MiCA in Germany
Germany’s FinmadiG/KMAG package fully aligns the country with MiCA while preserving BaFin as the single supervisor. The window to obtain a CASP licence is open; comprehensive, well‑evidenced submissions in 2024 will position a startup to passport EU‑wide long before the transitional grace period ends in December 2025.
Germany has embedded the EU Markets in Crypto-Assets Regulation (MiCA) in national law through the Finanzmarktdigitalisierungsgesetz (FinmadiG) and the new Kryptomärkteaufsichtsgesetz (KMAG). The Federal Financial Supervisory Authority (BaFin) is already accepting complete MiCA licence files.
-
30 June 2024 – rules for asset- and e-money tokens start to apply.
-
30 December 2024 – MiCA authorisation or notification becomes mandatory before any new crypto-asset service is offered in the EU.
-
31 December 2025 – all transitional permissions lapse; every active provider must hold a full MiCA licence issued by BaFin.
-
MiCA covers ten secondary-market services, including custody, trading-platform operation, crypto-fiat exchange, crypto-crypto exchange, order execution or routing, placement, advice, portfolio management and transfer services. A German startup that performs any of these for third parties must obtain a CASP licence before going live.
-
Simplified conversion – for firms that already hold a German crypto-custody or related permit. They keep operating nationally while BaFin re-papers the permission to MiCA, provided the full MiCA dossier is filed in good time.
-
Notification route – for banks, e-money institutions, investment firms and other entities BaFin already supervises. A short-form notification must reach BaFin and the Deutsche Bundesbank at least 40 working days before crypto activities begin.
-
Switch-over route – for applicants that were midway through a Banking-Act licence procedure. They withdraw that file and resubmit in MiCA format; regulatory fees still apply.
-
Full authorisation – for new market entrants. A comprehensive MiCA application is emailed to casp-authorisation@bafin.de and the Bundesbank regional office that will handle prudential oversight.
-
-
End-June 2024 – token-issuer provisions live (relevant if the business also issues stable-tokens).
-
30 December 2024 – CASP licence or, where eligible, notification must be in force before launching any new crypto service.
-
31 December 2025 – grace period ends; simplified-conversion firms that have not yet received a full licence must stop operating.
-
BaFin examines the same pillars for every route:
-
trustworthy and suitably experienced management;
-
adequate capital and financial projections;
-
robust anti-money-laundering and counter-terrorist-financing framework;
-
cyber and operational resilience aligned with the EU Digital Operational Resilience Act (DORA);
-
effective safeguarding and segregation of client assets;
-
fair-dealing and market-integrity controls.
-
Prepare a complete electronic package (German or English) for BaFin and the Deutsche Bundesbank that includes:
-
a business plan mapping each planned activity to one of the MiCA-regulated services;
-
policies and procedures for governance, risk, AML/CTF, ICT security, outsourcing and incident reporting;
-
an organisation chart with named key function holders and deputies;
-
individual questionnaires and background checks for managers, board members and significant shareholders;
-
three-year financial forecasts and own-funds calculation;
-
evidence of penetration-testing schedules, incident-response playbooks and client-asset controls.
-
BaFin charges time-based fees both for authorisations and for notifications. Once licensed, a CASP is subject to continuous BaFin oversight, annual reporting, AML audits and on-site inspections. The licence can be passported EU-wide after entry in the ESMA public register, so cross-border plans should be included in the initial business plan.
Behind Licentium
Our Edge
Licentium is a specialized platform that connects crypto-asset issuers and service providers with an international network of lawyers, regulatory consultants, and former supervisors. Projects can map applicable rules in key jurisdictions through a single interface, obtain jurisdiction-specific launch advice, arrange the drafting of white papers and licensing applications, and schedule ongoing compliance health-checks. The platform’s curated expert pool spans financial services, data protection, and corporate law, enabling founders to address cross-border requirements—from MiCA in the EU to securities, AML, and consumer-protection regimes elsewhere—within coherent project timelines and budgets.
