MiCA in Poland

With the entry into force of Regulation (EU) 2023/1114 on Markets in Cryptoassets (MiCA), the European Union is entering a new phase of building a single regulatory space for digital assets. Poland, as one of the key economies in Central Europe, is in the process of adapting its national legislation to the new regulations. Despite the fact that the regulation itself began to apply on December 30, 2024, Poland has not yet adopted the final version of the domestic law that would implement MiCA provisions into the national legal system. Against this background, the uncertainty regarding future requirements and deadlines creates risks for both existing operators and potential market participants.

• MiCA Regulation in effect since December 30, 2024
• KNF as planned national licensing authority
• Polish transition period shortened to June 30, 2025
• Uncertainty due to pending national law

Currently, the Polish Financial Supervision Authority (KNF) has indicated its position: the transition period will be shortened until June 30, 2025. This means that all service providers dealing with cryptoassets, including custodians, exchange platforms and advisory service providers, must apply for a CASP license before this date. That said, despite the 18-month transition period stipulated by MiCA, Poland is exercising its right to shorten it, unlike a number of other EU countries where the transition period will last until July 1, 2026. This approach increases pressure on business by reducing the time available to prepare for licensing.

Licenses will be issued exclusively by the supervisory body, the KNF, although the status of this body has not yet been formally enshrined in national law. Until the legislative process is finalized, applications will not be reviewed. This means that companies interested in obtaining a license are still limited in their actions and have to wait for the formal adoption of the law, which significantly complicates the planning of operations.

The requirements for obtaining a CASP license include a minimum share capital (between €50,000 and €150,000, depending on the nature of the business), proof of reputational strength of shareholders and management, an operational plan, risk management procedures and internal controls, including AML/CTF. The license applies to all EU countries, and therefore its existence creates a legal basis for cross-border provision of crypto-services in the single European space. However, the established requirements significantly raise the market entry threshold, especially for startups and small participants.

MiCA also introduces separate regulations for token issuers. Tokens are divided into EMT (electronic money), ART (asset-backed), and other crypto-assets. Depending on the category, different market admission procedures apply, including mandatory white paper approval. In some cases, a simplified procedure is allowed – for example, if tokens are offered exclusively to qualified investors or distributed free of charge as part of loyalty programs. However, if the issuance of tokens is not carried out by a credit institution or an electronic money institution, supervisory approval remains mandatory.

There are also exceptions for credit institutions, investment companies and fund managers, which will be able to provide certain types of services without an additional license, but must submit a notification and the relevant documentation package to the supervisory authority. Given the high requirements and complexity of the procedures, many companies, especially start-ups, may face barriers to entry, raising concerns that some business may leave for other, less strictly regulated jurisdictions.

While the introduction of MiCA clearly promotes standardization and transparency in the European crypto market, the situation in Poland demonstrates how limited transition timelines and delays in national legislation can be an obstacle to the sustainable development of the sector. In the absence of full clarity from the regulator, companies face uncertainty, which reduces the country’s investment appeal and creates an advantage for more nimble jurisdictions.

Since the entry into force of Regulation (EU) 2023/1114 on cryptoasset markets, the market for digital assets in the European Union has entered a phase of active transformation. In Poland, as in other EU member states, the adaptation of national legislation to the new standards has begun. Although the draft law ensuring the application of MiCA in Poland is at the final stage, a number of questions remain open – first of all, regarding the timeframe for obtaining licenses and the regulator’s readiness to issue them.

Industry analysts estimate that about 90% of Polish cryptocurrency platforms may cease operations in 2025 due to stricter licensing requirements, including organizational, prudential and compliance obligations. The main challenge is that the deadline for license applications, according to the current version of the draft, expires on June 30, 2025, while the law itself has not yet been adopted. This creates a situation of regulatory uncertainty: companies are obliged to apply for authorization, but the legal possibility to do so does not yet exist. The Polish Financial Supervisory Authority (KNF), which formally lacks authority until the law is passed, encourages applications, which adds to the legal ambiguity.

