After the MiCAR Deadline: Enforcement, Liability and Legal Consequences for Non-Compliant CASPs from 1 July 2026

EU RegCORE Client Alert | EU Digital Single Market, financial services and crypto-assets

QuickTake

On 17 April 2026, the European Securities and Markets Authority (ESMA) issued a statement (reference ESMA75-113276571-1679)Available here.Show Footnote clarifying supervisory expectations regarding the end of the transitional period under the Markets in Crypto-Assets Regulation (MiCAR). The statement forms part of a series of ESMA communications on this topic, following earlier statements on supervisory convergence (October 2023), transitional measures (December 2024) and the end of transitional periods (December 2025). The central message is unambiguous: the MiCAR transitional period will officially expire across the EU on 1 July 2026 and after that date any entity providing crypto-asset services to EU clients without a MiCAR licence will be in breach of EU law and must cease offering such services.

The expiry of all MiCAR transitional arrangements on 1 July 2026 is not merely a licensing deadline—it is a fundamental legal transformation of the EU crypto-asset market. The legal implications extend well beyond licensing. The expiry fundamentally alters: the legality of existing business models; contractual relationships with clients; exposure of boards and senior management; supervisory expectations; enforcement risk; civil litigation exposure; and insolvency outcomes as applicable to crypto-asset services providers (CASPs). This Client Alert analyses the ESMA Statement’s key themes and implications arising for regulated and unregulated CASPs, as well as practical considerations for clients and investors. The key elements are as follows:

• What. ESMA has issued a statement clarifying supervisory expectations as the MiCAR transitional period draws to a close on 1 July 2026. The statement sets out expectations for unauthorised CASPs regarding wind-down plans, expectations for authorised CASPs regarding client migration, expectations for national competent authorities (NCAs) regarding enforcement (and they have indicated they will enforce) and a warning for consumers to verify their provider’s authorisation status. Entities established outside the EU are reminded that they are not permitted to provide crypto-asset services to EU investors outside the narrow exception of reverse solicitation.
• When. The MiCAR transitional period will officially expire across the EU on 1 July 2026. After this date, any entity providing crypto-asset services to EU clients without a MiCAR licence will be in breach of EU law and must cease offering such services. This applies irrespective of whether MiCAR has been implemented in a Member State or not. Entities that did not provide crypto-asset services in accordance with applicable national law before 30 December 2024 could never rely on the transitional regime. Entities in Member States with shorter transitional windows—notably Germany and Ireland (12 months)—were required to be authorised before the relevant deadline; for Germany, the effective deadline was end of December 2025.
• Who. ESMA’s statement is addressed to: (i) unauthorised CASPs that must implement orderly wind-down plans and cease regulated services by 1 July 2026; (ii) authorised CASPs that must actively manage the migration of existing clients ahead of the deadline and ensure full compliance with applicable AML/CFT requirements; (iii) NCAs that are expected to verify wind-down plans, take enforcement action against unauthorised provision of services and scrutinise client migration strategies; and (iv) consumers and investors who should verify their provider’s authorisation status in the ESMA Interim MiCAR RegisterAvailable here.Show Footnote and act promptly if their provider is not authorised.