MiCA explained for non-lawyers: a 2026 guide for EU businesses
For founders, operators, and finance leads. Plain language and primary sources.
MiCA is the EU's first single rulebook for crypto-assets. It came into force on 30 December 2024 and applies if you issue, trade, exchange, custody, or transfer crypto for clients in the EU. The transitional period for existing crypto businesses ends on 1 July 2026, six weeks from this article's date. After that, any firm providing crypto-asset services to EU clients without a MiCA authorisation is in breach of EU law and has to wind down.This explainer summarises MiCA in plain language. It is not legal advice. Talk to qualified counsel before making operational or compliance decisions.
The five-second summary: What is Markets in Crypto-Assets Regulation (MICA)?
MiCA is Regulation (EU) 2023/1114, the EU's single rulebook for crypto-assets. It applies to crypto-asset service providers (CASPs), stablecoin issuers, and any firm marketing crypto services to EU clients. Stablecoin rules entered into force on 30 June 2024, the main regime on 30 December 2024, and the transitional period for grandfathered firms ends on 1 July 2026.Does MiCA apply to my business?
The short answer is: if you provide crypto-asset services to anyone in the EU, or issue a stablecoin denominated in a fiat currency, almost certainly yes. The longer answer depends on what you do day to day. Four common profiles:
"I run a crypto exchange or wallet for EU users"
You're a CASP under MiCA. You need an authorisation from a national competent authority – in Finland, that's the FIN-FSA; in Germany, BaFin; in France, the AMF – in one EU member state, which then passports across the EEA. If you were operating under a pre-MiCA national VASP registration before 30 December 2024, your transitional cover ends on 1 July 2026 at the latest. In many member states it already ended in 2025 or January 2026. Finland, Lithuania, Germany, the Netherlands, Ireland, Latvia, Hungary, and Austria all shortened their grandfathering windows. If your application hasn't been granted by your jurisdiction's deadline, you stop serving EU clients on that date.
"I issue a stablecoin pegged to a fiat currency"
You're either an EMT or ART issuer. If your token references a single fiat currency – EUR, USD, GBP – it's an e-money token (EMT) and only an EMI or credit institution can issue it. If it references multiple currencies, commodities, or a basket of crypto-assets, it's an asset-referenced token (ART) and you need a separate ART authorisation under Title III. Both regimes have been live since 30 June 2024. Algorithmic stablecoins without a real reserve fall outside the ART and EMT definitions but typically can't be offered to the public in the EU at all.
"I accept stablecoin payments but don't custody crypto"
Probably not directly, but it depends on the flow. MiCA's CASP regime triggers on services provided to clients: custody, exchange, trading, transfer, execution, advice, portfolio management. If you accept a stablecoin payment and immediately convert it to fiat through a licensed third-party CASP or PSP, you're a merchant. Your provider's MiCA status is what matters. Before 1 July 2026, check that whoever processes your crypto flows appears on ESMA's MiCA register and not on the non-compliant list.
"I'm a non-crypto SaaS adding crypto features"
What changes depends on the feature. Adding a "pay with USDC" checkout that routes through a licensed CASP doesn't make you a CASP. Building your own custody, swap, or transfer service does. Holding stablecoins in treasury for operational use isn't a CASP service either, but it's worth a conversation with your auditor about how the holding is classified under IFRS or your local GAAP. The threshold question is whether you're providing the crypto service yourself or consuming someone else's.
The plain-English glossary
The regulation is dense. These are the terms that come up first, in plain language:- CASP Crypto-Asset Service Provider. A firm offering regulated crypto services in the EU, like exchanging, custodying, transferring, or trading crypto. Needs a MiCA authorisation from a national regulator.
- ART Asset-Referenced Token. A stablecoin that references more than one fiat currency, commodity, or a basket of assets. Strict reserve, governance, and disclosure rules apply.
- EMT E-Money Token. A stablecoin that references a single fiat currency (EUR, USD, GBP). Treated as e-money under EU law, so only EMIs and credit institutions can issue them. USDC and EURC are the obvious examples.
- White paper The mandatory disclosure document an issuer publishes before offering a crypto-asset to the public. Covers the issuer, the project, the risks, and the technology. Approved or notified depending on token type.
- Significant ART or EMT A stablecoin large enough to trigger direct EBA supervision. Thresholds are tied to user numbers, market cap, and daily transaction volume.
- Passport An authorisation in one EU member state lets a CASP or stablecoin issuer serve clients across all 27 by notifying each host regulator. No second licence needed.
- Reverse solicitation The narrow exemption that lets non-EU firms serve EU clients only if the client approached them first, unsolicited. ESMA's 2025 guidelines made this much harder to rely on in practice.
- NCA National Competent Authority. The regulator in each EU country that authorises CASPs and supervises them. Finland: FIN-FSA. Germany: BaFin. France: AMF. Ireland: Central Bank of Ireland, etc.
Key dates and what changes when
MiCA didn't switch on overnight. It rolled out in stages, and the most important date for most readers is the one closest to today.30 June 2024Titles III and IV (stablecoin rules) entered into force. ART and EMT issuers needed authorisation from this point.
30 December 2024Title V (the main CASP regime) entered into force. Crypto-asset service providers could apply for authorisation under the new framework.
2025 to January 2026Member states with shortened transitional periods closed their grandfathering windows. Finland, Lithuania, Germany, the Netherlands, Ireland, Latvia, Hungary, and Austria are in this group.
17 April 2026ESMA issued a statement on wind-down expectations for unauthorised CASPs and client migration expectations for authorised ones.
1 July 2026The EU-wide transitional period ends. Firms without a MiCA authorisation must cease providing crypto-asset services to EU clients.
What does MiCA actually require?
The regulation runs to several hundred pages, but the substantive obligations sit in a handful of areas.AuthorisationEvery CASP needs an authorisation from a national regulator before serving EU clients. The application covers governance, ownership, business plan, risk management, AML controls, IT security, capital, and client-asset safeguarding. Realistic timelines run from several months to over a year depending on jurisdiction and application quality. Operationally, this means anyone treating "we'll apply later" as a strategy is already late.
Capital requirementsInitial capital ranges from EUR 50,000 to EUR 150,000 depending on the service class, with ongoing own-funds requirements tied to fixed overheads. Class 1 (advice, reception and transmission, placing) sits at the low end. Class 3 (operating a trading platform) sits at the top. For firms also subject to PSD2 – including CASPs that custody or transfer EMTs – the EMI or PI capital floor stacks on top of the MiCA requirement. Translated: a CASP doing EMT custody pays for both regimes.
Custody and segregation of client assetsClient crypto-assets have to be held separately from the CASP's own assets, recorded on a register, and reconciled daily. Private keys and means of access must be stored securely with documented procedures for recovery. If client assets are lost through operational failure, the CASP is liable. Operationally, this is the area where exchanges and custody providers spend the most engineering time, because pre-MiCA segregation practices were often weaker than the regulation requires.
Marketing and disclosureCommunications have to be fair, clear, and not misleading. Risk warnings are mandatory in client-facing copy. Sponsoring an influencer to promote your service to EU users counts as marketing under MiCA, with the same disclosure obligations. Practically, this is the area where startups get caught out fastest: a "buy crypto in three taps" ad without the risk warning is a finable offence from day one.
White paper requirementsIssuers of crypto-assets that aren't ARTs or EMTs (most utility tokens, for example) publish a white paper before offering to the public. The document is notified to the home-state regulator and accompanied by a summary in the language of each member state where the offer is made. ART white papers have to be approved before issuance; EMT white papers are notified. Translated: the white paper is a regulated disclosure, not marketing collateral.
The cross-border passportA MiCA authorisation in one EU member state covers all 27 once the home regulator has notified each host regulator the CASP plans to serve. There's no second licence to obtain and no second fee. The passport made the choice of home jurisdiction commercially important: a faster, well-resourced NCA gets you to market sooner, but the substantive rules are the same everywhere.
How does MiCA compare to MiFID II, AMLD, and TFR?
Four EU regimes overlap on crypto and founders confuse them routinely.MiCA vs MiFID IIMiFID II covers traditional financial instruments and tokenised versions of them. If your token is a tokenised share, bond, fund unit, or derivative, it falls under MiFID, not MiCA. Everything else – utility tokens, stablecoins, payment tokens, most NFTs – sits in MiCA. The split is straightforward in theory and contentious in practice for hybrid instruments. When in doubt, the test is whether the token confers traditional securities rights.
MiCA vs AMLD and the new EU AML PackageAnti-money laundering rules apply to all financial entities including CASPs and EMT issuers. They cover KYC, transaction monitoring, suspicious activity reporting, and beneficial ownership. The new EU AML Package (Regulation 2024/1624 and Directive 2024/1640) progressively replaces the older AMLDs through 2027. MiCA adds crypto-specific prudential and conduct rules on top of the AML framework. You can be, and usually are, in scope of both.
MiCA vs TFR (the Transfer of Funds Regulation)Regulation 2023/1113 implements the FATF Travel Rule for crypto. Every crypto transfer between CASPs has to carry originator and beneficiary information with the transaction. TFR is operational: who sent how much to whom. MiCA is structural: who's allowed to operate at all. If you're a CASP, both apply.
