MiCA grandfathering 2026 — what transitional CASPs need now

Regulation (EU) 2023/1114 (MiCA) has applied to crypto-asset service providers (CASPs) since 30 December 2024 — the titles on asset-referenced and e-money tokens (ART/EMT) since 30 June 2024 (Art. 149) ^[1]. For CASPs that already provided crypto services under national law before 30 December 2024, Art. 143(3) provides a transitional regime: continue under the old national law until 1 July 2026 at the latest — or until the authorisation application is decided under Art. 63, whichever comes first ^[1].

Crucially, 1 July 2026 is a ceiling, not a uniform deadline. Art. 143(3) expressly allows member states not to apply the transitional regime, or to shorten its duration, where their national framework before 30 December 2024 was less strict. Member states had to notify their choice to the Commission and ESMA; ESMA keeps a public list of those choices ^[3]. A firm still in transition must know the cut-off that actually applies in its jurisdiction — not the theoretical maximum.

The transitional periods chosen under Art. 143(3) range from 6 to 18 months from 30 December 2024. Four groups — with the important caveat that ESMA keeps updating the list and some periods were not yet in national law at the time of publication. The current ESMA list and the national authority are the authoritative sources ^[3].

Full 18 months (until ~1 July 2026): Belgium, Spain, France, Italy, Cyprus, Luxembourg, Malta, Portugal, Estonia, Greece, Croatia and Romania, among others (some with a separate filing deadline inside the window).

12 months (until ~30 December 2025): Germany, Ireland, Lithuania, Austria and Slovakia, among others. These windows are already closed as of this update — filings after them run under the regular MiCA regime with no transitional protection.

9 months (until ~30 September 2025): Sweden. 6 months (until ~30 June 2025): Latvia, Hungary, Netherlands, Poland, Slovenia and Finland, among others — these windows have likewise closed.

This grouping follows ESMA's list; several entries carry footnotes on separate filing deadlines. Do not rely on a secondary source: the binding cut-off sits in national law and in the current ESMA list ^[3].

The authorisation application is governed by Art. 62, which lists the documents to submit — a programme of operations, governance arrangements, internal control and risk management, evidence of prudential own funds, and ICT systems and security mechanisms, among others ^[1]. (The separate Art. 60 pathway is for already-authorised financial entities providing certain crypto services by notification — not the standard CASP application.) Three items produce most queries in practice.

First: the reserve of assets for ART issuers. If the firm issues asset-referenced tokens, the supervisor substantively tests the reserve under Art. 36 (composition, custody, segregation from own assets). E-money tokens follow the separate Title IV regime — in particular Art. 54 on investment of the funds received. A static reserve document with no traceable link to the outstanding token amount draws a query.

Second: custody and administration (Art. 75). A firm holding crypto-assets for clients must separate client holdings from its own legally and operationally, keep a custody policy and give clients regular statements of their positions. A hosted wallet provider as sub-custodian does not replace operational separation in the firm's own books.

Third: ICT resilience (Art. 68 + DORA). The governance requirements in Art. 68 demand resilient, secure ICT systems and continuity plans — expressly as required by the DORA Regulation (EU) 2022/2554 ^[4]. Supervisors test whether the MiCA application and the DORA third-party register are consistent; gaps between the two documents are a frequent cause of delay.

Three scenarios, distinguished by application completeness and timing.

Scenario A: complete application filed before the cut-off. The CASP may keep operating under the transitional regime until the supervisor decides. Art. 63 structures the review: a completeness check within 25 working days (Art. 63(2)); a substantive assessment and reasoned decision within 40 working days of a complete application (Art. 63(9)). The supervisor may — no later than the 20th working day — request further information; the clock is then suspended, by up to 20 working days (stop-the-clock, Art. 63(11)–(12)) ^[1].

Scenario B: incomplete application before the cut-off. Whether an incomplete filing preserves the window depends on national practice; the Art. 63(2) completeness check routinely produces a deficiency list with a deadline to respond. Substantive gaps — say a missing reserve policy for an ART issuer — can sink the process. What governs is the expectation of the specific national authority, not a blanket assumption.

Scenario C: late application or none. On the cut-off date the permission to provide crypto services in that jurisdiction ends. Existing customers must be informed and client funds and assets returned in an orderly way. Authorisation under the regular MiCA regime remains possible; operating in the meantime is not.

With authorisation comes passporting under Art. 65 (cross-border provision): the firm notifies its home authority, which forwards the information within 10 working days to the host-state authorities, ESMA and the EBA (Art. 65(2)) ^[1]. The CASP may then operate across the EU without running a fresh full authorisation in each state.

ESMA maintains a central, public register of authorised and passported CASPs ^[2]. Market transparency is therefore unusually high: a firm authorised in one member state can operate in the others after notification, and the status is publicly verifiable.

Passporting does not replace ongoing compliance. In particular the DORA third-party register must be kept so the competent authorities of the states concerned can access it; inconsistencies between the application and the register are a typical cross-border inspection finding.

ESMA — Q&A and technical standards: ESMA is the central clarification track for MiCA and develops the delegated acts and technical standards (RTS/ITS). In the filing phase, consultation drafts often matter more than final texts because supervisors already apply the foreseeable standard ^[2]. Each new clarification can shift the filing standard.

ESMA's transitional-period list + national authorities: the Art. 143(3) list is updated over time; national authorities often refine their concrete filing expectations in their own language and outside central registries ^[3]. The cut-off that applies to you can change relative to an earlier reading.

National supervisory letters: BaFin, AMF, AFM, FSMA, MFSA, CySEC and others publish sector-specific notes on their filing practice. These are often only in the national language and not indexed in central repositories — exactly the kind of source a manual process misses.

Horizon Scanner monitors these sources in parallel and routes relevant findings to the application team the day they are published. New ESMA clarifications and draft standards are matched against the application status; when a publication touches an open application item, the match flows automatically into the update list for the next supervisory exchange.

National supervisory letters are captured in the original language, classified against the CASP authorisation expectation and stored in the audit trail bilingually — so no recent letter surprises the team in a supervisory query and the cut-off that applies in each jurisdiction is documented on the record.