ESMA confirms 1 July 2026 as a firm deadline for unauthorised crypto-asset service providers
The practical trigger is significant: while many CASPs will hold authorisation by 1 July 2026, others, including sizeable providers currently servicing EU clients under national regimes, may not. ESMA's expectations apply regardless of whether a Member State aligned its national law with MiCA, removing any argument that an unadjusted national regime preserves a basis to continue operating.
What unauthorised CASPs must do
ESMA expects immediate, orderly wind-down of EU activities, with client protection and market integrity at the centre. Specifically, unauthorised CASPs must:
- Stop onboarding new EU clients, decline new client relationships or accounts, and cease all marketing and solicitation.
- Limit services to those necessary to sell or transfer crypto-assets, reallocate assets, or close positions, with custody continuing only for the period strictly necessary to complete an orderly exit.
- Communicate clearly and repeatedly with retail and institutional clients about safeguarding measures and wind-down timelines, including a deadline after which residual positions would be closed automatically.
The compliance perimeter does not relax during exit
Notably, ESMA insists that AML/CFT obligations continue in full throughout the wind-down. CASPs must maintain customer due diligence, transaction monitoring, sanctions and restrictive-measures screening, suspicious activity reporting, record-keeping, and travel-rule traceability obligations apply until exit is complete. Wind-down must also comply with all relevant EU and national conduct laws.
Client-side action and supervisory coordination
ESMA invites clients to verify their provider's status on the ESMA Register and to act promptly where a provider is unauthorised, including by moving holdings to an authorised CASP or to a self-hosted wallet. The express endorsement of self-hosted wallets as an exit route is a noteworthy practical signal.
On enforcement, ESMA and National Competent Authorities (NCAs) are directly engaged with the entities concerned and will coordinate, alongside the EBA and AMLA, to monitor whether significant cross-border unauthorised CASPs wind down without delay. NCAs may take coordinated action against unauthorised CASPs after the transitional period.
Takeaway
The statement signals that ESMA views the 1 July 2026 cut-off as a hard perimeter rather than a soft transition, with cross-border providers a particular supervisory focus and full AML/CFT compliance expected right up to the point of exit.
ESMA’s public statement can be found here
Our blog post on ESMA's 17 April 2026 statement can be accessed here.




+-