Licentium

Fintech Licensing Hub

Luxembourg

Luxembourg regulates crypto under MiCA through the Law of 6 February 2025, with the CSSF as competent authority; it took the full 18-month transition to 1 July 2026 off its national VASP regime, and has become a chosen EU hub for major firms such as Coinbase and Ripple. As a leading financial centre, Luxembourg hosts major payment and e-money institutions (including PayPal Europe and Amazon Payments Europe) licensed by the CSSF under the Law of 10 November 2009 (PSD2/EMD2), with the Instant Payments Regulation and DORA in force and PSD3/PSR moving toward adoption. Gambling is tightly restricted under the Law of 20 April 1977: only the state Loterie Nationale (lottery and sports betting) and Casino 2000 operate, with no private online licensing β€” and Luxembourg is in the euro area and banking union, and exempts individual crypto gains held more than six months from income tax.

Available licences

Crypto-Asset Service Provider authorisation (CSSF under MiCAR and the Law of 6 February 2025)

Custody, operation of a trading platform, exchange of crypto-assets for funds or other crypto-assets, execution, placing, reception and transmission of orders, advice, portfolio management and transfer services require CSSF authorisation under Article 63 MiCAR; an authorisation passports across the EEA.

Asset-Referenced Token (ART) issuer authorisation (CSSF)

Public offering or admission to trading of a token referencing a basket of values, rights or currencies requires authorisation as an ART issuer under Title III MiCAR, with reserve, custody and disclosure requirements.

E-Money Token (EMT) issuer (credit institution or EMI; CSSF)

EMTs (including fiat-backed stablecoins) may be issued only by an authorised credit institution or e-money institution, with redemption at par; the CSSF is the competent authority.

Article 60 MiCAR notification route (existing financial entities)

Credit institutions, central securities depositories, investment firms, market operators, e-money and payment institutions, UCITS management companies and AIFMs may provide specified crypto-asset services by notifying the CSSF at least 40 working days before starting.

Payment Institution authorisation (CSSF under the Law of 10 November 2009)

A licence to provide payment services, supervised by the CSSF and passportable across the EEA; Luxembourg hosts major global payment institutions using it as their EU base.

E-Money Institution authorisation (CSSF)

A licence to issue electronic money and provide related payment services, with EUR 350,000 minimum initial capital, supervised by the CSSF; major e-money issuers (such as PayPal Europe and Amazon Payments Europe) are licensed here.

Account Information and Payment Initiation Services (CSSF)

Open-banking providers β€” account information and payment initiation service providers β€” fall within the Law of 10 November 2009, supervised by the CSSF, with strong customer authentication.

Banking authorisation (CSSF and the ECB/SSM)

Deposit-taking and lending require a banking licence; in the banking union the European Central Bank grants the licence and directly supervises significant institutions, with the CSSF supervising less-significant ones.

Investment firm authorisation (CSSF β€” MiFID II)

Investment services in financial instruments require authorisation under the Luxembourg MiFID II framework, supervised by the CSSF.

Crypto fund vehicles (RAIF, SIF, SICAR β€” CSSF/AIFM)

Luxembourg's fund toolbox β€” including the Reserved Alternative Investment Fund (RAIF), Specialised Investment Fund (SIF) and SICAR β€” can be used for crypto-asset strategies aimed at well-informed investors, with the RAIF requiring no direct CSSF product approval.

Casino concession and gambling permits (Ministry of Justice)

Gambling is prohibited under the Law of 20 April 1977 except for narrowly authorised activities: a single land-based casino concession (Casino 2000) and the state Loterie Nationale's lottery and sports-betting monopoly; there is no private online-gambling licence.

Detailed overview

Luxembourg at a glance

Luxembourg combines a premier financial centre with a closed gambling monopoly. Crypto is supervised by the CSSF under the Law of 6 February 2025; the full 18-month transition ended 1 July 2026. Payments run under the Law of 10 November 2009 with the CSSF as supervisor and the Instant Payments Regulation and DORA in force. Gambling runs under the Law of 20 April 1977, overseen by the Ministry of Justice, with only the Loterie Nationale and Casino 2000 operating. The euro is the currency, and Luxembourg sits inside the euro area and banking union.

