ESMA signals end of MiCA transition period as EU crypto enforcement tightens

National authorities, supported by ESMA, will oversee compliance as the EU enforces a unified licensing regime for crypto services across member states.

EU regulators have confirmed that crypto firms must be licensed under MiCA by mid-2026 or withdraw services, marking a major shift in market access rules.

The EU’s crypto rulebook is moving into a more decisive enforcement stage, with the European Securities and Markets Authority (ESMA) issuing a fresh warning ahead of the end of transitional periods under the Markets in Crypto-Assets Regulation (MiCA).

ESMA says the transition will expire across the EU on 1 July 2026, after which firms providing crypto-asset services to EU clients without MiCA authorisation will be in breach of EU law and must stop offering such services.

Rather than announcing a new rule, ESMA’s statement clarifies what supervisors expect in the final stretch before the deadline. Unauthorised crypto-asset service providers must have credible and immediately executable wind-down plans in place, including arrangements for offboarding clients and transferring assets to an authorised provider or a self-hosted wallet. By 1 July 2026, those plans must already have been implemented.

ESMA also expects authorised providers to prepare for client migration from unauthorised platforms before the deadline, including through robust onboarding procedures and compliance with anti-money laundering and counter-terrorist financing requirements.

National competent authorities are expected to verify wind-down plans, take action against unauthorised providers, and scrutinise migration strategies to prevent firms from continuing business as usual after the transition ends.

The statement also sharpens the message to firms outside the EU. ESMA says third-country entities are not permitted to provide MiCA services to EU investors or solicit EU clients, except in the narrow case of reverse solicitation. It also warns against outsourcing or delegation arrangements that would allow unauthorised non-EU entities to continue serving EU clients indirectly.

For users, ESMA’s message is straightforward: protections under MiCA depend on dealing with an authorised EU entity, not simply a familiar brand name.

Investors are being urged to verify whether their provider appears in ESMA’s interim MiCA register and, where necessary, move assets to an authorised provider or a self-hosted wallet.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!  

Diplo chatbot can make mistakes. Consider checking important information.