Crypto License in Bulgaria 2026

Launch a MiCA-ready crypto business in Bulgaria with RUE. We structure CASP applications, AML/TFR controls, and regulator-facing documentation for EU market access.

Schedule Free Consultation

Regulator

FSC

Timeframe

3-6 months

Cost

from €14,900

Capital

2 BGN / MiCA

OOD capital is not the same as MiCA own funds. Scope and structure determine the threshold.

Why Bulgaria for a Crypto License

Bulgaria is a practical jurisdiction for founders targeting the EU under MiCA, especially where cost discipline, corporate flexibility, and a 10% corporate tax environment matter. RUE helps separate legacy crypto registration concepts from the real 2026 CASP authorization path.

Polina Merkulova

Polina Merkulova

Licensing Services Manager

[email protected]

As your point of contact, I help coordinate the licensing process end-to-end, keep communication clear, and move your application forward without unnecessary delays.

Regulated United Europe (RUE) supports founders end-to-end in Bulgaria: company structuring, service-scope analysis, MiCA/CASP qualification, AML/CFT framework design, DORA-ready ICT governance documentation, and regulator-facing application packs.

We also coordinate banking and EMI onboarding, accounting setup, beneficial ownership disclosure, and post-license compliance so your Bulgarian crypto project is built for authorization and operations, not just incorporation.

Contact me

🏛️

MiCA-Relevant EU Jurisdiction

For most new crypto businesses in 2026, the relevant route is CASP authorization under the EU MiCA framework rather than relying on outdated local-only registration narratives.

💶

Low Corporate Tax

Bulgaria applies a **10% corporate income tax**, which remains one of the lowest headline rates in the EU for operating companies.

⚙️

Flexible Corporate Setup

A Bulgarian OOD can usually be incorporated with low statutory capital, but founders must still meet separate prudential and governance expectations for regulated crypto activity.

🌍

EU Expansion Logic

A properly authorized Bulgarian CASP can use MiCA passporting mechanics for cross-border EU activity, subject to notification and scope alignment.

Crypto License in Bulgaria 2026

22,900 EUR

Package includes (8)

Preparation of necessary documents for registration of a new company in Bulgaria 2026
Translation of a certificate of no criminal record through a sworn translator
Payment of state fees related to company registration
Payment of notary fees related to company registration
Preparation of compliance documents for MiCA application
Preparation of a business plan
Submission of the necessary documents to FSC
Recruitment of local MLRO/Compliance officer

Timeframe: From 6 months

MiCA Class Comparison for Crypto License in Bulgaria 2026

Compare MiCA Class 1, Class 2 and Class 3 by permitted activities and baseline requirements.

Mica Class 1 - 50 000 EUR

CapitalFrom EUR 50,000 TimeCountry-specific

Swipe left/right to switch license type

Reception and transmission of client orders

Execution of orders on behalf of clients

Placement and advisory services

Portfolio management

No custody of client crypto-assets

Target Models

Advisory firms Introducing brokers Portfolio advisory setups

Mica Class 2 - 125 000 EUR

CapitalFrom EUR 125,000 TimeCountry-specific

Swipe left/right to switch license type

All Class 1 services

Crypto-fiat and crypto-crypto exchange

Custody and administration of client assets

Transfer services for crypto-assets

Higher organizational and AML requirements

Target Models

Exchanges Custody providers Broker-dealer operations

Mica Class 3 - 150 000 EUR

CapitalFrom EUR 150,000 TimeCountry-specific

Swipe left/right to switch license type

All Class 2 services

Operation of crypto-asset trading platform

Enhanced governance and internal controls

Advanced risk management and reporting

Typical for full-scale marketplace operators

Target Models

Trading venues Multi-service CASP groups Institutional-grade operators

Discuss this license

MiCA Class Comparison (Class 1, Class 2, Class 3)

Activity / Option	Mica Class 1 - 50 000 EUR	Mica Class 2 - 125 000 EUR	Mica Class 3 - 150 000 EUR
Reception and transmission of orders	V	V	V
Execution of orders on behalf of clients	V	V	V
Advisory and portfolio management	V	V	V
Crypto-fiat and crypto-crypto exchange	X	V	V
Custody and administration of crypto-assets	X	V	V
Operation of a trading platform	X	X	V

Requirements for a Bulgaria Crypto License

A crypto license in Bulgaria in 2026 is not just about registering a company. For most operating models, the real question is whether your business falls within MiCA CASP authorization, whether there are adjacent regimes such as payment services, e-money, EMT issuance, MiFID II, and whether your governance, AML, and ICT stack are mature enough for authorization.