What MiCA means for working with Narvi
Narvi Payments is an EMI authorised by FIN-FSA (licence 3190214-6), not a CASP. We don't custody crypto-assets, we don't operate an exchange, and we're not registered as a virtual asset service provider in Finland. What we provide is the fiat side: dedicated IBAN accounts, SEPA and SEPA Instant rails, SWIFT, and multi-currency wallets – the EUR and FX infrastructure that licensed CASPs and crypto-native businesses use to run their operations.For crypto businesses, three things follow. A CASP authorisation doesn't include EUR rails, so most CASPs partner with one or more EMIs for SEPA and SWIFT. EMT issuance is restricted to EMIs and credit institutions under MiCA, so a CASP planning its own EMT needs EMI capacity in parallel, its own or a partner's. And when a prospect asks "are you MiCA-compliant?", the answer for Narvi is that the question doesn't apply: we're an EMI, not a CASP. What does apply is whether we can onboard a crypto business and process the volumes involved, which we handle through a thorough compliance review during onboarding.FAQ about MiCA
MiCA is the EU regulation that sets common rules for crypto-asset service providers, stablecoin issuers, and crypto-asset markets across all 27 EU member states. It replaces a patchwork of national rules with a single rulebook. The official name is Regulation (EU) 2023/1114. It applies wherever crypto-asset services are provided to EU clients, regardless of where the service provider is based.
The exact impact of MICA on the crypto sector will be evaluated in the long term, that said the emergence of a regulatory framework in one of the world’s most important economies demonstrates the maturity of the crypto-asset market. Once published in the Official Journal, MiCA will officially become law, ensuring its provisions are legally binding across the EU.Crypto players have complained about the KYC and AML requirements in the Travel Rule but the digital identity trail this brings to the European market has distinct advantages for the sector.This greater level of transparency means that European financial services firms such as banks and asset managers will now find it much easier to gain compliance approval for crypto related activities.This, in turn, should boost liquidity to the European crypto sector, while institutional investors are generally viewed as less volatile and longer term thinking than their retail peers.
Title III and Title IV are sections of the Markets in Crypto-Assets Regulation (MICA). Title IV refers to electronic money tokens (EMTs under EU regulatory jargon), such as Tether (USDT) and Circle (USDC), PayPal, and Amazon Pay.Title III rules cover Asset Referenced Tokens (ARTs) which are crypto-tokens that are not EMTs and look to reference either multiple currencies, such as Facebook’s maligned Libra token, or commodities such as Tether Gold. ARTs can also reference multiple underlyings from different asset classes.
Operators of digital asset exchanges in the EU have multiple issues to consider from the impending implementation of MICA. The new rules for the operation of a crypto-asset exchange, how these assets are exchanged for funds, their custody and administration, as well as pre and post-trade execution rules, will be enforced starting in 2025.
While some technical standards and guidelines for Asset-Referenced Tokens (ARTs) are still being refined by the European Banking Authority (EBA), the primary regulatory framework for ARTs under MiCA is already established and will come into full effect on 30 December 2024.Areas covered by Title IV include issuer location requirements, a robust white paper, reporting and governance standards, and a rule set for ARTs which authorities deem ‘significant.’
The European Commission defines e-money tokens – known as EMTs under MICA - as:“An e-money token is a crypto-asset designed to maintain a stable value by referring to one currency, while asset-referenced tokens are crypto-assets that seek to maintain a stable value by referring to several currencies, commodities or other crypto-assets, or a combination of such assets,” it said in an overview of the trading bloc’s crypto asset regulation framework.What this means in practice is that PayPal is a form of e-money, but Bitcoin isn’t.This may sound counterintuitive but crypto generally, is not e-money. While all crypto is digital money the reverse is not true and what distinguishes crypto currencies is their value is intangible and not linked to a fiat currency.Whereas although PayPal deals in pounds, dollars, euros, users ‘buy’ a specific amount of money which is then transmitted electronically before being converted into a fiat end currency by the recipient.Issuers of e-money tokens must be authorised as either a credit institution or as an electronic money institution (EMI).
According to UK investment advisory firm Saxe Global, the roll-out of MICA at the end of this year may spark a welcome round of regulatory convergence over digital among the EU 27 member states, which currently take divergent approaches on critical issues such as taxation, and legal frameworks.“MICA's introduction, much like MiFID II for traditional financial assets, is expected to harmonize the regulation of various crypto-assets, including EMTs and utility tokens, across EU member states. This unified approach will reduce regulatory fragmentation and promote a level playing field for market participants, "Saxe Global said in comment when the regulation was given parliamentary approval.
