‍

If you’re launching or scaling a crypto business in the EU, you’ll need to understand MiCA (Markets in Crypto-Assets Regulation) licensing requirements and how they apply in each country.

In this guide, we break down:
- What is MiCA.
- How to get a Crypto-Asset Service Provider (CASP) license.
- Key deadlines and compliance requirements across all countries.
- The unique aspects of each EU/EEA country’s approach to MiCA.

We’ve also created guides for every EU country, so you can explore your options and choose the jurisdiction that best fits your business.

Explore Country-Specific Crypto Licensing Guides

Here’s the full list of EU and EEA countries. Click your country to read its dedicated guide:

‍

🇦🇹 Austria

‍🇧🇪 Belgium‍

🇧🇬 Bulgaria‍

🇭🇷 Croatia‍

🇨🇾 Cyprus‍

🇨🇿 Czech Republic‍

🇩🇰 Denmark‍

🇪🇪 Estonia‍

🇫🇮 Finland‍

🇫🇷 France‍

🇩🇪 Germany‍

🇬🇷 Greece‍

🇭🇺 Hungary‍

🇮🇪 Ireland‍

🇮🇹 Italy‍

🇱🇻 Latvia‍

🇱🇹 Lithuania‍

🇱🇺 Luxembourg‍

🇲🇹 Malta‍

🇳🇱 Netherlands‍

🇵🇱 Poland‍

🇵🇹 Portugal‍

🇷🇴 Romania‍

🇸🇰 Slovakia‍

🇸🇮 Slovenia‍

🇪🇸 Spain‍

🇸🇪 Sweden

‍

What Is MiCA?

The Markets in Crypto-Assets Regulation (MiCA) is the European Union’s first attempt to harmonize crypto regulation across all 30 EEA countries.

Before MiCA, each country had its own rules (or no rules at all). Now, MiCA creates a single framework that:

• Protects consumers and investors.
  
  
• Prevents market abuse and financial crime.
  
  
• Encourages responsible innovation in crypto and Web3.
  
  

From 30 December 2024, crypto companies offering services in the EU must comply with MiCA or risk losing access to the European market.

A MiCA license allows you to:
Operate legally in one EU country.
“Passport” your services across all other EEA states without separate licenses.

But each country still manages its own application process through their national regulators. That means there are important local nuances to consider before choosing where to apply.

Key MiCA Dates to Remember

*Check your country guide for the exact transitional cutoff—some NCAs chose 12 months; others up to 18.

Tip: New crypto businesses must apply and get approval before launching services. Existing providers may benefit from transitional arrangements (but deadlines vary by country).

How to Get a CASP License

To become a Crypto-Asset Service Provider under MiCA, you need to:

1. Incorporate in an EU/EEA country and establish a local office.
   
   
2. Appoint directors and compliance officers (at least one EU resident).
   
   
3. Meet capital and governance requirements.
   
   
4. Set up AML/CFT procedures, cybersecurity frameworks, and complaint handling processes.
   
   
5. Submit your license application to the national regulator.
   
   

The regulator will assess your:

• Financial soundness.
  
  
• Internal policies (AML, risk, consumer protection).
  
  
• Marketing and disclosure practices.
  
  

Once approved, you can operate across the EU.

Common MiCA Requirements Across All Countries

While details vary, every CASP license under MiCA demands the following core building blocks:

1. EU Legal Entity & Local Office
   – Must be incorporated in an EU/EEA country.
   – Requires a physical office or registered address.
   
   
2. Local Responsible Person
   – At least one director or senior manager resident in your chosen country (or elsewhere in the EU).
   
   
3. Minimum Capital & Financial Resources
   – A solvency buffer sized to your services (e.g., exchanges vs. custody).
   – Amounts differ by country and service type.
   
   
4. AML / KYC / KYT Procedures
   – Robust anti-money-laundering and “Know Your Customer/Transaction” controls.
   – Ongoing transaction monitoring and record-keeping.
   
   
5. Consumer Protection & Transparency
   – Clear disclosures of fees, terms, and risks.
   – Fair marketing practices with balanced warnings.
   
   
6. Operational Resilience & Security
   – Cybersecurity safeguards, business-continuity plans, incident-reporting protocols.
   
   
7. Market Abuse Prevention & Reporting
   – Surveillance to detect manipulation or insider trading.
   – Mechanisms to handle and escalate suspicious activity.
   
   
8. Transitional Compliance
   – Existing providers must apply by their national deadline (typically 12–18 months from 30 Dec 2024).

Comparing Core Licensing Variations

‍

At Scorechain, we help crypto companies prepare for MiCA compliance. From wallet screening to AML risk monitoring, our tools make it easier to meet EU regulatory standards.

Features Built for MiCA Success

AML & KYC Screening

Automated, real-time monitoring.