In response to market participants’ concerns, the Polish Ministry of Finance initiated an adjustment to the timing of the transition period. According to the latest revision, companies will be able to continue operating for four months from the date the law enters into force. However, this decision does not remove the complexity of the situation: participants will need to carry out serious modernization of their IT systems, ensure compliance with KYC/AML requirements, prepare internal policies, procedures, and invest in the security of user data storage.

Additional burdens on businesses are imposed by the Transfer of Information Regulations (TFR), also effective from December 30, 2024. These regulations require cryptocurrency platform operators to transmit information about the parties to transactions – including name, address, customer ID – similar to bank transfer standards. This effectively abolishes anonymity, which was previously perceived as one of the key characteristics of cryptocurrencies.

In parallel with the increased regulation at the European level, voices of skeptics are growing in Poland. Representatives of the legal community point to the risk of excessive market concentration: only the largest platforms that can withstand the high entry threshold are likely to survive. Startups and small businesses will find it difficult to adapt, especially given the investment costs of licensing, security compliance and constant legal monitoring.

On the other hand, proponents of reforms emphasize the importance of consumer protection and market stabilization. The MiCA regulation aims to eradicate fraudulent schemes such as pyramid schemes and prevent the use of cryptocurrencies for money laundering, terrorist financing and corruption. Enforcement practice confirms the growing number of criminal cases involving seizure of digital assets – back in 2017, Poland started to secure cryptocurrency assets as part of investigations.

Thus, MiCA regulation in Poland is at a critical stage. On the one hand – increased transparency and trust, compliance with international standards and increased legal certainty. On the other hand, there is an increase in the cost of market entry, a reduction in the number of participants and the risk of loss of competitiveness of the Polish segment of the industry compared to other EU jurisdictions. A fundamental question arises: whether Polish companies will be able to maintain their presence on the market and develop innovations, or whether they will be displaced by international players already adapted to the new regulations.

The MiCA (Markets in Crypto-Assets Regulation), adopted by the European Union, is the world’s first regulatory framework covering almost the entire range of digital assets and their providers. Its goal is to form a unified standard of crypto-market regulation within the EU, increase the level of legal certainty and protect investors from risks and abuses. Despite the positive attitude of lawmakers, the implementation of MiCA causes lively discussions in the crypto industry – both because of the need for large-scale adaptation of processes and because of the possible negative consequences for the innovation environment.

The regulation applies to issuers and service providers of asset-backed tokens (ART), electronic money (EMT), and other cryptoassets not previously covered by current EU legislation. It provides for licensing of providers, setting strict requirements for asset provisioning, disclosure, customer protection, implementation of KYC/AML standards and compliance with marketing and advertising regulations. As of December 30, 2024, all MiCA provisions are subject to mandatory application, including requirements to obtain a Crypto-Asset Service Provider (CASP) license.

Cryptocurrency companies must review their model’s compliance with MiCA and, if necessary, initiate the process to obtain a CASP license. This includes submitting a full documentation package, reviewing the internal regulatory framework, implementing comprehensive anti-money laundering procedures, and adapting customer advocacy processes. In addition to the requirements of MiCA itself, TFR (Transfer of Funds Regulation) regulations aimed at tracking the origin and destination of cryptocurrency transactions have also come into force in parallel. These rules establish the obligation to transmit the identity of the parties to a transaction in any form of settlement.

• Prepare CASP license application
• Update internal governance and policies
• Implement AML/KYC mechanisms
• Secure user data and transaction logs
• Integrate Travel Rule (TFR) into systems

For entities that were in force before MiCA came into force, there is a transitional period, the term of which, in accordance with European law, is set until July 1, 2026 . However, each Member State has the right to decide to shorten it. Poland has exercised this right: the draft law implementing MiCA provides for a shortening of the transitional period until June 30, 2025. Moreover, only those entities that submit a complete license application by May 1, 2025 and receive confirmation of its completeness from the supervisory authority will be able to continue operating until the end of the transition period.

This provision, however, raises serious legal doubts. At the time of preparation of this article, the national regulation enshrining these changes had not yet been adopted. The European Regulation is directly applicable and establishes an 18-month transitional period. Therefore, in the absence of a Polish law, MiCA provisions should be applied in full, including the maximum transition period.

