MiCA Transition Period Ends in July 2026: What Happens to Unlicensed Crypto Businesses
Many crypto businesses operating in the EU have been relying on transitional arrangements to continue their activities while preparing for or awaiting MiCA authorization. That window is now closing. On 17 April 2026, ESMA confirmed in a formal statement that the MiCA transitional period will officially expire across the EU on 1 July 2026, with no extensions available under the current regulation. After that date, any entity providing crypto-asset services to EU clients without a MiCA licence will be in breach of EU law and must cease offering such services.
The scale of the transition gap is significant. Before MiCA, more than 1,200 virtual asset service provider entities held national registrations across the EU. By May 2026, approximately 210 had received full CASP authorization across 23 EU member states — a conversion rate of roughly 17%. That means the majority of previously registered firms are approaching the deadline without authorization.
This article explains what changes when the transition period ends, what unauthorized CASPs are expected to do, and how businesses can prepare their compliance framework before the deadline.
What the End of the MiCA Transition Period Actually Changes
MiCA—the Markets in Crypto-Assets Regulation—entered into full application on 30 December 2024. To allow existing crypto businesses time to transition from national regimes, MiCA included a transitional arrangements framework under Article 143. Member states could permit entities that were already providing crypto-asset services under applicable national law before 30 December 2024 to continue doing so for up to 18 months, until 1 July 2026 or until their MiCA authorization was granted or refused, whichever came first.
After 1 July 2026, that basis for continued operations no longer exists. Transitional arrangements no longer provide a legal fallback for unauthorized CASPs to continue providing MiCA-regulated crypto-asset services to EU clients. Any entity providing crypto-asset services within the European Union without a MiCA licence after that date will be in breach of EU law and must cease such services.
This changes the practical situation for businesses in several ways. Previous national registrations or grandfathering arrangements no longer support continued EU-facing operations without MiCA authorization. A pending application does not provide legal protection past the deadline: ESMA's guidance made clear that having a MiCA application already in review does not protect operators past the deadline. Authorization status becomes a core factor for business continuity in the EU, and companies need to assess whether their current structure, services, and client base are compatible with the post-transition regime.
What Happens to Crypto Businesses Without MiCA Authorization?
After 1 July 2026, unauthorized CASPs cannot treat continued EU-facing operations as business-as-usual under transitional arrangements. CASPs that do not obtain authorization from a national competent authority by the end of the transitional period must have robust and operational wind-down plans in place, ready for implementation before the transitional period expires. These wind-down plans must be designed in accordance with all relevant EU conduct, prudential and AML/CFT obligations, and ensure an orderly market exit without causing undue economic harm to clients.
In practical terms, this means businesses without authorization need to stop onboarding new EU clients, cease marketing and solicitation directed at EU clients, limit activities to those necessary for an orderly exit or transfer, inform existing clients about what will happen to their accounts and assets, arrange the transfer of crypto-assets held on clients’ behalf to an authorised CASP or a self-hosted wallet, and maintain AML/CFT controls throughout the wind-down process. Decisions, client communications, and operational steps during this period should be documented.
Secondary business consequences may also follow. Banks and payment providers may ask more questions about regulatory status. Investors may request evidence of MiCA readiness as part of due diligence. Commercial partners may reassess counterparty risk. Institutional clients may require clearer compliance documentation. These are not uniform outcomes, but they represent the kinds of questions businesses without authorization are increasingly likely to face after the transition deadline.
Business-as-Usual Is No Longer the Right Assumption
For companies that still rely on transitional arrangements, have not received CASP authorization, delayed licensing efforts, serve EU clients across several jurisdictions, use non-EU entities to serve EU clients, or operate under a group structure where only part of the group is authorised, the core question is not only whether an application was filed but whether the company can lawfully continue serving EU clients after the transition period ends.
A pending application provides no legal shield past the deadline. The position for companies in this situation requires a clear assessment of what they can and cannot do after 1 July 2026, and what operational steps are needed before that date. The question is not abstract. It affects active client relationships, onboarding flows, and ongoing operational decisions.
Wind-Down and Client Migration Become Central
For unauthorized CASPs, ESMA’s April 2026 statement is explicit about what is expected. Wind-down plans must be operational, credible, and immediately executable and designed in accordance with all relevant EU conduct, prudential, and AML/CFT obligations. CASPs should provide existing clients with prior notice before implementing the wind-down plan.
