The MiCAR transitional period for crypto-asset service providers expires on 1 July 2026. From that date, any CASP operating in the EU without a formal MiCAR authorization must wind down — no extensions will be granted. With fewer than four months remaining, this tracker covers the authorization status, deadlines, and practical requirements at each major national competent authority (NCA) in the EU.

The Transitional Period: What Article 143(3) Actually Says

Under Article 143(3) of MiCAR (Regulation (EU) 2023/1114), CASPs that were lawfully providing crypto-asset services before 30 December 2024 may continue to provide those services until 1 July 2026 — or until they receive or are refused a MiCAR authorization, whichever is earlier.

This is not a registration regime. It is a temporary permission to operate under existing national frameworks while the new authorization process is completed. Key points:

The transitional period is available only to entities that were actively providing services under national law before 30 December 2024
It does not extend to entities that registered after that date
The deadline is EU-wide and absolute — no Member State can extend it
ESMA has made clear that last-minute applications will face heightened scrutiny

Entities not intending to seek MiCAR authorization must submit orderly wind-down plans to their NCA. The AMF has set a wind-down plan deadline of 30 March 2026. Check your NCA's requirements.

Country-by-Country NCA Status

Netherlands — AFM (Autoriteit Financiële Markten)

Status: Authorization applications accepted; transitional period expired July 2025

The AFM is notable for ending its transitional acceptance period earlier than the EU-wide deadline. CASPs relying on Dutch national authorization that had not applied for MiCAR authorization by mid-2025 were required to wind down.

Element	Detail
NCA	Autoriteit Financiële Markten (AFM)
Application channel	crypto@afm.nl
Processing time	~5 months (105 working days maximum, often extended by clarification rounds)
Transitional period end	July 2025 (earlier than EU-wide deadline)
Register	AFM publishes a public register of authorized CASPs
First authorizations	Bitvavo and Zerohash received AFM CASP licenses under MiCAR

Dutch-specific considerations:

AFM requires significant documentation on AML/KYC procedures and governance
The Wet op het financieel toezicht (Wft) remains the national framework pending full transposition
CASPs providing services to Dutch clients but authorized elsewhere can passport in via ESMA interim register

Germany — BaFin (Bundesanstalt für Finanzdienstleistungsaufsicht)

Status: Actively accepting applications since 30 December 2024

Germany operates a 12-month transitional period, meaning CASPs operating under German national registration must have obtained MiCAR authorization by 30 December 2025 or applied with a complete application file.

Element	Detail
NCA	BaFin + Deutsche Bundesbank (joint submission)
Application email	casp-authorisation@bafin.de
Completeness check	25 working days after receipt
Simplified route	Article 60 notification for existing regulated financial institutions
Transitional period	12 months from 30 December 2024 (≈ 30 December 2025)

BaFin's simplified route (Article 60): EU credit institutions, investment firms, and other already-regulated entities can notify BaFin rather than applying for full authorization. This significantly reduces documentation requirements for established financial institutions adding crypto-asset services.

German-specific considerations:

At least one director must be an EU resident
Directors must meet BaFin's Geschäftsleiter fit-and-proper standard
Governance structure must include clear accountability for AML/CFT and ICT risk
DORA alignment is assessed as part of the organizational requirements review

Luxembourg — CSSF (Commission de Surveillance du Secteur Financier)

Status: MiCAR regime in effect since 10 February 2025; accepting applications

Luxembourg published implementing legislation in January 2025, formally designating the CSSF as the MiCAR competent authority. The law was published in the Official Journal on 10 February 2025.

Element	Detail
NCA	Commission de Surveillance du Secteur Financier (CSSF)
Application portal	CSSF eDesk
Transitional period	Full 18 months (until 1 July 2026) for VASPs registered before 30 December 2024
Processing time	Variable (CSSF targets efficiency given Luxembourg's fund hub status)

Luxembourg-specific considerations:

Luxembourg is the domicile for many EU-passporting crypto firms — authorization here gives full EU passporting rights
The CSSF applies Luxembourg's fund management standards (substance, governance, risk management) to CASP applications
Cross-border services: Authorized CASPs can provide services in other EU/EEA states either via branch establishment or freedom to provide services notification
CSSF has particular focus on client asset segregation and custody arrangements given its experience with UCITS and AIFMD fund structures

Ireland — CBI (Central Bank of Ireland)

Status: Accepting applications with explicitly high authorization threshold

The Central Bank of Ireland has been transparent that it applies a high authorization bar, particularly for business models that rely heavily on unbacked crypto-assets marketed to retail investors.