The Bulgarian setup is usually commercially attractive because company formation is relatively straightforward and the tax environment is efficient. The regulatory burden, however, sits at the EU level: MiCA, Regulation (EU) 2023/1113 on the Travel Rule, and DORA for ICT resilience can all become relevant depending on your model. Below are the core requirements founders should budget for before filing.

Correct Regulatory Qualification of Services +

You must first determine whether your model is a CASP under MiCA, a token issuer, a payment institution, an e-money institution, an investment firm, or a combination. This is the single most important threshold issue.

CASP-relevant services may include custody, exchange, transfer, execution, order reception/transmission, advice, portfolio management, placing, and operation of a trading platform;
EMT projects may trigger e-money analysis and involvement of the Bulgarian National Bank (BNB);
Security-like tokens can fall into MiFID II territory rather than MiCA;
Fiat payment flows may require analysis under the Payment Services and Payment Systems Act.

A frequent founder mistake is to call everything a “crypto exchange license”. The regulator will not. The application must map each product feature to a legal service category.

Bulgarian Company Formation and Real Operating Presence +

You generally need a Bulgarian legal entity, most commonly an OOD or in some cases a joint-stock structure depending on governance and investor preferences. A Bulgarian OOD can often be incorporated with 2 BGN statutory capital, but that figure is only a company law minimum and not a regulatory own-funds benchmark for MiCA activity.

In practice, founders should expect to provide:

registered office and contact infrastructure in Bulgaria;
clear management and decision-making structure;
documented beneficial ownership chain;
operational substance proportionate to the business model;
service agreements for outsourced functions, where used.

Letterbox structures are increasingly weak in regulator and banking reviews. Even when remote setup is possible, effective management, recordkeeping, and local corporate maintenance must be demonstrable.

Management, Shareholders and Fit-and-Proper Review +

Founders, directors, UBOs, and key control persons must be defensible from a fit-and-proper standpoint. The regulator and counterparties typically assess:

identity and beneficial ownership transparency;
criminal record and sanctions exposure;
source of wealth and source of funds;
relevant financial services, fintech, cybersecurity, or crypto experience;
conflicts of interest and governance independence;
whether management can actually supervise outsourced vendors.

One nuance many applicants miss: experience is not judged only by titles on a CV. Regulators increasingly look for evidence that management understands wallet architecture, outsourcing risk, transaction monitoring, complaints handling, and incident escalation in operational terms.

Capital: Company Capital vs Regulatory Own Funds +

You must distinguish between corporate capital under Bulgarian company law and regulatory own funds / prudential safeguards under MiCA. They are different concepts and should never be merged in founder planning.

OOD statutory capital: often as low as 2 BGN;
MiCA prudential requirements: depend on the service class and actual activity mix;
Operational runway: regulators and banking partners also care whether you can finance at least the first 12 months of compliant operations;
Capital composition: founders should expect fiat funding evidence, not vague references to token treasury value.

In real projects, the under-budgeted item is often not the formal threshold but the total compliance stack: legal drafting, security controls, AML tooling, accounting, audit support, local administration, and banking onboarding.

AML/KYC, Sanctions and Source-of-Funds Controls +

A Bulgarian crypto business must operate a risk-based AML/CFT framework aligned with the Measures Against Money Laundering Act, suspicious reporting expectations, and the EU Travel Rule framework. This goes far beyond collecting a passport image.

business-wide AML/TF risk assessment;
CDD and EDD logic by customer type, geography, channel, and product;
sanctions and PEP screening;
source-of-funds and source-of-wealth review for higher-risk cases;
blockchain analytics and wallet risk scoring;
ongoing transaction monitoring and alert handling;
suspicious activity escalation to the competent AML authority;
record retention and audit trails.

For crypto businesses, blockchain forensics is now a practical expectation. If you cannot explain how you detect mixers, darknet exposure, sanctions-linked wallets, or high-risk counterparties, your AML framework is incomplete.

Cybersecurity, DORA and Technical Safeguards +

In 2026, crypto authorization is also an ICT governance exercise. Even where DORA applicability must be assessed case by case, regulators and banking partners expect a DORA-style control environment.

role-based access control and MFA for privileged users;
encryption in transit and at rest;
segregation of hot, warm, and cold wallets;
HSM or MPC-based key management for custody models;
logging, monitoring, and tamper-evident audit trails;
incident response playbooks and severity classification;
business continuity and disaster recovery testing;
vendor due diligence and outsourcing register.

A useful technical nuance: regulators increasingly ask not only where keys are stored, but who can reconstruct them, under what quorum, and how emergency key rotation works after compromise.

