CryptaCount
EN
EnglishENDeutschDEEspañolESFrançaisFRItalianoIT日本語JA한국어KONederlandsNLPolskiPLPortuguêsPT
Log in Start Free

MiCA CASP Authorization: Germany Leads the EU Race as July 1 Deadline Arrives

CryptaCount Editorial · · 7 min read
AML / KYC / LICENSING MiCA CASP Authorization: Germany Leadsthe EU Race as July 1 Deadline Arrives

As of July 1, 2026, the Markets in Crypto-Assets Regulation transitional period has closed. Any crypto-asset service provider operating in the EU or EEA without a MiCA authorization is now doing so outside the legal framework. The ESMA interim register, updated as of June 26, counted 244 approved CASPs across the bloc, but the distribution is anything but uniform: Germany holds roughly one in four licenses, five member states have issued none at all, and Italy accounts for nearly every entry on the non-compliant register.

How Authorizations Are Distributed Across Member States

Germany's Dominant Position

Germany leads the ESMA register with 57 MiCA-authorized CASPs, representing approximately 23% of all approvals. BaFin, the country's Federal Financial Supervisory Authority, attributes this partly to the scale of Germany's financial sector: a large number of credit institutions already had the regulatory infrastructure to add crypto-asset services under MiCA. The pre-existing national licensing regime for crypto custody and related activities also created a simplified transition pathway for firms that had already been supervised under domestic law, which likely accelerated the authorization count.

BaFin was candid about the limits of its own projections, noting that whether Germany retains its dominant share will depend on market developments, innovation trends, and the pipeline of pending applications in other jurisdictions. Approvals elsewhere are expected to grow as implementation matures and national financial sectors catch up.

France Accelerates in the Final Weeks

France sits in second place with 26 approvals, accounting for roughly 11% of total EU and EEA licenses, placing it alongside the Netherlands as the bloc's second-largest hub. Notably, France was the most active issuer in the final sprint: between June 18 and June 22, the Autorité des marchés financiers issued five CASP authorizations, the highest count of any single jurisdiction in that window. Eleven approvals were issued across the EU and EEA during that period, with Malta contributing two.

Named recipients of recent French authorizations include Bpifrance Investissement, RCUBE Asset Management, Paymium, Leonod, and Meria, a mix of institutional asset management and retail-facing crypto platforms that reflects the breadth of activity MiCA is designed to govern. French firms and advisers should note that the authorization pipeline has moved faster than anticipated at year-start: firms still in application should ensure their compliance documentation reflects that the transitional period has now formally ended.

The Member States That Issued Zero Licenses

As of June 26, five EU member states had not issued a single MiCA authorization: Greece, Hungary, Poland, Portugal, and Romania. Poland is particularly notable. Delays in transposing MiCA implementation legislation left the country without an active licensing framework in place by the time the EU deadline arrived. Greece is also significant: having initially established a licensing process, the country later changed course and redirected its licensing activity toward another MiCA jurisdiction, leaving it absent from the ESMA register entirely.

For firms and their advisers operating in or through these markets, the practical implication is immediate: without a domestic competent authority issuing authorizations, the passporting benefit that MiCA is designed to provide cannot originate from these jurisdictions. Firms headquartered there will need to assess whether a cross-border structure, or authorization in a jurisdiction with an active regime, is required to continue serving EU clients lawfully. This connects directly to the MiCA transitional period expiry and what it means for CASPs operating across the EU, covered in our earlier analysis.

Italy and the Non-Compliant Register

A Disproportionate Concentration of Non-Compliant Entries

While the authorized register tells one story, the non-compliant CASP register tells another. As of June 26, Italy accounted for 160 out of 162 entries on the ESMA non-compliant register. The Netherlands and Slovakia each recorded one entry, linked to MEXC and LWEX respectively.

The concentration in Italy is striking. It suggests a large volume of firms that were operating under the Italian registration or notification regime have not converted to, or obtained, a MiCA authorization ahead of the deadline. Compliance officers and auditors advising Italian crypto businesses need to treat this as an urgent matter: entities on the non-compliant register are identifiable to supervisors across all EU member states, and the regulatory exposure is no longer theoretical.

For accounting firms with Italian CASP clients, this is also a financial reporting and audit risk flag. A firm operating without authorization after July 1 may face enforcement action that affects going concern assessments, contingent liability disclosures, and the reliability of revenue recognition for services that are no longer legally provided.

What Fragmentation Means for Compliance Teams

Passporting, Substance, and Regulatory Arbitrage Risk

MiCA was designed to eliminate the need for firms to obtain separate national licenses by creating a single EU-wide passport. The uneven authorization data raises a practical concern that is already familiar from other financial regulation contexts: firms seeking the path of least resistance may gravitate toward jurisdictions with faster or lighter-touch authorization processes, creating a de facto hub-and-spoke structure that the single market design was intended to prevent.

Substance requirements matter here. Authorizations issued in Germany or France do not, on their own, permit a firm to relocate its commercial center of gravity to a jurisdiction where it has no real presence. Competent authorities in the member state of authorization are expected to scrutinize whether the firm genuinely operates from that jurisdiction. Compliance teams advising CASPs on cross-border structures should document substance carefully and anticipate supervisory scrutiny as national regulators bed in their MiCA oversight functions.

The regulatory patchwork also creates an ongoing monitoring obligation. The ESMA register is updated as new authorizations are issued and as non-compliant entries are added or removed. Firms that have counterparty relationships with CASPs, whether as liquidity providers, custodians, or technology partners, should build register checks into their third-party due diligence cycles. For context on how the Netherlands' AFM is approaching its own obligations toward crypto service providers in this environment, see our coverage of the AFM's distance marketing and online interface requirements for crypto-asset service providers.

