MiCA CASP Wind-Down: What Unauthorised Providers Must Do as the Transitional Period Ends on 1 July 2026

Last updated: June 2026

MiCA CASP wind-down becomes the immediate operating question where a crypto-asset service provider reaches the end of its applicable transitional period, and in all cases 1 July 2026, without a MiCA authorisation. The provider cannot keep trading. It cannot onboard. In most cases it cannot even continue holding client crypto-assets except for the short window needed to hand them back. ESMA put numbers and obligations around that moment in a public statement dated 23 June 2026, and the gap between “still operating” and “must wind down” is now a calendar date, not a negotiation.

The MiCA transitional period, set out in Article 143 of Regulation (EU) 2023/1114, gave providers that were already active under national law before 30 December 2024 extra time to either secure a MiCA authorisation under Article 63 or stop. That runway ends on 1 July 2026 at the latest, and in several Member States it ended earlier. This article walks through what an unauthorised CASP wind-down actually requires: the five operational steps ESMA expects, the client-asset and custody rules that keep running during the exit, the AML obligations that do not pause, and the traps that catch firms operating across more than one Member State.

Related reading: EC MiCAR review consultation: what European CASPs should track

What the 1 July 2026 deadline actually is

Article 143(3) of MiCA reads that crypto-asset service providers which provided their services in accordance with applicable law before 30 December 2024 “may continue to do so until 1 July 2026 or until they are granted or refused an authorisation pursuant to Article 63, whichever is sooner.” That single sentence carries the whole transitional regime. Two events end it: the calendar reaching 1 July 2026, or the home competent authority granting or refusing the Article 63 authorisation. The earlier of the two wins.

The date is not uniform across the EU, and this is the first thing teams get wrong. The same Article 143(3) lets Member States decline to apply the transitional regime, or shorten it, where they judge their pre-MiCA national framework to be less strict than MiCA. ESMA’s published list of grandfathering periods shows the result, while noting that some periods were communicated by national competent authorities as current expectations and may not yet have been incorporated into national law. On that list, Luxembourg, France, Spain, Italy, the Netherlands and others sit at different lengths, from six months to eighteen. The Netherlands, Poland, Hungary, Slovenia, Finland and Latvia are shown with six-month periods; Germany, Ireland, Lithuania, Austria, Slovakia and Norway with twelve; Sweden with nine. A provider that read “1 July 2026” as a single EU-wide cliff edge may already have run out of road in a host Member State months earlier.

What 1 July 2026 does represent is the hard outer limit. No national grandfathering period can run past it, because Article 143(3) caps the whole regime at that date. After it, an entity without an Article 63 authorisation is, in MiCA terms, an unauthorised CASP, regardless of whether its home Member State has finished updating national law. ESMA is explicit on that point in the 23 June 2026 statement: the wind-down expectation applies “irrespective whether the provisions of national law have been adjusted to MiCA in a Member State or not.”

Authorised, refused, or still pending: three very different positions

Not every provider arrives at the deadline in the same legal state, and the wind-down obligations only bite on one group. Three positions are worth separating.

A provider granted authorisation under Article 63 before 1 July 2026 is a fully authorised CASP with passporting rights across the EU. The unauthorised-CASP exit restrictions do not apply to it, but ESMA’s migration expectations still matter where it onboards clients from an unauthorised provider or group entity: the receiving CASP should run the necessary onboarding, customer due diligence and AML/CFT checks. A provider that applied in good time but remains unauthorised when its applicable transitional period ends is not allowed to keep providing crypto-asset services on the basis of the pending application. Article 143(3) permits pre-existing providers to continue only until the applicable transitional period ends, capped at 1 July 2026, or until Article 63 authorisation is granted or refused, whichever is sooner. ESMA’s 17 April 2026 statement says that after 1 July 2026 any entity providing crypto-asset services to EU clients without a MiCA licence will be in breach of EU law and must cease offering such services. The practical effect is that a pending applicant without an Article 63 authorisation must implement its wind-down plan when the applicable transitional period ends.

The group that the 23 June 2026 statement is written for is the third: providers that will reach 1 July 2026 unauthorised. ESMA names them directly, including “significant providers currently servicing EU clients under national regimes” that may not be authorised by the deadline. For that group, the expectation is not “keep going and see what happens.” It is an immediate, orderly exit.

