MiCA's transition period is over: what has changed for European crypto companies
MiCA has transformed a European crypto license from a competitive advantage into a prerequisite for doing business. We examine how licenses are distributed across the EU, why many firms could lose access to the market, and what ongoing compliance obligations licensed companies must now meet.
13.07.2026
15
6 min
0
On July 1, 2026, the transition period established under the European Markets in Crypto-Assets Regulation (MiCA) officially came to an end. Under Article 143(3), crypto-asset service providers (CASPs) that had been legally operating under national registrations or licenses before MiCA took effect were allowed to continue serving customers while applying for authorization under the new framework.
That grace period has now expired. Firms that continued relying solely on transitional arrangements no longer have a legal basis to provide crypto services to clients in the European Union.
For the crypto industry, this marks the point where MiCA ceased to be future regulation and became the operational reality. Licenses are now concentrated in a relatively small number of European jurisdictions, making one question more important than ever: which companies are actually authorized to operate across the EU—and which are not?
The answer depends on whether a firm has already received a MiCA license, is still awaiting approval, or has yet to begin the licensing process. In this report, GetBlock AML Research examines what Europe's new regulatory landscape means for crypto businesses.
What changed on July 1?
It is important to understand both what July 1 represents—and what it does not.
First and foremost, the transition period has ended. Companies that continued operating solely under legacy national VASP or DASP registrations can no longer rely on those authorizations as a legal basis for providing crypto services.
As a result, Article 59 of MiCA is now fully enforceable. The provision itself is not new—it has always prohibited firms from offering crypto-asset services within the EU without CASP authorization. During the transition period, however, enforcement of that requirement was temporarily deferred. That deferral has now expired.
Another important point is often overlooked. Even during the transition period, firms operating under national registrations were not entitled to passport their services across the European Union. The European Securities and Markets Authority (ESMA) explicitly confirmed this in its guidance on transitional arrangements.
Another common misconception concerns pending applications. Simply filing for authorization does not grant a company the right to continue operating after the transition period. Only firms that have already received authorization under Article 63 of MiCA may legally continue providing services.
It is also worth noting that July 1 was not a universal deadline across the EU. Rather, it represented the latest date permitted under MiCA. Many Member States chose significantly shorter transition periods.
The Netherlands, Finland, Latvia, Hungary, and Slovenia all ended their transition periods on June 30, 2025, after just six months. Sweden adopted a nine-month transition period that expired on September 30, 2025. France, Malta, Luxembourg, and several other jurisdictions opted for the maximum 18-month extension.
As a result, many crypto firms still operating today may ultimately fail to obtain MiCA authorization. Any company continuing to do business with those providers risks relying on counterparties that could soon lose the legal right to operate in the European market.
For that reason, firms should understand exactly which CASPs participate in their operations and regularly verify their licensing status against the official ESMA register.
The Current State of CASP Licensing
According to ESMA's interim MiCA register, 213 organizations across 23 EU Member States had obtained CASP authorization at the time of writing.
ESMA updates the register weekly and notes that information submitted by national regulators is not reflected immediately. As a result, the total number of licensed firms continues to grow, and any licensing statistics should always be interpreted in the context of the publication date.
The largest number of CASP licenses has been issued in the following jurisdictions:
| Country | Licensed CASPs |
| Germany | 55 |
| Netherlands | 26 |
| France | 19 |
| Malta | 15 |
| Ireland | 12 |
| Cyprus | 12 |
| Austria | 9 |
| Czech Republic | 7 |
| Luxembourg | 7 |
| Spain | 7 |
The distribution of licenses is highly concentrated. The five leading jurisdictions account for 127 of the 213 licensed CASPs, representing nearly 60% of all MiCA authorizations issued across the European Union.
Germany remains the clear leader by total license count. However, a significant share of its authorizations has gone to traditional banks and brokerage firms that obtained a limited scope of MiCA permissions rather than crypto-native businesses.
Within the crypto industry itself, Malta, the Netherlands, Cyprus, France, and Ireland have emerged as the primary licensing hubs.