Audit and Financial Reporting Implications

For auditors and CFOs, the authorization divide has direct balance sheet implications. A CASP that is not yet authorized, or that operates in a jurisdiction that has not established a licensing regime, faces potential revenue disruption: services provided to EU clients after July 1 without authorization may not be legally billable, and any associated revenue could be subject to regulatory challenge or disgorgement. Auditors conducting year-end work for crypto-facing entities should confirm authorization status as a preliminary matter, particularly for clients in the five zero-license jurisdictions and for any Italian entity whose status on the non-compliant register has not been resolved.

Firms operating in Germany's large credit institution sector should also confirm whether their authorization correctly covers all the crypto-asset service categories they intend to provide. BaFin's comment that credit institutions can provide crypto-asset services under MiCA is accurate, but the scope of services permitted depends on the specific authorization granted. Assuming that an existing banking license automatically covers all MiCA service categories would be an error.

Key Data Points from the ESMA Interim Register

The table below summarizes the authorization counts referenced in the ESMA interim register as of June 26, 2026, alongside non-compliant entries where reported.

Jurisdiction Authorized CASPs Non-Compliant Entries
Germany 57 Not reported
France 26 Not reported
Netherlands Not specified 1 (MEXC)
Italy Not specified 160
Slovakia Not specified 1 (LWEX)
Greece 0 Not reported
Hungary 0 Not reported
Poland 0 Not reported
Portugal 0 Not reported
Romania 0 Not reported
Total (EU/EEA) 244 162

All figures are drawn from the ESMA interim register as reported on June 26, 2026. The register is updated on a rolling basis as national competent authorities submit new data.

Immediate Actions for Firms and Advisers

A Short Checklist for July 2026

Given where the authorization landscape stands as of the deadline, compliance teams and advisers should address the following without delay:

  • Confirm your client's or employer's CASP authorization status on the ESMA interim register and verify that the listed service categories match actual business activities.
  • For clients in zero-license jurisdictions, assess whether operations need to be restructured around an authorized entity in another member state and document substance accordingly.
  • For Italian entities appearing on the non-compliant register, quantify the regulatory exposure and consider its impact on going concern, contingent liabilities, and revenue recognition in the next reporting period.
  • Build ESMA register checks into counterparty and third-party due diligence workflows on a recurring basis, not as a one-time exercise.
  • Revisit any assumption that a credit institution license in Germany or elsewhere automatically covers all MiCA crypto-asset service categories.

The ESMA register and the underlying MiCA framework documentation are available directly from ESMA's official website. BaFin's MiCA guidance is published on its official portal. For the white paper and disclosure obligations that sit alongside authorization requirements, our earlier piece on ESMA's MiCA white paper exemption clarification for non-ART and non-EMT offerings covers the key distinctions firms need to understand.

Source: Cointelegraph

EUDEFRGeneralEffectiveAML/KYC & Licensing

FAQ

How many MiCA CASP authorizations have been issued across the EU and EEA as of the July 1 deadline?

The ESMA interim register recorded 244 authorized crypto-asset service providers across EU and EEA jurisdictions as of June 26, 2026. Germany leads with 57 approvals, representing approximately 23% of the total. France and the Netherlands are the next largest hubs, with France holding around 26 authorizations.

Which EU member states had not issued any MiCA authorizations before the July 1 deadline?

As of June 26, five member states had issued zero MiCA authorizations: Greece, Hungary, Poland, Portugal, and Romania. Poland and Greece are particularly notable: Poland faced delays in transposing MiCA implementation legislation, while Greece redirected its licensing activity to another MiCA jurisdiction after initially establishing a domestic process.

Why does Italy account for the vast majority of non-compliant CASP register entries?

Italy held 160 of the 162 entries on the ESMA non-compliant CASP register as of June 26. This reflects a large volume of firms that operated under Italy's previous national registration or notification regime but have not converted to a full MiCA authorization. Firms in this position are now operating outside the legal framework, with potential exposure to enforcement action from competent authorities across the EU.

Does a German banking license automatically cover all MiCA crypto-asset service categories?

No. BaFin confirmed that credit institutions in Germany can provide crypto-asset services under MiCA, and the country's pre-existing national licensing regime may have simplified the transition for some firms. However, the specific crypto-asset service categories a firm is permitted to offer depend on the scope of its individual MiCA authorization. Assuming blanket coverage from an existing banking license would be an error that compliance officers should flag and verify.

What should auditors do when a client is in a jurisdiction with no active MiCA licensing framework?

Auditors should treat the absence of a domestic authorization pathway as a material fact affecting the engagement. Key considerations include: whether the client is generating revenue from EU clients without a valid authorization (which could affect revenue recognition), whether regulatory enforcement creates a going concern or contingent liability issue, and whether the client needs to restructure around an authorized entity in another member state. These assessments should be documented in the audit file and discussed with management.

Related articles

AML/KYC & Licensing
ESMA MiCA Register Update: 37 New CASPs Approved Post-Deadline
AML/KYC & Licensing
MiCA Transitional Period Expires July 1 2026: CASP Authorization Is Now Mandatory
Tax Reporting
DAC7 Platform Operator Reporting: EU Implementation Status and Compliance Requirements
AML/KYC & Licensing
MiCA Licensing Wave Closes the EU Transitional Period