The Cyprus Securities and Exchange Commission (CySEC) has issued a clear reminder for Crypto-Asset Service Providers (CASPs) operating in Cyprus: the deadline to apply for authorization under the EU’s Markets in Crypto-Assets (MiCA) Regulation is 27 February 2026. This announcement marks a critical step for crypto firms looking to continue operations legally in the European Union.
CASPs Must Apply Before February 2026
Crypto firms currently operating under Cyprus’ national framework may continue their services during a transitional period. However, CySEC stresses that all applications for MiCA authorization must be submitted before 27 February 2026.
Firms that fail to meet the deadline must prepare and submit a wind-down plan. After the transitional period ends on 1 July 2026, providing crypto-asset services without MiCA approval will no longer be permitted.The transitional period allows existing providers to operate temporarily, but long-term compliance with MiCA is mandatory.
Understanding the Transitional Arrangements
CySEC has outlined that CASPs already registered under national law can continue operations during the transitional period until their application is either approved or rejected, or until 1 July 2026—whichever comes first.
This approach ensures a smooth shift from national regulation to a fully harmonized EU-wide MiCA framework, giving crypto firms time to comply while avoiding sudden service disruptions.
Cross-Border Crypto Services Require Compliance
Providing crypto-asset services across EU Member States requires strict adherence to both MiCA and local regulations.
-
CASPs must ensure cross-border services are permitted under the host country’s laws.
-
Operations must align with the grandfathering regime set by the European Securities and Markets Authority (ESMA).
-
CASPs that remain registered in Cyprus continue to follow existing national obligations during the transitional period.
Companies operating internationally must pay close attention to both local and EU-wide compliance rules to avoid legal risks.
CySEC Proposes ESAP Reporting Rules
CySEC has also launched a consultation on aligning national regulations with the European Single Access Point (ESAP) framework.
Key points of the proposed changes:
-
Investment firms, asset managers, and AIFMs part of financial conglomerates must submit annual reports on legal, governance, and organizational structures.
-
Information will be published on ESAP, enhancing transparency and regulatory oversight.
-
These changes are effective from January 2030 and will not impose additional obligations on retail clients.
The ESAP framework represents a push for greater transparency, ensuring that both investors and regulators have access to accurate corporate data.
What Crypto Firms Need to Do Now
To comply with MiCA and CySEC requirements, crypto firms in Cyprus should:
-
Prepare MiCA Applications Early – Submit all documentation before 27 February 2026.
-
Plan for Transitional Compliance – Continue operations legally under the transitional period.
-
Develop Wind-Down Plans – For firms unable to comply, a formal plan is required.
-
Ensure Cross-Border Compliance – Align all EU operations with MiCA and local regulations.
-
Monitor ESAP Developments – Stay informed about reporting rules for 2030 and beyond.Early preparation will reduce regulatory risk and ensure uninterrupted services for crypto customers.
Final Thoughts
CySEC’s February 2026 deadline signals a significant regulatory milestone for Cyprus-based crypto firms. As MiCA moves closer to full implementation, compliance will no longer be optional. Firms that act proactively can continue operations seamlessly, while non-compliant providers face legal and operational consequences.The message is clear: secure your MiCA authorization now or prepare to wind down operations.