MiCA CASP wind-down: the five steps ESMA expects from an unauthorised provider

The core of the 23 June 2026 statement is a short list of what an unauthorised CASP must do. These are not abstract principles. They map to specific operational switches a provider can throw.

First, stop the front door. ESMA expects unauthorised CASPs to immediately stop onboarding new EU clients, refrain from opening new client relationships or accounts, and cease marketing activities and solicitation. In practice this means the sign-up flow comes down, referral and affiliate campaigns stop, and any “open an account” call to action is pulled from EU-facing channels on the deadline, not phased out over a quarter.

Second, narrow the service to exit-only activity. The statement limits the provision of services to actions necessary to sell or transfer crypto-assets, reallocate assets, or close positions. A provider can still help a client liquidate a holding, move it to another provider, or close an open position. It cannot keep running as a going concern for those clients. The distinction that catches teams is that “we are still serving existing clients” is not a safe harbour. Serving existing clients is only permitted to the extent it moves them toward the exit.

Third, treat custody as a closing function, not an ongoing one. ESMA states that custody of clients’ crypto-assets can only continue “for the period strictly necessary to complete an orderly exit.” Holding client assets is not banned on day one, because forcing instant liquidation would itself harm clients. But the clock is running, and the justification for continued custody is the exit, not the relationship.

Fourth, communicate clearly, promptly and repeatedly. The statement asks unauthorised CASPs to tell clients, retail and institutional alike, what is being done to safeguard their assets and what the wind-down plan is, so clients know the timeline to dispose of, transfer, reallocate or close their positions. ESMA goes further than a single notice: the communication should include a deadline by which any residual positions would be closed automatically, plus information about client protection requirements. A wind-down notice that lacks a hard auto-close date is incomplete against this standard.

Fifth, keep the AML machine running. ESMA is unambiguous that wind-down does not switch off financial-crime controls. Effective AML and CFT controls must be maintained throughout the process: customer due diligence, transaction monitoring, screening against restrictive measures and sanctions lists, suspicious transaction and activity reporting, record-keeping, and compliance with transfer-of-funds and crypto-asset transfer traceability obligations. The wind-down is exactly the kind of high-movement, high-stress period in which monitoring matters most.

Where the client-asset rules come from: Articles 70, 74 and 75

The wind-down statement does not invent the client-protection regime. It leans on obligations already written into MiCA, and a provider that built its controls properly during the transitional period should recognise them. Three articles do most of the work.

Article 74 is the orderly wind-down provision itself. It requires CASPs providing the services in Articles 75 to 79 to have a wind-down plan appropriate to support an orderly exit under national law, including continuity or recovery of critical activities, and the plan must demonstrate the ability to wind down “without causing undue economic harm to their clients.” If a provider drafted that plan as a box-ticking exercise, the 1 July 2026 deadline is when it gets tested for real.

Article 75 governs custody and administration of crypto-assets. It requires a register of positions opened in the name of each client, a custody policy designed to minimise loss from fraud, cyber threats or negligence, and a statement of position to each client at least once every three months. Two of its paragraphs matter intensely during a wind-down. Article 75(6) requires procedures to return crypto-assets, or the means of access, to clients “as soon as possible.” Article 75(7) requires client crypto-assets to be segregated from the provider’s own holdings, held separately on the distributed ledger, and legally segregated from the provider’s estate so that the provider’s creditors have no recourse to them, in particular in insolvency. A wind-down that is heading toward insolvency is precisely where that segregation is supposed to hold.

Article 70 covers safekeeping of clients’ crypto-assets and funds more broadly. It requires arrangements to safeguard client ownership rights, especially in the event of the provider’s insolvency, and to prevent client assets being used for the provider’s own account. Where Article 70(3) applies, client funds other than e-money tokens must be placed with a credit institution or central bank by the end of the business day following receipt, in an account separately identifiable from the provider’s own; Article 70(5) disapplies paragraphs 2 and 3 for CASPs that are electronic money institutions, payment institutions or credit institutions. These are the hooks ESMA’s wind-down expectation hangs on when it talks about safeguarding clients’ interests.