Business Plan, Financial Model and Control Framework +

Your application must show that the business is commercially coherent and operationally controllable. A regulator-facing business plan should usually cover:

exact services and target markets;
client onboarding channels and restrictions;
revenue model and fee schedule;
3-year financial projections with assumptions;
custody and safeguarding model;
complaints handling and client disclosures;
outsourcing map and vendor dependencies;
market abuse and conflicts controls where relevant.

Generic plans copied from another jurisdiction are easy to detect. The strongest Bulgarian applications align the narrative across the business plan, AML manual, ICT policy set, corporate documents, and banking pack.

Banking and Fiat Rails Readiness +

You should prepare banking and payment strategy in parallel with licensing, not after it. Crypto businesses often need a mix of:

Bulgarian or EU corporate banking for operating expenses;
EMI accounts for faster onboarding and SEPA access;
merchant or payment processing arrangements for fiat on-ramp/off-ramp;
documented transaction flows between wallets, treasury, and payment providers.

Banking counterparties usually request more than the regulator: website flows, source-of-funds logic, target geographies, sanctions controls, proof of licensing status, and sample compliance reports. RUE supports both the licensing track and the parallel banking preparation through our bank account in Bulgaria and crypto business bank account services.

Jurisdiction Comparison

Compare Bulgaria with other jurisdictions by key conditions for obtaining and operating a MiCA/CASP license: regulator, review period, fees, capital, local substance, and passporting.

* This table focuses on MiCA/CASP authorization conditions. Use the settings icon to customize countries and parameters.

💰 Licensing Cost Estimator

Get an approximate cost estimate for your crypto license based on your business needs

Configure Your Licensing Package

Select options below to see estimated costs

License Type

Mica Class 1

Mica Class 2

Mica Class 3

Do you need company registration?

Yes — Register New Company

No — I Have a Company

Additional Services

✓ AML/KYC Package ✓ Bank Account Opening ✓ Physical Office ✓ Compliance Officer

Estimated Cost

€0

Estimated Timeframe

Country-specific

Capital Requirement

€0

📞 Get Exact Quote

* This calculator provides approximate estimates only. Actual costs may vary based on your specific situation. Contact us for a detailed personalized quote.

Taxation of Crypto Companies in Bulgaria

Bulgaria remains commercially attractive for crypto founders because its headline corporate tax environment is simple by EU standards. The core number most founders look at first is the 10% corporate income tax. That said, tax analysis for crypto businesses should never stop at the headline rate. The real questions are how revenue is characterized, whether specific services are VAT-exempt or taxable, how dividends are distributed, and whether certain activities create additional accounting or withholding consequences.

Core tax position for Bulgarian crypto companies

Corporate income tax: generally 10%;
Dividend withholding tax: commonly 5% for certain distributions, subject to treaty and recipient analysis;
Standard VAT rate: 20%;
Personal income tax: commonly 10% in many standard cases.

For crypto businesses, the most misunderstood area is VAT. The CJEU Hedqvist judgment (C-264/14) supports VAT exemption logic for exchange of traditional currency for bitcoin and vice versa under specific conditions, but that does not mean every crypto-related service is VAT-free. Technology licensing, software development, consulting, white-label infrastructure, and some ancillary services may still be taxable.

Accounting and tax nuance founders often miss

Crypto companies are usually judged not only on tax rates but on accounting defensibility. Revenue recognition, wallet reconciliation, treasury valuation, impairment logic, and evidence trails for token movements all matter. If your books cannot tie blockchain movements to invoices, customer balances, treasury policy, and fiat statements, tax and audit risk rises quickly. RUE usually coordinates legal setup with accounting services in Bulgaria so the compliance model and the ledger model match from day one.

Operational cost layer beyond taxes

Budgeting should include not only taxes but also annual compliance costs: accounting, payroll, legal maintenance, AML software, blockchain analytics, security audits, translations, and possible external MLRO or compliance support. For many founders, these recurring costs matter more than the nominal tax rate when choosing Bulgaria.

Corporate Income Tax

Headline tax on Bulgarian company profits

10%

Bulgaria generally applies a 10% corporate income tax, which is one of the lowest headline rates in the EU. This rate applies to taxable profits after allowable deductions and proper accounting treatment. For crypto businesses, the practical issue is not the rate itself but correct classification of trading income, service fees, treasury gains, and related expenses.

Dividend Withholding Tax

Common rate on profit distributions

5%

Dividend distributions are commonly subject to 5% withholding in standard domestic scenarios, but the actual result depends on the recipient, treaty protection, and whether any exemption regime applies. Cross-border structures should always be checked against the relevant double tax treaty and anti-abuse rules before distributions are made.

