Licentium

Fintech Licensing Hub

Germany

Germany regulates crypto under MiCA through the Financial Market Digitisation Act (FinmadiG) and the Crypto Markets Supervision Act (KMAG), with BaFin as competent authority; building on its world-first 2020 crypto-custody licence under the Banking Act, Germany took a 12-month transition that ended 31 December 2025 and now has the EU's largest authorised-CASP population. Payments and e-money run under the Payment Services Supervision Act (ZAG), supervised by BaFin, with the Instant Payments Regulation and DORA in force and PSD3/PSR moving toward adoption. Gambling runs under the Interstate Treaty on Gambling 2021: the GGL issues nationwide licences for online sports betting, virtual slots and poker, online casino table games are regulated at Länder level, and a 5.3% tax applies to stakes — and Germany is in the euro area and banking union, and crypto gains are tax-free for individuals after a one-year holding period.

Available licences

Crypto-Asset Service Provider authorisation (BaFin under MiCAR and the KMAG)

Custody, operation of a trading platform, exchange of crypto-assets for funds or other crypto-assets, execution, placing, reception and transmission of orders, advice, portfolio management and transfer services require BaFin authorisation under Article 63 MiCAR. Firms previously licensed for crypto-custody or crypto-trading under the Banking Act could use a simplified procedure; an authorisation passports across the EEA.

Asset-Referenced Token (ART) issuer authorisation (BaFin)

Public offering or admission to trading of a token referencing a basket of values, rights or currencies requires authorisation as an ART issuer under Title III MiCAR, with reserve, custody and disclosure requirements, supervised by BaFin.

E-Money Token (EMT) issuer (credit institution or EMI; BaFin)

EMTs (including fiat-backed stablecoins) may be issued only by an authorised credit institution or e-money institution, with redemption at par; BaFin is the competent authority.

Article 60 MiCAR notification route (existing financial entities)

Credit institutions, investment firms, e-money and payment institutions, UCITS management companies, AIFMs, CSDs and market operators already authorised under EU law may provide specified crypto-asset services by notifying BaFin at least 40 working days before starting.

Payment Institution authorisation (BaFin under the ZAG)

A licence to provide payment services under the Payment Services Supervision Act, supervised by BaFin and passportable across the EEA; payment institutions may not take deposits or issue e-money.

E-Money Institution authorisation (BaFin under the ZAG)

A licence to issue electronic money and provide related payment services, with EUR 350,000 minimum initial capital, supervised by BaFin.

Account Information and Payment Initiation Services (BaFin)

Open-banking providers — account information and payment initiation service providers — fall within the ZAG, supervised by BaFin, with strong customer authentication under PSD2.

Banking authorisation (BaFin and the ECB/SSM)

Deposit-taking and lending require a banking licence under the Banking Act; in the banking union the European Central Bank grants the licence and directly supervises significant institutions, with BaFin and the Bundesbank supervising less-significant ones.

Investment firm authorisation (BaFin — MiFID II)

Investment services in financial instruments require authorisation under the Investment Firm Act (WpIG) transposing MiFID II, supervised by BaFin.

Nationwide online gambling licence (GGL)

A GGL licence under the GlüStV 2021 for online sports betting, online horse-race betting, virtual slot machines or online poker, valid for five years; open to operators meeting financial, technical and player-protection requirements, with mandatory integration of the OASIS and LUGAS systems.

Online casino table-games licence (Länder)

Online roulette, blackjack and baccarat are regulated at the level of the 16 federal states; each state decides whether to license a limited number of private operators or maintain a state monopoly, so availability is restricted and state-specific.

Detailed overview

Germany at a glance

Germany combines a strict supervisor, a favourable long-term crypto-tax rule and a federally structured, heavily regulated gambling market. Crypto is supervised by BaFin under the KMAG; the 12-month transition ended 31 December 2025. Payments run under the ZAG with BaFin as supervisor and the Instant Payments Regulation and DORA in force. Gambling runs under the GlüStV 2021, with the GGL issuing nationwide online licences and the Länder regulating land-based and online table games. The euro is the currency, and Germany sits inside the euro area and banking union.