Crypto regime under MiCA β€” CSSF-led, institutional hub:

  • MiCA + national implementing law β€” Regulation (EU) 2023/1114 (MiCAR); the Law of 6 February 2025, designating the CSSF
  • Competent authority β€” the CSSF for CASP authorisation and ART/EMT supervision
  • Grandfathering β€” closed. Luxembourg adopted the full 18-month transition: VASPs registered with the CSSF before 30 December 2024 could continue until 1 July 2026 or until their CASP application was decided; that window has now expired
  • Pre-MiCA heritage β€” a national VASP registration with the CSSF (AML-focused), no longer available for first-time registration; MiCA adds prudential and conduct requirements and EU passporting
  • Institutional adoption β€” Luxembourg's financial-centre credibility has attracted major CASP applicants, including Coinbase (licensed June 2025) and Ripple (a CSSF "green light" for its CASP licence in June 2026), alongside its earlier EMI authorisations
  • Notification route β€” already-authorised financial entities may notify the CSSF to provide crypto-asset services within their existing authorisation
  • AML/CFT β€” Luxembourg AML law (Law of 12 November 2004, as amended) applies, with the CRF; the EU AML package (Regulation (EU) 2024/1624 / AMLR, with AMLA in Frankfurt) applies from 10 July 2027
  • TFR / DORA β€” the Travel Rule (Regulation (EU) 2023/1113) applies from 30 December 2024 and DORA from 17 January 2025; DAC8 is implemented by the Law of 27 March 2026
  • Tax β€” for private individuals, crypto gains on assets held more than six months are exempt from income tax; gains on assets held less than six months are speculative, taxed at progressive rates (up to around 42% plus surcharges) above a EUR 500 annual threshold, and crypto-to-crypto is a taxable disposal. Traders are taxed on business profits. Companies are taxed on crypto gains under ordinary corporate tax (an aggregate rate of roughly 24%), with net wealth tax also relevant

Payments and e-money regime (CSSF-led, major hub):

  • PSD2 β€” Directive (EU) 2015/2366; transposed by the Law of 10 November 2009 on payment services, supervised by the CSSF
  • Payment Institution licensing β€” initial capital EUR 20,000 (money remittance), EUR 50,000 (payment initiation) and EUR 125,000 (other payment services)
  • EMD2 / E-Money Institution β€” Directive 2009/110/EC; EUR 350,000 initial capital; Luxembourg is the EU base for several global e-money issuers; stablecoin (EMT) issuers must be EMIs or credit institutions
  • Instant Payments Regulation (Regulation (EU) 2024/886) β€” euro instant payments: receiving applicable from 9 January 2025 and sending from 9 October 2025
  • DORA (Regulation (EU) 2022/2554) β€” applicable from 17 January 2025
  • PSD3 / PSR β€” Commission proposals of 28 June 2023; provisional political agreement reached 27 November 2025, with final compromise texts published 23 April 2026 and formal adoption expected during 2026; the package will repeal PSD2 and EMD2 and fold e-money institutions into payment institutions
  • Banking β€” in the banking union the ECB grants banking licences and directly supervises significant institutions, with the CSSF supervising less-significant ones
  • Currency: euro (founding member); no exchange controls

Gambling regime β€” closed state monopoly:

  • Law of 20 April 1977 (Gambling Law) β€” prohibits games of chance except where expressly authorised; the Ministry of Justice oversees gambling, and there is no dedicated gambling regulator
  • Operators β€” only two: the state Loterie Nationale (a monopoly on lottery and sports betting, online via LoterieSport.lu) and Casino 2000 (the sole land-based casino, under the Grand Ducal Regulation of 12 February 1979)
  • Online gambling β€” there is no private online-gambling licence; only the Loterie Nationale's state-sanctioned channels are lawful, and foreign online licences have no standing
  • Tax β€” Casino 2000 pays gambling tax on its gross gaming revenue under its concession; Loterie Nationale proceeds are redistributed to charitable causes through the Ε’uvre Nationale de Secours Grande-Duchesse Charlotte
  • Reform β€” a reform of the 1977 law is under way: Draft Law 8679 (introduced January 2026) strengthens enforcement against illegal machines, with a second phase to address online gambling and possibly a single online concession for Casino 2000
  • Minimum age β€” 18; no EU passport (gambling is licensed nationally)

Last verified: July 2026. Reference rate: USD 1 = EUR 0.87 (EUR 1 = USD 1.15).

