MiCAR Compliance for US Crypto Companies
The EU's Markets in Crypto-Assets Regulation creates a single licensing framework across 27 member states. For US crypto firms, this means new authorization requirements, no equivalence recognition of US licenses, and a grandfathering deadline of 1 July 2026.
Key Deadline: 1 July 2026
Crypto-asset service providers operating in the EU under national transitional regimes must be fully authorized under MiCAR by 1 July 2026 (or earlier in member states with shorter grandfathering periods). Applications should be submitted well in advance to allow for regulatory review.
MiCAR vs. US Crypto Regulation
The regulatory approaches are structurally different. Understanding these differences is essential for US firms planning EU market entry.
| Category | EU (MiCAR) | United States |
|---|---|---|
| Licensing Regime | Single EU-wide CASP authorization with passporting across 27 member states | State-by-state money transmitter licenses (MTLs), plus potential federal oversight from SEC/CFTC depending on asset classification |
| Token Classification | Three categories: Asset-Referenced Tokens (ARTs), E-Money Tokens (EMTs), and other crypto-assets — each with distinct requirements | Classification depends on Howey test (security vs. commodity), with ongoing regulatory uncertainty between SEC and CFTC jurisdiction |
| Stablecoin Regulation | ARTs and EMTs require authorization as a credit institution or e-money institution. Reserve requirements and redemption rights are prescriptive. | No federal stablecoin framework as of 2026. State-level regulations vary. Federal legislation has been proposed but not enacted. |
| Consumer Protection | Mandatory white paper disclosures, suitability assessments, segregation of client assets, and complaint handling procedures | Varies by state and regulatory classification. SEC-regulated platforms follow securities rules; state-regulated platforms follow MTL requirements. |
| Market Abuse | Title VI of MiCAR establishes crypto-specific market abuse rules: insider dealing, market manipulation, and unlawful disclosure of inside information | No crypto-specific market abuse regime. SEC enforcement actions based on securities fraud statutes where applicable. |
| Cross-Border Access | CASP passport allows EU-wide operation from a single authorization. Third-country firms must establish an EU entity — no equivalence regime. | Each state requires separate licensing. No federal passporting. Reverse solicitation is not a recognized concept. |
CASP Authorization Requirements for US Firms
MiCAR Article 59 sets out the authorization conditions. These apply equally to EU-domiciled firms and US firms establishing an EU subsidiary.
Legal Entity in an EU Member State
A US crypto firm must establish a legal entity (subsidiary or branch) in at least one EU member state. The entity must have its registered office and effective management in the EU. Delaware incorporations do not qualify.
Minimum Capital Requirements
Permanent minimum capital depends on the CASP services provided: EUR 50,000 for advisory/portfolio management, EUR 125,000 for custody/exchange/order execution, or EUR 150,000 for operating a trading platform. The higher threshold applies if multiple services are combined.
Governance & Fit-and-Proper Requirements
Management body members must meet fit-and-proper standards assessed by the national competent authority. At least one director must be EU-resident. Compliance, risk management, and internal audit functions must be established.
Client Asset Segregation
Crypto-assets and client funds must be segregated from the CASP's own assets. Custodial arrangements must ensure clients can recover their assets if the CASP becomes insolvent. This is stricter than many US state MTL requirements.
ICT & Cybersecurity (DORA Interaction)
CASPs are financial entities under DORA. ICT risk management frameworks, incident reporting, digital resilience testing, and third-party ICT provider oversight apply on top of MiCAR requirements.
White Paper Obligations
Issuers of crypto-assets (other than ARTs/EMTs) must publish a crypto-asset white paper before offering to the public or admission to trading. The white paper must be notified to the competent authority — there is no SEC-style registration process, but content requirements are detailed.
Reverse Solicitation Under MiCAR
MiCAR Recital 22 and Article 61 address reverse solicitation: where a client initiates contact with a third-country firm entirely at their own initiative. In theory, this exempts the firm from requiring CASP authorization.
In practice, this defense is extremely narrow. ESMA has indicated that it will monitor reverse solicitation claims closely. The following will likely negate a reverse solicitation defense:
- •Any marketing, advertising, or promotion directed at EU clients
- •Websites available in EU languages with EU-specific content
- •EUR-denominated products or EU-localized payment methods
- •Referral arrangements with EU-based intermediaries
- •Systematically relying on reverse solicitation for a significant EU client base
US crypto firms should not treat reverse solicitation as a viable long-term market access strategy. Obtaining CASP authorization is the only sustainable path to serving EU clients.
Frequently Asked Questions
Can a US crypto exchange operate in the EU without a MiCAR license?
No. After the grandfathering period ends on 1 July 2026 (or earlier in some member states), all crypto-asset service providers serving EU clients must hold a CASP authorization. There is no equivalence regime under MiCAR that would recognize US licenses. Reverse solicitation — where the EU client initiates contact — exists but is narrowly defined and cannot be used as a systematic market access strategy.
Does MiCAR apply to US companies with no EU entity if they have EU customers?
MiCAR applies to the provision of crypto-asset services 'in the Union.' If a US company actively solicits EU customers (through marketing, localized websites, or EUR-denominated products), regulators will likely consider this as providing services in the EU. Establishing an EU entity and obtaining CASP authorization is the compliant path.
How does MiCAR compare to US crypto regulation?
MiCAR provides a single, comprehensive regulatory framework for all crypto-assets and service providers across the EU. In contrast, the US has no unified federal crypto framework: oversight is split between the SEC (securities), CFTC (commodities), FinCEN (AML), OCC (national banks), and 50+ state regulators. MiCAR's clarity is often cited as an advantage for firms seeking regulatory certainty.
Which EU member state should a US crypto company apply in?
The choice of home member state matters for regulatory culture, processing times, and ongoing supervision. Popular choices include: France (AMF has crypto-specific expertise from the PSAN regime), Germany (BaFin has regulated crypto custody since 2020), Ireland (English-speaking, strong fintech ecosystem), and the Netherlands (AFM, tech-forward regulator). A CASP authorization in any member state passports to all 27.
What is the timeline for MiCAR CASP authorization?
National competent authorities have up to 40 working days (approximately 2 months) to assess a complete application, extendable by 20 working days. In practice, pre-application discussions and completeness checks can add several months. Firms already operating in the EU under national regimes must apply before 1 July 2026 to benefit from grandfathering provisions — most applications should be filed by Q1 2026 at the latest.
Can a US company acquire an existing EU CASP license?
A US company can acquire a controlling stake in an existing EU-authorized CASP, subject to regulatory approval of the change in qualifying shareholders. The national competent authority will assess the acquirer's suitability. This is faster than a new application but requires due diligence on the target's compliance status and any conditions attached to its authorization.
Research MiCAR Requirements for Your Business
Get instant, AI-powered answers about MiCAR CASP authorization, capital requirements, and third-country provisions. Grounded in the actual regulatory text with article-level citations.