The Polish Financial Supervisory Authority (KNF) has officially announced that the transition period will end on June 30, 2025, while noting that due to the pending legislative process it does not yet have the authority to issue CASP licenses. Applications submitted remain pending until the law is approved. This creates a conflict between EU law and the stated actions of the national regulator, which could lead to uncertainty and legal risks for businesses.

Under these circumstances, cryptocurrency companies in Poland are strongly advised to monitor the legislative process, prepare and submit applications for CASP licenses in a timely manner, and implement the necessary measures to bring their activities in line with MiCA regulations. This will help to maintain operational continuity and strengthen client confidence in the new regulated environment.

Regulated United Europe‘s legal team provides comprehensive support to cryptocurrency companies on their MiCA compliance journey. We provide preparation and submission of CASP license applications, develop and implement internal AML/KYC procedures, and accompany clients in all stages of interaction with supervisory authorities. Our experience covers all key EU jurisdictions, including Poland, and allows us to adapt businesses to new regulatory realities with minimal risks.

MiCA and Polish crypto regulation: new requirements for cryptocurrency companies amidst the transformation of European financial law

With the entry into force of the European Cryptoasset Markets Regulation (MiCA) and the Transfer of Funds Regulation (TFR) from December 30, 2024, the cryptocurrency sector in the European Union is facing an unprecedented regulatory restructuring. At the same time, national regulation is being finalized in Poland in the form of the Cryptoasset Market Act, which adapts MiCA provisions to the Polish legal system. These changes are aimed at enhancing investor protection, combating money laundering, increasing transparency and introducing uniform standards in the digital economy.

MiCA introduces, for the first time ever, a single regulatory regime for the issuance, trading and intermediation of cryptoassets at the level of the entire European Union. The regulation establishes mandatory licensing for crypto service providers (CASPs), including crypto exchanges, brokers, custodians and other intermediaries. Among the mandatory requirements are compliance with the minimum level of authorized capital, implementation of AML/KYC procedures, existence of an internal control system and organizational structures to ensure fair operations.

At the national level, Poland is preparing a relevant law which provides for the appointment of the Commission for Financial Supervision (KNF) as the national regulator. It will be authorized to review CASP applications, issue licenses and supervise compliance with MiCA provisions. The draft provides for both administrative and criminal penalties for violations of regulatory requirements, including operating without a license, providing false information in investment documentation, and misuse of names indicating a company’s authorization.

The TFR Regulation complements MiCA by implementing the principles of the so-called Travel Rule, known by analogy to wire transfers. Every cryptocurrency transaction that passes through providers must now be accompanied by personalized information about the sender and recipient, including name, account number and wallet address. This data must be transferred between platforms, which involves modernizing IT infrastructure, adapting KYC procedures and investing in data storage and processing systems in compliance with security regulations.

The draft Polish law provides for a shortened transition period of four months from the date the regulation enters into force. During this period, companies providing services related to cryptoassets are required to submit a full application for a CASP license. KNF has already indicated that the deadline for the end of the transition period is set for June 30, 2025, although the EU has set an 18-month deadline until July 1, 2026. This legal conflict creates uncertainty and additional risks for businesses, especially given the absence, at the time of publication, of a valid national law that would allow for an efficient application and license.

Companies operating in the cryptoasset sector in Poland find themselves in a situation of legal uncertainty. On the one hand, the Polish law has not yet been adopted and the KNF has not been officially appointed as a licensing authority, while on the other hand, a shortened transition period is announced. This ambiguity requires an urgent legal assessment and preliminary preparation of all documentation required to apply for CASP status. Failure to meet the deadlines may result in suspension of operations and loss of market position.

The new regulatory environment has significant implications for both businesses and consumers. Users receive additional guarantees: transparency of investment offers, the ability to withdraw from a public offer within 14 days, the right to data protection and access to risk information. However, this reduces the level of anonymity and increases the amount of information disclosed. For companies, the regulatory burden is increasing, as they need to meet new requirements for capital, governance, compliance, information security and customer processes.

