Will my VASP licence still be valid after July 1, 2026?

No. The maximum grandfathering window under MiCA closes on 1 July 2026 across the EEA, and several national regulators end it earlier.

Can I keep my company open without a CASP licence?

Yes. The company can continue to exist and run unregulated activities. What you cannot do is provide regulated crypto-asset services to EEA customers without authorisation.

Does my licensed partner need more than a CASP licence?

Often yes. Under the EBA's guidance, transferring e-money tokens on a client's behalf can qualify as a payment service under PSD2, so the partner executing the stablecoin and fiat legs should be licensed for both the crypto-asset and the payment activity.

Can I migrate to my own CASP licence later?

Yes. The continuity model is designed as a bridge. When your CASP authorisation is granted, you upgrade to a fully MiCA-compliant infrastructure without rebuilding your setup or repeating customer onboarding.

MiCA · Compliance guide

MiCA Grandfathering: the VASP to CASP transition before July 1, 2026

Last updated: June 2026

A plain-English guide to MiCA regulation, the latest MiCA updates, and what the 1 July 2026 grandfathering deadline really means for European VASPs, plus a fourth, often-overlooked path to keep serving customers without pausing operations.

What MiCA actually is

The Markets in Crypto-Assets Regulation (MiCA) is the EU's comprehensive framework for crypto-asset issuers and service providers. It introduces a single licence, the Crypto-Asset Service Provider (CASP) authorisation, that replaces the patchwork of national VASP registrations used across the EEA.

For most service providers (custody, exchange, conversion, transfer, portfolio management, advice), MiCA's Title V provisions became applicable on 30 December 2024. To soften the transition, the regulation allows member states to grant existing national VASPs a grandfathering window during which they may continue operating under their old registration while applying for full CASP authorisation.

The July 1, 2026 deadline

Under Article 143(3) of MiCA, the maximum grandfathering window is 18 months, ending on 1 July 2026 — or sooner, where a provider's CASP authorisation is granted or refused before then. Many member states shortened it. The Netherlands, Latvia, Hungary, Slovenia and Finland allowed only six months, so those windows closed in mid-2025. Sweden's window ended on 30 September 2025. Germany and Ireland ran twelve-month periods that closed on 31 December 2025. Others — France, Malta, Luxembourg and Estonia among them — kept the full 18 months to 1 July 2026.

One planning trap worth flagging: relying on the transitional period does not grant a MiCA passport. Serving customers in more than one member state during the transition needs separate authorisation or local permission in each.

After 1 July 2026, no national grandfathering regime can extend further. A VASP that has not been granted a CASP authorisation by that date can no longer provide regulated crypto-asset services to customers in the EEA, including on-ramp, off-ramp, conversion, custody and transfer services.

The company does not have to shut down. The challenge is keeping customers, not keeping the legal entity alive.

Next step

Keep your customers after July 1, 2026.

See how Venly Continuity gets a branded, self-custody conversion page live in days.

Start onboarding →Book a 15-min continuity call →

MiCA updates you should be tracking

ESMA Q&A and guidelines — clarifications on what counts as a regulated service, reverse solicitation, and third-country firms.
National competent authority timelines — many regulators publish queue length and typical decision times for CASP applications. Expect a multi-month process that varies widely by jurisdiction.
ESMA transitional-measures statement (December 2025) — CASPs not yet authorised are expected to have orderly wind-down plans ready before their transitional period ends, and national authorities have been told to apply heightened scrutiny to last-minute applications.
Stablecoin (ART/EMT) issuer rules — Title III/IV already applies. Conversion and transfer services that touch e-money tokens must use a compliant issuer, and under the EBA's guidance, transferring e-money tokens on a client's behalf can also fall under PSD2.
Travel Rule (TFR) — applies in parallel to MiCA and is enforced from 30 December 2024 for all crypto transfers.

The three dead-ends most VASPs see

Shut down

Walk away from the customer book you spent years acquiring.

Refer customers away

Hand them to a competitor that already has a CASP licence.

Wait in the queue

Months of review with no revenue while your application is assessed.

