Regulation

EU Crypto Rulebook Enters Enforcement Phase as MiCA Transition Deadline Passes

The EU's MiCA transition period has ended, forcing unauthorised crypto firms to wind down or face fines starting at 5 million euros, with compliance costs running as high as 2 million euros and national regulators expected to apply the rules unevenly in early stages.

⏱ 3 min read Regulation
Quick Summary
  • MiCA compliance costs range from 350,000 euros to 600,000 euros, but penalties for operating without authorisation start at 5 million euros or 5% of annual turnover.
  • Day-to-day enforcement sits with national competent authorities whose differing resources and priorities are expected to produce uneven early application of the rules.
  • Regulators in the Czech Republic, Bulgaria, Luxembourg and Italy have issued formal wind-down notices, while France, Germany and the Netherlands have yet to respond publicly on enforcement plans.

The European Union’s crypto sector has crossed into a new regulatory era after the Markets in Crypto-Assets (MiCA) transition period officially ended, leaving unauthorized crypto firms required to wind down EU operations or face penalties that can reach into the tens of millions of euros.

The Stakes: Compliance Costs vs. Fines

Getting licensed under MiCA is not cheap. Nicola Massella, partner at Storm Partners, put implementation costs for many crypto companies at between 350,000 euros (roughly $400,000) and 600,000 euros (roughly $690,000). Brickken CEO Edwin Mata said costs can reach as high as 2 million euros (roughly $2.3 million) depending on a company’s size, services and compliance readiness.

But the bill for ignoring the rules is steeper. Eckehard Stolz, managing director of Amina EU, said MiCA penalties begin at 5 million euros or 5% of annual turnover for certain violations. Massella added that the European Banking Authority (EBA) proposed on June 26 raising penalties further, including up to 12.5% of annual turnover for some stablecoin-related breaches.

Who Actually Enforces MiCA?

MiCA creates one set of rules, but enforcement is decentralised. National competent authorities (NCAs) in each member state handle day-to-day authorisation, supervision and enforcement. The European Securities and Markets Authority (ESMA) coordinates cross-border supervision and maintains the public register of authorised crypto-asset service providers. The EBA directly oversees significant stablecoin issuers.

Ivo Grlica, founder of GrlicaLaw and G Lab Advisors, said: ‘At the EU level, ESMA plays an important coordination and supervisory-convergence role, especially to avoid regulatory arbitrage between member states.’ He added that enforcement consequences can escalate into national courts and criminal-law systems when conduct causes harm.

Uneven Enforcement Expected Early On

Industry observers warn that enforcement will not be consistent across member states from day one, given that NCAs differ in resources, experience and supervisory priorities.

Stolz noted that ESMA made clear it expects NCAs to act against unauthorised providers from July 1, but acknowledged that how aggressively each regulator moves ‘will depend on local resourcing and priorities.’ Peter Bidewell, vice president of institutional product adoption at Parfin, flagged that differing supervisory approaches could open windows for regulatory arbitrage, undermining MiCA’s core harmonisation goal.

Grlica expects enforcement to grow more systematic over time as regulators identify non-compliant firms and share data across borders, making it harder for companies with a history of violations to secure MiCA authorisation later.

National Regulators Sound the Alarm

Several EU authorities have already issued formal warnings. Regulators in the Czech Republic, Bulgaria, Luxembourg and Italy have sent notices urging unlicensed crypto providers to wind down operations immediately.

The Czech National Bank said its Financial Market Digitization Act grants authority to sanction MiCA violations including operating without a licence, unlawful token offerings, and failure to cooperate with supervisors. Maximum fines under Czech law reach 118.5 million Czech koruna (approximately $5.6 million), 5% of annual turnover if higher, or twice the unlawful benefit obtained, whichever is greatest.

France’s AMF, the Netherlands’ AFM, and Germany’s BaFin did not respond to requests for comment on their post-transition enforcement plans before publication.

⚖️ Our Verdict ⚖️ Watch and Wait

MiCA's enforcement phase introduces material compliance pressure on unauthorised crypto firms across the EU, though inconsistent application by national regulators leaves the immediate impact difficult to gauge.