The practical elements of an orderly wind-down or client migration process include stopping new EU client onboarding, ending marketing or solicitation, informing affected clients in advance, allowing clients to transfer or dispose of crypto-assets, transferring clients to an authorised CASP where applicable, closing residual positions according to communicated timelines, and keeping AML/CFT controls active and documented throughout. For businesses that do not obtain authorization in time, the practical focus is not the application itself but the question of how to exit, migrate, or restructure EU-facing services without creating additional client protection or compliance risks.
Non-EU and Group Structures Need Extra Attention
The issue is not limited to EU-registered businesses. Except for the reverse solicitation exception, non-EU firms are prohibited from providing crypto-asset services that qualify as MiCA services to EU investors or clients. This restriction applies to both business-to-business and business-to-consumer arrangements. MiCA also prohibits CASPs from outsourcing or delegating services to entities that are not authorised CASPs.
In group structures, this means that serving EU clients through a non-EU entity, using the same brand across authorised and unauthorized entities, or outsourcing key services to unauthorized group entities all create regulatory exposure. MiCA authorization applies to the specific authorised legal entity, not automatically to every company in the same group or brand. Businesses with complex structures need to map which entity actually serves EU clients, holds client assets, executes transfers, and provides custody—and assess whether each of those functions is covered by a valid MiCA authorization.
Why the Impact Goes Beyond Regulators
Even where the regulatory position is clear, the business impact of MiCA transition can reach further than the direct relationship with national competent authorities. Banks, payment providers, investors, institutional clients, and commercial partners may review MiCA readiness as part of broader due diligence—and how they respond will vary depending on their own risk appetite, sector, and relationship with the business.
Banks and Payment Providers May Review Regulatory Status More Closely
Banks and payment providers conducting due diligence on crypto business clients may ask more questions about MiCA authorization status, AML framework, KYC and KYB procedures, customer due diligence, transaction monitoring capabilities, governance and risk management, and internal compliance documentation. These questions can arise during initial onboarding, periodic account reviews, or payment provider assessments. The likelihood and nature of these reviews depends on the specific institution and the size and nature of the relationship, but businesses without authorisation or with incomplete compliance documentation should expect more scrutiny than they may have experienced under transitional regimes.
Investors and Commercial Partners May Add MiCA Readiness to Due Diligence
Investors, counterparties, and commercial partners may assess whether a company can operate in the EU after July 2026 and whether its compliance framework is mature enough to support a regulated environment. For Crypto Compliance in 2026, MiCA readiness is increasingly part of how institutional and commercial counterparties assess long-term reliability. Questions about authorization status, entity structure, EU client exposure, wind-down or migration planning, AML and transaction monitoring controls, and governance arrangements are all becoming more common in counterparty due diligence. For businesses that act as compliance-focused counterparties themselves, Counterparty VASP Due Diligence practices increasingly incorporate authorization status as a standard check.
Institutional Clients May Expect Stronger Compliance Evidence
Institutional clients and B2B customers may request clearer evidence that compliance operations are actually working. They may ask about customer onboarding controls, KYB procedures, transaction monitoring, sanctions and illicit exposure controls, internal escalation processes, and audit-ready documentation. For crypto businesses, MiCA readiness is not only a licensing question—it is also an operational compliance question about whether the business can demonstrate, in practice, that its controls function at the level a regulated EU market environment requires.
How Businesses Can Prepare Before the MiCA Transition Period Ends
Preparation for the end of the MiCA transition period is broader than the authorization application itself. Companies need to assess whether they can continue serving EU clients, how they would manage wind-down or migration if needed, and whether their compliance infrastructure is ready for closer scrutiny from regulators, banks, partners, and institutional clients.
Assess Regulatory Position and EU Client Exposure
Before the deadline, businesses should establish a clear picture of their position: whether their services fall under MiCA, whether they serve EU clients, whether and to what extent they rely on transitional arrangements, which legal entity provides the service to EU clients, whether non-EU or group entities are involved in serving EU clients, whether they can continue EU-facing operations after 1 July 2026 without authorization, and what the practical plan is if authorization is not obtained in time. This assessment should be documented, not left as an informal understanding.