The fourth path: a self-custody conversion page

The overlooked option

Most strategic reviews miss a fourth option, and it is a recognised one — legal commentators on the deadline describe partnering with an already-licensed CASP to white-label regulated services under that partner's licence. Instead of providing the regulated service yourself, you provide the software and the brand experience, while a licensed partner provides the regulated service to your customers.

How the model works

Customers hold their own keys
True self-custody. The customer signs every transaction themselves.
A licensed partner handles the regulated legs
Authorised for both the crypto-asset and the payment activity, executing and settling stablecoin and fiat conversion.
You keep the brand and the dashboard
On commercial terms set out in your agreement with the partner.
Seamless migration when your CASP is granted
Move the customer base onto your fully licensed stack without re-onboarding.

Treat this as a continuity bridge while you pursue your own authorisation or wind down, not as a permanent way to avoid being a CASP. Regulators assess the substance of who is really providing the service, not the label.

Because the customer self-custodies and a licensed partner performs the regulated activity, this model is designed to sit outside the CASP services you would otherwise need to hold yourself. Whether it does in your specific case depends on the facts: how the flow is structured, who controls what, and how each national regulator views it. It should be set up so that you provide software and brand only, and do not perform activities that are themselves regulated, such as receiving and transmitting orders on behalf of clients. Two things to confirm with counsel in particular: that the licensed partner is the entity contracting with and serving the end customer, and is authorised (and passported) for every member state those customers are in; and that your own AML and Travel Rule obligations are met wherever you remain in the flow. Confirm applicability with counsel in every jurisdiction you serve before relying on it.

This is what Venly Continuity is built for: a branded, self-custody conversion page that goes live in days and is designed to help you maintain continuity for your customers through a licensed partner while you pursue your own authorisation.

A practical checklist for the next 90 days

Confirm the exact grandfathering end date in every member state where you serve customers. Several end before 1 July 2026.
Map every regulated activity you currently offer to the MiCA service list (Article 3(1)(16)).
Decide for each activity: apply for CASP, sunset, or route through a licensed partner.
Stand up a continuity plan so customers experience no service gap on 1 July 2026.
Document everything for your national competent authority. Regulators expect a written transition plan.

Preview of the VASP survival checklist for July 1

A one-page checklist of what to confirm before July 1: contracts, custody, KYB/AML coverage, transaction monitoring, and the operational items most teams forget. No email required.

Download the checklist (PDF) ↓

PDF · ~255 KB · no signup

FAQ

Frequently asked questions.

Will my VASP licence still be valid after July 1, 2026?
No. The maximum grandfathering window under MiCA closes on 1 July 2026 across the EEA, and several national regulators end it earlier.
Can I keep my company open without a CASP licence?
Yes. The company can continue to exist and run unregulated activities. What you cannot do is provide regulated crypto-asset services to EEA customers without authorisation.
Is a self-custody conversion page really not a regulated service?
It can be structured to sit outside CASP authorisation, but this is not automatic. Two things matter. First, the customer must genuinely self-custody and sign their own transactions, so you are not taking custody or transferring assets on their behalf. Second, you provide software and brand only, and avoid activities that are themselves regulated, such as receiving and transmitting orders on behalf of clients. The regulated crypto and payment legs, including any e-money token transfers that fall under PSD2, are performed by your licensed partner. Regulators assess substance over form, so confirm applicability with counsel in each jurisdiction you serve.
Does my licensed partner need more than a CASP licence?
Often yes. Under the EBA's guidance, transferring e-money tokens on a client's behalf can qualify as a payment service under PSD2, so the partner executing the stablecoin and fiat legs should be licensed for both the crypto-asset and the payment activity.
Can I migrate to my own CASP licence later?
Yes. The continuity model is designed as a bridge. When your CASP authorisation is granted, you upgrade to a fully MiCA-compliant infrastructure without rebuilding your setup or repeating customer onboarding.

See all FAQ questions →

This article is for general information only and does not constitute legal or financial advice. Confirm applicability with qualified counsel in each jurisdiction in which you operate.