FinmadiG and MiCA: New horizons for crypto assets in Germany

Despite concerns about regulatory challenges, the Bundesrat of Germany has approved the Financial Market Digitalization Act (Gesetz über die Digitalisierung des Finanzmarktes, Finanzmarktdigitalisierungsgesetz – “FinmadiG”).

This legislation marks a significant milestone in the financial sector by introducing complex regulation of crypto-assets in line with the evolving needs of the digital economy.

What Does FinmadiG Change?

FinmadiG introduces the Kryptomärkteaufsichtsgesetz (“KMAG”) — the Crypto Markets Supervision Act—and amends more than 20 regulatory acts. 

According to the government, this consolidated approach simplifies legislation and administration by aligning German law with several critical European Union (EU) frameworks.

  • Regulation 2023/1114 on markets in crypto-assets(“MiCA”), including:
  • Regulation 2023/1113 on money transfers and crypto-assets regarding reporting requirements for money transfers and ensuring transparency in financial transactions.
  • Regulation 2022/2554 (“DORA”): requirements for operational resilience and protection of financial infrastructures from cyber threats and other risks related to digital finance.
  • Directive 2022/2556 on digital operational resilience for the financial sector (“DORA Directive”).

Through harmonization with the European Union MiCA, the European crypto-asset market becomes accessible to legal entities registered in Germany.
But can Germany truly be an ideal choice for business registration? What must be considered when planning operations in this country?

KMAG: Realities of the New Regulation

KMAG consists of eight sections that define key aspects of activities within Germany’s crypto-asset market. It categorizes crypto-assets into three distinct types:

  • E-money token (“EMT”).
  • Asset-referenced tokens (“ART”).
  • Сypto-assets other than asset-referenced tokens or e-money tokens, including utility tokens.

KMAG uses the term “institutions” to refer to legal entities engaged in:

  • Issuing crypto-assets (“issuer”).
  • Making an offer to the public  (“offeror”).
  • Admission to trading. 
  • Providing services related to crypto-assets (“crypto-asset service providers”).

New rules on authorization and ongoing supervision for crypto-asset service providers (“CASPs”) will take effect on December 30, 2024.

Specific requirements for ART and EMT, as well as accounting and reporting provisions, will apply retroactively from June 30, 2024.

Authorisation: A Prerequisite for Legal Operations

Every entity must undergo mandatory authorisation by the BaFin to operate legally and fully participate in the market.

To obtain authorization, a company must:

  • Prepare a whitepaper – a document detailing the project and its crypto-assets. The specified requirement applies to persons who intend to make a public offering or seek admission to trading of ART and EMT.
  • Develop policies, procedures, and documentation to confirm compliance with MiCA requirements.
  • Establish a transparent organisational structure and robust corporate governance as required by MiCA..

Entities active as of December 29, 2024—including CRR credit institutions, central securities depositories, securities institutions, financial institutions, electronic money institutions, UCITS management companies, or alternative investment fund managers—are granted a transitional regime until December 31, 2025.

They may utilize a simplified authorisation process but must notify BaFin of their intent to provide services at least 40 days in advance. Other institutions can also opt for the simplified process to obtain authorization for crypto-asset-related services.

The Federal Ministry of Finance, in coordination with the German Federal Bank, may issue regulations detailing the nature, scope, timing, and format of the simplified procedure.

BaFin has the authority to immediately suspend operations and take measures to terminate them if an entity operates without authorisation.

Additional Requirements 

The KMAG includes several special provisions for issuers of ART, EMT, and CASPs, establishing additional obligations for these entities and granting BaFin authority to oversee and supervise their compliance.

BaFin may require amendments to the plan of an ART or EMT issuer, including the establishment of a minimum nominal value or restrictions on the issuance volume if the tokens pose a threat to payment systems or monetary stability. If necessary, BaFin may appoint an asset manager to oversee the management of reserve funds, which must be held separately from the issuer’s other assets.