The cross-border trap that catches multi-state providers

A provider active in more than one Member State faces a problem that a single-state provider does not, and ESMA flagged it well before the deadline. Because Member States set different transitional lengths, a CASP can hold a live national regime in one country while it has already lapsed in another.

ESMA’s transitional-measures statement spelled out the mechanics with a worked example. A CASP seeking authorisation in Member State A with a twelve-month transitional period, while also serving clients in Member State B with a six-month period, has to ensure compliance with the law of Member State B. If MiCA authorisation in Member State A, and the passporting rights that come with it, arrives only after the six-month period in Member State B has ended, there is an interim window of up to six months in which the provider has no valid basis to serve clients in Member State B at all. That window is a period of unauthorised service in a specific country, not a paperwork technicality, and it carries the client-protection and AML consequences that follow.

The lesson reporting and compliance teams should draw is that the relevant deadline is the shortest applicable national period across the provider’s footprint, mapped client-by-client to where each client sits, not the EU-wide 1 July 2026 cap. Treating the whole book as if it shares one deadline is how a provider ends up unauthorised in a host Member State while still believing it has months in hand.

Non-EU providers and the reverse-solicitation line

The 23 June 2026 statement adds a reminder aimed at firms based outside the EU. A CASP established outside the EU cannot provide MiCA services to EU clients or solicit them, and ESMA says this holds in a business-to-business context as well as with retail. There is one narrow door, and it is narrower than firms tend to assume.

The exception is reverse solicitation, grounded in Article 61 of MiCA and ESMA’s Guidelines on reverse solicitation. A service provided at the client’s own exclusive initiative falls outside the in-scope perimeter. The word doing the work is “exclusive.” The moment a third-country firm solicits, promotes or advertises to EU clients, the service stops being own-initiative, and the firm needs authorisation. MiCA’s recitals frame the boundary in the same terms: solicitation or advertising in the Union means the service is not provided on the client’s own initiative. A wind-down period is a poor moment to lean on this exception, because wind-down communications, marketing pauses and client outreach all sit close to the solicitation line.

One related prohibition deserves a line of its own, because it shapes restructuring options. MiCA bars CASPs from outsourcing or delegating certain services, custody in particular, to entities that are not authorised as CASPs. A provider hoping to park client custody with an unauthorised affiliate while it sorts out authorisation cannot do so. The custody function has to sit with an authorised CASP or come back to the client.

What clients are told, and the self-hosted-wallet option

The wind-down statement is unusually specific about the client-facing side, because the supervisory concern is that clients of a lapsing provider get left holding assets they cannot reach. ESMA reminds clients of unauthorised CASPs, whether EU or non-EU, that they do not benefit from MiCA safeguards, including protections for client assets.

The route ESMA points clients toward is concrete. Clients are invited to check whether their provider is authorised under MiCA in the ESMA Register, and where it is not, to act promptly, including by transferring their crypto-assets to an authorised CASP where one is identified, or to a self-hosted wallet. The self-hosted-wallet exit matters operationally: it means a winding-down provider has to support withdrawals to client-controlled addresses, not only transfers to other regulated venues. A wind-down design that only offers “move to our partner exchange” and not “withdraw to your own wallet” does not match the exit ESMA describes.

Where clients are moved to an authorised CASP, the receiving provider carries the onboarding load. ESMA states that the onboarding CASP should run all necessary onboarding procedures, including customer due diligence and any other AML checks required under the applicable framework. The transferring provider does not get to treat its existing due diligence as portable. A book of clients is not a clean asset to hand over; each one re-enters the funnel at the receiving end.

Who is watching, and what coordinated action looks like

The supervisory architecture behind the deadline is a point teams underestimate. ESMA says it and the National Competent Authorities are directly engaged with the entities concerned and will coordinate to monitor whether significant unauthorised cross-border CASPs wind down without delay, with a focus on client protection, financial stability and market integrity. ESMA and NCAs will also work with the EBA and AMLA.

The statement closes with the enforcement reservation: within the ESMA cooperation framework, NCAs may, where necessary, take coordinated action against unauthorised CASPs after the transitional period. This is not the place to speculate on what any individual enforcement outcome would be. What the wording does establish is that the wind-down is a supervised process, not a self-certified one, and that a provider dragging its feet on an orderly exit is the explicit target of the monitoring. The involvement of AMLA alongside the prudential and conduct supervisors signals that the AML dimension of the wind-down is being watched as closely as the asset-return dimension.