Element	Detail
NCA	Central Bank of Ireland (CBI)
Transitional period	12 months from 30 December 2024 (≈ end 2025)
First authorizations	Ramp Swaps (Ireland) Limited authorized December 2025
Public guidance	CBI published detailed MiCAR guidance including substance requirements

CBI's stated authorization principles:

Local substance and autonomy — Physical presence and genuine decision-making in Ireland; virtual offices rejected
Crypto-competent leadership — Executive team and board must have relevant crypto/financial services experience; at least one local resident director
Client asset control — Full control over client assets, robust segregation with prompt redemption capability
Retail investor protections — Particular scrutiny of speculative products marketed to retail clients

Ireland-specific considerations:

Ireland is a common EU passporting hub; CBI's high bar is designed to avoid "regulatory tourism"
ESMA has cited CBI's approach positively in supervisory convergence guidance
The 12-month transitional window means Irish-registered CASPs that did not apply by end of 2025 have already lost their transitional permission

France — AMF (Autorité des Marchés Financiers)

Status: Actively processing applications; wind-down deadline set for non-applicants

France maintains the full 18-month transitional period, but the AMF has issued escalating guidance as the July 2026 deadline approaches.

Element	Detail
NCA	Autorité des Marchés Financiers (AMF)
Processing time	Up to 4 months from receipt of complete application
Wind-down plan deadline	30 March 2026 (for DASPs not pursuing MiCAR authorization)
Transitional period	Full 18 months (until 1 July 2026)

AMF's completeness requirement: The AMF requires applications to be complete before the 4-month clock starts. Most initial submissions require substantial clarification rounds on AML/CFT procedures, governance documentation, and client protection arrangements. Factor 2–3 months of back-and-forth into your timeline if you have not filed yet.

French-specific considerations:

France's existing DASP (Digital Asset Service Provider) regime under the Pacte Law was France's pre-MiCAR framework. MiCAR authorization replaces DASP registration for services covered by MiCAR
Services outside MiCAR scope may still require DASP registration
The AMF has a strong consumer protection focus, particularly for retail-facing platforms

Cyprus — CySEC (Cyprus Securities and Exchange Commission)

Status: Application deadline already passed (27 February 2026)

Cyprus is the outlier — CySEC set an application deadline of 27 February 2026, much earlier than other NCAs. CASPs that did not submit applications by that date must now submit mandatory wind-down plans.

Element	Detail
NCA	Cyprus Securities and Exchange Commission (CySEC)
Application deadline	27 February 2026 — already passed
Post-application processing	40 working days from receipt of complete application
Transitional period	1 July 2026 (but applications required by 27 February 2026)

Cyprus has been a significant MiCAR hub due to its existing CIF (Cyprus Investment Firm) regulatory infrastructure and EU passporting. However, CySEC's early deadline caught some CASPs by surprise.

Other EU Member States

Key NCAs in other major jurisdictions:

Jurisdiction	NCA	Transitional Period	Notable
Spain	CNMV	18 months (July 2026)	CNMV accepting applications; Spanish law published 2025
Italy	Banca d'Italia / CONSOB (shared)	18 months (July 2026)	Joint supervision regime
Sweden	Finansinspektionen (FI)	18 months (July 2026)	FI known for detailed documentation review
Belgium	FSMA	18 months (July 2026)	Existing VASP registration converted
Malta	MFSA	18 months (July 2026)	ESMA peer review of Malta authorization (July 2025)

Core MiCAR Authorization Requirements

Regardless of which NCA you apply to, all CASP applications must address the same MiCAR requirements:

Organizational Requirements (Article 68)

Legal entity established in EU with place of effective management in the EU
At least one director who is an EU resident
Governance arrangements including clear allocation of responsibilities, internal controls, and a compliance function
Business continuity and disaster recovery plans
Operational resilience requirements aligned with DORA (for entities also in DORA scope)
Remuneration policies that do not create conflicts of interest

Capital Requirements (Article 67)

Capital requirements vary by the class of services provided:

CASP Service Class	Minimum Capital
Advice, order reception, transfer services	€50,000
Exchange, trading platform	€125,000
Custody and administration of crypto-assets	€150,000
All others	Higher of €125,000 or 25% of prior year fixed overheads

Note: Capital must be held at all times, not just at authorization. CASPs must also maintain a minimum own funds requirement.

