ESMA Tells Unauthorized Crypto Firms to Wind Down as MiCA Deadline Hits in 3 Days

The European Securities and Markets Authority (ESMA) has directed unauthorized crypto asset service providers to stop accepting new EU clients and begin exiting the market before MiCA’s transitional framework expires.

• Key Takeaways:
• • European regulators require unauthorized crypto firms to halt new customer onboarding and prepare orderly market exits.
• • Clients should confirm providers appear in the ESMA Register or transfer assets to authorized alternatives.
• • Coordinated enforcement with national authorities could increase after MiCA’s transition period concludes.

EU Regulator Orders Unapproved Crypto Firms to Halt New Clients as MiCA Deadline Looms

The European Securities and Markets Authority (ESMA) has instructed unauthorized crypto asset service providers (CASPs) to begin winding down their EU operations before the Markets in Crypto-Assets Regulation (MiCA) transitional period ends on July 1, 2026. The regulator issued the guidance on June 23 as some providers remain without MiCA authorization despite continuing to serve EU clients under national regimes.

Firms that fail to obtain authorization should take immediate steps to exit the market in an orderly manner while protecting client assets and reducing risks to market integrity, according to the regulator. Although many CASPs are expected to receive authorization before the deadline, others may still be operating without the approvals required under MiCA.

The authority stated:

“ESMA expects unauthorised CASPs to take immediate steps to wind down their EU activities in an orderly manner, while also safeguarding clients’ interests and mitigating risks to market integrity.”

ESMA coordinates implementation of the MiCA framework across the European Union. It develops technical standards, issues guidance, and promotes supervisory convergence, while national regulators authorize and supervise crypto asset service providers.

Unauthorized providers must immediately stop onboarding new EU clients, opening new accounts, marketing their services, and soliciting customers. They should limit remaining services to activities necessary for clients to sell or transfer crypto assets, reallocate holdings, or close positions before ending operations.

Custody services may continue only for the period strictly necessary to complete an orderly exit. The regulator also directed providers to communicate clearly, promptly, and repeatedly with retail and institutional clients about wind-down plans, asset protection measures, transfer options, and deadlines for closing any remaining positions automatically.

ESMA Urges Crypto Users to Verify Whether Their Provider Is MiCA Authorized

Wind-down plans must comply with EU and national conduct rules, along with anti-money laundering and counterterrorism financing requirements. CASPs should maintain customer due diligence, transaction monitoring, sanctions screening, suspicious activity reporting, record-keeping obligations, and crypto asset transfer traceability controls throughout the process.

Where client accounts move to a MiCA-authorized CASP, the receiving provider must complete its own onboarding procedures, including customer due diligence and other AML/CFT checks required under the applicable legal framework. Firms established outside the European Union were also reminded that they cannot provide MiCA services or solicit EU clients, except under the regulation’s narrow reverse solicitation exemption.

The authority warned:

“ESMA reminds clients of unauthorised CASPs, whether EU or non-EU entities, that they do not benefit from MiCA safeguards, including protections for client assets.”

Crypto users were encouraged to verify whether their provider appears in the ESMA Register. If a provider is not authorized under MiCA, clients should act promptly by transferring crypto assets to an authorized CASP, where available, or to a self-hosted wallet. Users experiencing difficulties should first contact their provider.

Coordination is underway with National Competent Authorities to monitor significant unauthorized cross-border CASPs as the transitional period ends. Working alongside the European Banking Authority (EBA) and the Anti-Money Laundering Authority (AMLA), regulators may take coordinated enforcement action against unauthorized providers that continue operating after July 1, 2026.