ESMA Serves Time on Unauthorised Crypto Providers
Posted by Colin Lambert. Last updated: June 25, 2026
The European Securities and Markets Authority has published a statement “to clarify expectations how unauthorised crypto-asset service providers (CASPs) must wind down activities while also protecting investors after the end of the transitional period under the Markets in Crypto-Assets Regulation (MiCA)”, due to occur on 1 July.
According to a release from crypto data firm Kaiko, only 210 or so, of more than 1,200 entities that held pre-MiCA registrations, have converted to CASP status, a conversion rate of less than 18%. It adds that 10 EU jurisdictions have yet to issue a single CASP license.
ESMA acknowledges that a number of entities, “including significant providers currently servicing EU clients under national regimes”, may not be authorised by the deadline. It states it expects these unauthorised CASPs to take “immediate steps” to wind down their EU activities in an orderly manner, while also safeguarding clients’ interests and mitigating risks to market integrity.
In particular, unauthorised ESMA says these providers must immediately stop onboarding new EU clients, refrain from opening new client relationships or accounts, and cease marketing activities and solicitation. They must also limit the provision of services to actions necessary to sell or transfer crypto-assets, reallocate assets, or close positions. To this end, custody of clients’ crypto-assets can only continue for the period strictly necessary to complete an orderly exit.
ESMA also instructs these firms to communicate “clearly, promptly and repeatedly” with clients about the measures taken to safeguard their assets and the wind-down plans so that
clients know the timeline to dispose of, transfer, reallocate or close their positions. These communications should include a deadline by which any residual positions would be closed automatically and information about client protection requirements.
The EU regulator also warns CASPs established outside the EU that they cannot provide MiCA services to EU clients or solicit EU clients. This also applies in a business-to-business context. “In this regard, ESMA reminds that MiCA prohibits CASPs from outsourcing or delegating certain services, notably custody, to entities that are not authorised as CASPs,” it states.