Most licensed firms have already notified regulators of their intention to use MiCA's passporting regime—one of the regulation's defining features—which allows a CASP authorized in one Member State to legally provide services throughout the European Union.
Licensing Activity Accelerated Ahead of the Deadline
For most of 2025, MiCA approvals were issued at a relatively modest pace. That changed dramatically as the end of the transition period approached.
December 2025 alone saw 41 CASP authorizations granted, making it the busiest licensing month since MiCA implementation began. The surge reflected the fact that many national application deadlines fell toward the end of the year, prompting firms to complete the authorization process before the transitional arrangements expired.
What Should Companies Do If They Haven't Obtained a MiCA License?
With the transition period now over, crypto firms effectively have three options—and only one of them allows them to continue operating across the European Union without interruption.
The first option is to complete the MiCA licensing process. This requires submitting a full application under Article 63 of MiCA, with the understanding that regulatory review may take considerable time. Success depends less on a firm's operating history or the range of services it offers than on the quality and completeness of its application.
The second option is to operate under an existing CASP license held within the same corporate group. If a parent company or affiliated entity has already obtained authorization, it may passport its license to other entities within the group. However, regulators expect the licensed entity to conduct genuine business activities and maintain effective oversight of operations. Simply sharing a brand name is not enough.
The third option is to exit the EU market entirely by stopping services for European customers, closing registrations for new users, and winding down relationships with existing clients in an orderly manner.
It is also important to note that reverse solicitation is not a loophole for avoiding MiCA licensing requirements. While Article 61 allows a non-EU firm to serve an EU client without authorization, this applies only when the client independently approaches the provider without any prior advertising, marketing, or solicitation.
ESMA interprets this exemption very narrowly. Any marketing activity directed at EU residents—including influencer campaigns, mobile apps, affiliate programs, or search engine advertising—effectively disqualifies a firm from relying on the reverse solicitation exemption.
Obtaining a License Is Only the Beginning
Receiving CASP authorization does not mark the end of MiCA compliance. On the contrary, it is the point at which a company's ongoing regulatory obligations begin—many of which require continuous monitoring of blockchain activity.
Licensed CASPs are expected to:
- detect and report suspected market abuse;
- comply with AML/CFT requirements, including the Travel Rule;
- monitor crypto wallets and blockchain transactions;
- manage sanctions-related risks;
- maintain an up-to-date wind-down plan to ensure an orderly cessation of operations if required.
Most of these obligations cannot be fulfilled without continuous analysis of on-chain activity. As a result, blockchain analytics is evolving from an investigative tool into a core component of day-to-day compliance operations for licensed crypto businesses operating under MiCA.
Useful material?
Research
One and the same cryptocurrency address received two completely opposite assessments from different analytics systems: from an ordinary gambling service to an extremely severe criminal offense. This story has become the starting point for a broader conversation about what the scientific standards of blockchain analysis should look like — and why errors in systems like these can shape the fates of real people.
Jul 1, 2026
Research
The blockchain has helped uncover the ties between cryptocurrency fundraising campaigns, exchangers in Syria, and intermediaries in several countries around the world. A telltale pattern has emerged in which the same addresses were used across multiple donation drives at once
Jun 24, 2026
Research
Four Iranian cryptocurrency exchanges accounted for roughly 78% of all digital asset volume tied to the country in 2025. They have now become the focal point of the largest U.S. sanctions campaign against Iran's cryptocurrency infrastructure.
Jun 5, 2026
Research
A financial system is already up and running on public blockchains, with loans, analogues of U.S. Treasuries, and automated capital markets. More than $551 billion has flowed through DeFi protocols — but most of that activity has nothing to do with the real economy and everything to do with the speculative build-up of risk.
May 29, 2026
Research
Around 97% of Chinese suppliers of chemicals used to make fentanyl accept payment in cryptocurrency. The volume of such transactions continues to grow alongside the global market for synthetic drugs
May 22, 2026
Research
For the first time, the new law makes blockchain analytics an officially mandatory tool of financial oversight in the United States. Authorities will also gain the power to restrict transactions with foreign crypto services tied to money-laundering risks.
May 20, 2026
Telegram
Twitter