regulating

MiCA: the crypto deadline (and what it changes for KYC)

6

Min

10.07.2026

In short: MiCA is the European law that regulates crypto. Crypto players must obtain the new "CASP" authorisation before their national cut-off date (which no member state could set later than 1 July 2026). Once that date has passed, without authorisation, the activity must stop. And MiCA requires genuine customer identity checks.

What is MiCA?

MiCA (short for Markets in Crypto-Assets) is Regulation (EU) 2023/1114. It is the first comprehensive framework in the world to regulate crypto-assets across a major market.

In practice, it creates a single authorisation for crypto-asset service providers (CASPs): exchange platforms, custody, order execution, advice. Once authorised in one country, a player can operate across the entire Union thanks to a European passporting system.

The timeline is already well under way:

  • June 2024: first rules, for stablecoins.
  • December 2024: the rest enters into application, including the authorisation of crypto platforms.

In other words, MiCA is not "for tomorrow": it is already fully applicable.

The real issue right now: the transition deadline

Until now, crypto players operated under their existing national regimes (in France, for example, as PSAN: digital asset service providers). MiCA sets out a transition period to move from the old national regime to the new European CASP authorisation.

Crucially, each member state set its own end-of-transition date. That date could run up to 18 months after the December 2024 start of application, meaning no later than 1 July 2026. Some countries chose a shorter window, others the maximum.

France chose the maximum duration: there, the transition period ends on 1 July 2026, as confirmed by the AMF (the French financial markets regulator). What that means, very concretely:

  • A player that has obtained its CASP authorisation carries on as normal.
  • A player that has not obtained it must cease its activity in that country, and present an orderly wind-down plan (return or transfer of assets).

It is a genuine "cliff edge": once the national deadline passes, you are either authorised or you stop. And in early 2026, a significant share of players (in France and elsewhere) were not yet in compliance.

What MiCA requires on KYC and anti-money-laundering

This is where the topic meets the core of fraud prevention. Being CASP-authorised is not just a formality: it means you have to know who your customers are.

  • Identification and identity verification at the start of the relationship, as part of anti-money-laundering (AML/CFT).
  • The "Travel Rule": for every crypto transfer, the identity of both the sender and the recipient must be traced.
  • The detection of suspicious transactions and market abuse.

Put simply, a crypto player must now offer the same level of rigour as a bank on the identity of its customers, and plug in these checks without breaking the experience. The sector is, moreover, a prime target for identity theft and mule accounts, which makes fraud detection at onboarding all the more critical. These obligations dovetail with the European anti-money-laundering package.

The penalties

The regime is designed to deter. Depending on the type of breach, fines can reach several million euros, or even a percentage of turnover for platforms. But the real sanction, in the short term, is simpler: without authorisation by the national deadline, you can no longer operate.

What it means for your crypto onboarding

For a crypto player, MiCA compliance is largely decided at the start of the relationship: verifying identity, detecting fraud, tracing transfers, documenting every decision. The challenge is to do it fast and without friction, because in crypto the user experience is a key factor.

In conclusion

MiCA is no longer a distant deadline: it is now. The national cut-off dates (up to 1 July 2026, the date chosen by France) mark the definitive switch to CASP authorisation. Beyond the date, the underlying message is clear: crypto is entering the mainstream of customer due diligence. Identify, verify, trace: the same reflexes as in traditional finance.

Sources: Regulation (EU) 2023/1114 (MiCA), Official Journal of the European Union; AMF, communications on the end of the PSAN regime (2026). Figures and transition deadlines to be confirmed as at the publication date.

Crypto KYC: identify your customers in seconds

Meelo helps crypto players meet their identification obligations: identity verification, fraud detection and scoring in 2 to 5 seconds, documented and auditable. A compliant onboarding, without breaking the experience.

Cassandre Nolf
Strategy Marketing Manager