What is the MiCAR reverse solicitation exemption?

Article 61(1) of MiCAR permits a third-country (non-EU) firm to provide a crypto-asset service to an EU client without MiCAR authorisation when the service was initiated 'at the client's own exclusive initiative.' This exemption recognises that EU regulation should not prevent EU investors from accessing services they proactively seek out from non-EU firms. However, ESMA's final guidelines (effective February 2025) confirm it is very narrowly framed — any solicitation by the firm, however indirect, defeats the exemption. Most non-EU firms that maintain EU-accessible websites, use SEO targeting EU audiences, or use affiliate marketing cannot legitimately rely on this exemption.

Does having a website that EU clients can access constitute solicitation under MiCAR?

According to ESMA's guidelines, it depends on the content. A website that describes crypto-asset services, promotes products, or encourages EU visitors to register or create accounts is almost certainly soliciting EU clients — even without geographically targeted advertising. ESMA's definition of solicitation is broad and includes SEO, social media posts, press releases, influencer and affiliate marketing, push notifications, and sponsorships. A purely informational website with no product promotion carries lower risk, but ESMA warns against using such structures as proxies for actual solicitation. Geographic disclaimers and terms of service that purport to restrict access do not override the factual assessment.

What is the one-month limitation on reverse solicitation under MiCAR?

After a genuine reverse-solicitation transaction, the non-EU firm may offer crypto-assets of the 'same type' only for one month from the date the client originally initiated contact. After that period, any new offerings require the client to again initiate at their own exclusive initiative. 'Same type' is interpreted narrowly — utility tokens, ARTs, EMTs, assets with different underlying technologies, and liquid versus illiquid assets are not considered the same type. This means a client who sought to buy Bitcoin cannot be offered stablecoins, staking products, or DeFi instruments under the same reverse solicitation transaction.

What is the difference between MiCAR grandfathering and the reverse solicitation exemption?

These are separate provisions targeting different situations. Grandfathering (Article 143(3)) applies to firms that were lawfully providing crypto-asset services under a national EU framework before 30 December 2024 — for example, exchange operators registered with BaFin in Germany or the AMF in France. It allows them to continue operating until 1 July 2026 while obtaining MiCAR authorisation. The reverse solicitation exemption applies to non-EU firms that never operated under an EU national framework, allowing them to serve EU clients who contact them at their own initiative. There is no grandfathering equivalent for these firms — after 1 July 2026, genuine reverse solicitation is the only basis for serving EU clients without MiCAR authorisation.

MiCAR Reverse Solicitation: ESMA's Guidelines Explained for Non-EU Crypto Firms

ESMA published its final report on reverse solicitation guidelines under MiCAR on 17 December 2024. The official translations were published on 26 February 2025, with the guidelines applying 60 days after translation publication — making them effective from late April 2025. The guidelines confirm that the reverse solicitation exemption is narrowly framed, fact-specific, and cannot be engineered through contractual disclaimers or website design. For non-EU crypto-asset service providers targeting EU customers, the practical message is stark: most firms that think they qualify for the exemption do not.

This guide explains what the exemption actually covers, what ESMA says constitutes solicitation, the critical one-month limitation that restricts cross-selling, and the compliance steps non-EU firms must take before the 1 July 2026 MiCAR authorisation deadline.

For country-by-country MiCAR authorisation status and deadlines, see our CASP NCA tracker. For MiCAR marketing communications requirements under Articles 66–68, see our marketing guide.

What the Reverse Solicitation Exemption Is

Article 61(1) of MiCAR (Regulation (EU) 2023/1114) provides that a third-country firm — a firm based outside the EU — may provide a crypto-asset service to an EU client without MiCAR authorisation when the provision of that service was initiated by the client "at its own exclusive initiative."

The policy rationale is that EU regulation should not prevent EU investors from accessing services they actively seek out from non-EU firms. But ESMA's guidelines make clear that this is a narrow exception to the general rule that all CASPs serving EU clients must be authorised — not a backdoor for operating in the EU market without compliance.

The exemption is available only to third-country firms. A firm established in the EU cannot rely on it. If your subsidiary or branch is in the EU, MiCAR applies regardless of where the parent company is headquartered.

ESMA's Broad Definition of Solicitation

The starting point for the analysis is whether the third-country firm engaged in solicitation of the EU client. ESMA takes the position that solicitation should be "construed broadly" — meaning that the question of whether a firm solicited a client is not limited to direct sales calls or targeted advertising.

According to the guidelines, the following activities constitute solicitation:

Activity	Solicitation?
Advertising on websites accessible from the EU	Yes
Social media posts (including organic posts) visible to EU users	Yes
Push notifications to app users in the EU	Yes
Influencer or affiliate marketing targeting EU audiences	Yes
Search engine optimisation (SEO) to appear for EU-relevant queries	Yes
Sponsorships at EU-focused events or publications	Yes
Press releases or media coverage of EU-relevant products	Yes (if controlled or encouraged by the firm)
Email campaigns sent to EU users	Yes
Roadshows or presentations in EU member states	Yes
Passive trading infrastructure made available to inbound EU clients	Depends — factual assessment required
Unsolicited inbound contact from EU client with no prior marketing	Not solicitation

The breadth of this list has significant practical implications. A non-EU exchange that maintains an English-language website with crypto-asset offerings, ranks for search terms like "buy Bitcoin EU" or "crypto exchange Europe," or has affiliate partners running campaigns in EU member states is, according to ESMA, soliciting EU clients — regardless of geographic disclaimers or terms of service.

Disclaimers do not override the factual assessment. ESMA explicitly states that the use of contractual provisions declaring services to be "provided on a reverse solicitation basis" or disclaimers stating that services are "not available to EU residents" do not create reverse solicitation status. The assessment is factual: did the firm's conduct direct its services at EU clients? If yes, the exemption is not available.

"Exclusively at Own Initiative" — What the Standard Requires

For the reverse solicitation exemption to apply, the EU client must initiate the service "at its own exclusive initiative." This is a high standard. ESMA interprets "exclusively" strictly — any contribution to the client's decision by the third-country firm, however indirect, can defeat the exemption.

The key elements:

The client's initiative must be genuine and unsolicited. The client must have independently decided to seek the specific service from the specific third-country firm, without any marketing, promotional, or informational activity by the firm that influenced that decision. A client who discovered the firm through the firm's website, a social media post, or an affiliate ad is not initiating at their own "exclusive" initiative — the firm's marketing contributed to the decision.

The initiative cannot be manufactured. Strategies such as "soft launching" services, making them technically accessible and waiting for clients to subscribe, or asking existing clients to refer EU contacts do not produce genuine reverse solicitation.

Affiliated and intermediary activities are attributed to the firm. Where an agent, broker, affiliate, or referral partner solicits EU clients on behalf of the third-country firm — even without explicit authorisation — that solicitation is attributed to the firm. Third-country firms cannot structure referral networks in a way that keeps the firm's hands "clean" while intermediaries do the soliciting.

The One-Month / Same-Type Limitation

Even where genuine reverse solicitation occurs — a client contacts the third-country firm without any prior solicitation — the exemption is strictly limited in scope going forward.

The exemption covers only the specific service requested by the client. If an EU client unsolicited contacts a non-EU exchange to trade Bitcoin, the reverse solicitation exemption covers that Bitcoin trading activity. It does not automatically cover the firm offering the client other services (staking, lending, custody, derivatives) unless those services are also specifically requested by the client on their own initiative.

The same-type limitation: a one-month window. After the initial reverse-solicited transaction, the third-country firm may offer crypto-assets of the "same type" for a period of one month from the date the client initiated the original request. After that month, any new offerings to that client require the client to again initiate contact on their own exclusive initiative.

"Same type" is interpreted narrowly. ESMA provides guidance on what assets are not of the same type:

Utility tokens versus asset-referenced tokens (ARTs) or e-money tokens (EMTs)
Assets with different underlying technologies
Assets with different referenced currencies or collateral bases
Liquid versus illiquid assets
Assets where the offeror is identified versus unidentified

In practice, this means a client who sought to buy Bitcoin (a crypto-asset) on their own initiative does not automatically allow the non-EU firm to offer them Ethereum, stablecoins, NFTs, or DeFi products under the same reverse solicitation transaction — unless those are of the same type and within the one-month window.

The one-month period restarts only if the client again contacts the firm at their own exclusive initiative to request a new service or asset type.

What This Means for Non-EU Firms

Non-EU Crypto Exchanges

Large non-EU exchanges that serve EU retail clients through websites accessible in the EU almost certainly cannot rely on the reverse solicitation exemption. Their marketing activities — website content, SEO, app store presence, social media, affiliate networks — constitute solicitation as defined by ESMA. The exemption was not designed to cover firms that actively operate an EU-accessible platform.

For these firms, the options are:

Obtain MiCAR CASP authorisation in one or more EU member states and use the passport to operate across the EU
Genuinely geographically restrict EU access — technically blocking EU residents, not just adding a disclaimer
Exit the EU market until a compliance solution is in place

Non-EU Institutions Serving Sophisticated EU Counterparties

For institutional-to-institutional services — where an EU financial institution proactively approaches a non-EU liquidity provider for a specific transaction — genuine reverse solicitation is more plausible. But even here, the guidelines require a fact-specific assessment. If the non-EU firm markets itself to EU institutions (conference presence, pitch materials, relationship management) as a crypto-asset service provider, that activity may constitute solicitation.

