MiCA implementation in Estonia

Manimama's experts are well versed in the complexities of cryptocurrency regulation and are committed to sharing their findings with businesses and individuals navigating this dynamic sector.

Indeed, our legal team recently finalized a comprehensive study on the national implementation of the Markets in Crypto-assets Regulation (MiCA) in various EU countries. The legal research not only highlights the differences in how MiCA is adopted at the national level, but also offers standard rules for compliance. Today we offer you an insight into the specifics of obtaining a cryptocurrency license in Estonia under the new MiCA provisions.

Current requirements (prior to MiCA implementation)

Requirements for issuing an authorisation to a Estonian VASP:

1) Private limited liability company (OÜ). 

2) At least 1 shareholder (natural person or corporate entity; no restrictions to citizenship or residence) and at least 1 management board member (can be the same as the shareholder, but only a natural person). Company management must have residency in Estonia. Members of the management board of a VASP must possess a higher education and at least two-year specialised work experience.

3) Share capital must be at least 100,000 euros or 250,000 euros depending on the service provided. The share capital must be fully paid up in monetary form before applying for a crypto license in Estonia.

4) Physical office in Estonia.

5) A business plan for at least two years.

6) A VASP must have its own funds (depending on the services provided and the volumes).

7) An anti-money laundering officer (AML Officer) working in Estonia. He can hold this position only in 1 licensed company.

8) Documentation compiled in accordance with § 13 of the MLTFPA to ascertain the appetite for risk, and concerning risk analysis.

9) A VASP is required to have the annual accounts audited.

10) A VASP is required to appoint an internal auditor.

11) A payment account opened in a credit institution, e-money institution or payment institution that has been established in Estonia or in an EEA state that provides cross-border services in Estonia or has established a branch in Estonia.

The application for authorisation of a VASP must be filed via the web portal of the register of economic activities or via a notary. 

A state fee of 10,000 euros shall be paid for a new application.

Has the jurisdiction enacted a law/draft law implementing MiCA?

On 01.07.2024, the Law on the Cryptocurrency Assets Market came into force.

Who is the regulator under the law/draft law implementing MiCA?

Regulatory supervision was transferred from the Financial Intelligence Unit (FIU) to the Financial Supervisory Authority (Finantsinspektsioon).

Requirements for future CASPs stipulated by the national legislation implementing MiCA, the presence of national peculiarities.

Provided for in Section 2 of the Law.

– must have a licence (The Financial Authority issues and cancels a licence for the operation of a cryptocurrency market participant. The licence is unlimited and cannot be transferred to another person. The legal address of the licensed cryptocurrency market participant shall be located in Estonia and shall be specified in the memorandum of association or articles of association of the cryptocurrency market participant) – Article 5.

– Article 7: 

   (1) A cryptoasset market participant may only operate in the form of a limited liability company or a joint stock company.

   (2) A limited liability company that is a cryptoasset market participant shall have a board of directors consisting of at least three members. A limited liability company that provides cryptoasset services is not required to have a board of directors if it does not provide the services referred to in Article 3(a) or (b), paragraph 1, point 16 of Regulation (EU) 2023/1114 of the European Parliament and of the Council. In this case, the requirements set out in Article 68 of the said Regulation and the legal acts issued thereunder for members of the management body shall apply to the shareholders of the cryptoasset service provider.

    (3) The management board of a cryptoasset service provider shall consist of at least two members.

    (4) A cryptoasset market participant shall comply with the requirements for cryptocurrency market activities set out in Regulation (EU) 2023/1114 of the European Parliament and of the Council at the time of commencement of operations, in its activities and in the provision of services.

  (5) In addition to the provisions of this Law, a cryptocurrency service provider shall comply with the requirements set out in Regulation (EU) 2023/1113 of the European Parliament and of the Council on the information to be transmitted in the course of money transfers and certain cryptocurrency transfers and amending Directive (EU) 2015/849 (OJ L 150, 09.06.2023, p. 1-39).

– Article 8 (requirements for the provision of advice on cryptoassets):

    (1) A cryptoasset service provider shall ensure that a person who provides advice or information on cryptoassets or cryptoasset services on its behalf has the necessary knowledge and skills, including:

    1) knowledge of the principles of providing cryptoasset services, the essence of cryptoasset services and the types of cryptoassets in respect of which advice is provided, including the ability to explain the risks associated with cryptoassets;

    2) ability to execute client orders in the best possible way, in particular in accordance with Article 78 of Regulation (EU) 2023/1114 of the European Parliament and of the Council;

    3) knowledge of the principles of identifying, avoiding and mitigating conflicts of interest;

    4) knowledge of personal data protection requirements;

    5) the ability to explain how, in accordance with Article 71 of Regulation (EU) 2023/1114 of the European Parliament and of the Council, customer complaints regarding the provision of cryptoasset services are handled as quickly and transparently as possible;

    6) ability to recommend whom the client can contact to resolve disputes;

    7) knowledge of procedures for preventing abuse in the cryptoasset market;

    8) knowledge of procedures for preventing money laundering and terrorist financing;

    9) the ability to explain the rights and obligations of the parties, including costs and fees related to cryptoasset services, as well as the terms of withdrawal from the agreement and termination of the agreement.