Small and medium-sized companies are particularly vulnerable, as they may not be able to withstand the financial and organizational burden of bringing activities into compliance with MiCA. Analysts assume that during 2025, up to 90% of existing crypto exchanges and exchanges unable to comply with the new standards will leave the market. As a result, there may be significant consolidation of the industry around major players and financial institutions that already have the appropriate infrastructure.

• Regulatory uncertainty due to pending national law
• High compliance costs for SMEs and startups
• Market concentration risk in favor of large entities
• Potential relocation of crypto businesses abroad

The regulation also affects companies that use cryptoassets in their operations. From now on, they are obliged to cooperate exclusively with licensed service providers, as well as to follow the updated AML/KYC requirements. This will lead to the gradual integration of cryptocurrencies into business practices and the convergence of the digital economy with the traditional financial sector.

Regulated United Europe specialists accompany their clients at every stage of the transition to regulatory compliance with MiCA. We provide a full cycle of legal support – from preliminary assessment of the company structure and preparation of documentation to licensing applications and interaction with supervisory authorities. With many years of experience in European financial regulation, our team helps clients safely and effectively integrate into the new regulatory reality, minimizing risks and preserving business sustainability.

Scope of the MiCA Regulation: which cryptoassets and services are subject to regulation in the EU

The European Parliament and Council Regulation No. 2023/1114 on Markets in Cryptoassets (MiCA) is the world’s first comprehensive legal initiative aimed at harmonizing the rules for cryptoassets across the European Union. It creates a regulatory framework to govern the issuance, circulation, custody and intermediation of cryptoassets previously outside the scope of EU financial legislation. Understanding the scope of the MiCA Regulation is key for entities involved in the crypto industry, including issuers, platforms, intermediaries and advisors.

MiCA covers a wide range of digital assets that were not previously covered by directives such as MiFID II or EMD2. The main objective of the regulation is to protect investors, ensure transparency and increase the stability of the financial sector, including by eliminating regulatory fragmentation between EU member states.

The regulation defines three key categories of cryptoassets. The first is Asset-Referenced Tokens (ART), whose value is backed by reserves in fiat currencies, precious metals or other assets. The second category includes Electronic Money Tokens (EMT), issued as an analog of fiat currency and used as a means of payment. The third category includes all other crypto-assets that do not fall under the definition of ART or EMT but are available for trading on platforms or through intermediaries, typically utility tokens and unsecured digital assets.

MiCA regulates both the issuance and the provision of services relating to these crypto-assets. Specifically, the Regulation introduces mandatory registration and licensing for all cryptoasset service providers (CASPs) that perform at least one of the following activities: holding cryptoassets on behalf of clients, operating cryptoasset trading platforms, exchanging cryptoassets for fiat money or other cryptoassets, accepting and transmitting client orders, managing cryptocurrency portfolios, providing advice, and executing transactions and transferring cryptoassets on behalf of clients.

It is important to note that MiCA does not cover the entire spectrum of crypto-infrastructure. Decentralized financial services (DeFi) remain outside the scope of regulation if they do operate without a centralized managing entity, as well as platforms and assets covered by other EU legislation. For example, cryptoassets qualifying as financial instruments under the MiFID II Directive are governed by other regulations. Also outside the scope of MiCA remain unique non-fungible tokens (NFTs), provided they are not interchangeable and are not used as a means of payment or investment in the mass market.

In addition, MiCA does not apply to activities regulated by other EU sectoral regulations, such as in the field of electronic money (EMD2), deposit products or investment funds. Thus, one of the challenges for Regulated United Europe is to correctly qualify clients’ activities and determine the applicable legal regimes, which is particularly relevant when there are borderline cases between MiCA and other EU regimes.

It is important for businesses to realize that even if there is no formal regulation under MiCA, certain activities may be subject to other acts, including AML Directives, TFRs or national regimes. In these circumstances, due diligence is required to determine applicable regulations, potential licenses, information documentation requirements, white papers, internal control structures and reporting to supervisory authorities.

Regulation of VASP/CASP companies in Poland in 2025

Before the MiCA Regulation (Regulation (EU) 2023/1114 on cryptoasset markets) came into force, the Polish legal system provided only a minimal level of formalization of virtual asset activities. In order to legally provide services related to cryptoassets, entities only needed to register their company in the register of Virtual Asset Service Providers (VASP), which was maintained by the director of the Chamber of Tax Administration in Katowice.