Non-EU Asset Managers and Fund Managers

Asset managers outside the EU that advise on or execute in crypto-assets as part of a broader portfolio management mandate for EU clients should assess whether the relevant crypto-asset activity constitutes a "crypto-asset service" under MiCAR. If it does, the reverse solicitation rules apply. MiCAR Article 3 defines the in-scope services broadly — custody, transfer, exchange, execution, placing, portfolio management, advice, and more.

Practical Steps for Non-EU Firms

Step 1: Audit your EU-facing activities. Map every channel through which EU clients can discover your services — website, SEO, app stores, social media, affiliates, events. Assess whether these activities constitute solicitation under ESMA's broad definition.

Step 2: Count your current EU client base. If you have EU clients today, assess under what circumstances they were acquired. If any marketing or promotional activity contributed to client acquisition, the reverse solicitation exemption was not properly relied upon.

Step 3: Assess the MiCAR authorisation path. If you have EU clients and cannot demonstrate genuine reverse solicitation, the path is MiCAR CASP authorisation. Key questions: which NCA to apply to, which member state offers the most efficient authorisation process, what capital and governance requirements apply to your specific services.

Step 4: Do not wait for enforcement. The ESMA guidelines are in force. NCAs across the EU have supervisory tools to identify non-EU firms serving EU clients without authorisation or genuine reverse solicitation. The July 1, 2026 MiCAR deadline is also the end of all transitional arrangements — there is no general grace period for non-EU firms after that date.

The Relationship with the July 2026 Grandfathering Deadline

The grandfathering provisions in Article 143(3) of MiCAR are separate from the reverse solicitation exemption. Grandfathering applies to firms that were lawfully providing crypto-asset services under national law in an EU member state before 30 December 2024. This covers, for example, exchange operators registered in Germany under the German BaFin crypto custody regime, or VASPs registered in France under the AMF/ANJ virtual asset registration framework.

The reverse solicitation exemption, by contrast, covers non-EU firms that never operated under an EU national framework — they were simply serving EU clients who came to them from outside the EU. There is no grandfathering equivalent for these firms. After July 1, 2026, the reverse solicitation exemption is the only basis on which they can legally serve EU clients without MiCAR authorisation — and the ESMA guidelines confirm that few firms genuinely qualify.

NCA Enforcement Approach

ESMA's guidelines are addressed to national competent authorities and provide them with supervisory tools to assess whether a third-country firm is genuinely relying on reverse solicitation or using it as a cover for unauthorised provision of services. NCAs are expected to apply the guidelines consistently and to scrutinise claims of reverse solicitation where a third-country firm appears to be conducting systematic EU business.

The AMF in France has been particularly active in the crypto-asset space, having previously taken enforcement action under the pre-MiCAR framework against non-EU platforms targeting French investors. CySEC in Cyprus and the AFM in the Netherlands have also signalled enforcement interest in non-EU firms serving EU clients.

ESMA has published a compliance table showing which NCAs have declared compliance with the reverse solicitation guidelines. Non-compliant NCAs are required to explain their divergence.

Key Questions Non-EU Firms Are Asking

Does having an EU "info" website (no trading functionality) constitute solicitation?

It depends. A website that describes the firm's services, highlights crypto-asset products, and encourages visitors to create accounts or register interest is almost certainly soliciting EU clients even if no trade execution happens on-site. A website that purely provides corporate information (address, contact, registered entity details) with no product promotion is lower risk — but ESMA's guidelines warn against using such structures as a proxy for actual solicitation.

Can we rely on the reverse solicitation exemption for our institutional book and require authorisation only for retail?

The reverse solicitation exemption does not differentiate between retail and professional clients. It applies based on who initiated the service, not on client categorisation. An institutional EU client who contacts a non-EU firm at their own initiative is a genuine reverse solicitation. A retail EU client who signed up via an affiliate link is not. The analysis is client-by-client and transaction-by-transaction.

If we get CASP authorisation in one member state, can we use the passport to serve all EU clients?

Yes. MiCAR's authorisation and passporting regime allows a CASP authorised in one EU member state to provide services across all EU member states by notifying the home NCA and using the standard EU financial services passport. This is one of MiCAR's core features — a single authorisation provides EU-wide market access. For non-EU firms currently serving EU clients, obtaining CASP authorisation in a strategically chosen member state (taking into account NCA efficiency, capital requirements, and supervisory culture) is the most commercially viable path forward.

For a detailed guide to the CASP authorisation process by country, see our MiCAR CASP NCA authorization tracker. For the full MiCAR compliance checklist for CASPs, see our CASP compliance checklist.

Use our query tool to ask specific questions about how the reverse solicitation exemption applies to your firm's structure and business model.