Value Added Tax (VAT)

Depends on service type, not on the word crypto

20% / Exempt

The standard Bulgarian VAT rate is 20%. Certain exchange transactions may fall within VAT exemption logic under EU case law, including the reasoning from Hedqvist (C-264/14). However, advisory, software, licensing, white-label, development, and some operational services may remain taxable. Founders should map each revenue line separately instead of applying one VAT answer to the whole business.

Personal Income Tax

Relevant for founders, traders and salary/dividend planning

10%

Bulgaria commonly applies a 10% flat personal income tax in standard cases. The actual treatment of crypto gains for individuals depends on the facts: trading frequency, business activity indicators, mining, employment income, and whether the person acts as an entrepreneur rather than a passive investor. Personal tax should be reviewed separately from company tax.

Mining and Staking Income

Fact-specific treatment, often business-income sensitive

Case-specific

Mining and staking should not be treated casually. Depending on scale, organization, and continuity, proceeds may be analyzed as business income rather than passive gains. Electricity cost allocation, hardware depreciation, validator fees, and token valuation methodology can materially affect the tax outcome.

Accounting and Audit Readiness

Not a tax, but a recurring compliance cost center

Variable

Crypto companies should budget for monthly bookkeeping, payroll, annual financial statements, wallet reconciliations, and where applicable external audit support. The hidden cost is usually data normalization: matching blockchain transactions, exchange exports, custody records, and fiat bank statements into an auditable accounting trail.

AML and Blockchain Analytics Tools

Recurring compliance tooling cost

€3k-€30k+

Most regulated crypto businesses need KYC/AML tooling, sanctions screening, PEP screening, transaction monitoring, and blockchain analytics subscriptions. The annual spend varies by volume and vendor stack, but founders should budget for recurring software costs from the start rather than treating them as optional extras.

Banking, EMI and Payment Operations

Operational fees often underestimated by founders

Variable

Account maintenance, incoming/outgoing payments, FX margins, safeguarding arrangements, merchant fees, and enhanced due diligence reviews can create a meaningful annual cost layer. This is especially relevant for crypto-fiat models. RUE helps align the tax, banking, and licensing workstreams so the operating model remains coherent.

Compliance & Ongoing Obligations

A Bulgarian crypto license is not the finish line. Once authorized, a CASP must maintain continuous governance, AML, Travel Rule, ICT, reporting, and recordkeeping controls.

📊

Regulatory Reporting

Periodic reports required by the competent authority based on service scope
Annual financial statements and corporate filings
Prompt notification of material changes in ownership, governance, outsourcing, or services
Incident and breach escalation where legally required
Maintenance of complete books, registers, and evidentiary records

🛡️

AML/KYC and Travel Rule

Risk-based CDD and EDD procedures
Sanctions, PEP, and adverse media screening
Ongoing transaction monitoring and alert review
Travel Rule data collection and transmission under Regulation (EU) 2023/1113
Suspicious activity escalation to the competent AML authority

🔐

Operational and ICT Controls

Access control, MFA, logging, and privileged user oversight
Wallet segregation and custody control framework
Business continuity and disaster recovery testing
Vendor due diligence and outsourcing register maintenance
Incident response, root-cause analysis, and remediation tracking

📋

Governance Maintenance

Board and management oversight of compliance and risk
Regular policy review and version control
Staff training on AML, sanctions, fraud, and data protection
Complaints handling and customer disclosure updates
Periodic review of fit-and-proper status for key persons

💡

RUE handles compliance for you. Our team provides ongoing compliance support, including AML officer services, regulatory reporting, and policy updates. We ensure your license stays in good standing year after year. Contact us for compliance support →

Crypto license in Bulgaria in 2026: what it really means after MiCA

Crypto license in Bulgaria in 2026: what it really means after MiCA

In 2026, “Crypto license in Bulgaria” usually means a MiCA-era authorization analysis, not a simplistic local registration exercise. That distinction matters because many older market materials still mix together VASP, AML registration, local tax registration, and full CASP authorization as if they were interchangeable. They are not.

At EU level, the key framework is Regulation (EU) 2023/1114 on markets in crypto-assets (MiCA). For crypto transfers, the parallel framework is Regulation (EU) 2023/1113, which operationalizes the Travel Rule. For ICT resilience and outsourcing governance, Regulation (EU) 2022/2554 (DORA) is also part of the compliance picture for many financial-sector operators and should be treated as a practical benchmark even where scope analysis is still needed.

For founders, the correct sequence is:

define the exact service model;
map each activity to MiCA or another regime;
identify the competent Bulgarian authority or authorities;
prepare governance, AML, and ICT controls;
only then build the application and banking pack.

The most common commercial misunderstanding is the promise of “automatic EU access”. The legal reality is more precise: once properly authorized, a CASP may use MiCA passporting mechanics for cross-border activity, but that still requires the right authorization scope and the proper notification path. RUE helps founders structure this from the start through our CASP license, MiCA license in Europe, and MiCA compliance documentation services.

