ESMA Confirms MiCA Authorisation Requirement for EU Client Servicing
The European Securities and Markets Authority has made its position clear: any crypto asset service provider that wants to serve clients in the EU or the European Economic Area after the MiCA transitional period must do so through a MiCA-authorised legal entity. The clarification, issued in late June 2026, carries direct consequences for accounting firms, auditors and CFOs advising exchanges or holding crypto on behalf of EU-based clients.
What ESMA Actually Said
An ESMA spokesperson confirmed to Cointelegraph that "EU clients should be serviced through a MiCA-authorised entity" and that MiCA protections attach only to the licensed EU legal entity itself, not to a corporate group or a parent holding a licence in another jurisdiction.
The reverse solicitation carve-out is narrow
Article 61 of MiCA does allow a non-EU provider to serve an EU client without a local licence, but only where the client initiates the relationship entirely on their own initiative, with no prior solicitation, advertising or promotion by the provider. ESMA was explicit: if a third-country firm solicits EU clients in any way, the exemption does not apply. Its published guidance lists operating websites, mobile apps, social media accounts, online advertising, sponsorships and influencer campaigns targeting EU users as activities that constitute solicitation.
The practical effect is that the carve-out is designed for genuinely isolated, client-initiated contacts, not for retaining a customer base built through years of marketing activity in EU markets.
The Binance Situation and What It Illustrates
The ESMA clarification followed Binance's communications to users in several EU member states, including Poland, France, Spain and Italy, stating that those users would need to take action as part of its MiCA transition. For users in other countries where Binance does not operate through a locally registered entity, the exchange told customers that "no action is required at this time."
Why a non-EU licence does not solve the problem
Separately, screenshots of Binance customer support messages circulating on social media suggested that some EU users might be serviced through an entity regulated in the Abu Dhabi Global Market. Legal commentary from Digital & Analogue Partners was unambiguous: the ADGM is treated as a third country under MiCA, alongside the United States and Singapore. A licence there provides no passport or recognition under the EU framework. Binance had not responded to requests for clarification at the time of publication.
This matters beyond Binance. Any exchange or CASP that holds a licence in a non-EU jurisdiction and has EU users on its books faces the same structural question. Binance's withdrawal of its Greek MiCA application earlier this year had already raised questions about how the group planned to serve EU clients going forward.
Compliance Implications for Accounting Firms and CFOs
For advisers and finance teams, the ESMA statement has several practical dimensions worth working through now rather than after a regulatory inquiry.
Key areas requiring attention
Client base mapping. Any CASP client that has EU retail or professional users needs to confirm which legal entity those users are booked under. If it is a non-EU entity, the reverse solicitation analysis must be documented carefully and honestly.
Group structure review. A MiCA licence held by one group entity does not automatically cover client relationships held by an affiliated entity in a third country. The licensed entity must be the one actually providing the service.
Marketing and solicitation audit. ESMA's guidance on what constitutes solicitation is broad. Firms should audit digital touchpoints, including app store listings, social media and retargeting ads, to assess whether EU-facing activities would disqualify a reverse solicitation argument.
Disclosures and client communications. Where a CASP has communicated to EU users that they can continue to be served without action, the basis for that position should be documented. Generic messages that imply continuity without a legal analysis are a risk.
ESMA's earlier wind-down order for unauthorised CASPs, covered in our earlier analysis of ESMA's instructions to unauthorised CASPs as the transitional period closed, made clear that the regulator is not treating the deadline as a soft target.
Frequently Asked Questions
Does a MiCA licence held by a parent company cover subsidiaries serving EU clients?
No. ESMA has stated that the MiCA protections and authorisation requirements apply to the specific legal entity that holds the licence and is actively providing the service. Group-level licences do not automatically extend to affiliated entities.
Can a non-EU CASP rely on Article 61 reverse solicitation to keep serving existing EU clients?
Only where the client relationship was genuinely initiated entirely by the client without any prior solicitation, marketing or promotion. For established customer relationships built through EU-facing advertising and platform operations, the exemption is unlikely to apply.
Does an ADGM licence or a US licence satisfy MiCA requirements?
No. Both Abu Dhabi and the United States are third countries under MiCA. A licence in either jurisdiction has no effect on the EU authorisation requirement.
What activities count as solicitation under ESMA's guidance?
ESMA's published guidance identifies websites, mobile applications, social media presence, online advertising, sponsorships and influencer campaigns targeting EU users as solicitation. A firm with any of these touchpoints directed at EU audiences cannot rely on the reverse solicitation exemption.
What should accounting firms do right now for CASP clients with EU users?
Advisers should prompt clients to map their EU user base by booking entity, document the legal basis for any continued servicing, audit solicitation activity, and confirm whether a MiCA-authorised entity is in place for EU client relationships. Firms without a licensed EU entity should seek legal advice before continuing to serve EU clients.
Source: Cointelegraph
FAQ
No. ESMA has stated that the MiCA protections and authorisation requirements apply to the specific legal entity that holds the licence and is actively providing the service. Group-level licences do not automatically extend to affiliated entities.
Only where the client relationship was genuinely initiated entirely by the client without any prior solicitation, marketing or promotion. For established customer relationships built through EU-facing advertising and platform operations, the exemption is unlikely to apply.
No. Both Abu Dhabi and the United States are third countries under MiCA. A licence in either jurisdiction has no effect on the EU authorisation requirement.
ESMA's published guidance identifies websites, mobile applications, social media presence, online advertising, sponsorships and influencer campaigns targeting EU users as solicitation. A firm with any of these touchpoints directed at EU audiences cannot rely on the reverse solicitation exemption.
Advisers should prompt clients to map their EU user base by booking entity, document the legal basis for any continued servicing, audit solicitation activity, and confirm whether a MiCA-authorised entity is in place for EU client relationships. Firms without a licensed EU entity should seek legal advice before continuing to serve EU clients.