Crypto regime under MiCA — BaFin-led, post crypto-custody pioneer:

  • MiCA + national implementing law — Regulation (EU) 2023/1114 (MiCAR); the FinmadiG and its Crypto Markets Supervision Act (KMAG), with the Kryptomarkt-Zulassungsübergangsverordnung (KMZÜV) setting a simplified fast-track
  • Competent authority — BaFin for CASP authorisation and ART/EMT supervision; the Bundesbank assists on banking matters
  • Grandfathering — closed. Germany shortened the transition to 12 months: firms authorised for crypto-related financial services under prior German law (for example the 2020 crypto-custody licence under the Banking Act) could continue until 31 December 2025 while applying for MiCA authorisation; that window has expired
  • Pre-MiCA heritage — Germany was the first country to license crypto custody as a regulated financial service (Banking Act, 1 January 2020), so its CASP base is unusually well-established, and it now holds the EU's largest authorised-CASP population
  • Article 60 notifications — already-authorised financial entities may notify BaFin to provide crypto-asset services within their existing authorisation
  • AML/CFT — the German AML Act (GwG) applies; the EU AML package (Regulation (EU) 2024/1624 / AMLR, with AMLA in Frankfurt) applies from 10 July 2027
  • TFR / DORA — the Travel Rule (Regulation (EU) 2023/1113) applies from 30 December 2024 and DORA from 17 January 2025
  • Tax — for private investors, crypto is a private asset (§23 EStG): gains are tax-free after a one-year holding period, and gains on disposals within a year are taxed at the personal income rate (up to 45% plus solidarity surcharge) only where total private-disposal gains exceed the EUR 1,000 annual threshold; staking and other rewards are other income. Commercial activity is taxed as business income; corporate profits face corporate income tax plus solidarity surcharge and municipal trade tax

Payments and e-money regime (BaFin-led):

  • PSD2 — Directive (EU) 2015/2366; transposed by the Payment Services Supervision Act (ZAG), supervised by BaFin
  • Payment Institution licensing — initial capital EUR 20,000 (money remittance), EUR 50,000 (payment initiation) and EUR 125,000 (other payment services)
  • EMD2 / E-Money Institution — Directive 2009/110/EC; EUR 350,000 initial capital; stablecoin (EMT) issuers must be EMIs or credit institutions
  • Instant Payments Regulation (Regulation (EU) 2024/886) — euro instant payments: receiving applicable from 9 January 2025 and sending from 9 October 2025
  • DORA (Regulation (EU) 2022/2554) — applicable from 17 January 2025
  • PSD3 / PSR — Commission proposals of 28 June 2023; provisional political agreement reached 27 November 2025, with final compromise texts published 23 April 2026 and formal adoption expected during 2026; the package will repeal PSD2 and EMD2 and fold e-money institutions into payment institutions, with PSD3 transposed nationally and the PSR directly applicable after a phased timeline
  • Banking — in the banking union the ECB grants banking licences and directly supervises significant institutions, with BaFin and the Bundesbank supervising less-significant ones
  • Currency: euro (since 1999/2002); no exchange controls

Gambling regime — federal treaty, GGL-licensed, strict limits:

  • Interstate Treaty on Gambling 2021 (GlüStV 2021) — in force 1 July 2021; gambling is predominantly a Länder competence, with the Race Betting and Lottery Act governing taxation and state acts governing land-based gambling
  • Regulator — the GGL (Joint Gambling Authority of the Federal States, based in Halle) has issued nationwide online licences and supervised the market since 1 January 2023; the 16 Länder regulate land-based gambling and online casino table games
  • Nationwide GGL licences — online sports betting, online horse-race betting, virtual slot machines and online poker
  • Länder competence — online casino table games (roulette, blackjack, baccarat) are licensed or monopolised state by state, so availability is limited
  • Strict limits — a EUR 1,000 monthly cross-operator deposit cap (LUGAS), a EUR 1 maximum slot stake with a five-second minimum spin and no autoplay, a four-table cap for poker, no live-dealer or progressive-jackpot games under the nationwide licence, mandatory OASIS self-exclusion and ID verification, and tight advertising rules
  • Tax — 5.3% of stakes on sports betting, virtual slots and online poker; land-based casinos face state casino levies (broadly 20%–80% of gross gaming revenue); lotteries are a state monopoly
  • Financial requirement — a minimum security deposit of around EUR 5 million
  • Minimum age — 18; operators are AML obliged entities
  • No EU passport — gambling is licensed nationally

Last verified: July 2026. Reference rate: USD 1 = EUR 0.87 (EUR 1 = USD 1.15).