This registration process was characterized by speed and low administrative costs. Provided the application was filled out correctly, registration took no more than two weeks and the fee amounted to PLN 616, equivalent to approximately EUR 150. This procedure allowed entities, including exchanges, brokers and platforms, to operate legally without going through a full-blown financial supervisory review.

However, on December 30, 2024, the cryptoasset market in the EU entered a new phase of regulation: the MiCA Regulation became fully operational and introduced uniform rules for all member states. Poland, as well as other EU countries, was obliged to adapt national legislation to the new requirements, including the gradual abandonment of the previous VASP registration mechanism in favor of full-fledged licensing of CASPs – cryptoasset service providers.

According to the draft cryptoasset market law currently under consideration, the VASP register in Poland is subject to liquidation on October 1, 2025. This deadline may be shifted depending on the progress of the legislative procedure. In February 2025, the Deputy Minister of Finance publicly allowed the possibility of extending the transition period, including with respect to the final date for the abolition of the VASP registration mechanism.

Once the register is abolished, all entities previously operating under it will be required to obtain CASP authorization from the Polish Financial Supervision Authority (KNF). This authorization will require a complex procedure including submission of a full documentation package, confirmation of compliance with MiCA requirements in terms of capital, corporate governance, AML/KYC procedures, information security and transparency towards clients.

In fact, every company involved in trading at least one cryptoasset is subject to MiCA. This applies to both centralized platforms and specialized intermediaries, including those offering exchange, transfer, storage of cryptoassets, portfolio management or investment advisory services.

The aim of the new regime is to provide a solid legal foundation, increase investor confidence and prevent abuse. However, for businesses, the transition period presents a number of challenges, including the need to adapt business processes, restructure internal policies, and undergo licensing procedures. In case of non-compliance, activities can be suspended and entities can be sanctioned.

From the beginning of 2025, the legal landscape of the crypto industry in Poland is entering a period of profound change. This is due to the entry into force of the European Union Regulation 2023/1114 on Markets in Cryptoassets (MiCA), as well as the active work of the Polish legislator on the draft national cryptoasset act, which should transpose MiCA provisions into local legislation. Although the Polish cryptoasset market law is still pending, the key provisions of MiCA are already in effect as of December 30, 2024 and apply directly throughout the EU, including Poland.

Despite the absence of a national law, this does not mean that cryptoasset activity has been suspended or has lost legitimacy. The European MiCA Regulation is directly applicable and provides crypto-industry entities with a certain legal basis to operate until the completion of the implementation process of national regulations.

Transition period and the significance of VASP status in Poland

One of the key aspects of the new regulatory environment is the transition period provided for in Article 143(3) MiCA. Under this provision, cryptoasset service providers that were operating legally before December 30, 2024, in particular on the basis of registration in the Polish VASP register, may continue to provide services until July 1, 2026. However, this rule only applies provided that such entities submit a complete application for a CASP license to the competent authority (in Poland – in the future it will be KNF) by June 30, 2025.

Note that if the license is issued earlier or refused, the transitional period for a particular entity will expire prematurely.

Status of the draft Polish law

As of the beginning of the second quarter of 2025, the draft law on the cryptoasset market has not yet been adopted. However, there is a high probability of its approval in the coming months. The draft law provides for a national adaptation of MiCA, designates the Polish Financial Supervision Commission (KNF) as the body responsible for issuing CASP licenses, and defines the administrative, financial and criminal consequences of non-compliance with the new requirements.

The draft provides that legal entities registered with VASPs will be able to continue their activities until October 1, 2025, when the VASP register will be finally abolished. However, this deadline may be adjusted depending on the effective date of the law and the finalization of the transitional provisions.

What should companies do in 2025?

Companies already in the crypto services industry must consider two critical points:

1. Preparing for CASP licensing: MiCA regulations require companies to apply for a CASP license by June 30, 2025. This is required even if the national law is not yet in force. KNF has already encouraged companies to prepare and submit applications despite the lack of a final legal framework.
2. MiCA compliance assessment: Companies should conduct legal and organizational audits to bring their processes in line with MiCA provisions. This includes implementing robust KYC/AML procedures, ensuring transparency of information to clients, internal controls and compliance with capital and corporate governance requirements.