Luxembourg is a premier-financial-centre, euro-area jurisdiction: crypto runs under MiCAR with the CSSF and has drawn major institutional players, payments sit at a leading EU e-money hub, and gambling is a closed state monopoly limited to the Loterie Nationale and a single casino.

Is there a crypto licence in Luxembourg?

Yes. Luxembourg applies MiCAR through the Law of 6 February 2025, with the CSSF authorising and supervising CASPs and ART/EMT issuers. The full 18-month transition ended 1 July 2026, so operating now requires a CSSF authorisation, a valid MiCA passport, or an Article 60 notification.

The legal foundation:

  • Regulation (EU) 2023/1114 (MiCAR) β€” the directly applicable EU framework for offerings, admission and crypto-asset services
  • Law of 6 February 2025 β€” designates the CSSF as competent authority
  • Law of 12 November 2004 (AML) β€” AML/CFT obligations, with the CRF
  • Regulation (EU) 2023/1113 β€” Travel Rule for crypto-asset transfers

Structure:

  • A Luxembourg entity with genuine substance, fit-and-proper management and qualifying shareholders
  • MiCAR own-funds floors by class β€” EUR 50,000 (Class 1), EUR 125,000 (Class 2), EUR 150,000 (Class 3) β€” with the higher of the floor or a fixed-overheads measure
  • AML systems, a white paper for in-scope offerings, custody and client-asset segregation, ICT and governance documentation, market-abuse reporting, and a business plan β€” submitted to the CSSF after a preliminary dialogue

Operational reality:

  • The CSSF is detailed and substance-focused, so timelines are longer than in lighter-touch jurisdictions, but a Luxembourg authorisation carries strong institutional credibility β€” a reason major players have chosen it as an EU base
  • The six-month tax-free rule for private investors and Luxembourg's fund toolbox are attractive features of the wider environment
  • New activity should be structured through a CSSF authorisation, a valid passport or an Article 60 notification β€” not the closed transitional regime

Official CASP roadmap: The CSSF maintains a dedicated MiCA/MiCAR page covering the Law of 6 February 2025, the authorisation and notification routes, contact points and forms, and invites applicants to a preliminary dialogue before filing; the full 18-month transition ended 1 July 2026.

Payments & E-money (CSSF β€” PSD2 / EMD2)

Best for payment, remittance, acquiring, wallet and e-money operators that want a top-tier EU financial centre and a proven passporting base.

What it is: Authorisation as a payment institution or e-money institution under the Law of 10 November 2009, supervised by the CSSF and passportable across the EEA.

Who it suits: Money-remittance and transfer providers, acquirers, card and wallet issuers, payment-initiation and account-information providers, and e-money issuers (including stablecoin issuers, who must be EMIs or credit institutions) β€” Luxembourg is the EU home of several global payment groups.

Covers: The payment services under the Law of 10 November 2009 β€” incoming and outgoing transactions, transfers, card and instrument-based payments, money remittance, payment initiation and account information β€” plus issuance of electronic money.

Operational requirement: A Luxembourg entity with real substance; minimum initial capital by service type; ongoing own-funds and safeguarding of client funds; strong customer authentication; AML/CFT; DORA operational-resilience obligations; and fit-and-proper management.

Headline figures

  • Primary instruments: Law of 10 November 2009 (PSD2 / EMD2); Instant Payments Regulation (EU) 2024/886; DORA (Regulation (EU) 2022/2554)
  • Regulator: CSSF (authorisation and supervision)
  • Entry capital: payment institutions EUR 20,000 / 50,000 / 125,000 by service type; e-money institutions EUR 350,000
  • Instant payments: euro instant payments receiving from 9 January 2025 and sending from 9 October 2025
  • Reform pipeline: PSD3 / PSR β€” political agreement November 2025, compromise texts April 2026, adoption expected during 2026; EMD2 to be repealed and EMIs folded into payment institutions
  • Currency: euro (euro-area member); no exchange controls

Is there a gambling licence in Luxembourg?