Germany is a strict, euro-area jurisdiction: crypto runs under MiCAR with BaFin on a base of its pioneering crypto-custody regime, payments sit under the ZAG, and gambling is a federally structured GlüStV 2021 market where the GGL licenses online betting, slots and poker but online casino table games stay with the Länder.

Is there a crypto licence in Germany?

Yes. Germany applies MiCAR through the FinmadiG and KMAG, with BaFin authorising and supervising CASPs and ART/EMT issuers. The 12-month transition ended 31 December 2025, so operating now requires a BaFin authorisation, a valid MiCA passport, or an Article 60 notification.

The legal foundation:

  • Regulation (EU) 2023/1114 (MiCAR) — the directly applicable EU framework for offerings, admission and crypto-asset services
  • FinmadiG and KMAG — implement MiCAR in German law and designate BaFin, with the KMZÜV setting a simplified fast-track
  • German AML Act (GwG) — AML/CFT obligations and FIU reporting
  • Regulation (EU) 2023/1113 — Travel Rule for crypto-asset transfers

Structure:

  • A German entity (commonly a GmbH or AG) with a registered office, real local presence and qualified management
  • MiCAR own-funds floors by class — EUR 50,000 (Class 1), EUR 125,000 (Class 2), EUR 150,000 (Class 3) — with the higher of the floor or a fixed-overheads measure
  • AML systems with a mandatory AML officer, a white paper for in-scope offerings, custody and client-asset segregation, ICT and cybersecurity documentation, a three-year business plan, and disclosure of beneficial owners — submitted to BaFin

Operational reality:

  • Germany offers a deep market and a credible, well-established CASP base, but BaFin is thorough and enforcement-minded, with a proactive "name-and-warn" approach
  • The favourable one-year tax-free rule for private investors is a notable feature of the wider environment, though it does not bear on the licence itself
  • New activity should be structured through a BaFin authorisation, a valid passport or an Article 60 notification — not the closed transitional regime

Official CASP roadmap: BaFin is the sole CASP authority and publishes MiCAR guidance through its crypto-assets pages, accepts applications, operated a simplified fast-track (KMZÜV) for previously regulated providers, and maintains its supervised-entities register; the 12-month transition ended 31 December 2025, after which firms need a BaFin authorisation or a valid passport.

Payments & E-money (BaFin — PSD2 / EMD2)

Best for payment, remittance, acquiring, wallet and open-banking operators that want a large, EU-credible euro-area base.

What it is: Authorisation as a payment institution or e-money institution under the ZAG, supervised by BaFin and passportable across the EEA.

Who it suits: Money-remittance and transfer providers, acquirers, card and wallet issuers, payment-initiation and account-information providers, and e-money issuers (including stablecoin issuers, who must be EMIs or credit institutions).

Covers: The payment services under the ZAG — incoming and outgoing transactions, transfers, card and instrument-based payments, money remittance, payment initiation and account information — plus issuance of electronic money.

Operational requirement: A German entity; minimum initial capital by service type; ongoing own-funds and safeguarding of client funds; strong customer authentication; AML/CFT; DORA operational-resilience obligations; and fit-and-proper management.

Headline figures

  • Primary instruments: Payment Services Supervision Act (ZAG, PSD2 / EMD2); Instant Payments Regulation (EU) 2024/886; DORA (Regulation (EU) 2022/2554)
  • Regulator: BaFin (authorisation and supervision)
  • Entry capital: payment institutions EUR 20,000 / 50,000 / 125,000 by service type; e-money institutions EUR 350,000
  • Instant payments: euro instant payments receiving from 9 January 2025 and sending from 9 October 2025
  • Reform pipeline: PSD3 / PSR — political agreement November 2025, compromise texts April 2026, adoption expected during 2026; EMD2 to be repealed and EMIs folded into payment institutions
  • Currency: euro (euro-area member); no exchange controls

Is there a gambling licence in Germany?

Yes. The GGL licenses online sports betting, horse-race betting, virtual slots and poker nationwide under the GlüStV 2021, while online casino table games are licensed at Länder level and lotteries remain a state monopoly.