Get MiCA Scope Assessment

Legacy registration vs MiCA/CASP authorization in Bulgaria

Question	Legacy / AML-style concept	MiCA / CASP reality in 2026
Main purpose	Local AML visibility / historical registration logic	Full authorization to provide regulated crypto-asset services
Legal focus	AML compliance and reporting posture	Governance, conduct, prudential safeguards, safeguarding, AML, ICT, disclosures
Authority map	May involve tax/AML-facing authorities depending on period and activity	Primarily the competent authority for MiCA authorization, with other authorities relevant for tax, AML reporting, data protection, EMT/payment edge cases
Service scope	Often described too broadly in old market materials	Must match exact MiCA service categories
EU market access	No automatic EU operating right	Possible through MiCA passporting after proper authorization and notification
Practical standard	Historically lighter in some narratives	Much higher documentation and operational readiness threshold

Which regulator is responsible for crypto businesses in Bulgaria?

Bulgarian crypto regulation is multi-authority by function, not one-agency by slogan. Founders should not collapse FSC, BNB, NRA, and FID-SANS into a single “crypto regulator” concept.

Practical authority map:

Financial Supervision Commission (FSC): the key authority to monitor for MiCA/CASP relevance and authorization issues for crypto-asset services;
Bulgarian National Bank (BNB): relevant where the model touches e-money, payment services, EMT logic, or fiat rails requiring separate analysis;
National Revenue Agency (NRA): tax administration, VAT, corporate tax, and related registrations;
Financial Intelligence Directorate within SANS/DANS: suspicious transaction reporting and AML intelligence interface;
Registry Agency / Commercial Register: company incorporation, corporate changes, beneficial ownership filings where applicable;
Commission for Personal Data Protection (CPDP): GDPR and local data protection oversight.

A useful founder rule: authorization, tax, AML reporting, and data protection are separate workstreams. They must be aligned, but they are not interchangeable. This is where many applications fail before filing because the corporate file, AML file, and banking file are built by different vendors with inconsistent assumptions.

RUE coordinates these layers through one legal-compliance workstream and can also support related services such as legal services in Bulgaria and accounting services in Bulgaria.

What activities can a Bulgarian crypto company legally provide?

Services covered by CASP authorization under MiCA

The service list matters because the license scope follows the activity, not your marketing label. Under MiCA, crypto-asset services can include:

custody and administration of crypto-assets on behalf of clients;
operation of a trading platform for crypto-assets;
exchange of crypto-assets for funds;
exchange of crypto-assets for other crypto-assets;
execution of orders for crypto-assets on behalf of clients;
placing of crypto-assets;
reception and transmission of orders for crypto-assets on behalf of clients;
providing advice on crypto-assets;
providing portfolio management on crypto-assets;
providing transfer services for crypto-assets on behalf of clients.

Many founders assume they only need a license if they hold client wallets. That is too narrow. Order routing, broker-style execution, platform operation, and transfer services can all create authorization relevance even without a classic custodial exchange model.

When you may need MiFID II, PSD2, e-money or EMT analysis instead

Not every token business belongs under one generic crypto license. Four common edge cases require separate analysis:

Financial instruments: if the token behaves like a transferable security or another financial instrument, MiCA may not be the primary regime and MiFID II logic can take priority;
EMTs: e-money token structures can trigger e-money and central bank relevance rather than ordinary CASP treatment;
Fiat payment services: if you execute payment transactions, issue payment instruments, or provide payment accounts, PSD2-style analysis may become relevant;
Stablecoin and issuance models: ART/EMT issuance has its own compliance architecture and should not be conflated with exchange authorization.

A practical nuance often missed in founder decks: if your app combines wallet, card, IBAN, stablecoin treasury, and execution features, you may be looking at a stacked-regulation project, not a single-license project. RUE usually begins with a decision-tree memo before any filing work starts.

Discuss Your Business Model

What regulators and banks actually test in a Bulgaria crypto application

Service Mapping

Whether each product feature is correctly mapped to MiCA, MiFID II, EMT, or payment-services logic rather than described with generic crypto language.

Beneficial Ownership

Whether the ownership chain, source of funds, and control structure are transparent, documented, and sanctions-clean.

AML Architecture

Whether the AML manual is risk-based, crypto-specific, and supported by real onboarding, monitoring, and escalation workflows.

Custody Model

Whether the applicant can explain wallet segregation, key management, reconciliation, incident response, and insolvency treatment of client assets.

ICT and Outsourcing

Whether critical vendors are identified, monitored, contractually controlled, and reflected in an outsourcing register and resilience framework.