Client Asset Protection (Article 70)

Strict segregation of client funds from firm assets
Client crypto-assets held in separate wallets or accounts identifiable as client assets
Prompt execution of client redemption or withdrawal requests
Daily reconciliation of client assets

AML/CFT Requirements

MiCAR authorization does not replace AML obligations. CASPs are obliged entities under the Transfer of Funds Regulation (TFR) (since 30 December 2024) and applicable national AML law pending the 2027 AML Regulation. Applications must demonstrate:

Full KYC/CDD procedures (including enhanced due diligence for high-risk customers)
Travel Rule compliance under TFR (identification of originator and beneficiary for transfers ≥€1,000)
Transaction monitoring and SAR reporting capability
AML compliance officer appointment

ICT and Cybersecurity Requirements

Applications must include a comprehensive ICT security policy addressing:

Cybersecurity frameworks (referenced against DORA for in-scope entities)
Data protection and confidentiality
Key management and wallet security
Business continuity testing (TLPT for systemically important CASPs)

Common Reasons Applications Are Delayed or Refused

Based on NCA feedback and ESMA's July 2025 peer review, the most common issues:

Incomplete AML documentation — vague KYC/CDD procedures that do not address the specific risks of each crypto-asset service offered
Governance gaps — unclear accountability structure; board members without relevant experience
Lack of EU substance — directors or key functions located outside the EU; outsourcing without adequate controls
Capital shortfall — minimum capital not maintained; no evidence of ongoing compliance with own funds requirement
Missing DORA alignment — ICT security documentation does not address DORA-level requirements for entities in DORA scope
Weak business plan — revenue model not credibly explained; no assessment of ongoing capital adequacy

ESMA's Role: Supervisory Convergence

ESMA is actively driving convergence across NCAs. Key ESMA actions in 2025–2026:

Peer review of Malta (July 2025) — assessed whether MFSA's authorization decisions met MiCAR standards; published recommendations for all NCAs
ESMA interim CASP register — maintained as CSV files until mid-2026, then integrated into ESMA's formal registry system
iXBRL format for whitepapers — as of 23 December 2025, crypto-asset whitepapers must use iXBRL tagging (ESMA taxonomy published August 2025)
Supervisory convergence opinions — ESMA can issue opinions to NCAs on specific authorization decisions; used to prevent regulatory arbitrage

Passporting After Authorization

A key advantage of MiCAR authorization is EU-wide passporting. Once authorized in one Member State, a CASP can:

Provide services cross-border (freedom to provide services) — notify the home NCA, who notifies target member state NCA within 15 working days
Establish branches (freedom of establishment) — notify the home NCA with branch details; branch may be subject to local AML requirements
Appear on ESMA's public register — visible to clients across all EU Member States

This means choosing the right NCA matters. Luxembourg, Ireland, and Germany are common passporting hubs. However, the CBI's high substance requirement and CySEC's passed application deadline affect this calculus for entities not yet authorized.

Timeline: What to Do Before 1 July 2026

Months to deadline	Action
Now (March 2026)	If not yet applied, assess which NCA is appropriate; begin documentation. Note CySEC deadline already passed.
April–May 2026	Submit complete application (Germany, Luxembourg, France, Spain: file no later than May for any chance of pre-deadline processing)
May–June 2026	Respond promptly to all NCA clarification requests; delays here push beyond the deadline
By 1 July 2026	Either hold MiCAR authorization OR have a complete, pending application filed AND a credible wind-down plan if authorization is not granted
Post-July 2026	Without authorization: orderly wind-down, client asset return, service cessation

For CASPs that have not yet applied or are early in the process: filing a complete application before 1 July 2026 preserves the ability to continue operating while the NCA processes the application. But NCAs are under no obligation to grant authorization to late or incomplete filers, and ESMA has warned NCAs against lowering standards under deadline pressure.

Use our platform to query the specific MiCAR articles on CASP authorization, capital requirements, and the transitional provisions directly from the regulation text.

MiCAR CASP Authorization by Country: NCA Status and Deadlines (July 2026)