On 17 April 2026, the European Securities and Markets Authority (“ESMA”) issued a Statement (the “Statement”) on the end of transitional periods under the Markets in Crypto‑Assets Regulation (“MiCA”), providing important supervisory clarifications ahead of the EU‑wide expiry of all MiCA transitional regimes on 1 July 2026.

Although MiCA has been in force since 29 June 2023, the transitional regimes introduced under Article 143 have allowed certain crypto‑asset service providers (“CASPs”) to continue operating temporarily under pre‑existing national frameworks. ESMA’s latest statement makes it clear that supervisory tolerance is now at an end: from 1 July 2026, any entity providing MiCA‑regulated services without authorisation will be acting in breach of EU law.

---

ESMA reiterates that the MiCA transitional period ends uniformly across the EU on 1 July 2026, regardless of:

• whether MiCA has been fully implemented at national level, or
• whether a Member State previously permitted longer transitional measures.

Importantly, ESMA recalls that certain entities were never eligible for transitional protection, including:

• firms that were not lawfully providing services before 30 December 2024; and
• firms operating in jurisdictions where national transitional periods had already expired.

This clarification closes off arguments based on local implementation delays or regulatory discretion.

---

One of the central messages of the Statement is that unauthorised CASPs must not wait until the end of the transitional period to act. ESMA expects all unauthorised CASPs to have credible, operational and immediately executable wind‑down plans, fully implemented by 1 July 2026. Wind‑down plans must ensure:

• orderly offboarding of clients;
• clear advance notice to clients;
• transfer of crypto‑assets to authorised CASPs or self‑hosted wallets; and
• full compliance with MiCA conduct rules, prudential safeguards and AML/CFT obligations.

Crucially, ESMA treats failure to plan or “last‑minute” disorderly exits as a supervisory failure, not merely a business decision.

---

ESMA also turns its attention to already‑authorised CASPs, making it clear that they are expected to play an active role in ensuring an orderly market transition.

Authorised CASPs are expected to:

• onboard migrating EU clients before 1 July 2026;
• apply full MiCA‑compliant onboarding and AML/CFT checks; and
• ensure they are not facilitating the continuation of business by unauthorised entities through informal or group arrangements.

This is particularly relevant for:

• group structures with both authorised and unauthorised entities,
• white‑labelling or referral arrangements, and
• rushed “bulk migrations” late in the transitional period.

Importantly, migration does not equal grandfathering: authorised CASPs onboarding clients from unauthorised entities must conduct full, fresh AML/CFT checks. Inherited KYC or due diligence from an unauthorised predecessor will not survive scrutiny from the National Competent Authority (“NCA”).

---

The statement also reinforces MiCA’s restrictive approach to third‑country service provision.

ESMA reiterates that, outside the narrow concept of reverse solicitation (i.e. services provided exclusively at the client’s own initiative), non‑EU entities:

• may not provide MiCA‑regulated services to EU clients; and
• may not solicit EU clients, including in a B2B context.

Of particular significance is ESMA’s reminder that custody services may not be outsourced or delegated to unauthorised third‑country entities, even within the same group.

CASPs are expected to review their intragroup outsourcing arrangements, delegation models, and branding strategies that could obscure which legal entity is actually providing the service.

---

ESMA places responsibility squarely on NCAs to ensure a convergent supervisory approach.

NCAs are expected to:

• verify the existence and adequacy of wind‑down plans;
• ensure those plans are actually implemented by unauthorised CASPs;
• scrutinise client migration strategies; and
• take enforcement action against unauthorised services post‑1 July 2026.

This confirms that regulatory exposure does not end automatically on 1 July 2026. Firms that fail to act may face post‑transitional enforcement, including cross‑border cooperation between regulators.

---

Firms should not treat the end of the transitional period as a simple licensing exercise. ESMA expects NCAs to scrutinise wind-down plans, migration strategies, and intra-group arrangements – not just check for authorisation. Compliance goes beyond holding a licence: operational readiness, client protection, and group structure transparency are all under the spotlight.

---

ESMA also issues a direct warning to consumers, advising them to:

• verify whether their provider is authorised in the ESMA Interim MiCA Register;
• confirm which legal entity is actually providing the service; and
• act promptly if their provider is unauthorised (including transferring assets or closing positions).

---

ESMA’s statement serves as a call to action for the industry. The MiCA transitional regime will end definitively on 1 July 2026, leaving no scope for extensions or informal arrangements. Unauthorised CASPs must get licensed or get out of the market. Authorised CASPs must manage client migration with real compliance, not creative interpretation. Group structures and third country models will be subject to heightened regulatory scrutiny, and supervisory tolerance for interim solutions is now over.

For firms still considering their options, the message is unequivocal: the window for strategic decisions—whether to authorise, restructure, or exit—is closing rapidly. Proactive engagement and operational readiness are essential to ensure compliance and mitigate regulatory risk.

---