Licentium

Fintech Licensing Hub

Gibraltar

Gibraltar is a low-tax British Overseas Territory and a pioneer in crypto regulation, with a major established e-money and online-gambling sector. Crypto runs under the Distributed Ledger Technology (DLT) Framework — the world's first, since 1 January 2018 — under which the GFSC authorises DLT Providers against ten regulatory principles, plus VASP/AML registration under the Proceeds of Crime Act 2015; Gibraltar is outside the EU so MiCA does not apply (the GFSC is aligning with it), recognised crypto as personal property in 2026 and is building a first-of-its-kind crypto clearing-and-settlement regime. Payments run under the Financial Services Act 2019 with direct UK market access via the Gibraltar Authorisation Regime, and gambling (around 30% of GDP) is regulated by the Gambling Commissioner under the new Gambling Act 2025 (passed 18 March 2026) — six licence categories, substantive-presence rules, a low 0.15% gaming tax but a heavy dual burden from the UK's 40% Remote Gaming Duty.

Available licences

Crypto — DLT Provider Authorisation (GFSC; Financial Services Act 2019)

Crypto — VASP / POCA AML Registration (GFSC; Proceeds of Crime Act 2015)

Crypto — Token Sales Registration (GFSC; POCA Registration Regulations 2021)

Payments — E-money Institution Authorisation (GFSC; Financial Services Act 2019)

Payments — Payment Institution / PSP Authorisation (GFSC; Financial Services Act 2019)

Banking — Banking Licence (GFSC; Financial Services Act 2019)

Gambling — B2C Operator Licence (Gambling Commissioner; Gambling Act 2025)

Gambling — B2B Supplier Licence (Gambling Commissioner; Gambling Act 2025)

Gambling — Gambling Operator Support Services Licence (Gambling Commissioner; Gambling Act 2025)

Detailed overview

Gibraltar at a glance

Gibraltar is a low-tax British Overseas Territory that pioneered crypto regulation and hosts a major e-money and gambling sector. Crypto runs under the DLT Framework (world's first, since 1 January 2018): the GFSC authorises DLT Providers against ten principles, plus VASP/AML registration under POCA. Outside the EU, MiCA does not apply (though the GFSC aligns with it); Gibraltar recognised crypto as personal property in 2026 and is building a crypto clearing-and-settlement regime. Payments run under the Financial Services Act 2019 (e-money and payment institutions), with direct UK access via the GAR. Gambling (around 30% of GDP) is regulated by the Gambling Commissioner under the new Gambling Act 2025 (passed 18 March 2026) — substantive presence, six licence categories, a low 0.15% gaming tax, but a heavy dual burden from the UK's 40% Remote Gaming Duty.

Crypto regime — the original bespoke framework, substance-based, UK-gateway:

  • DLT Framework (from 1 January 2018) — the world's first dedicated crypto framework; the Financial Services (DLT Providers) Regulations under the Financial Services Act 2019 (section 139); the GFSC authorises DLT Providers using DLT to store or transmit third-party value
  • Ten regulatory principles — principles-based and risk-based (honesty/integrity, governance, financial soundness, client-asset protection, financial-crime systems, resilience, and — since 2021 — market integrity), applied proportionately to scale and risk
  • POCA AML layer — VASPs register with the GFSC and comply with AML/CFT and the FATF travel rule (since March 2021); token sellers register under the POCA registration regulations; many out-of-DLT-scope activities still fall within AML
  • MiCA and market access — Gibraltar is outside the EU, so MiCA does not apply, but the GFSC is progressively aligning the DLT Framework with MiCA, and firms serving EU users must comply with MiCA; many groups run a dual structure (an EU MiCA entity plus Gibraltar for worldwide business); Gibraltar uniquely retains direct UK market access
  • 2026 developments — the Property (Digital Assets) Bill 2026 (passed 18 March 2026) recognises crypto-tokens as personal property (mirroring the UK's 2025 Act); Gibraltar is building a first-of-its-kind crypto clearing-and-settlement regime (with the GFSC and the exchange Bullish); the DLT Regulations are being updated, likely folding VASP registration into the DLT regime
  • Tax — no capital-gains or dividend tax; corporate income tax at 15%; no VAT
  • A reputable, substance-first jurisdiction (home to early crypto funds and exchanges), not a light-touch flag