Prepare Wind-Down or Migration Scenarios
A company that is not authorised by the deadline needs more than a pending application. It needs a clear operational plan for EU clients. Practically, this means having a ready plan for stopping EU onboarding, stopping marketing or solicitation, informing affected clients, transferring clients or crypto-assets where applicable, closing positions or services in an orderly way, maintaining AML/CFT controls throughout, and documenting communications and operational decisions. ESMA has been explicit that these plans must be operational and immediately executable, not aspirational documents prepared for presentation.
Review AML, KYC, KYB, and Transaction Monitoring Controls
These controls matter not only for authorization itself, but for the banking reviews, investor assessments, partner due diligence, and wind-down or migration processes that may follow. Businesses should review their AML framework, KYC procedures, KYB procedures, customer due diligence, sanctions screening, transaction monitoring, suspicious activity escalation, risk assessment methodology, record-keeping, and internal compliance responsibilities.
Prepare Documentation for Due Diligence Reviews
Many readiness gaps are easier to identify before banking reviews, investor assessments, or partnership discussions than during them. Businesses can prepare in advance: internal AML policies, risk assessment documents, governance structure documentation, customer due diligence procedures, transaction monitoring process description, escalation and reporting procedures, records of compliance reviews, evidence of operational readiness, and wind-down or client migration planning where relevant. A compliance file that can be presented clearly and consistently under due diligence is a different kind of asset from a compliance file that exists but cannot be quickly navigated or explained.
MiCA Readiness Checklist
- Assessed Whether Services Fall Under MiCA: Has the company reviewed whether its specific services qualify as MiCA-regulated crypto-asset services?
- Confirmed Whether EU Clients Are Served: Does the company know which clients are EU-based and which legal entity serves them?
- Identified Reliance on Transitional Arrangements: Is the company still operating under transitional arrangements, and what is the current authorization status?
- Assessed Ability to Continue After 1 July 2026: Can the company lawfully continue serving EU clients after the transition period ends, and under which entity?
- Prepared Wind-Down or Client Migration Scenario: Is there an operational, documented plan for EU clients if authorisation is not obtained in time?
- Reviewed Non-EU and Group Structure Exposure: Are any non-EU entities or group companies providing services to EU clients in a way that may create MiCA exposure?
- AML, KYC, and KYB Controls Are Documented and Operational: Are internal compliance procedures in place, up to date, and demonstrably working in practice?
- Transaction Monitoring Is Active: Is there an ongoing process for monitoring transactions, assessing wallet and customer risk, and escalating suspicious activity?
- Governance and Risk Management Are Clearly Assigned: Are compliance responsibilities allocated to named individuals with appropriate authority and access?
- Compliance Documentation Is Ready for Due Diligence: Can the company present its compliance framework clearly to banks, investors, partners, or institutional clients when asked?
How AMLBot Supports MiCA Compliance Readiness
AMLBot does not replace MiCA authorization, legal advice, governance frameworks, or internal policies. CASP authorization is a regulatory status question that requires engagement with national competent authorities and legal counsel. What AMLBot can support is the operational side of compliance readiness—the transaction monitoring, wallet and transaction risk checks, customer due diligence support, suspicious activity review, and ongoing risk monitoring that form part of a mature compliance infrastructure.
After the transition period, companies operating in a more regulated EU market environment may need stronger visibility into transactional activity, customer risk, and AML controls—both for their own compliance obligations and for the due diligence reviews that banks, investors, and partners may conduct. For teams building or strengthening the operational compliance layer, transaction monitoring for crypto businesses provides the tools to support ongoing risk visibility, alert review, and documentation of compliance decisions.
Conclusion
The end of the MiCA transition period is a regulatory cut-off and a business readiness milestone arriving at the same time. After 1 July 2026, unauthorized CASPs can no longer rely on transitional arrangements to continue business-as-usual with EU clients. ESMA confirmed that the transitional period will officially expire across the EU on 1 July 2026 and that after this date, any entity providing crypto-asset services to EU clients without a MiCA licence will be in breach of EU law and must cease offering such services.
