MiCA's Grandfathering Period: Not a Free Pass to Compliance
The grandfathering period under the Markets in Crypto-Assets (MiCA) regulation has been a hot topic in the crypto industry—and for good reason. While it offers some breathing room for entities providing crypto-asset services under existing national laws, it’s far from a free pass to compliance.
In the final blog of our tri-part series with crypto compliance expert Delphine Forma, we tackle MiCA’s grandfathering period, why it’s causing confusion, and what CASPs need to do to prepare.
In this interview, Delphine expresses her own views, not those of Solidus Labs.
21 Analytics: What is the MiCA grandfathering period?
Delphine: MiCA was published in June 2023, and it established a comprehensive regulatory framework for crypto-assets across the European Union. The grandfathering period allows crypto asset service providers (CASPs) already operating legally under national laws to continue doing so until 1 July 2026. It should be noted that the length of the grandfathering period depends on the Member States.
For instance, in Lithuania, it is only 5 months; in the Netherlands, Latvia, Poland, and Hungary, it is 6 months; in Austria and Germany, it is 12 months; and in France and Malta, it is 18 months. [To view the complete list, scroll to the bottom of the article]
There’s a significant limitation—they cannot use the MiCA passport, which would allow them to offer services across the EU without additional national authorisation.
Also, it is important to highlight that Title VI on the prevention and prohibition of market abuse is applicable immediately, no grandfathering is applicable.
21 Analytics: Why is the grandfathering period causing confusion?
Delphine: One of the main issues with the grandfathering period is its length. Since MiCA has been in the works for a long time and was published in mid-2023, many industry experts believe the period should have been shorter and ESMA has recommended to shorten it to 12 months. The extended timeline creates regulatory complexity, especially with different countries imposing varying timeframes for licensing. This fragmented approach makes it very challenging for compliance officers working with CASPs registered in multiple jurisdictions.
Adding to the confusion is the overlap between MiCA and other regulations like the Transfer of Funds Regulation (TFR) and Anti-Money Laundering Directives (AMLD). For example, while MiCA sets the licensing regime for CASPs, it doesn’t cover Know Your Customer (KYC) requirements or transaction monitoring—these fall under AMLDs and local regime. AML will be harmonized across the EU with the entry into force of the AML Regulations in July 2027. Additionally, the TFR, which came into force on 30 December 2024, has no grandfathering period, unlike MiCA.
Read: The TFR Is Live, What’s Next for CASPs?
21 Analytics: What can be done if a CASP isn’t licensed under MiCA?
Delphine: If a CASP isn’t yet licensed under MiCA, there are several possible scenarios:
CASPs operating legally before 30 December 2024 can benefit from the grandfathering period which varies across Member States and allow you to operate only in the Member State where you are registered.
CASPs not yet authorised but based in the EU must apply for a MiCA licence in a country with an open application process, which is now in most EU countries (with a few exceptions such as Belgium and Portugal)
CASPs outside the EU might be able to rely on reverse solicitation to serve EU clients, though this approach carries its own legal complexities. Recently, ESMA has published its final guidelines on reverse solicitation which makes it almost impossible to operate using this exception.
Read: ESMA’s guidelines on reverse solicitation.
21 Analytics: What does the current MiCA licensing landscape look like?
Delphine: So far, only a handful of CASPs have received MiCA licences.
The Dutch Authority for the Financial Markets (AFM) has issued four licences: MoonPay, HiddenRoad, Zebedee and Bitstaete.
Germany’s BaFin has granted 4. One to Börse Stuttgart Digital Custody— as an extension of their existing MiFID licence, Bitpanda Asset Management, Crypto Finance and Tradias.
Malta has issued 4 to Crpyto.com, OKX, ZillionBits and Bitpanda.
Cyprus has issued 1 to E-toro.
Luxembourg has issued 1 to Clearsteam Banking SA.
Spain has issued 1 to Banco Bilbao Vizcaya Argentaria SA.
These early approvals suggest that while the licensing process is underway, the uptake remains slow, further contributing to uncertainty in the market.
Delphine’s Parting Thoughts
The MiCA grandfathering period may offer temporary relief, but it’s not a reason for complacency. With varying national timelines, the TFR, the immediate application of market abuse requirements under MiCA with no grandfathering period, CASPs need to take proactive steps towards compliance. Applying for a MiCA licence sooner rather than later is the best strategy to avoid legal headaches and ensure seamless operations across the EU.
Stay up to date with global crypto compliance happenings; join Delphine’s Crypto Compliance and Legal TG group
List of Grandfathering Periods
Grandfathering Periods within EU Member States
| Member State | Grandfathering Period |
|---|---|
| Austria | 12 months |
| Belgium | TBA |
| Bulgaria | 12 months |
| Croatia | 18 months |
| Cyprus | 18 months |
| Czechia | 18 months |
| Denmark | 18 months |
| Estonia | 18 months |
| Finland | 6 months |
| France | 18 months |
| Germany | 12 months |
| Greece | 12 months |
| Hungary | 6 months |
| Ireland | 12 months |
| Italy | 12 months |
| Latvia | 6 months |
| Lithuania | 5 months |
| Luxembourg | 18 months |
| Malta | 18 months |
| Netherlands | 6 months |
| Poland | 6 months |
| Portugal | TBA |
| Romania | 18 months |
| Slovakia | 12 months |
| Slovenia | 6 months |
| Spain | 12 months |
| Sweden | 9 months |
Grandfathering Periods within EEA Countries
| EEA Country | Grandfathering Period |
|---|---|
| Iceland | 18 months |
| Liechtenstein | 12 months |
| Norway | TBA |
About Delphine Forma
Delphine is an experienced policy officer who has worked across different countries and industries, including large banks in the UK, and blockchain/crypto businesses such as BitMEX.
Holding a diploma from Sciences Po, and two master’s degrees specialised in European Criminal Business Law, and Frauds and Money Laundering Prevention, Delphine currently works as a Policy Head for Europe at Solidus Labs.
She is also the founder of the Crypto Compliance and Legal TG group with more than 1700 members across the globe (constantly growing), and has been advising startups on their regulatory strategy in Switzerland and Europe. Moreover, she is an Ambassador for the Association of Women in Crypto and GBBC, and the podcast host of MiCA Masters and Compliance Champions.
Delphine is passionate about regulatory affairs and strategy, policy, virtual assets, technology and how blockchain technology, as well as AI can change (is changing) the world we are living in.