Payments and e-money regime (Financial Services Act 2019):

  • E-money and payment institutions — the GFSC authorises EMIs and PIs/PSPs under the retained EU e-money and PSD2-derived framework, with regulatory capital, safeguarding of customer funds and conduct requirements
  • Gibraltar Authorisation Regime (GAR) — the permanent post-Brexit framework giving Gibraltar financial-services firms (including EMIs and PSPs) direct access to the UK market; Gibraltar is the only jurisdiction with this access, though EU passporting was lost at Brexit
  • Banking — GFSC banking authorisation under the Financial Services Act 2019
  • AML/CFT — POCA and GFSC supervision; GFIU as the Financial Intelligence Unit; Gibraltar removed from the FATF grey list (February 2024) and the EU high-risk list (March 2024)
  • Currency: the Gibraltar pound, issued at par with and interchangeable with sterling (GBP is legal tender); no exchange controls

Gambling regime — a major hub, newly overhauled:

  • New Gambling Act 2025 — passed unanimously by Parliament on 18 March 2026, replacing the Gambling Act 2005; a flexible, risk-based, substance-driven framework; the Minister is the Licensing Authority and the Gambling Commissioner (with the Gambling Division) supervises and enforces
  • Expanded scope — regulated activity now extends beyond B2C/B2B to "Gambling Operator Support Services" (advertising, marketing, affiliates, customer care/CRM, and holding/managing customer funds) and to significant ownership (Gibraltar entities holding more than 25% or exercising significant influence); an approved-persons regime vets senior decision-makers
  • Substance and licences — six licence categories; an application fee of £10,000 per licence type; substantive-presence requirements (staff, offices, infrastructure, local tax) to eliminate "brass plate" operations; a six-month transitional licence for newly in-scope activities
  • Scale — around 54 licensed operators, 3,400+ employees and roughly 30% of GDP; major operators include Entain (Ladbrokes/Coral), William Hill, 888, BetVictor and Betfred, with B2B suppliers such as IGT, Blueprint and Pariplay
  • Tax — a low gaming tax of 0.15% of gross gambling yield (capped at £425,000, minimum £85,000 per licence); corporate income tax 15%; no VAT
  • UK dual regime and tax pressure — UK-facing operators (the UK is around 75% of sector revenue) also need a UK Gambling Commission licence; the UK's Remote Gaming Duty rose from 21% to 40% on 1 April 2026 (and General Betting Duty rises to 25% from April 2027), a major headwind driving the new Act and market diversification (including into prediction markets)
  • The Gambling Commissioner is also the AML/CFT regulator for gambling under POCA; FATF/Moneyval pressure (grey list June 2022, removed February 2024) drove much of the reform

Last verified: May 2026. Reference rate: USD 1 = GBP 0.74. The Gibraltar pound is issued at par with, and interchangeable with, pounds sterling (GBP is legal tender in Gibraltar); there are no exchange controls.

Gibraltar is a low-tax, twin-regulator jurisdiction: the GFSC runs the pioneering DLT crypto framework (plus POCA AML and a new crypto clearing regime) and authorises e-money and payment institutions with unique direct UK market access, while the Gambling Commissioner oversees a major online-gambling sector newly modernised by the Gambling Act 2025 — substance-driven, broader in scope, low-taxed locally but squeezed by the UK's 40% Remote Gaming Duty.

Is there a crypto licence in Gibraltar?

Yes — the original one. Since 1 January 2018, the GFSC has authorised DLT Providers (firms that store or transmit third-party crypto value) against ten regulatory principles, layered with POCA AML registration. Gibraltar is outside the EU (so MiCA does not apply directly), but aligns with it, retains direct UK access, and in 2026 recognised crypto as personal property and began building a crypto clearing regime.

