Compare firms
Knowledge / mica-casp

MiCA CASP Authorisation Explained: What It Is and How to Get It

By Editorial Team · Reviewed by Editorial Team · 2026-07-15
In short

CASP authorisation is a licence under MiCA that lets a firm provide regulated crypto-asset services across the EU. A national competent authority grants it, and it passports to every member state.

Quick facts
  • Legal basis: Regulation (EU) 2023/1114 (MiCA), Title V governs crypto-asset service providers.
  • A CASP is a firm authorised to provide one or more of MiCA's listed crypto-asset services.
  • Authorisation is granted by a national competent authority (NCA), not by ESMA directly.
  • Minimum capital is set by prudential tiers keyed to the services provided, not a single flat figure.
  • Once authorised, a CASP can passport its services across all EU member states.

What is a CASP under MiCA?

A CASP is a crypto-asset service provider authorised under MiCA to offer one or more regulated crypto-asset services in the EU. The term comes from Title V of Regulation (EU) 2023/1114, and it replaces the patchwork of national VASP registrations that member states ran before. If your firm holds client crypto, runs a trading venue, or moves crypto for others, MiCA treats you as a CASP and expects a licence.

The point of the regime is a single rulebook. Instead of registering separately in each country, a firm applies once to a national competent authority (NCA) and gains rights that reach across the whole bloc. That is a real shift from the old model, where a Lithuanian registration meant nothing in France.

Which services does CASP authorisation cover?

CASP authorisation covers a defined list of crypto-asset services, and a firm is licensed only for the ones it applies for. MiCA names them explicitly. They include custody and administration of crypto-assets on behalf of clients, operating a trading platform, exchanging crypto-assets for funds or for other crypto-assets, executing orders, placing crypto-assets, receiving and transmitting orders, providing advice, portfolio management, and providing transfer services.

You do not have to offer all of them. A custody-only wallet business and a full exchange sit under the same regime but carry different obligations. Scope drives almost everything downstream — your capital tier, your governance load, and how hard the assessment gets.

What must a firm evidence to be authorised?

An applicant must show the NCA that it can run the service safely, lawfully and with enough capital behind it. The application is a package, not a form. Regulators want to see substance, not intent.

The core pillars are:

  • Prudential capital. MiCA sets minimum own-funds tiers keyed to the services provided. A firm offering higher-risk services, like operating a platform or custody, sits in a higher tier. The figure isn’t one flat number, and it scales with what you actually do.
  • AML/CFT function. You need a working anti-money-laundering framework — a named compliance officer, customer due diligence, transaction monitoring, and sanctions screening. The EU Transfer of Funds Regulation (the Travel Rule) applies to crypto transfers, so your systems have to capture and pass originator and beneficiary data.
  • Governance and fit-and-proper. Directors and key function holders must be suitable, and the firm needs clear internal control, conflict-of-interest handling, and a management body that can be held to account.
  • ICT and operational resilience. DORA (Regulation (EU) 2022/2554) applies to CASPs. That means documented ICT risk management, incident reporting, resilience testing, and control over third-party tech providers.

Segregation of client assets, complaints handling, and a credible wind-down plan round out the file. Gaps here are the usual reason an application stalls.

How does a national competent authority assess the application?

The NCA reviews whether the firm meets MiCA’s standards before it grants authorisation, and it runs to a structured timeline. Once an application is complete, the authority checks it against the prudential, AML, governance and operational requirements above. It can ask for more information, and the clock can pause while you answer. Assessment depth varies by the services requested and the quality of the submission — a thin file gets more questions.

Expect scrutiny of the people, the money and the systems. Regulators are not just reading policies; they want evidence the policies work.

How does passporting work across the EU?

Passporting lets an authorised CASP provide its services in other member states without a fresh licence. After your home NCA authorises you, it notifies the host-state authorities and ESMA, and you can then operate cross-border. This is the commercial payoff of MiCA: one authorisation, EU-wide reach. It also means your home regulator’s standard travels with you, so where you apply matters.

The trade-off is that you carry your home-state supervision everywhere. Choosing an NCA on process speed alone, without weighing its supervisory style, is a common and costly mistake.

Expert perspective

For a practitioner view on this topic, follow Nina Moffatt (Partner, FinTech & Payment Services, Paul Hastings (London)) — Advises payment, e-money and crypto-asset businesses on UK and EU regulatory compliance, authorisation applications and supervisory relations.

Cited as an independent authority, not affiliated with this index. View profile → · more experts

Frequently asked

Who grants CASP authorisation?

A national competent authority in the member state where the firm is established grants it. ESMA and the EBA support supervisory convergence but do not issue individual CASP authorisations themselves.

Does a CASP licence work across the whole EU?

Yes. Once a national competent authority authorises a CASP, the firm can passport its services into other member states by notification, without a separate licence in each country.

How much capital does a CASP need?

It varies by the services provided. MiCA sets prudential tiers, so a custody or trading-platform operator faces a higher minimum than a firm only giving advice. Own funds must stay above the applicable floor.

Is MiCA the same across every member state?

The regulation applies directly and uniformly, so the core rules are the same everywhere. National competent authorities differ in process, language and timelines, but not in the substantive standard they apply.

Sources

Editorial explainer, not legal advice. Confirm current rules with the named regulator or a qualified firm. See the CLBR ranking and methodology.