Legal entities located in an EU member state provide crypto-asset services after the authorisation of crypto-asset service providers as such.
The license is valid within the borders of the European Union through the right of establishment. When providing cross-border services, physical presence in the Member State is not required.
Application for authorisation of crypto-asset service providers
A crypto-asset service provider submits an application to the competent authority of the Member State, with the following content:
- trade and legal name, identifier, website, and physical address;
- legal form;
- statute;
- activity program, types of services offered, where and how they are offered;
- control mechanisms;
- information about the natural persons participating in the management body;
- internal risk control mechanism;
- information systems and security measures;
- guarantees to cover prudential requirements;
- complaints handling procedures;
- a way to separate crypto-assets and customer funds;
- procedure for establishing market abuses;
- policy regarding custody and management of crypto-assets;
- crypto asset platform management rules;
- trade policy for exchanging crypto-assets for fiat currency;
- policy for the execution of orders on behalf of third parties.
Assessment of the application for authorisation
The competent authorities evaluate the information in the application within 25 working days and notify whether it is complete. They require information from the authorities of another Member State if the applicant is a subsidiary, a subsidiary of a parent company, or is controlled by the same persons.
Within 3 months, the competent authority issues a decision to issue a license or refuse.
The issuance of a license is refused when the management body may endanger the activity, or the applicant does not meet the legal requirements.
The competent authorities shall notify ESMA of all licenses issued.
Withdrawal of authorisation
The competent authorities revoke the license when:
- has not been used for 18 months since the issue;
- in case of express refusal;
- has not provided services for crypto-assets for 9 months;
- indicated it by illegal means;
- no longer meets the conditions for issuance;
- grossly violated the Regulation.
A license can only be revoked for a specific service.
Before revoking a license, the authorities of another Member State shall be consulted if the applicant is a subsidiary, a subsidiary of a parent company, or is controlled by the same persons.
The EBA, ESMA, and any competent authority of a host Member State shall at any time have the right to verify that the service provider still meets the conditions for issuing a license.
Register of providers
ESMA maintains a register of crypto-asset service providers available on its website.
Cross-border provision of services
Providers providing services in more than one Member State shall submit the following information:
- list of countries where services will be provided;
- start date of the provision of the services;
- a list of services provided outside the Regulation.
Within 10 working days of providing the information, ESMA registers the information in the register.
Regarding licensing of crypto-asset service providers, please contact us by going to contacts.