A practical sequence for the days around the deadline

Translating the obligations into an order of operations helps. A provider that knows it will be unauthorised when its applicable transitional period ends is, in effect, executing the wind-down plan ESMA expects it to have in place. For services covered by MiCA Articles 75 to 79, that plan is also the Article 74 orderly wind-down plan. The sequence below follows the statement.

Switch off acquisition first: close new onboarding, pull EU marketing and solicitation, and stop opening accounts. Then issue the client communication, including the safeguarding measures, the wind-down timeline, the auto-close deadline for residual positions, and the client-protection information ESMA asks for. Open the exit rails in parallel: enable sale, transfer, reallocation and position-closing, and make sure withdrawals to self-hosted wallets and transfers to authorised CASPs both work. Keep custody only as long as the exit needs it, and keep the Article 75 register of positions and segregation intact the whole way through, because that is what protects clients if the entity tips into insolvency. Run AML at full strength throughout, with no relaxation of CDD, monitoring, sanctions screening, reporting, record-keeping or transfer traceability. And keep the line open to the home NCA, since ESMA and the NCAs are coordinating the monitoring of significant providers directly.

Frequently Asked Questions

Does the MiCA transitional period end on the same date in every Member State?

No. Article 143(3) sets 1 July 2026 as the outer limit, but it lets Member States decline or shorten the transitional regime. ESMA’s published list shows periods ranging from six to eighteen months, so the date that binds a given provider depends on the Member States in which it operates and on whether the home NCA grants or refuses its Article 63 authorisation first.

Can an unauthorised CASP keep custody of client crypto-assets after 1 July 2026?

Only for the period strictly necessary to complete an orderly exit. ESMA’s 23 June 2026 statement permits continued custody as a closing function so that clients are not forced into instant liquidation, but the justification is the wind-down itself. The provider must enable clients to sell, transfer, reallocate or close positions, and the Article 75 segregation and register-of-positions obligations continue to apply throughout.

What must the wind-down communication to clients contain?

ESMA expects clear, prompt and repeated communication to both retail and institutional clients covering the measures taken to safeguard their assets and the wind-down plan, so clients know the timeline to dispose of, transfer, reallocate or close positions. It should also include a deadline by which residual positions would be closed automatically and information about client protection requirements.

Do AML and sanctions obligations continue during the wind-down?

Yes, in full. ESMA requires effective AML and CFT controls to be maintained throughout, including customer due diligence, transaction monitoring, screening against restrictive measures and sanctions lists, suspicious transaction and activity reporting, record-keeping, and compliance with transfer-of-funds and crypto-asset transfer traceability obligations.

Can a non-EU firm keep serving EU clients through reverse solicitation?

Only within the narrow own-exclusive-initiative exception. A third-country firm cannot provide MiCA services to, or solicit, EU clients, including in a business-to-business context. Reverse solicitation under Article 61 and the ESMA Guidelines applies only where the client approaches the firm on their own exclusive initiative; any solicitation, promotion or advertising in the EU takes the service outside that exception.

What happens to clients who are transferred to an authorised CASP?

The receiving CASP runs its own onboarding, including customer due diligence and any other AML checks required under the applicable framework. The transferring provider’s existing due diligence is not portable, so each transferred client re-enters the receiving provider’s onboarding process.

If a CASP applied for authorisation before the deadline but is still pending, must it wind down?

Yes, if the applicable transitional period has ended and the provider has not obtained Article 63 authorisation. A pending application does not itself create a continuity right after the applicable transitional period. Article 143(3) allows continuation only until the applicable transitional date, capped at 1 July 2026, or until Article 63 authorisation is granted or refused, whichever is sooner. ESMA states that after 1 July 2026 any entity providing crypto-asset services to EU clients without a MiCA licence will be in breach of EU law and must cease offering such services.

Can an unauthorised provider outsource custody to an affiliate while it sorts out authorisation?

No, where the affiliate is not itself an authorised CASP. MiCA prohibits outsourcing or delegating certain services, custody in particular, to entities not authorised as CASPs. Custody has to sit with an authorised CASP or be returned to the client.