Financial Viability

Whether the projections are conservative, funded, and consistent with the staffing, compliance, and technology assumptions in the file.

Documents required for a crypto license in Bulgaria

Corporate and ownership documents

A serious application starts with a clean corporate file. Founders should expect to prepare or obtain:

articles of association / constitutive documents;
certificate of incorporation and UIC details;
shareholder register and ownership chart;
UBO declarations and supporting identification documents;
proof of registered office and operating address;
board resolutions and powers of attorney where used;
apostilled and translated foreign documents where applicable.

One operational nuance: delays often come not from the regulator but from mismatched names, addresses, and dates across notarized documents, translations, bank forms, and the commercial register extract.

Compliance, financial and technical documentation

The compliance pack is usually the most time-consuming part of the project. A robust file may include:

business plan and product description;
3-year financial projections with assumptions;
AML/CFT manual and business-wide risk assessment;
KYC/CDD/EDD procedures and sanctions policy;
Travel Rule operating procedure and data handling logic;
complaints handling policy and client disclosures;
conflicts of interest policy;
outsourcing policy and outsourcing register;
ICT security policy, access control matrix, logging standard, backup and recovery plan;
incident response and escalation policy;
wallet custody architecture, including hot/warm/cold segregation and key governance;
CVs, questionnaires, criminal record extracts, and fit-and-proper materials for key persons.

Where the model is custody-heavy, we also recommend documenting reconciliation frequency, quorum rules for key access, and the exact process for freezing or rejecting high-risk wallet interactions. Those details materially improve credibility in regulator and banking review.

Prepare Application Documents

Important: company incorporation is not the license

Important: company incorporation is not the license

A Bulgarian company can be incorporated quickly, but that does not authorize crypto services. Founders often see the 2 BGN minimum capital for an OOD and assume the regulatory entry barrier is therefore negligible. That is incorrect.

Company law minimum capital is a corporate formation concept;
MiCA own funds / prudential safeguards are a regulatory concept;
Banking readiness is a separate commercial and compliance concept;
Operational launch requires AML, Travel Rule, ICT, customer documentation, and often vendor integrations.

If you want a realistic launch plan, treat the project as four parallel tracks: corporate, regulatory, banking, and accounting/tax. RUE runs these tracks together so founders do not end up with a company that exists on paper but cannot legally onboard clients or open payment rails.

Plan Your Bulgaria Setup

Common mistakes founders make when applying in Bulgaria

Most failed or delayed crypto applications in Bulgaria are not rejected on one dramatic issue; they collapse under cumulative inconsistency. The most common mistakes we see are:

wrong legal qualification: calling a mixed wallet/payment/token model a simple exchange business;
generic AML manual: using a template that does not address blockchain analytics, Travel Rule, or wallet risk;
weak source-of-funds narrative: capital appears in the file, but its origin is not explained cleanly;
no custody model: the applicant says it will safeguard assets but cannot explain key governance or reconciliation;
outsourcing blind spots: critical vendors are used, but there is no outsourcing map, no SLA logic, and no fallback plan;
unrealistic projections: revenue is aggressive while staffing, compliance, and security budgets are implausibly low;
banking left too late: the company gets structured before anyone tests whether the fiat flow is bankable;
data protection ignored: customer onboarding, analytics tools, and cloud vendors are selected without GDPR mapping.

A subtle but recurring issue is terminology drift: the website says “non-custodial”, the business plan says “custody”, the AML manual says “wallet services”, and the banking form says “brokerage”. Regulators and banks read that as control weakness.

Conclusion: is Bulgaria still a strong jurisdiction for crypto businesses in 2026?

Conclusion: is Bulgaria still a strong jurisdiction for crypto businesses in 2026?

Yes, Bulgaria remains a strong jurisdiction for EU-facing crypto businesses in 2026, but only for founders who understand that the real game is MiCA readiness, not cheap incorporation.

The jurisdiction is attractive because of its 10% corporate tax, relatively efficient company setup, and practical cost base compared with some Western European alternatives. The legal and operational reality, however, is now fully European: MiCA, TFR, AML/CFT, safeguarding, governance, and ICT resilience define whether the business is launchable.

Bulgaria is usually a good fit if you want:

an EU company with rational tax economics;
a structured path to CASP authorization;
cross-border EU scaling through passporting mechanics;
a setup where legal, accounting, and banking workstreams can be coordinated efficiently.

It is a weaker fit if your real objective is zero-substance offshore structuring, unbankable high-risk flows, or a token model that actually belongs under another regime. RUE helps founders make that call early and build the correct route from the start.

Talk to RUE Experts

📝 Check Your Eligibility

Answer a few quick questions to find out if this jurisdiction suits your crypto business

Step 1 of 5

What type of crypto services will you provide?

Exchange (fiat ↔ crypto)

Custody & Wallet Services

Transfer & Payment Services

Advisory / Portfolio Management

Multiple / All of the Above

Step 2 of 5

What is your target market?

European Union only

EU + Global markets

Global (non-EU priority)

Step 3 of 5

Do you already have a registered company in the EU?

Yes, in this jurisdiction

Yes, in another EU country

No, I need to register one

Step 4 of 5

What is your available budget range?

Under €20,000

€20,000 – €50,000

€50,000 – €100,000

Over €100,000

Step 5 of 5

When do you plan to launch?

As soon as possible (1–3 months)

Within 6 months

Within a year

Just exploring options

✅

This Jurisdiction Is a Great Fit!

Based on your answers, this jurisdiction matches your business requirements well. Here's a quick summary:

Recommended License

CASP License

Estimated Budget

€24,000 – €35,000

Estimated Timeframe

4–6 months

EU Passporting

Available

📞 Get Personalized Assessment

Step-by-Step Licensing Process

Step 1

Scope & Gap Analysis

We map your services against MiCA, EMT, MiFID II and payment-services edge cases, identify the likely Bulgarian authority path, and flag banking, AML, and ICT gaps. Typical duration: 1-2 weeks.

Step 2

Company Setup

We incorporate the Bulgarian entity, arrange registered office, prepare corporate documents, UBO filings, and supporting powers of attorney where needed. This is company formation only, not authorization. Typical duration: 1-3 weeks.

Step 3

Compliance Build-Out

We prepare the application pack: business plan, AML/CFT framework, Travel Rule workflow, governance set, ICT and outsourcing documentation, financial model, and fit-and-proper file. Typical duration: 2-6 weeks.

Step 4

Application Filing

We finalize the regulator-facing package, align terminology across all documents, and submit through the relevant process. Filing only starts once the service scope and adjacent licensing issues are resolved. Typical duration: 1 week.

Step 5

Review & Remediation

The authority reviews the file, issues questions, and may request clarifications, document upgrades, or governance adjustments. Most projects involve 1-3 rounds of follow-up. Typical duration: 1-3+ months.

Step 6

Banking & EMI Onboarding

In parallel or immediately after approval, we support account opening, EMI onboarding, payment-flow mapping, and compliance pack delivery to counterparties. Typical duration: 2-8+ weeks depending on risk appetite.

Step 7

Launch Readiness

Before go-live, we verify customer documents, onboarding controls, sanctions screening, wallet governance, incident response, accounting setup, and internal reporting lines. This reduces post-launch regulatory and banking friction.

Start Your Application

Answers

Frequently Asked Questions

Open the key issues founders, compliance teams and legal leads usually need to confirm before a Lithuania CASP rollout.

Is there a real crypto license in Bulgaria in 2026? +

Yes, but in 2026 the relevant question is usually MiCA/CASP authorization, not just historical local registration concepts. Older references to simple crypto registration in Bulgaria can be misleading if read without context. New projects should first assess whether their services fall under MiCA, and then whether adjacent regimes such as EMT, payment services, or MiFID II also apply.

In practice, founders should not ask only “how to register a crypto company”, but rather:

what exact crypto-asset services will be provided;
whether custody is involved;
whether fiat payment rails are part of the model;
whether any token qualifies outside MiCA.

That legal qualification determines the real licensing path.

Which businesses need MiCA authorization in Bulgaria? +

Businesses providing regulated crypto-asset services under MiCA generally need authorization. This can include custody, operating a trading platform, exchange of crypto for funds, exchange of crypto for crypto, execution of orders, order reception and transmission, placing, advice, portfolio management, and transfer services.

Founders often underestimate transfer and brokerage-style models. Even if you do not market yourself as an exchange, your workflow may still fall within a regulated service category.

Which regulator oversees crypto businesses in Bulgaria? +

There is no single one-line answer because different authorities cover different functions. The FSC is central for MiCA/CASP authorization logic, the BNB becomes relevant for payment/e-money/EMT edge cases, the NRA handles tax matters, FID-SANS is relevant for AML intelligence and suspicious reporting, and the CPDP covers data protection.

The correct authority map depends on the exact business model, not on the website headline.

Does a Bulgarian crypto license give access to the EU market? +

Yes, potentially through MiCA passporting mechanics after proper authorization and notification. It is inaccurate to say access is “automatic” in a casual sense. The business must hold the right authorization scope and complete the relevant passporting steps for cross-border services or establishment.

Also note that local consumer, tax, marketing, and data protection rules in target countries may still need separate attention even after passporting.