The legal foundation:

  • Interstate Treaty on Gambling 2021 (GlüStV 2021) — the federal framework, in force 1 July 2021
  • Race Betting and Lottery Act — gambling taxation; state gambling acts govern land-based gambling
  • GGL — nationwide online licensing and supervision; the 16 Länder regulate land-based gambling and online table games

Structure:

  • GGL licences cover online sports betting, horse-race betting, virtual slots and online poker, valid for five years
  • Operators must integrate the LUGAS deposit-monitoring and OASIS self-exclusion systems and verify player identity
  • Online casino table games are a Länder matter, often restricted or monopolised; lotteries are a state monopoly

Gambling — Nationwide online licence (GGL)

Best for well-capitalised operators able to meet Germany's strict limits and technical-integration requirements; the market is large but heavily restricted.

What it is: A GGL licence to offer online sports betting, virtual slots or online poker to German players, valid for five years.

Who it suits: Operators able to post the security deposit, meet the GlüStV limits and integrate German systems.

Covers: The licensed online verticals; online casino table games require a separate Länder licence.

Operational requirement: LUGAS and OASIS integration, ID verification, the EUR 1,000 monthly deposit cap, the EUR 1 slot-stake limit and other GlüStV limits, AML/CFT and strict advertising compliance.

Headline figures

  • Primary instruments: GlüStV 2021; Race Betting and Lottery Act
  • Regulators: GGL (online); the 16 Länder (land-based and online table games)
  • Costs: minimum security deposit around EUR 5 million; GGL licence fees
  • Tax: 5.3% of stakes on sports betting, virtual slots and online poker; state casino levies (broadly 20%–80% of GGR) for land-based casinos
  • Limits: EUR 1,000 monthly deposit cap, EUR 1 slot stake, four-table poker cap, no live-dealer or progressive-jackpot games nationwide
  • Player protection: minimum age 18; OASIS self-exclusion; ID verification

Costs and timelines at a glance

  • Crypto: MiCAR via FinmadiG/KMAG, BaFin for CASPs/ARTs/EMTs; own-funds floors EUR 50,000 / 125,000 / 150,000 by class; Article 63 timeline of a 25-working-day completeness check plus a 40-working-day decision; transitional regime closed 31 December 2025
  • Payments primary instruments: ZAG (PSD2 / EMD2); Instant Payments Regulation (EU) 2024/886; DORA
  • Payments regulator: BaFin; banking licences via the ECB/SSM (banking-union member)
  • Reform pipeline: PSD3 / PSR — agreement November 2025, compromise texts April 2026, adoption expected during 2026
  • Gambling: GlüStV 2021 — GGL nationwide online licences (sports betting, virtual slots, poker); online casino table games at Länder level; 5.3% stake tax; ~EUR 5 million security deposit
  • Tax: crypto gains tax-free for private investors after a one-year holding period; short-term gains taxed at income rates above EUR 1,000
  • Currency: euro (euro-area and banking-union member); no exchange controls
  • FX: USD 1 = EUR 0.87 (EUR 1 = USD 1.15)

Who Germany suits and who it does not

Suitable for

  • Crypto exchanges, custodians and token issuers wanting a MiCAR CASP authorisation from a strict, credible supervisor in a deep market, with EEA passporting
  • Crypto-custody providers building on Germany's established custody-licensing heritage
  • Already-licensed banks, investment firms, payment and e-money institutions that can add crypto-asset services through the Article 60 notification route
  • Payment, remittance, acquiring, wallet and open-banking operators (and stablecoin issuers via the EMI route) seeking a large euro-area base
  • Long-term crypto investors, given the one-year tax-free rule for private disposals
  • Well-capitalised online sports-betting, slots and poker operators able to meet the GlüStV limits

Not suitable for

  • Firms wanting a light-touch crypto regime — BaFin is thorough and enforcement-oriented
  • Providers relying on a former crypto-custody or VASP licence — the transition closed on 31 December 2025
  • Online casino operators expecting a single nationwide licence — table games are a Länder matter, often restricted or monopolised
  • Gambling operators unwilling to accept the EUR 1,000 deposit cap, EUR 1 slot stake and 5.3% stake tax
  • Payment or e-money firms expecting to avoid EU prudential, safeguarding, DORA or AML obligations

Ready to launch without the regulatory guesswork?

Book a 30-minute consultation with a senior advisor and talk through your route.

Get Started