Related Articles

• EC MiCAR Review Consultation: European CASPs – How the Commission’s MiCAR review consultation could reshape the CASP authorisation and reporting regime.
• MiCAR Token Classification: Reporting Obligations – How ARTs, EMTs and other crypto-assets are classified and what each classification means for reporting.
• MiCAR Reporting Obligations – The reporting obligations that apply to authorised CASPs once they hold a MiCA authorisation.
• EBA MiCA Statement on ARTs and EMTs – The EBA’s expectations for issuers of asset-referenced and e-money tokens under MiCA.
• FATF on Stablecoins and Unhosted Wallets – The AML and CFT angle on self-hosted wallets and stablecoin transfers relevant to a wind-down.
• MiCAR STOR Reporting for CASPs in Luxembourg – Suspicious-transaction-and-order reporting obligations that authorised CASPs carry.

Key Takeaways

• Article 143(3) of MiCA caps the transitional regime at 1 July 2026, but national grandfathering periods range from six to eighteen months, so the binding date varies by Member State and ends earlier for many providers.
• The 23 June 2026 ESMA statement applies to providers that reach the deadline unauthorised, including significant providers servicing EU clients under national regimes, regardless of whether national law has been aligned to MiCA.
• The five required steps are: stop onboarding and marketing; limit services to sale, transfer, reallocation and position-closing; keep custody only as long as strictly necessary for an orderly exit; communicate a clear wind-down plan with an auto-close deadline; and maintain full AML and CFT controls.
• The client-asset protections come from Articles 70, 74 and 75 of MiCA, including segregation, the register of positions, return of assets as soon as possible, and a wind-down plan that avoids undue economic harm.
• A provider active in more than one Member State must track the shortest applicable national period client-by-client, not the EU-wide cap, to avoid an interim period of unauthorised service in a host Member State.
• Non-EU firms cannot serve or solicit EU clients except under the narrow own-exclusive-initiative reverse-solicitation exception, and custody cannot be outsourced to entities that are not authorised CASPs.
• Clients should check the ESMA Register and, where their provider is unauthorised, move assets to an authorised CASP or a self-hosted wallet; receiving CASPs must run fresh onboarding and CDD.
• ESMA and NCAs, working with the EBA and AMLA, are directly monitoring significant unauthorised cross-border providers, and NCAs may take coordinated action after the transitional period.

Sources and References

• ESMA Public Statement, “ESMA calls on unauthorised crypto-asset service providers to wind down orderly, while also safeguarding clients’ interests, as MiCA transitional period ends” (ESMA75-113276571-1710, 23 June 2026): esma.europa.eu
• CSSF relay of the ESMA statement (24 June 2026): cssf.lu
• ESMA Statement on the end of transitional periods under MiCA (ESMA75-113276571-1679, 17 April 2026): esma.europa.eu
• Regulation (EU) 2023/1114 (MiCA), consolidated text including Articles 61, 70, 74, 75 and 143, EUR-Lex (CELEX 32023R1114): eur-lex.europa.eu
• ESMA, List of grandfathering periods decided by Member States under Article 143 of MiCA: esma.europa.eu
• ESMA Statement on MiCA Transitional Measures (ESMA75-453128700-1396, 17 December 2024): esma.europa.eu
• ESMA Markets in Crypto-Assets Regulation (MiCA) hub, including the Interim MiCA Register and reverse-solicitation guidelines: esma.europa.eu

How to read the deadline if you are still operating

The clean read is this. Find every Member State where you have clients, find the transitional period that applies in each, and use the shortest one that still applies to that part of the book. If you hold an Article 63 authorisation, the unauthorised-CASP wind-down restrictions are not yours to worry about, but migration, onboarding and AML/CFT checks still apply where you receive clients from an unauthorised provider. If your application is pending, talk to your home NCA before you assume you can keep trading past the national date. And if you will be unauthorised on 1 July 2026, the wind-down plan you wrote during the transitional period stops being a document and becomes the operating manual: stop acquisition, narrow to exit-only service, return or transfer client assets while keeping them segregated, communicate a hard deadline, and run AML at full strength until the last position is closed.

Disclaimer: The information on RegReportingDesk.com is for educational and informational purposes only. It does not constitute legal, regulatory, tax, or compliance advice. Always consult your compliance officer, legal counsel, or the relevant supervisory authority for guidance specific to your institution.