What is the minimum capital for a crypto company in Bulgaria? +

The minimum capital depends on whether you mean company formation capital or regulatory capital. A Bulgarian OOD can often be incorporated with 2 BGN statutory capital. That does not mean a regulated crypto business can operate with 2 BGN.

For MiCA-relevant activity, own-funds and prudential requirements depend on the service class and business model. Founders should budget not only for formal thresholds but also for real operating runway and compliance costs.

How long does it take to get a crypto license in Bulgaria? +

A realistic timeline is usually around 3-6 months for well-prepared projects, but complex cases can take longer. A typical sequence is:

company incorporation: 1-3 weeks;
document and policy build-out: 2-6 weeks;
regulator review and remediation: 1-3+ months;
banking or EMI onboarding: 2-8+ weeks in parallel or after approval.

The biggest delays usually come from poor service qualification, inconsistent documentation, weak AML design, or unresolved banking logic.

Can I get a Crypto license in Bulgary remotely? +

Yes, many parts of the process can be handled remotely, but not every step is purely online. A Crypto license in Bulgary request is usually handled through powers of attorney, certified corporate documents, translations, and remote coordination with local counsel. In practice, company setup can often be done remotely, while regulator or bank onboarding may still require notarized, apostilled, or freshly certified documents and live interviews for key persons.

Is an AML officer mandatory for a Bulgarian crypto company? +

You should assume that compliance staffing must be proportionate to the business model and authorization expectations. It is unsafe to rely on old claims that no AML officer is needed. In a real MiCA/CASP context, regulators and banking partners expect clear compliance ownership, AML governance, escalation lines, and competent personnel.

Whether the role is internal, outsourced, or combined with another control function depends on scale, complexity, and local legal constraints.

Can non-residents own a Bulgarian crypto company? +

Yes, foreign founders can generally own Bulgarian companies, including companies used for crypto projects. The real issues are not nationality but transparency, source of funds, fit-and-proper standing, sanctions screening, and whether the management structure is credible.

Non-resident ownership is common, but it can increase scrutiny from banks and payment providers, so the ownership file must be especially clean.

What taxes apply to a Bulgarian crypto company? +

The headline taxes most founders look at are 10% corporate income tax and 5% dividend withholding in common scenarios. Bulgaria also applies a standard 20% VAT, but VAT treatment depends on the exact service. Some exchange activities may fall within exemption logic, while advisory, software, and ancillary services may remain taxable.

Always separate company taxation, founder taxation, and VAT analysis. They are related, but they are not the same question.

Can I buy a ready-made Bulgarian crypto company? +

Yes, you can buy a ready-made Bulgarian company, but buying a company is not the same as buying valid regulatory authorization. Shelf companies can accelerate corporate setup, yet the licensing analysis still depends on the actual services, ownership change, compliance framework, and regulator expectations.

Before acquiring any ready-made structure, conduct legal, tax, banking, and compliance due diligence. Hidden liabilities, poor bookkeeping, or weak historical AML records can make a “fast” acquisition more expensive than a fresh setup.

What happens if I operate in Bulgaria without proper authorization? +

Operating regulated crypto services without proper authorization creates regulatory, banking, and personal liability risk. Consequences can include cease-and-desist action, administrative penalties, loss of banking access, contractual disputes, reputational damage, and serious AML scrutiny.

The practical consequence usually arrives even before a formal penalty: banks, EMIs, payment processors, and institutional partners will refuse or terminate the relationship once they conclude the licensing basis is unclear.

Regulated United Europe OÜ

Registration number: 14153440
Anno: 16.11.2016
Phone: +372 56 966 260
Email: [email protected]
Address: Laeva 2, Tallinn, 10111, Estonia

Company in Lithuania UAB

Registration number: 304377400
Anno: 30.08.2016
Phone: +370 6949 5456
Email: [email protected]
Address: Lvovo g. 25-702, Vilnius, 09320, Lithuania

Company in Czech Republic s.r.o.

Registration number: 08620563
Anno: 21.10.2019
Phone: +420 775 524 175
Email: [email protected]
Address: Na Perstyne 342/1, Prague

Company in Poland Sp. z o.o.

Registration number: 38421992700000
Anno: 28.08.2019
Email: [email protected]
Address: Twarda 18, Warsaw, 00-824, Poland

Please leave your request

The RUE team understands the importance of continuous assessment and professional advice from experienced legal experts, as the success and final outcome of your project and business largely depend on informed legal strategy and timely decisions. Please complete the contact form on our website, and we guarantee that a qualified specialist will provide you with professional feedback and initial guidance within 24 hours.

Main Services

Terms of Cooperation

Regulated United Europe

Instagram

YouTube