For new market entrants, the situation is more complex. Without the current Polish law in force, they cannot apply for CASP and therefore cannot start legal operations. Thus, in practice, the market is temporarily closed to new players until the regulatory framework is adopted.

Legal support in the face of uncertainty

Regulated United Europe provides comprehensive support to companies operating in the crypto sector on all matters related to MiCA and Polish regulation. We will provide:

• Analyzing the compliance of the existing business model with MiCA requirements.
• Preparation of documentation and CASP application.
• Implementation of AML/KYC procedures and internal control systems.
• Legal liaison with KNF and other regulators.
• Strategies for adapting to the transition period and minimizing regulatory risks.

The year 2025 is a crucial year for all participants of the crypto market in Poland. Legislative changes offer opportunities for increased trust, growing legitimacy and the inflow of institutional investors, but at the same time require businesses to be highly prepared for regulatory compliance.

As part of adapting the provisions of the MiCA Regulation (EU Regulation 2023/1114) into Polish national law, the draft Cryptoasset Market Act provides for special transition conditions for cryptocurrency service providers. These provisions concern both entities already listed in the VASP register and new companies planning to start operating in the industry.

For companies registered with VASP before December 30, 2024

Entities operating on the basis of an entry in the Polish VASP register (the register of service providers related to virtual assets, maintained by the director of the Chamber of Tax Administration in Katowice) will be allowed to continue their activities during a limited transitional period until they obtain a CASP (Crypto-Asset Service Provider) license, but subject to certain conditions.

The draft Polish law proposes the following structure of the transition period:

• Until June 1, 2025 – VASP entities may continue to operate only if they have submitted a complete application for CASP authorization before May 1, 2025.
• If a complete application is filed by May 1, 2025, activities may continue until the date the application is adjudicated, but no later than September 30, 2025.
• If the application is not submitted, the entity loses the right to carry out crypto activities already after June 1, 2025.

Thus, Polish companies already operating in the field of cryptoassets are actually obliged to initiate the licensing process before the end of April 2025 in order not to risk interruption of services.

Topical remarks on the timeline

Compounding the complexity of the situation is the fact that as of the start of the second quarter of 2025, the Polish law has not yet entered into force. In this regard, the Deputy Minister of Finance stated that the strict calendar deadlines will be replaced by a flexible system with a four-month transition period starting from the date of entry into force of the law.

Based on the estimated date of entry into force of the law – the second half of April 2025 – the transition period calculated from that date could end in August 2025. However, this date is not official and is subject to change depending on political-legal dynamics.

For new companies: a CASP license from day one

Entities and entrepreneurs who are not registered in the VASP registry and start operations from January 2025 are required to obtain a CASP license immediately before starting any cryptoasset services. This means that the market is temporarily closed to new entrants until the Polish law is adopted and enters into force.

In the absence of a proper national mechanism for issuing CASP licenses, companies cannot even apply, which creates a regulatory vacuum and effectively blocks new entities from legally entering the market.

Regulated United Europe’s legal advice

It is critical for existing crypto market participants in Poland:

• Prepare and submit a complete CASP license application package no later than May 1, 2025 to ensure business continuity.
• In case of delays in adopting a national law, rely on MiCA provisions providing for an 18-month transition period (until July 1, 2026), but take into account the possible shortening of this period at the country level.
• New companies should refrain from starting operations until the national act comes into force, as it will be illegal to provide services without a CASP license.

Regulated United Europe‘s legal team provides full support for the preparation and submission of CASP applications, including MiCA compliance audits, customization of internal documentation and advice on dealing with supervisory authorities.

Procedure for obtaining a CASP license in Poland: a step-by-step guide

With the entry into force of EU Regulation 2023/1114 (MiCA), any company planning to provide services related to cryptoassets in the European Union is obliged to obtain a CASP license – Crypto-Asset Service Provider. In Poland, the Polish Financial Supervision Authority (Komisja Nadzoru Finansowego, KNF) will be the authorized body responsible for issuing CASP licenses.