To protect the interests of CASPs clients, particularly small investors, or to ensure the smooth functioning of the market, BaFin is authorized to disclose all significant information that may affect the provision of crypto-asset services or to require CASPs to disclose such information themselves. The CASPs bear all costs associated with such disclosures.

Supervision and Control 

BaFin supervises corporate governance, financial transactions, outsourcing and risk. In addition to standard reporting and inspections, the regulator can: 

  • Assess the transparency and efficiency of organisational structures.
  • Evaluate the institution’s ability to identify, manage, and monitor risks, including those related to outsourcing.
  • Intervene in the institution’s operations if significant issues arise.

Thus, institutions must comply with the high standards of governance set out in the MiCA, including:

  • A clear organizational structure with transparent and consistent lines of responsibility.
  • Effective mechanisms for identifying, managing, and monitoring risks.
  • Adequate internal controls and qualified managers with a good reputation.

If corporate governance is deemed inadequate, BaFin may:

  • Take measures to mitigate risks arising from specific operations, products, systems, or outsourced activities.
  • Restrict the opening of new branches without prior approval.
  • Limit or prohibit the provision of services.

BaFin’s supervision extends to outsourcing companies if they handle significant activities or processes on behalf of institutions.

It should be emphasised that not only institutions but also outsourcing companies are now under the control and supervision of the BaFin, provided that the institution has outsourced significant activities and processes to them.

Measures in special cases

KMAG focuses on protecting client assets and mitigating insolvency risks. If an institution fails to meet its obligations or effective supervision becomes impossible, BaFin is entitled to take special proactive measures..

If there are threats to the safety of client assets or if effective supervision of an institution is not possible, BaFin is entitled to take temporary measures, such as

  • Issue instructions to members of the institution’s governing body.
  • Prohibit the activities or limit the powers of certain officers or managers. 
  • Issue orders to close the institution for work with clients.

The BaFin may, to prevent bankruptcy proceedings or withdrawal of authorisation, temporarily:

  • Prohibit the acceptance of funds or crypto-assets from customers.
  • Restrict the sale of and payments to the institution.
  • Prohibit receiving payments that are not intended to fulfill obligations to the institution.

The obligation of the institution’s representative to apply is replaced by the obligation of the members of the representative body to report the relevant financial position. 

 BaFin holds exclusive rights to initiate bankruptcy proceedings if liabilities exceed assets or if the institution is insolvent.

The bankruptcy court must inform BaFin of all decisions related to the proceedings and provide requested updates on their status.

Consequences of Non-Compliance

Authorization is not merely a formality but a commitment to comply with all KMAG and MiCA requirements. Violating these obligations can lead to bans on operations, license revocation, or severe legal consequences.

Both legal entities and their officials can now face not only administrative but also criminal liability for intentional or negligent violations.

As conclusion

The adoption of FinmadiG and KMAG heralds a new era for the crypto-asset market in Germany. While the requirements are stringent, they provide significant business opportunities in a regulated and stable environment.

Legal support during preparation for authorization and compliance will be a critical tool for successfully entering the crypto-asset market. This approach enables businesses to leverage new opportunities without risking legal sanctions.

Our contacts

If you want to become our client or partner, feel free to contact us at support@manimama.eu.

Or use our telegram @ManimamaBot and we will respond to your inquiry.

We also invite you to visit our website: https://manimama.eu/.

Join our Telegram to receive news in a convenient way: Manimama Legal Channel.


Manimama Law Firm provides a gateway for the companies operating as the virtual asset wallet and exchange providers allowing to enter to the markets legally. We are ready to offer an appropriate support in obtaining a license with lower founding and operating costs. We offer KYC/AML launch, support in risk assessment, legal services, legal opinions, advice on general data protection provisions, contracts and all necessary legal and business tools to start business of virtual asset service provider.


The content of this article is intended to provide a general guide to the subject matter, not to be considered as a legal consultation.