The legal foundation:

  • Financial Services Act 2019 + DLT Provider Regulations — DLT Provider authorisation (ten principles)
  • Proceeds of Crime Act 2015 — VASP/AML registration; FATF travel rule; token-sales registration
  • Property (Digital Assets) Bill 2026 — crypto-tokens recognised as personal property
  • MiCA alignment — for EU market access (MiCA does not apply in Gibraltar itself)

Structure:

  • A Gibraltar entity with a real board and presence, financial soundness, custody and client-asset protection, AML/CFT systems and market-integrity controls; DLT Provider authorisation where the firm controls third-party crypto-assets
  • POCA AML registration for VASP activity and token sales; many out-of-DLT-scope activities still fall within AML
  • Many groups pair a Gibraltar authorisation (worldwide/UK) with an EU MiCA entity (EU customers)

Operational reality:

  • Gibraltar offers a tested, reputable, principles-based regime and the only direct UK gateway — but it is substance-first and not light-touch, with 9–18 month authorisation timelines
  • The new clearing-and-settlement regime and personal-property recognition deepen the institutional offering
  • Gibraltar authorisations do not passport into the EU (a MiCA CASP authorisation is separate); independent Gibraltar legal and tax counsel and early, proactive GFSC engagement are advised

Payments & E-money (GFSC — Financial Services Act 2019)

Best for e-money, payment and remittance businesses that want a reputable, low-tax base with direct UK market access; Gibraltar authorises EMIs and PIs under its retained EU-derived framework.

What it is: A GFSC authorisation regime under the Financial Services Act 2019 for e-money institutions and payment institutions (derived from the EU e-money and PSD2 frameworks), with the Gibraltar Authorisation Regime providing UK market access.

Who it suits: E-money issuers, payment and remittance providers, acquirers and payment-initiation services targeting the UK and international markets, and (via the DLT route) crypto on/off-ramp and stablecoin operators; plus banks.

Covers: Electronic-money issuance, payment services (remittance, acquiring, account and initiation services), and deposit-taking via banking authorisation; stablecoin activity via the DLT framework.

Operational requirement: A Gibraltar entity; GFSC authorisation (EMI/PI capital thresholds, safeguarding of customer funds, fit-and-proper management); the Gibraltar Authorisation Regime for UK access; AML/CFT under POCA; GFSC conduct supervision.

Headline figures

  • Primary instruments: Financial Services Act 2019 (e-money and payment-services provisions); Gibraltar Authorisation Regime; Proceeds of Crime Act 2015
  • Regulators: GFSC (EMI/PI/banking); GFIU (financial intelligence)
  • Market access: direct UK access via the GAR; no EU passport (lost at Brexit)
  • Requirements: regulatory capital, safeguarding, fit-and-proper management
  • Tax: corporate income tax 15%; no VAT; no capital-gains tax
  • Currency: Gibraltar pound at par with GBP; no exchange controls

Is there a gambling licence in Gibraltar?

Yes — and the regime was just overhauled. The Gambling Commissioner licenses gambling under the new Gambling Act 2025 (passed 18 March 2026, replacing the 2005 Act), with six licence categories spanning B2C, B2B and support services, substantive-presence requirements and an approved-persons regime. Gaming tax is low (0.15% of gross gambling yield), but UK-facing operators face the UK's 40% Remote Gaming Duty.

The legal foundation:

  • Gambling Act 2025 — modern, risk-based, substance-driven framework (Minister as Licensing Authority; Gambling Commissioner supervises)
  • Expanded regulated activity — B2C, B2B, and Gambling Operator Support Services (marketing, affiliates, customer funds), plus significant-ownership oversight
  • POCA 2015 — AML/CFT (Gambling Commissioner as AML regulator)
  • UK dual regime — UK Gambling Commission licence required for UK customers; UK point-of-consumption taxes apply

Structure:

  • B2C operators — casino, sportsbook/betting and intermediary licences; genuine substance, probity vetting, approved persons, responsible-gambling and AML controls, game/RNG testing
  • B2B suppliers — platforms, games suppliers, aggregators, software providers
  • Support services — marketing, affiliates, CRM, customer-fund holding (newly licensable)
  • Transitional — a six-month transitional licence for newly in-scope activities; minimum age and player-protection controls apply

Gambling — B2C / B2B / Support Services Licences (Gambling Commissioner; Gambling Act 2025)

Best for established, well-capitalised operators and suppliers willing to maintain genuine Gibraltar substance; less suited to brass-plate or lowest-cost setups, which the 2025 Act targets.

What it is: A Gambling Commissioner licence under the Gambling Act 2025 for B2C operation, B2B supply, or Gambling Operator Support Services, with substantive presence, probity, approved-persons and AML requirements.

