

Lithuania
Pros:

  • Fast licensing (2–3 months)

  • Moderate capital requirements (€125,000)

  • English-speaking regulators

  • Simplified company registration

Cons:

  • Growing competition

  • Requires real presence (office, local employee)

Ideal for: CEXs, startups, international projects

Estonia
Pros:

  • Advanced digital infrastructure

  • Convenient remote company setup

  • e-Residency platform

Cons:

  • Stricter regulations since 2020

  • Requires full local team and director

 Ideal for: Tech companies, FinTech, developers

France
Pros:

  • Highly prestigious license

  • MiCA-ready since 2023 (PSAN status)

  • Attractive for large-scale projects and investors

Cons:

  • Long licensing time (up to 6 months)

  • High legal and consulting costs

Ideal for: Major exchanges, institutional projects

 Germany
Pros:

  • Strong legal system and consumer protection

  • Reputable license from BaFin

Cons:

  • Very high costs

  • Licensing process can take up to a year

Ideal for: Stable, mature companies

 Comparison Table

CountryLicensing TimeMin. CapitalStaffing RequirementsBest For
Lithuania2–3 months€125,0001 local compliance officerStartups, CEXs
Estonia2–4 months€100,000Full local teamIT, e-commerce, developers
France4–6 months€150,000Complex structure requiredInvestment projects, ICOs
Germany6–12 months€150,000+Strict and detailed staffingCorporate and institutional

MiCA Compliance Tips for Crypto Startups

MiCA and the CASP licensing process can be daunting for early-stage crypto companies. However, with the right preparation, you can reduce risks, save time, and increase your chances of approval.

Here are practical compliance tips:

 1. Start Preparing Before 2025

Even if MiCA enforcement officially kicks in mid-2024 or early 2025, you should start the compliance process now. Early applicants often receive faster reviews and avoid regulatory backlogs.

 2. Hire Experienced Compliance Officers

Don’t rely on templates or outsource everything. Appoint a qualified AML/CTF officer and a compliance manager with relevant certifications and practical knowledge of EU law.

Tip: Regulators now expect substance — not just paperwork.

 3. Customize All Internal Policies

Many startups fail by using generic policy templates. MiCA requires documentation that reflects your actual business model:

  • Tailored AML risk assessment

  • Business-specific onboarding flow

  • Token-specific storage policies

  • Actual names and roles in the org chart

If regulators sense copy-paste, they’ll reject your application.

4. Implement IT & Data Security Controls

Data protection under GDPR is a legal requirement. Ensure:

  • All user data is encrypted and access-controlled

  • You store minimal data and document access logs

  • You have an incident response plan

Also, expect to pass penetration tests and IT audits yearly.

5. Think Long-Term — Not Just “Get the License”

Your goal is sustainable compliance, not just approval. Plan for:

  • Ongoing AML training

  • Quarterly risk reviews

  • Regulator communication

  • Budgeting for license maintenance

Many startups lose licenses after 12–18 months due to non-compliance.

Risks of Operating Without a CASP License

Starting in 2025, any crypto business operating in the European Union without proper CASP authorization will face serious legal and financial consequences. Here’s what’s at stake:

Legal Penalties

MiCA introduces administrative and criminal liability for unauthorized crypto activity. This includes:

  • Heavy fines — up to several million euros

  • Cease-and-desist orders from regulators

  • Criminal investigations in case of fraud or AML breaches

  • Seizure of funds or freezing of assets

Even passive solicitation (e.g., website accessible to EU users) can trigger enforcement.

 Loss of Business Access

Operating without a CASP license means:

  • No access to EU banking — most banks won’t onboard unlicensed crypto firms

  • Blocked fiat payment gateways

  • Risk of blacklisting by compliance providers, partners, or law firms

  • Difficulty working with payment processors and liquidity providers

Reputational Damage

Consumers and investors increasingly expect licensed operations. Without one, your project may face:

  • Lower trust and credibility

  • Difficulty raising funds

  • Bad media coverage in case of inspection or shutdown

  • Long-term damage to brand equity

 Shut Down or Relocation Risk

If regulators issue a warning or stop order, your operations may be forced to:

  • Pause or shut down in the EU

  • Relocate to less regulated jurisdictions (damaging investor confidence)

  • Rebuild from scratch, losing valuable time and mone

Conclusion — How to Prepare for MiCA in 2025

The MiCA regulation and CASP licensing regime represent a turning point for the crypto industry in Europe. By enforcing unified, strict, but fair rules across all EU member states, MiCA aims to bring clarity, investor protection, and legitimacy to the sector.

For crypto companies, this presents a unique opportunity:

Operate legally across the EU
Gain user trust and access to banking
Stand out in a maturing market

But it also brings responsibility: failure to comply will lead to penalties, business disruption, or total shutdown.

Help center

Got a question? Get your answer

Quick answers to questions you may have. Can't find what you're looking for? Get in touch with us.

Yes. If you plan to offer crypto-related services in the European Union — including token issuance, exchange, custody, or advisory — a CASP license is mandatory under MiCA starting 2025.

Yes, but your company must establish a local legal entity in the EU and appoint responsible persons (compliance officer, AML officer) who meet regulatory standards.

It typically takes 2 to 6 months, depending on the country, quality of the documentation, and complexity of the business model.

Costs vary but usually range from €25,000 to €50,000 (excluding share capital). Ongoing compliance may add €15,000–30,000 annually.

Yes. A CASP license obtained in one EU member state allows you to offer services across all 27 EU countries without needing separate registrations.

 

Currently, MiCA excludes DeFi protocols and non-fungible tokens (NFTs) unless they function as financial instruments or payment tokens. Future regulations may cover these areas.

 

77 Bloor St W, Toronto, ON M5S 1M2, Canada

Find the addresses, hours of operation, staff and more for each of our locations and affiliates.

+14377557393

Call us today or visit our appointment request page to find a time that is convenient for you.

info@licensium.io

Have a question or need assistance? We're just a message or call away! Our team is ready to help you find the best solution.

Get in touch

Have a question? Fill out the form below, and we'll get back to you as soon as possible.