The procedure for obtaining a CASP license is strictly regulated and subject to the deadlines and requirements set by MiCA.

Step 1: Preparing a complete set of documents

An applicant for a license must submit:

• An application of the prescribed form;
• A complete list of the services requested (one or more of the 10 services required by MiCA);
• Information on the ownership structure and management;
• Proof of capital adequacy;
• AML/KYC internal policies and procedures;
• Customer protection policies;
• Description of IT infrastructure and privacy measures;
• Financial model and projections;
• Other documentation in accordance with Article 62 of the MiCA.

Important: At the time of application, the company must meet the minimum authorized capital requirements, which depend on the chosen set of services.

Step 2: Submitting an application to the KNF

Until the Polish law on the cryptoasset market comes into force, the official CASP application form and application mechanism are not in effect. KNF has no legal basis to consider such applications at the moment. Applications will be accepted once the law is enacted, subject to all provisions arising from MiCA.

Step 3: Formal verification

Once an application has been submitted, the supervisory authority proceeds as follows:

1. Within 5 working days – KNF sends an acknowledgement of receipt of the application.
2. Within 25 working days – formal verification of the set of documents is carried out. If deficiencies are found, a request for supplementation is sent to the applicant.
3. If the set of documents is found to be complete, KNF is formally notified and proceeds to the substantive assessment.

Step 4: Substantive verification

• Over the next 40 working days, KNF evaluates the documents for compliance with MiCA requirements.
• At the halfway point (after 20 working days), KNF may request additional information. The applicant will have up to 20 working days to provide the requested information.
• Once the supplements are submitted, the remaining days for evaluation are counted from the new date.

In total, the process can take up to 65 business days from the date of submission, including additional correspondence.

Scope of services covered under the CASP license

MiCA provides for ten types of services that can be selected either in full or in part:

1. Storage and administration of cryptoassets on behalf of clients;
2. Management of a platform for trading cryptoassets;
3. Exchanging cryptoassets for fiat currencies;
4. Exchanging cryptoassets for other cryptoassets;
5. Execution of client orders;
6. Placement of cryptoassets;
7. Receiving and transmitting client orders;
8. Advising on cryptoassets;
9. Managing a portfolio of cryptoassets;
10. Executing transfers of cryptoassets on behalf of clients.

The choice of specific services is influenced by regulatory obligations – including capital levels, scope of internal controls, IT systems and risk management requirements.

At the moment, the process of obtaining a CASP license in Poland has not been launched in a practical sense, as the national law implementing MiCA has not entered into force. However, companies planning to continue or start operating in the cryptocurrency sphere should already:

• Prepare internal policies and relevant documents;
• Identify a list of services to be provided;
• Undertake preliminary legal and operational due diligence;
• Generate an application in advance using a template compliant with Article 62 of MiCA.

Regulated United Europe lawyers are ready to provide full support in preparation for CASP application, including compliance audit, capital advice, preparation of internal regulations and liaison with the Polish regulator.

CASP classification for MiCA license

Class 1
Organizations granted Class 1 authorization may provide the following types of services related to the circulation of cryptoassets:

• execution of clients’ orders;
• placement of crypto-assets;
• transfer of crypto-assets on behalf of clients;
• receiving and transmitting client orders related to transactions with cryptoassets;
• provision of consulting services in the field of cryptoassets;
• managing investment portfolios that include cryptocurrency assets.

Authorization requires a share capital of at least €50,000.

Class 2
Companies with Class 2 authorization may provide all the above services provided for Class 1, as well as:

• custody and administration of cryptoassets on behalf of clients;
• exchanging cryptoassets for fiat currencies;
• exchanges between different types of cryptoassets.

The minimum capital amount for Class 2 entities is set at €125,000.

Class 3
Market participants belonging to the third class are authorized to perform the entire list of services covered by the first two classes, with the additional possibility of managing cryptoasset trading platforms (marketplace operations).

This class requires a capital of at least €150,000.

The draft Cryptoasset Market Act prepared in Poland does not envisage changes in the scope of services provided or the rules on the use of client funds held by entrepreneurs.