Largely no. Gambling is prohibited under the Law of 20 April 1977 except for the state Loterie Nationale (lottery and sports betting) and a single casino concession (Casino 2000); there is no private online-gambling licence.

The legal foundation:

  • Law of 20 April 1977 (Gambling Law) β€” a general prohibition with narrow exceptions
  • Grand Ducal Regulation of 12 February 1979 β€” the casino concession (Casino 2000)
  • Ministry of Justice β€” oversight; there is no dedicated gambling regulator

Structure:

  • Only the Loterie Nationale (lottery and sports betting, including online via LoterieSport.lu) and Casino 2000 may operate
  • Private online casino, betting and poker are not licensable, and foreign online licences have no standing
  • A reform of the 1977 law is in progress (Draft Law 8679, January 2026), with online gambling to be addressed in a second phase

Gambling β€” Closed monopoly (Ministry of Justice)

Not open to private operators; the market is reserved to the state Loterie Nationale and the single Casino 2000 concession.

What it is: A state-monopoly model β€” no commercial gambling licences are issued to private operators.

Who it suits: Effectively only the incumbent state operator and the sole casino concessionaire; new market entry is not currently possible.

Covers: Lottery and sports betting (Loterie Nationale) and land-based casino games (Casino 2000).

Operational requirement: AML obligations apply to Casino 2000 as an obliged entity, with reporting to the CRF; the reform may introduce geoblocking and enhanced player protection.

Headline figures

  • Primary instruments: Law of 20 April 1977; Grand Ducal Regulation of 12 February 1979
  • Regulator: Ministry of Justice (no dedicated gambling authority)
  • Operators: Loterie Nationale (lottery and sports-betting monopoly); Casino 2000 (sole land-based casino)
  • Online: no private online-gambling licence; only Loterie Nationale's channels are lawful
  • Tax: Casino 2000 taxed on GGR under its concession; Loterie Nationale proceeds redistributed to charity
  • Reform: Draft Law 8679 (January 2026), with online gambling in a second phase; minimum age 18

Costs and timelines at a glance

  • Crypto: MiCAR via the Law of 6 February 2025, CSSF for CASPs/ARTs/EMTs; own-funds floors EUR 50,000 / 125,000 / 150,000 by class; 40-working-day decision after completeness (plan for around twelve months); transition closed 1 July 2026
  • Payments primary instruments: Law of 10 November 2009 (PSD2 / EMD2); Instant Payments Regulation (EU) 2024/886; DORA
  • Payments regulator: CSSF; banking licences via the ECB/SSM (banking-union member)
  • Reform pipeline: PSD3 / PSR β€” agreement November 2025, compromise texts April 2026, adoption expected during 2026
  • Gambling: closed state monopoly (Loterie Nationale and Casino 2000); no private online licence; reform under way
  • Tax: corporate aggregate rate roughly 24%; individual crypto gains tax-free if held more than six months (speculative gains up to ~42% above a EUR 500 threshold)
  • Currency: euro (euro-area and banking-union member); no exchange controls
  • FX: USD 1 = EUR 0.87 (EUR 1 = USD 1.15)

Who Luxembourg suits and who it does not

Suitable for

  • Crypto exchanges, custodians and token issuers seeking an institutionally credible MiCAR CASP authorisation and EEA passporting from a premier financial centre
  • Stablecoin (EMT) issuers and fintechs that value Luxembourg's deep banking, fund and e-money ecosystem
  • Payment and e-money groups wanting the EU base chosen by several global payment institutions
  • Crypto funds and asset managers using Luxembourg's RAIF/SIF/SICAR vehicles
  • Long-term private crypto investors, given the six-month tax-free rule

Not suitable for

  • Firms wanting a fast, light-touch crypto authorisation β€” the CSSF is detailed and substance-focused, with longer timelines
  • Providers relying on a former VASP registration β€” the transition closed on 1 July 2026
  • Letterbox structures β€” the CSSF and the tax authorities scrutinise genuine economic substance
  • Private gambling operators of any kind β€” the market is a closed state monopoly with no private (including online) licensing
  • Payment or e-money firms expecting to avoid EU prudential, safeguarding, DORA or AML obligations

Ready to launch without the regulatory guesswork?

Book a 30-minute consultation with a senior advisor and talk through your route.

Get Started