ESMA Orders Immediate Wind-Down of Unauthorized Crypto-Asset Service Providers

The European Securities and Markets Authority (ESMA) has strengthened its regulatory stance by publishing a public statement outlining its expectations for the end of the transitional period under the Markets in Crypto-Assets Regulation (MiCA). Rather than allowing a prolonged transition, the European regulator has called on unauthorized crypto-asset service providers (CASPs) to ensure an orderly wind-down of their activities within the EU by 1 July 2026.The measures focus on two key priorities: the immediate cessation of marketing and client acquisition activities targeting EU residents, and the protection of existing clients through structured wind-down and asset safeguarding procedures. For firms operating in the crypto and fintech sectors, the message is clear. The period during which companies could serve EU clients under legacy national frameworks without MiCA authorization is coming to an end.

ESMA’s guidance highlights the operational challenges facing firms that have not secured MiCA authorization ahead of the deadline. The regulator expects affected CASPs to immediately halt growth activities and implement structured wind-down plans focused on protecting client assets.

• Immediate cessation of client acquisition: Unauthorized CASPs must stop onboarding new EU clients, opening new accounts, and conducting any marketing or solicitation activities within the European Union.
• Restricted operational scope: Services should be limited to activities necessary to sell, transfer, or reallocate crypto-assets, or to close existing positions. Custody of client assets may continue only for the period required to complete an orderly wind-down.
• Clear and proactive communication: Firms are expected to communicate regularly and transparently with both retail and institutional clients. These communications should include timelines for asset transfers or disposals, as well as deadlines after which any remaining positions may be closed.
• Maintaining AML/CFT standards: Wind-down arrangements must not weaken financial crime controls. CASPs are expected to maintain robust Anti-Money Laundering and Countering the Financing of Terrorism (AML/CFT) procedures, including transaction monitoring, sanctions screening, and full record-keeping throughout the exit process.

While these enforcement trends originate from the EU's centralized authority, they reflect broader global expectations targeting cross-border regulatory arbitrage. Third-country providers operating from outside the EU face an unprecedented tightening of market access.

Firms can use these wind-down requirements as an opportunity to protect long-term business continuity, maintain client confidence, and transition their operations in line with MiCA requirements.

Managing Client Transfers

Where unauthorized CASPs transfer clients to a MiCA-authorized entity, the receiving firm must conduct full client due diligence (CDD) and AML/CFT checks as part of the onboarding process. While large-scale migrations may create operational pressure, maintaining robust onboarding standards is essential to preserving regulatory compliance and managing financial crime risks.

Managing Third-Party and Delegation Risks

As MiCA limits the ability of EU firms to rely on unauthorized service providers for key functions such as custody, firms may need to reassess parts of their operational infrastructure. Aligning with authorized custodians and service providers can help reduce the risk of service disruptions while strengthening governance frameworks and counterparty risk management.

Firms operating without MiCA authorization, or without a licence application currently in progress, have a limited window to adjust their operations before the 1 July 2026 deadline. Taking the following operational steps can help reduce regulatory risk and support an orderly transition as the new framework comes fully into effect: