top of page
Estonian Crypto Authorisation

Estonian Crypto License

One of the most developed crypto regulatory regimes in the EU, offering credibility and full compliance.

ADVANTAGES

Clear CASP Licensing

Crypto Asset Service Providers (CASPs) register with the EFSRA under a detailed MiCA regulation

EU Jurisdiction

Estonia offers access to the EU financial ecosystem and business environment.

Digital Ecosystem

Estonia’s e-government infrastructure supports easy company formation and management online.

Clear and Low Tax

Has a clear and recently stabilised Tax system that attracted major businesses into Estonia

Czech Republic Crypto Authorisation

WHY ESTONIA?

Estonia has positioned itself as a hub for crypto entrepreneurs in Europe, with transparent regulation under the Financial Supervisory Authority. Companies benefit from clear rules and access to the EU market while maintaining low operational costs.

REQUIREMENTS

Authorized Capital

Under MiCA, the share capital must be fully paid up for a company offering one of either exchange or wallet services. If the company will provide both exchanging and transfer (custodial wallet) services, the required capital is €150,000. This capital must be in cash and deposited in a bank or payment institution account before license application. You must show proof the money is in the company’s account, and after licensing the company should maintain at least this level of net equity. (Notably, earlier sources mention the capital doesn’t get frozen and can be used for operations, but regulators will monitor that it’s not depleted below required levels.)

​

Local Presence and Staffing

Physical office in Estonia is obligatory. A mere virtual address is no longer sufficient; inspectors may visit to see that an office exists. The company’s actual place of business must be Estonia. Additionally:At least one board member must reside in Estonia (or another EU country but in practice FIU strongly prefers one in Estonia for ease of cooperation). All board members must have a spotless reputation (FIU now checks things like no tax debts, no prior bankruptcy mismanagement, etc.).The company must employ a dedicated AML Compliance Officer who is an Estonian tax resident. This person must work exclusively in that role (can’t be shared with another company) and have relevant experience or training in AML.

There is a requirement that the management structure consists of at least two people – meaning you cannot have a single person as the only board member and also the compliance officer. You need a team of at least 2 distinct individuals in charge.

 

Fit and Proper Criteria

Owners (with 25%+ shareholding) and all directors will go through stringent background checks by FIU/FSA. They must submit criminal record certificates and cannot have any conviction for an economic, financial, or serious crime. They also should not have been involved in previously revoked licenses for bad behavior. The regulator may conduct interviews to gauge their knowledge of the business and AML obligations.

 

AML/KYC Compliance Framework

The company needs to have a comprehensive AML program:

  • Written AML/KYC policies aligned with Estonian and EU law.

  • A transaction monitoring system to detect suspicious crypto transactions and the capability to implement the Travel Rule for crypto transfers (Estonia was early to require that technological capability).

  • Customer onboarding procedures that use strong eID methods – e.g., face-to-face identification or electronic ID (Estonia encourages the use of its e-Residency or Bank-ID for strong KYC).

  • Record-keeping: retention of all transaction and identification data for 5 years (as per AMLD5).

  • The AML officer must have direct access to the company’s decision-making body and must report suspicious activities to the Estonian FIU without delay.

 

IT Security and Internal Controls

Estonia expects crypto firms to have a high level of IT security (given its e-government culture). You should have a described IT architecture showing how customer assets (private keys) are stored (preferably in secure, insured custody), how you prevent unauthorized access, etc. Cybersecurity measures (firewalls, encryption, incident response plan) should be in place. An internal control system is required – essentially, procedures to ensure compliance with law and to mitigate risks (for example, dual-control for large transactions, periodic internal audits of processes).

 

Auditor and Reporting

A licensed crypto company is typically required to have its annual financial statements audited. Also, by law, certain reports must be submitted to the FIU/FSA: e.g., an activity report on request, or an audit of compliance measures if FIU asks. The company must notify the regulator of changes in advance (changing a board member or the compliance officer requires regulator approval).

 

No Decentralised Services

The company cannot provide decentralised accounts or wallets. Estonian law requires identifying all clients. Also, holding or trading on behalf of clients must be transparent – you cannot mix company assets with client assets; segregation is expected to protect client funds.

 

State Fee and Financial Capacity

The state fee for application (€10,000) must be paid – evidence of payment is part of the application. Besides capital, the company should have some financial plan showing it can sustain itself (regulators might check that you have planned for expenses like IT development, compliance costs, etc., and have funding beyond just the minimum capital).

 

Good Reputation of Operations

The FIU also looks at the overall “reputation” of the venture. If the business model is overly risky (say it plans to deal with high-risk jurisdictions or privacy coins), they may scrutinise it harder or even deny if they feel it undermines AML efforts. Thus, demonstrating a credible, compliant business plan is essential.

MiCA License
Crypto license registration services for crypto asset service providers (CASPs)
Crypto exchange setup and licensing assistance
Top jurisdictions for obtaining a crypto exchange or wallet license

Estonia once was the easiest place to get a “crypto license”, leading to over 1,000 licenses issued.However, since 2020 and especially the 2022 amendments, it has one of the toughest regimes in the EU . The requirements listed above reflect its transformation to ensure only serious, well resourced, and compliant companies operate. Meeting all these requirements is challenging but results in a respected license. With that license, companies can operate in Estonia and prepare for Europe’s upcoming MiCA regime, under which Estonian licensed CASPs will be well-positioned to passport theirservices EU-wide.

CRYPTO SERVICES &

CAPITAL REQUIREMENTS

UNDER MICA REGULATION

According to the Article 3 of MiCA, the following crypto-asset services fall within the scope of MiCA:

Required Capital:

150 000 EUR

Class 3

10. operation of a trading platform for crypto-assets.

7. providing custody and administration of crypto-assets on behalf of clients;

 

8. exchange of crypto-assets for funds;

 

9. exchange of crypto-assets for other crypto-assets;

Required Capital:

125 000 EUR

Class 2

Required Capital:

50 000 EUR

Class 1

1. execution of orders on behalf of clients;

 

2. placing of crypto-assets;

 

3. providing transfer services for crypto-assets on behalf of clients;

 

4. reception and transmission of orders for crypto-assets on behalf of clients;

 

5. providing advice on crypto-assets;

 

6. providing portfolio management on crypto-assets;

Capital adequacy plays a critical role in ensuring operational readiness and regulatory alignment for virtual asset service providers. Under MiCA (Markets in Crypto-Assets Regulation), Crypto Asset Service Providers (CASPs) are categorized into three classes based on the services they offer, with corresponding capital requirements. Class 1 requires €50,000 in capital, Class 2 requires €125,000, and Class 3 requires €150,000. 

PROCEDURE

1. Register an Estonian Company (OÜ)

Set up an Estonian private limited company (OÜ) as the vehicle for the license. The company must have a unique name and be registered with the Estonian Commercial Register. Ensure the share capital is at least €12,000 (this is the general minimum for an OÜ offering financial services) and plan to increase it to meet the crypto license requirement (see Requirements below). Appoint the management board – Estonia requires at least 2 board members for a crypto company how(since 2022 law), and one of them must be an Estonian resident or effectively present in Estonia. You’ll also need a local registered office address in Estonia.
 

2. Meet Capital Requirements

Determine CASP Class:

  • Class 1: Advisory services – €50,000.

  • Class 2: Custody and exchange services – €125,000.

  • Class 3: Operation of a trading platform – €150,000.

 

3. Document Preparations

Draft all internal rules and policies: AML/KYC policy in line with Estonian Preventive Measures of Money Laundering Act, internal control rules, risk assessment document, and client onboarding procedures. Also prepare a description of IT systems used for monitoring transactions and wallet security.

​

4. Appoint Key Personnel

Mandatory Positions:

  • Chief Executive Officer (CEO): Responsible for overall company management.

  • Chief Compliance Officer (CCO): Oversees compliance with regulatory requirements.(Local)

  • Money Laundering Reporting Officer (MLRO): Handles anti-money laundering (AML) obligations.(Local)

  • Data Protection Officer (DPO): Ensures compliance with data protection laws.

  • Chief Information Security Officer (CISO): Manages information security risks.

 

5. Application to the Financial Supervisory Authority (FSA)

In Estonia, crypto licenses (formerly issued by the FIU) are now overseen by the Estonian Financial Supervisory Authority (Finantsinspektsioon). Submit the license application electronically through the government portal.
The application must include:

​

  • Business Plan
    Detailing services (crypto exchange, crypto wallet services, ICO issuing if any), projected volumes, and a clear explanation of how the business will operate.
     

  • List of Managers and Owners
    Provide personal details of all management board members, the compliance officer, ultimate beneficial owners (UBOs). Each person must supply a certificate of good conduct (no criminal record) from their country, an authenticated ID copy, and CV highlighting relevant experience.
     

  • Proof of Compliance Setup
    Attach the AML/KYC policy and internal control rules. Show evidence that your compliance officer meets qualification requirements (education or professional certificates, perhaps proof of completing AML training).
     

  • Capital Proof
    Documentation that the share capital (100k/250k) is paid-in and unencumbered (not lent). Usually a bank statement suffices, but some sources say an auditor’s confirmation or a corporate banking reference is needed.
     

  • State Fee Payment
    Pay the state fee for the license application.

 

6. FIU/FSA Review Period

The regulator will review the application within up to 60 working days (two months), though often faster if everything is in order. During this time, they may ask follow-up questions or for additional documents. Common queries include clarifications on the business plan, requests for an interview with the compliance officer or directors, or additional evidence of local presence (like a visit to your Estonian office).

 

7. License Decision

If all requirements are met and the FIU/FSA is satisfied that the company’s owners and managers are fit-and-proper, they will issue the Virtual Asset Service Provider license (formerly called Virtual Currency Service Provider license). This license allows the company to provide services such as exchanging fiat to crypto, crypto to fiat, crypto to crypto, and providing custodial wallet services. Note: If you applied only for one type (say exchange), the license will specify that. The license comes with an obligation to commence activities within 6 months or it can be revoked.

 

8. Commence Operations with Ongoing Compliance

After obtaining the license, you can launch operations. You must continuously maintain compliance:Ensure the share capital remains intact (the law doesn’t freeze the €100k in the account after licensing, you can use it for operations, but you cannot drop below the required equity through losses without regulator knowing).Keep an active office in Estonia. The FIU may conduct inspections or expect in-person meetings.The compliance officer must actively monitor transactions and report any suspicious activity to Estonia’s Financial Intelligence Unit. They also must submit quarterly reports on the company’s activities to FIU (this became a requirement in new guidelines).By law, any changes (new board members, change of address, change of ownership over 10%) require prior approval from the regulator.The company needs to undergo annual audits and file financial statements. Also, an annual AML report might need to be submitted to the regulator.

 

9. Be Aware of Upcoming Changes

Estonia aligns its regime with the EU’s MiCA regulation by 2025–2026. The license you obtain now may transition into a MiCA-compliant CASP license issued by Finantsinspektsioon. Keep track of any new guidelines (e.g., if additional own funds or insurance guarantees are imposed under MiCA).

OUR OFFERS

At NUR Legal, we provide tailored legal solutions for launching and operating cryptocurrency businesses in Estonia.

​

For those still evaluating the regulatory landscape, we offer a comprehensive Legal Opinion that assesses whether your project falls under Estonia’s regulatory framework for virtual asset and crypto service providers—giving you clarity and confidence before moving forward.

​

For clients ready to proceed, we deliver a full-scope package that includes company formation, CASP (Crypto Asset Service Provider) licensing under Estonian law, compliance documentation, key personnel appointments, and local representation—everything required to legally and effectively launch your crypto venture in Estonia.

 

In addition, for companies already holding a VASP license under Estonia’s previous regime, we provide seamless VASP to CASP transition support, ensuring full compliance with updated regulatory standards. Whether you're exploring the viability of your concept or fully prepared to establish operations, we ensure your launch is both compliant and strategically sound.

​

Company formation + Licensing 

Our full, legal and operational support to help you establish and launch your crypto project in Estonia with full regulatory compliance.

  • Expert review of your crypto business model and structure to meet Estonian regulatory standards.

  • Assistance with with a legal entity incorporation.

  • Documents, and local setup.

  • Support in opening a corporate bank account with local banking partners.

  • Assistance in finding and renting a physical office in Estonia; legal address service available.

  • Drafting MiCA, DORA, Travel Rule, AML and other regulative scope compliance policies, risk assessments, and internal procedures.

  • Preparation of Articles of Association, shareholder agreements, and other required legal documents.