Who it suits: Major B2C operators (casino/sportsbook), B2B games and platform suppliers, and marketing/affiliate/fund-holding support businesses seeking a reputable, low-gaming-tax base with UK access; not brass-plate operators.

Covers: Online casino, betting and intermediary services (B2C); platforms, games and software (B2B); marketing, affiliates, CRM and customer-fund management (support services).

Operational requirement: A Gibraltar entity with genuine economic substance (staff, offices, infrastructure, local tax); probity and financial vetting; an approved-persons regime; responsible-gambling and AML/CFT controls; independent game/RNG testing; a UK Gambling Commission licence for UK-facing business.

Headline figures

  • Primary instruments: Gambling Act 2025; Proceeds of Crime Act 2015 (AML)
  • Regulators: Gambling Commissioner / Gambling Division (supervision, AML); Minister (Licensing Authority)
  • Licence categories: six (B2C, B2B, support services and others); application fee £10,000 per licence type
  • Tax: gaming tax 0.15% of gross gambling yield (capped £425,000, minimum £85,000 per licence); corporate income tax 15%; no VAT
  • UK burden: UK Gambling Commission licence required for UK customers; UK Remote Gaming Duty 40% (from 1 April 2026)
  • Player protection: approved persons, responsible-gambling and AML controls; game/RNG testing

Costs and timelines at a glance

  • Crypto: DLT Provider authorisation (GFSC; FSA 2019; ten principles; ~9–18 months; pre-application ~£2,100, full application ~£8,400–£29,400; annual base + 0.1% trade-activity fee capped £75,000 + additional fee) plus POCA VASP/AML registration; MiCA does not apply (alignment in progress); UK access retained; crypto recognised as personal property (2026); clearing-and-settlement regime in development; 15% corporate tax, no CGT/VAT
  • Payments primary instruments: Financial Services Act 2019 (e-money/payment services); Gibraltar Authorisation Regime; Proceeds of Crime Act 2015
  • Payments regulators: GFSC (EMI/PI/banking); GFIU (FIU)
  • Market access: direct UK access via the GAR; no EU passport
  • Reform pipeline: DLT Regs update (folding in VASP registration); crypto clearing-and-settlement regime; MiCA alignment
  • Gambling: new Gambling Act 2025 (passed 18 March 2026); Gambling Commissioner; six licence categories (£10,000 application per type); substantive presence; gaming tax 0.15% of GGY (capped £425,000); UK dual regime with 40% Remote Gaming Duty (from 1 April 2026)
  • Currency: Gibraltar pound at par with GBP; no exchange controls
  • FX: USD 1 = GBP 0.74

Who Gibraltar suits and who it does not

Suitable for

  • Crypto exchanges, custodians, OTC desks and wallet providers able to meet the DLT Provider standards (real substance, financial soundness, client-asset protection, market integrity), wanting a tested framework and direct UK access
  • Institutional digital-asset, clearing/settlement and tokenisation businesses attracted by Gibraltar's pioneering regime, personal-property recognition and MiCA-alignment pathway
  • E-money, payment and remittance firms that want UK market access via the Gibraltar Authorisation Regime and a low-tax, no-VAT base
  • Established online-gambling operators and B2B/support suppliers able to maintain genuine Gibraltar substance under the 2025 Act and absorb the UK dual regime
  • Groups valuing an English-speaking, UK-common-law, low-tax jurisdiction with a single financial regulator (GFSC) and a specialised gambling regulator

Not suitable for

  • Firms wanting a light-touch or brass-plate base — Gibraltar's DLT and 2025 gambling regimes are substance-first, and the gambling Act explicitly targets minimal-presence operators
  • Crypto or payment businesses needing EU passporting — Gibraltar is outside the EU and does not passport (a MiCA CASP authorisation is separate), though it aligns with MiCA
  • Gambling operators heavily exposed to the UK market and unable to absorb the 40% Remote Gaming Duty and dual UK/Gibraltar regulation
  • Operators seeking the lowest-cost, fastest licensing — Gibraltar prioritises reputation, substance and standards over speed and volume
  • Businesses seeking direct EU consumer-market access rather than a UK-facing, internationally oriented, low-tax base

Ready to launch without the regulatory guesswork?

Book a 30-minute consultation with a senior advisor and talk through your route.

Get Started