For businesses that do not obtain authorization in time, the practical focus shifts to wind-down, client migration, restructuring of EU-facing operations, and maintaining effective AML/CFT controls throughout the process. These are not theoretical preparations—ESMA has stated that wind-down plans must be operational and immediately executable by the deadline, and that national competent authorities are expected to take action against the unauthorized provision of crypto-asset services after the transition period ends.
The wider business impact will vary. Banks may ask more questions. Payment providers may review regulatory status. Investors may assess MiCA readiness. Commercial partners may request stronger compliance evidence. Institutional clients may expect clearer AML, KYC, KYB, and transaction monitoring controls. For many crypto businesses, preparing for the end of the MiCA transition period means preparing not only for authorization, but for operating, evidencing compliance, or exiting EU-facing services in a more regulated market environment.
FAQ
What Happens After the MiCA Transition Period Ends?
After the MiCA transition period ends in July 2026, crypto businesses can no longer rely on transitional arrangements as a basis for continuing MiCA-regulated crypto-asset services to EU clients without MiCA authorisation. For unauthorised CASPs, the focus shifts to stopping EU-facing business-as-usual activity, managing client offboarding, migration or restructuring, and maintaining proper compliance controls during the process.
Can a Crypto Business Continue Operating Without MiCA Authorisation After July 2026?
A crypto business that provides MiCA-regulated crypto-asset services to EU clients cannot treat transitional arrangements as a fallback option after the transition period ends. Whether a company can continue any specific activity depends on its business model, services, legal entity structure, client base, and regulatory position.
What Happens to Unlicensed CASPs After the Transition Period?
Unlicensed CASPs that have not obtained MiCA authorization by the end of the transition period need to stop business-as-usual EU-facing activity and manage an orderly transition. This can include stopping new EU client onboarding, ending marketing or solicitation, migrating clients where possible, allowing withdrawals or transfers, and keeping AML/CFT controls active during wind-down.
Does the End of the MiCA Transition Period Affect Only Regulators?
No. The end of the MiCA transition period can also affect banking relationships, payment provider onboarding, investor due diligence, institutional client reviews, and commercial partnerships. Authorisation status and compliance readiness can become part of how third parties assess whether a crypto business is ready to operate in the EU market.
What Should Crypto Businesses Review Before July 2026?
Crypto businesses should review whether their services fall under MiCA, whether they serve EU clients, which legal entity provides the service, whether they rely on transitional arrangements, and what happens if authorization is not obtained in time. They should also review AML, KYC, KYB, transaction monitoring, governance, and internal compliance documentation.
Is MiCA Readiness Only About Getting CASP Authorization?
No. CASP authorization is a central part of MiCA readiness, but it is not the only issue. Businesses also need a mature compliance framework, clear governance, documented risk controls, customer due diligence procedures, KYB processes, transaction monitoring, escalation workflows, and evidence that compliance operations work in practice.
Why Does MiCA Authorization Status Matter for Banks and Payment Providers?
Banks and payment providers often need to understand whether a crypto business can operate legally and sustainably in the EU. After the transition period, they may review MiCA authorization status, AML controls, customer due diligence procedures, transaction monitoring capabilities, governance arrangements, and exposure to unlicensed entities or services.
How Can the End of the Transition Period Affect Partnerships and Investors?
Investors, institutional clients, and commercial partners may use MiCA readiness as part of counterparty due diligence. They may ask whether the company can continue serving EU clients, whether its entity structure is clear, whether it has proper AML and transaction monitoring controls, and whether it has a plan for wind-down or client migration if authorization is not obtained.
Do Non-EU Crypto Businesses Need to Care About the MiCA Transition Period?
Yes, if they serve, solicit, or provide MiCA-regulated crypto-asset services to EU clients. Non-EU businesses should review whether their EU-facing activity creates MiCA exposure, which entity provides the service, how clients are onboarded, and whether any reliance on reverse solicitation or group structures is properly assessed.
How Can Transaction Monitoring Support MiCA Compliance Readiness?
Transaction monitoring can support the operational side of compliance readiness by helping crypto businesses identify high-risk activity, monitor customer and wallet exposure, support AML controls, document risk reviews, and maintain visibility over ongoing transactional activity. It does not replace MiCA authorization or legal advice, but it can be part of a broader compliance infrastructure.