  • And more — full-spectrum legal and operational support for your launch in Estonia.

​

VASP to CASP

Crypto License renewal under MiCA reguations. Transitional period applies until 30 June 2025, allowing currently licensed entities to continue operating while aligning their structures with MiCA standards.

  • Necessary communication with the EFSRA (Estonian Financial Superviory and Resolution Authority) to transit from Virtual Asset Service Provider License to the new Crypto Asset Service Provider License.

  • Transitional Period Strategy preparing your company for the MiCA-compliant framework.

  • All Policy & Documentation Upgrade - Drafting and revision of AML/CFT programs, internal control policies, governance structures, DORA, Travel Rule requiremenst and whitepapers to align with MiCA requirements.

  • Submission of updated license documentation and handling of all renewal formalities.

  • Finalizing check and if needed Audit for AML, MiCA,  DORA and Travel Rule requirements to ensure meeting regulatory standards

Estonian evening

LEGAL FRAMEWORK

Estonia’s crypto-friendly environment is coupled with several business advantages. Notably, the country imposes a 0% corporate income tax on undistributed profits, meaning taxation occurs only when profits are distributed. This policy is particularly advantageous for many crypto startups. However, regulatory compliance remains stringent. As of a 2022 law update, crypto companies are required to have a local presence, including an office and staff, and are subject to independent annual audits. The government's intent is to increase oversight and improve the credibility of the sector by raising capital requirements and separating management and compliance roles to avoid conflicts of interest.

​

MiCA Implementation

Estonia is at the forefront of aligning with the EU’s new Markets in Crypto-Assets (MiCA) Regulation. In July 2024, Estonia enacted the Crypto Assets Market Act (Krüptovaraturu Seadus) to adapt its laws in line with MiCA. Under this framework, the licensing authority for crypto services is transitioning from the Estonian Financial Intelligence Unit (FIU) to the Estonian Financial Supervision Authority (EFSA), which serves as the national financial regulator, akin to a financial services authority.

MiCA came into force at the EU level in June 2023, and its provisions regarding authorization and operating requirements for Crypto-Asset Service Providers (CASPs) will be fully applicable by December 30, 2024. From that date, any firm providing crypto-asset services in Estonia (and across the EU) must comply with MiCA’s unified rules and will need to obtain a CASP license from EFSA to continue operations.

Existing Estonian VASP license holders will not automatically have their licenses grandfathered in. Their old national licenses will become invalid and must be replaced by MiCA authorization. A transitional period has been established until mid-2026 to facilitate this change. Specifically, firms operating with an Estonian license before MiCA’s effective date can continue their activities during the transition period (until July 1, 2026), provided they submit a MiCA license application by the relevant deadline and work toward full compliance.

The Estonian regulator, EFSA, is expected to begin accepting CASP license applications in early 2025. EFSA will oversee crypto providers in areas such as prudential safeguards, governance, disclosure, and consumer protection, in line with MiCA’s provisions.

Notably, Estonia’s early adoption of MiCA-like rules (even before MiCA, Estonia’s 2022 regulations anticipated many MiCA requirements) means the country is well-prepared for the EU-wide regime. Estonian-licensed crypto companies are already largely compliant with ESMA and EU standards, which will ease their transition to MiCA.

In summary, Estonia’s regulatory framework is evolving from a national AML-focused licensing system to a pan-European license under MiCA. This transition aims to enhance the credibility and passportability of Estonian crypto businesses across the EU.

OUR SERVICES

At NUR Legal, we specialize in guiding crypto businesses through the regulatory landscapes of Estonia.

Reach out to NUR Legal for expert guidance throughout the licensing process.

At NUR Legal, our services encompass:
 

  • Regulatory Consultation
    Assessing the best jurisdiction and license type for your business.​
     

  • Documentation Assistance
    Preparing and reviewing all necessary documents.​
     

  • Application Management
    Handling the submission and liaison with regulatory bodies.​
     

  • Post-Licensing Support
    Ensuring ongoing compliance and addressing any regulatory updates.

Contact

NUR Legal OÜ

Registry code: 17142784

VAT nr. EE102815012

+37258339358

info@nur-legal.com

  • LinkedIn
  • Instagram

Thanks for submitting!

bottom of page