– Article 9:

 A cryptoasset service provider and an issuer of asset-backed tokens shall comply with the digital operational resilience requirements set out in Regulation (EU) 2022/2554 of the European Parliament and of the Council.

The period of time by which the CASP must comply with the new requirements, as well as the procedure for notifying the regulator of compliance with the new requirements.

Art. 48. (1) This law shall apply to persons wishing to provide cryptoasset services starting from 30 December 2024, unless otherwise provided in paragraph (4) of this section.

(8) Persons wishing to provide cryptoasset services in accordance with Regulation (EU) 2023/1114 of the European Parliament and of the Council may apply for a licence to the Financial Supervisory Authority from 30 September 2024. This provision does not oblige the Financial Supervisory Authority to carry out any procedural actions before 30 December 2024.

(9) Issuers of asset-backed tokens and cryptoasset service providers must comply with the digital operational resilience requirements set out in Regulation (EU) 2022/2554 of the European Parliament and of the Council from 17 January 2025.

Is there a transition period before the full implementation of MiCA?

Article 48. 

(4) A virtual currency service provider or any other person authorised to provide virtual currency services in accordance with the Law on Prevention of Legalisation (Laundering) of the Proceeds of Crime and Terrorist Financing before the entry into force of this Law shall bring its activities in line with the requirements set forth in this Law no later than 1 January 2026. 

(5) If the virtual currency service provider referred to in paragraph 4 has applied for a licence to the Financial Supervision Authority before 1 July 2026 and the Financial Supervision Authority has not made a decision on granting or refusing to grant a licence by that date, the activities of that enterprise shall not be considered to be unlicensed activities pursuant to Article 372 of the Criminal Code. In this case, the virtual currency service provider is prohibited from entering into new contracts with customers from 1 July 2026 until a decision on the licence is made.

The ability of a CASP from a jurisdiction with a transition period to operate freely in a jurisdiction without a transition period starting from January 1, 2025

Not regulated.

Liability provided for CASPs that continue to operate at the place of registration without meeting the new requirements

Not regulated.

Section 8 of the Law provides for a number of penalties.  The articles do not contain a specific sanction for violation of the registration requirements. However, there is a list of actions related to the violation or failure to comply with the MiCA requirements, which are virtually impossible to comply with without registration and constitute the essence of CASP activities, for which a fine of EUR 700,000 is provided in Article 37.

Other useful information regarding the implementation of MiCA

Accounting, reporting and auditing are provided for in Section 5 of the Law.

Article 15:

(1) A cryptoasset market participant shall submit to the Financial Supervisory Authority the annual financial report, the proposal for profit distribution or loss coverage, the resolution and the extract from the minutes of the general meeting of shareholders or the meeting of participants on approval or non-approval of the annual financial report within two weeks after the general meeting of shareholders or the meeting of participants, but not later than six months after the end of the financial year.

(2) A cryptoasset market participant shall not be obliged to submit to the Financial Supervision Authority the data and documents referred to in Clause 1 of this Section if they are published on its website or submitted to the commercial register within the established time limits as an audit report and the annual financial report approved by the general meeting of shareholders or meeting of participants. A cryptoasset market participant shall ensure the availability of the said data and documents on its website for at least five years.

(5) The period of regular supervisory reports submitted to the Financial Supervisory Authority shall be quarterly or annual, and the reports shall be submitted to the Financial Supervisory Authority within 20 days after the end of the reporting period, unless otherwise provided in this Law, Regulation (EU) 2023/1114 or the implementing regulations. If the last day for submitting the report is a public holiday, the regular report shall be submitted no later than the first business day after the public holiday.

According to Article 17, the audit of the annual financial report of a cryptoasset market participant is mandatory.

A cryptoasset market participant shall appoint an audit firm that is reliable and has sufficient knowledge and experience as specified in Article 7(2) of the Law on Audit Activities and shall notify the Financial Supervisory Authority of its intention to appoint the audit firm at least ten days prior to the relevant decision. A cryptoasset market participant shall submit to the Financial Inspection a confirmation from the auditor that there are no circumstances that exclude the right to be an auditor of the cryptoasset market participant.


Manimama Legal & Growth Agency provides a gateway for the companies operating as the virtual asset wallet and exchange providers allowing to enter to the markets legally. We are ready to offer an appropriate support in obtaining a license with lower founding and operating costs. We offer KYC/AML launch, support in risk assessment, legal services, legal opinions, advice on general data protection provisions, contracts and all necessary legal and business tools to start business of virtual asset service provider.


The content of this article is intended to provide a general guide to the subject matter, not to be considered as a legal consultation.