• Screen wallet addresses for links to sanctioned entities, PEPs, and criminal activity
• Detect high-risk behaviors: layering, structuring, darknet transactions
• Monitor new addresses in your ecosystem for compliance reputation scoring
• Fully aligned with MiCA's emphasis on anti-money laundering and counter-terrorism finance

MiCA-Ready Reporting

No need to manually compile audit trails or generate compliance exports.

• Generate regulator-friendly reports for BaFin, AMF, CNMV, CSSF, and others
• Use prebuilt templates aligned with MiCA’s RTS/ITS standards
• Export historical data, incident logs, and transactional flags for license reviews or surprise audits

Travel Rule Compliance

MiCA expects CASPs to comply with the FATF Travel Rule for fund transfers.

• Automate sender/receiver data exchange with other VASPs
• Anchor cross-border transactions with verified identity records
• Log Travel Rule interactions for NCA inspection and incident resolution

Customizable Risk Rules

Scorechain lets you tailor your compliance logic.

• Set your own thresholds for transaction volumes, counterparty risk, or jurisdictional exposure
• Build smart rules that reflect your token utility, customer base, or regional model
• Adapt instantly when MiCA evolves (e.g., future NFT or DeFi guidance)

Multi-Chain Intelligence

MiCA applies across all your digital assets—Scorechain covers them.

• Monitor major chains: Bitcoin, Ethereum, Polygon, Tron, and more
• Visualize flow charts, trace high-risk funds, and identify wash trading or mixer use
• Get asset-specific risk scores for stablecoins, utility tokens, or wrapped assets

Tamper-Proof Audit Trail

For MiCA-licensed entities, audits are inevitable. Make them painless.

• Scorechain automatically records every alert, action, and compliance note
• Maintain a read-only log of suspicious activity reports, investigations, and resolutions
• Provide evidence-ready audit trails for annual reviews or incident response

Live Case:
A mid-sized CASP integrated Scorechain to automate KYC flows, wallet screening, risk flags, and Travel-Rule enforcement, resulting in a successful mock ESMA review in hours.

Bonus Scorechain Benefits

Built in Europe, for Europe
We speak your regulatory language - whether you're dealing with BaFin, AMF, CNMV, or CSSF.

Human Support That Knows Your Business
Every Scorechain client gets direct access to expert compliance support - not just chatbots or email forms. Need help prepping your whitepaper annex? Want feedback on your AML policy before filing? We’ve got you covered.

Scalable Infrastructure
From startups to top-tier banks, Scorechain scales with your needs. Handle millions of transactions, screen hundreds of wallets, or monitor token usage globally -with no performance bottlenecks.

Plug-and-Play Integrations
Easy APIs and Webhooks make Scorechain fit into your stack, whether you're using third-party KYC vendors, internal case management, or regulatory portals.

7. FAQ: MiCA Edition

Q: When did MiCA become law?
MiCA entered into force on 29 June 2023, with two key compliance deadlines: 30 June 2024 (stablecoins) and 30 December 2024 (CASPs and others).

Q: What documents must be submitted to regulators?

To apply for MiCA authorization as a Crypto Asset Service Provider (CASP) or token issuer, you'll need to provide:

• Application form with company and service details
• AML & KYC policy documents
• Internal governance framework
• Business continuity and cybersecurity policie
• Whitepaper (for public crypto offerings or token issuance)
• Risk assessment and compliance structure
• Proof of fit & proper management team
• Travel Rule compliance documentation (if applicable)

Requirements may vary slightly between EU member states. Scorechain tracks and aligns with jurisdiction-specific demands.

Q: Who is affected by the MiCA Regulation?

MiCA applies to:

• Crypto Asset Service Providers (CASPs): exchanges, custodians, wallet providers, brokers, advisors, and crypto-to-fiat on/off ramps
• Token issuers offering ARTs, EMTs, and other crypto-assets to the public in the EU
• Traditional financial institutions offering crypto services
• Non-EU firms targeting EU-based customers

In short: if you deal with crypto in the EU, you’re likely in scope.

Q: Who do you apply to for authorization?

Authorization requests must be submitted to your local National Competent Authority (NCA) - the financial supervisor in your country.

Examples include:

• 🇫🇷 AMF in France
• 🇩🇪 BaFin in Germany
• 🇪🇸 CNMV in Spain
• 🇱🇺 CSSF in Luxembourg
• 🇲🇹 MFSA in Malta

Q: Are non-EU firms included?
Yes - if you service EU clients or maintain EU wallets, MiCA applies. Passport rights enable cross-border services.

Q: What are penalties for non-compliance?
Fines vary by country, but can reach millions or lead to license suspension. Reputational fallout is a major risk .

Q: Do DeFi and NFTs count?
While covered generically, DeFi and NFTs introduce grey areas. National approaches vary - so assess local guidance.

Ready to take MiCA compliance off your worry list?

Book a call with Scorechain and learn how we help crypto companies reduce the cost, risk, and complexity of meeting MiCA requirements.

‍