Envisaged requirements and supervisory costs under the Polish regulation of the cryptoasset market

As the draft law on the cryptoasset market in Poland has not yet been adopted in its final version, there is no legally enshrined list of all requirements that will be imposed on crypto-service providers. Nevertheless, an analysis of current drafts and public statements indicates the likely introduction of a number of key provisions in line with MiCA logic and national approaches to consumer protection and market stability.

The legislation is expected to establish the following obligations:

• Transparent and detailed disclosure rules for the sale of cryptoassets, including marketing restrictions and permissible communication formats with potential customers.
• Standards of conduct for cryptoasset service providers when interacting with customers, including the provision of information about the legal entity, licensed services, consumer rights and potential risks.
• Definition of technical and organizational requirements necessary for carrying out activities, including ensuring information security and reliability of infrastructure.
• Mandatory measures for the protection of clients’ cryptoassets, including storage, backup and access control.
• Personnel criteria, including qualifications, professional experience and absence of conflicts of interest.

Supervisory costs: calculation principle and obligations

The Polish draft law provides for the introduction of a mandatory fee in favor of the supervisory authority covering the costs associated with the supervision of cryptoasset market entities. The calculation of the amount is based on the average value of a company’s total revenue for the last three completed financial years preceding the calculation period.

The amount of the contribution may not exceed 0.5% of the said average income, with the minimum amount set at 500 euros in zloty equivalent.

The financial basis for the calculation is determined as follows:

• If there are three completed years – the average income for three years confirmed by audited financial statements is used.
• If the company has been operating for less than three years:
  • In the first year, the calculation is based on the previous year’s total revenue.
  • In the second year, based on the average of the revenues for the previous two years.
  • In the third year – for the entire period of activity.

For legal entities whose fiscal year does not coincide with the calendar year, the year following the one in which the first fiscal year of service provision ended is used.

It should be noted that in the first year after the start of crypto services there is no obligation to pay the contribution – payment is made starting from the following year.

Note regarding the calculation of revenue under MiCA

Under MiCA (EU Cryptoasset Markets Regulation), similar supervisory fees are calculated based on the annual gross revenue recorded in the financial statements that the crypto service provider is required to submit to the regulator. National authorities may set marginal rates within the limits provided for by European regulation, taking into account administrative costs and local market specifics.

Liability for violation of the provisions of the draft law on cryptoassets in Poland: fines and sanctions

The draft Polish law regulating activities on the cryptoasset market establishes strict liability measures for non-compliance with the stipulated regulations aimed at protecting market participants and ensuring transparency of cryptoasset service providers (CASPs). The bill contains provisions for both administrative and criminal sanctions for certain offenses.

Among the key offenses to be penalized are:

• Conducting activities without proper CASP authorization.
  Persons or organizations providing crypto services without obtaining the appropriate authorization are subject to sanctions in the form of a fine of up to PLN 5,000,000, imprisonment of up to 5 years or both types of punishment at the same time.
• Violation of confidentiality and professional secrecy.
  Illegal disclosure of information constituting professional secrets is punishable by a fine of up to PLN 1,000,000, imprisonment of up to 3 years, or both sanctions simultaneously.
• Unfair use of CASP-related terminology.
  The use of expressions in a company name, marketing materials or other elements of business communication that may create a false impression among consumers or market participants that the company has the status of a licensed CASP (including cases of imitation of the official status) is punishable by a fine of up to PLN 1,000,000, imprisonment of up to 2 years, or the combined application of both measures.

Sanctions for MiCA violations in the European Union

At the European Union level, the MiCA (Markets in Crypto-Assets) Regulation provides for a set of obligations, including:

• The need to obtain licensed crypto service provider (CASP) status;
• compliance with anti-money laundering (AML) and counter-terrorist financing (CTF) requirements;
• ensuring full transparency in transactional activities and disclosures to customers and regulators.

Violation of MiCA provisions may result in fines, the amounts of which are set at the level of national supervisory authorities, but cannot exceed the limits provided by the regulation itself (e.g. up to 5% of annual turnover or up to €15 million, depending on the type of violation).