MICA provides a new licensing regime for crypto-asset service providers (CASPs) and crypto-asset issuers. CASPs are simply new or existing businesses that offer certain crypto-asset services to clients on a professional basis.
In addition to the MICA framework regulating all forms of crypto assets it also sets out a rule set for all crypto-asset service providers (CASPs) operating within the European crypto industry. The regulation also applies to any CASP serving European interests, regardless of where the provider is located.There are five service areas that require registration under MICA:1. Custody or administration services 2. Operating an exchange 3. Investing or trading crypto-assets on behalf of others 4. Advising on crypto asset portfolio management on behalf of others 5. Payments services
Stablecoin rules (Titles III and IV on ARTs and EMTs) entered into force on 30 June 2024. The main CASP regime (Title V) entered into force on 30 December 2024. The transitional period for existing providers ends on 1 July 2026 across the EU, though many member states – including Finland, Germany, the Netherlands, and Lithuania – chose shorter national windows that closed earlier in 2025 or January 2026.
No. A CASP licence granted by one EU national competent authority passports across all 27 member states. The home regulator notifies each host regulator the CASP plans to serve. There is no second authorisation and no second fee. As of early 2026, roughly 60 CASPs have been authorised across the EU, with Germany (18), the Netherlands (14), France (6), and Malta (6) leading; Finland had one.
An EMT (e-money token) is a stablecoin that references a single fiat currency – USDC referencing the US dollar, EURC referencing the euro. Only EMIs and credit institutions can issue them. An ART (asset-referenced token) references more than one fiat currency, a basket of commodities, or a combination of assets. ART issuance requires a separate authorisation under MiCA Title III. EMT rules are stricter on issuance; ART rules are stricter on reserves and governance.
Two things. First, the CASP providing the crypto rails (custody, transfer, exchange) needs a MiCA authorisation. After 1 July 2026, paying or being paid via an unauthorised CASP exposes both parties to legal and operational risk. Second, the stablecoin used in the payment has to be a regulated EMT or ART. USDC and EURC qualify; some other stablecoins withdrew from the EU market rather than apply. Merchants who accept crypto don't themselves become CASPs as long as they don't custody or transfer crypto for other parties.
No. Narvi Payments is an authorised e-money institution regulated by the FIN-FSA in Finland (licence number 3190214-6), with EEA-wide passporting. Narvi does not custody crypto-assets, operate an exchange, or provide any of the regulated crypto-asset services that require a CASP authorisation under MiCA. Narvi provides the fiat infrastructure – IBAN accounts, SEPA, SEPA Instant, SWIFT, multi-currency – that licensed CASPs and crypto-native businesses use for EUR and FX flows.
Start your journey with Narvi — explore what we offer for MiCA-regulated entities and book a demo call:Get to know Narvi
Updated May 15, 2025.Sources:
- Regulation (EU) 2023/1114 on Markets in Crypto-Assets (MiCA), full text on EUR-Lex.
- ESMA, Markets in Crypto-Assets Regulation (MiCA), hub page and interim register.
- ESMA, statement on the end of MiCA transitional periods, 17 April 2026.
- Regulation (EU) 2023/1113 on information accompanying transfers of funds and certain crypto-assets (TFR).
- European Banking Authority, asset-referenced and e-money tokens under MiCA (technical standards hub).
- FIN-FSA, crypto-asset activities in Finland (authorisation and supervision).
- European Commission, Digital finance package, policy overview.
Read next:
Banking for Alternative Investment Funds [whitepaper]
A deep dive into alternative investment funds' (AIFs) market growth, regulatory updates, and the discussion of banking and payment needs.
Banking for Family Offices [whitepaper]
Access a 2025 overview of family funds as an industry, their unique banking and payments needs, and how neobanks like Narvi can support them.
Navigating AIFMD II
A 2025 update on the new legislation and implications for EU alternative fund managers.
Navigating the financial segment as an AML entity
Onboarding a business to a banking service demands a profound understanding of its nature and operations. Read the most common questions about AML here.
Commencez ici
Narvi Payments Oy Ab est un établissement de monnaie électronique agréé (EMI). La licence IME de Narvi est accordée par l'Autorité finlandaise de surveillance financière (FIN FSA) avec le numéro d'enregistrement 3190214-6. La licence de Narvi est passeportée pour tous les pays de l'Union européenne.
Construite et réglementée en Finlande© 2026 Narvi. All Rights Reserved.
v1.273.1